Docker的可视化界面工具
Posted 百世经纶『一页書』
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了Docker的可视化界面工具相关的知识,希望对你有一定的参考价值。
Docker的可视化界面工具
1. Portainer
1.1 Introduction
Portainer是一个可视化的容器镜像的图形管理工具,利用Portainer可以轻松构建,管理和维护Docker环境。 而且完全免费,基于容器化的安装方式,方便高效部署。
1.1.1 Official
1.2 Download And Deploy
- 下载镜像
docker search portainer |head -n 3
docker pull portainer/portainer- 启动容器(我只有8889和8890)
先创建volumn的目录,run和portainer_data
docker run -d -p 8889:8000 -p 8890:9000 --name=myportainer --restart=always -v /var/run/docker.sock:/var/run/docker.sock -v /var/portainer_data:/data portainer/portainer
1.3 Dashboard
- 访问服务
http://10.136.xxx.xxxx:8890
admin/Tomcat@123- home page
1.3.1 Dashboard
- Dashboard
- App Template
- command
2. Shipyard
2.1 Introduction
Shipyard是docker的web可视化界面管理工具,是建立在docker集群管理工具Citadel之上,可以管理镜像、容器、主机等资源的web图形化工具,包括core和extension两个版本,core即shipyard主要是把多个 Docker host上的 containers 统一管理(支持跨越多个host),extension即shipyard-extensions添加了应用路由和负载均衡、集中化日志、部署等。Shipyard是在Docker Swarm实现对容器、镜像、docker集群、仓库、节点进行管理的web系统。
2.1.1 Character
其特性主要包括:
支持节点动态集群,可扩展节点的规模(swarm、etcd方案)支持镜像管理、容器管理、节点管理等功能可视化的容器管理和监控管理在线连接容器console终端
2.1.2 Official
Official Website: https://shipyard-project.com/deploy.
2.2 Download And Deploy
2.2.1 脚本下载镜像
[root@docker ~]$cat deploy
#!/bin/bash
if [ "$1" != "" ] && [ "$1" = "-h" ]; then
echo "Shipyard Deploy uses the following environment variables:"
echo " ACTION: this is the action to use (deploy, upgrade, node, remove)"
echo " DISCOVERY: discovery system used by Swarm (only if using 'node' action)"
echo " IMAGE: this overrides the default Shipyard image"
echo " PREFIX: prefix for container names"
echo " SHIPYARD_ARGS: these are passed to the Shipyard controller container as controller args"
echo " TLS_CERT_PATH: path to certs to enable TLS for Shipyard"
echo " PORT: specify the listen port for the controller (default: 8080)"
echo " IP: specify the address at which the controller or node will be available (default: eth0 ip)"
echo " PROXY_PORT: port to run docker proxy (default: 2375)"
exit 1
fi
if [ -z "`which docker`" ]; then
echo "You must have the Docker CLI installed on your \\$PATH"
echo " See http://docs.docker.com for details"
exit 1
fi
ACTION=$ACTION:-deploy
IMAGE=$IMAGE:-dockerclub/shipyard:latest
PREFIX=$PREFIX:-shipyard
SHIPYARD_ARGS=$SHIPYARD_ARGS:-""
TLS_CERT_PATH=$TLS_CERT_PATH:-
CERT_PATH="/etc/shipyard"
PROXY_PORT=$PROXY_PORT:-2376
SWARM_PORT=3375
SHIPYARD_PROTOCOL=http
SHIPYARD_PORT=$PORT:-8080
SHIPYARD_IP=$IP
DISCOVERY_BACKEND=etcd
DISCOVERY_PORT=4001
DISCOVERY_PEER_PORT=7001
ENABLE_TLS=0
CERT_FINGERPRINT=""
LOCAL_CA_CERT=""
LOCAL_SSL_CERT=""
LOCAL_SSL_KEY=""
LOCAL_SSL_CLIENT_CERT=""
LOCAL_SSL_CLIENT_KEY=""
SSL_CA_CERT=""
SSL_CERT=""
SSL_KEY=""
SSL_CLIENT_CERT=""
SSL_CLIENT_KEY=""
show_cert_help()
echo "To use TLS in Shipyard, you must have existing certificates."
echo "The certs must be named ca.pem, server.pem, server-key.pem, cert.pem and key.pem"
echo "If you need to generate certificates, see https://github.com/ehazlett/certm for examples."
check_certs()
if [ -z "$TLS_CERT_PATH" ]; then
return
fi
if [ ! -e $TLS_CERT_PATH ]; then
echo "Error: unable to find certificates in $TLS_CERT_PATH"
show_cert_help
exit 1
fi
if [ "$PROXY_PORT" = "2375" ]; then
PROXY_PORT=2376
fi
SWARM_PORT=3376
SHIPYARD_PROTOCOL=https
LOCAL_SSL_CA_CERT="$TLS_CERT_PATH/ca.pem"
LOCAL_SSL_CERT="$TLS_CERT_PATH/server.pem"
LOCAL_SSL_KEY="$TLS_CERT_PATH/server-key.pem"
LOCAL_SSL_CLIENT_CERT="$TLS_CERT_PATH/cert.pem"
LOCAL_SSL_CLIENT_KEY="$TLS_CERT_PATH/key.pem"
SSL_CA_CERT="$CERT_PATH/ca.pem"
SSL_CERT="$CERT_PATH/server.pem"
SSL_KEY="$CERT_PATH/server-key.pem"
SSL_CLIENT_CERT="$CERT_PATH/cert.pem"
SSL_CLIENT_KEY="$CERT_PATH/key.pem"
CERT_FINGERPRINT=$(openssl x509 -noout -in $LOCAL_SSL_CERT -fingerprint -sha256 | awk -F= 'print $2;')
if [ ! -e $LOCAL_SSL_CA_CERT ] || [ ! -e $LOCAL_SSL_CERT ] || [ ! -e $LOCAL_SSL_KEY ] || [ ! -e $LOCAL_SSL_CLIENT_CERT ] || [ ! -e $LOCAL_SSL_CLIENT_KEY ]; then
echo "Error: unable to find certificates"
show_cert_help
exit 1
fi
ENABLE_TLS=1
# container functions
start_certs()
ID=$(docker run \\
-ti \\
-d \\
--restart=always \\
--name $PREFIX-certs \\
-v $CERT_PATH \\
alpine \\
sh)
if [ $ENABLE_TLS = 1 ]; then
docker cp $LOCAL_SSL_CA_CERT $PREFIX-certs:$SSL_CA_CERT
docker cp $LOCAL_SSL_CERT $PREFIX-certs:$SSL_CERT
docker cp $LOCAL_SSL_KEY $PREFIX-certs:$SSL_KEY
docker cp $LOCAL_SSL_CLIENT_CERT $PREFIX-certs:$SSL_CLIENT_CERT
docker cp $LOCAL_SSL_CLIENT_KEY $PREFIX-certs:$SSL_CLIENT_KEY
fi
remove_certs()
docker rm -fv $PREFIX-certs > /dev/null 2>&1
get_ip()
if [ -z "$SHIPYARD_IP" ]; then
SHIPYARD_IP=`docker run --rm --net=host alpine ip route get 8.8.8.8 | awk ' print $7; '`
fi
start_discovery()
get_ip
ID=$(docker run \\
-ti \\
-d \\
-p 4001:4001 \\
-p 7001:7001 \\
--restart=always \\
--name $PREFIX-discovery \\
microbox/etcd:latest -addr $SHIPYARD_IP:$DISCOVERY_PORT -peer-addr $SHIPYARD_IP:$DISCOVERY_PEER_PORT)
remove_discovery()
docker rm -fv $PREFIX-discovery > /dev/null 2>&1
start_rethinkdb()
ID=$(docker run \\
-ti \\
-d \\
--restart=always \\
--name $PREFIX-rethinkdb \\
rethinkdb)
remove_rethinkdb()
docker rm -fv $PREFIX-rethinkdb > /dev/null 2>&1
start_proxy()
TLS_OPTS=""
if [ $ENABLE_TLS = 1 ]; then
TLS_OPTS="-e SSL_CA=$SSL_CA_CERT -e SSL_CERT=$SSL_CERT -e SSL_KEY=$SSL_KEY -e SSL_SKIP_VERIFY=1"
fi
# Note: we add SSL_SKIP_VERIFY=1 to skip verification of the client
# certificate in the proxy image. this will pass it to swarm that
# does verify. this helps with performance and avoids certificate issues
# when running through the proxy. ultimately if the cert is invalid
# swarm will fail to return.
ID=$(docker run \\
-ti \\
-d \\
-p $PROXY_PORT:$PROXY_PORT \\
--hostname=$HOSTNAME \\
--restart=always \\
--name $PREFIX-proxy \\
-v /var/run/docker.sock:/var/run/docker.sock \\
-e PORT=$PROXY_PORT \\
--volumes-from=$PREFIX-certs $TLS_OPTS\\
shipyard/docker-proxy:latest)
remove_proxy()
docker rm -fv $PREFIX-proxy > /dev/null 2>&1
start_swarm_manager()
get_ip
TLS_OPTS=""
if [ $ENABLE_TLS = 1 ]; then
TLS_OPTS="--tlsverify --tlscacert=$SSL_CA_CERT --tlscert=$SSL_CERT --tlskey=$SSL_KEY"
fi
EXTRA_RUN_OPTS=""
if [ -z "$DISCOVERY" ]; then
DISCOVERY="$DISCOVERY_BACKEND://discovery:$DISCOVERY_PORT"
EXTRA_RUN_OPTS="--link $PREFIX-discovery:discovery"
fi
ID=$(docker run \\
-ti \\
-d \\
--restart=always \\
--name $PREFIX-swarm-manager \\
--volumes-from=$PREFIX-certs $EXTRA_RUN_OPTS \\
swarm:latest \\
m --replication --addr $SHIPYARD_IP:$SWARM_PORT --host tcp://0.0.0.0:$SWARM_PORT $TLS_OPTS $DISCOVERY)
remove_swarm_manager()
docker rm -fv $PREFIX-swarm-manager > /dev/null 2>&1
start_swarm_agent()
get_ip
if [ -z "$DISCOVERY" ]; then
DISCOVERY="$DISCOVERY_BACKEND://discovery:$DISCOVERY_PORT"
EXTRA_RUN_OPTS="--link $PREFIX-discovery:discovery"
fi
ID=$(docker run \\
-ti \\
-d \\
--restart=always \\
--name $PREFIX-swarm-agent $EXTRA_RUN_OPTS \\
swarm:latest \\
j --addr $SHIPYARD_IP:$PROXY_PORT $DISCOVERY)
remove_swarm_agent()
docker rm -fv $PREFIX-swarm-agent > /dev/null 2>&1
start_controller()
#-v $CERT_PATH:/etc/docker:ro \\
TLS_OPTS=""
if [ $ENABLE_TLS = 1 ]; then
TLS_OPTS="--tls-ca-cert $SSL_CA_CERT --tls-cert=$SSL_CERT --tls-key=$SSL_KEY --shipyard-tls-ca-cert=$SSL_CA_CERT --shipyard-tls-cert=$SSL_CERT --shipyard-tls-key=$SSL_KEY"
fi
ID=$(docker run \\
-ti \\
-d \\
--restart=always \\
--name $PREFIX-controller \\
--link $PREFIX-rethinkdb:rethinkdb \\
--link $PREFIX-swarm-manager:swarm \\
-p $SHIPYARD_PORT:$SHIPYARD_PORT \\
--volumes-from=$PREFIX-certs \\
$IMAGE \\
--debug \\
server \\
--listen :$SHIPYARD_PORT \\
-d tcp://swarm:$SWARM_PORT $TLS_OPTS $SHIPYARD_ARGS)
wait_for_available()
set +e
IP=$1
PORT=$2
echo Waiting for Shipyard on $IP:$PORT
docker pull ehazlett/curl > /dev/null 2>&1
TLS_OPTS=""
if [ $ENABLE_TLS = 1 ]; then
TLS_OPTS="-k"
fi
until $(docker run --rm ehazlett/curl --output /dev/null --connect-timeout 1 --silent --head --fail $TLS_OPTS $SHIPYARD_PROTOCOL://$IP:$PORT/ > /dev/null 2>&1); do
printf '.'
sleep 1
done
printf '\\n'
remove_controller()
docker rm -fv $PREFIX-controller > /dev/null 2>&1
if [ "$ACTION" = "deploy" ]; then
set -e
check_certs
get_ip
echo "Deploying Shipyard"
echo " -> Starting Database"
start_rethinkdb
echo " -> Starting Discovery"
start_discovery
echo " -> Starting Cert Volume"
start_certs
echo " -> Starting Proxy"
start_proxy
echo " -> Starting Swarm Manager"
start_swarm_manager
echo " -> Starting Swarm Agent"
start_swarm_agent
echo " -> Starting Controller"
start_controller
wait_for_available $SHIPYARD_IP $SHIPYARD_PORT
echo "Shipyard available at $SHIPYARD_PROTOCOL://$SHIPYARD_IP:$SHIPYARD_PORT"
if [ $ENABLE_TLS = 1 ] && [ ! -z "$CERT_FINGERPRINT" ]; then
echo "SSL SHA-256 Fingerprint: $CERT_FINGERPRINT"
fi
echo "Username: admin Password: shipyard"
elif [ "$ACTION" = "node" ]; then
set -e
if [ -z "$DISCOVERY" ]; then
echo "You must set the DISCOVERY environment variable"
echo "with the discovery system used with Swarm"
exit 1
fi
check_certs
echo "Adding Node"
echo " -> Starting Cert Volume"
start_certs
echo " -> Starting Proxy"
start_proxy
echo " -> Starting Swarm Manager"
start_swarm_manager $DISCOVERY
echo " -> Starting Swarm Agent"
start_swarm_agent
echo "Node added to Swarm: $SHIPYARD_IP"
elif [ "$ACTION" = "upgrade" ]; then
set -e
check_certs
get_ip
echo "Upgrading Shipyard"
echo " -> Pulling $IMAGE"
docker pull $IMAGE
echo " -> Upgrading Controller"
remove_controller
start_controller
wait_for_available $SHIPYARD_IP $SHIPYARD_PORT
echo "Shipyard controller updated"
elif [ "$ACTION" = "remove" ]; then
# ignore errors
set +e
echo "Removing Shipyard"
echo " -> Removing Database"
remove_rethinkdb
echo " -> Removing Discovery"
remove_discovery
echo " -> Removing Cert Volume"
remove_certs
echo " -> Removing Proxy"
remove_proxy
echo " -> Removing Swarm Agent"
remove_swarm_agent
echo " -> Removing Swarm Manager"
remove_swarm_manager
echo " -> Removing Controller"
remove_controller
echo "Done"
else
echo "Unknown action $ACTION"
exit 1
fi
2.2.2 执行脚本
[root@docker ~]$./deploy
Unable to find image 'alpine:latest' locally
latest: Pulling from library/alpine
213ec9aee27d: Pulling fs layer
213ec9aee27d: Verifying Checksum
213ec9aee27d: Download complete
213ec9aee27d: Pull complete
Digest: sha256:bc41182d7ef5ffc53a40b044e725193bc10142a1243f395ee852a8d9730fc2ad
Status: Downloaded newer image for alpine:latest
Deploying Shipyard
-> Starting Database
Unable to find image 'rethinkdb:latest' locally
latest: Pulling from library/rethinkdb
7a6db449b51b: Pulling fs layer
20181367ea9b: Pulling fs layer
d4c59a6fbe9d: Pulling fs layer
54db2c71fcb0: Pulling fs layer
1e96e4039912: Pulling fs layer
54db2c71fcb0: Waiting
1e96e4039912: Waiting
d4c59a6fbe9d: Verifying Checksum
d4c59a6fbe9d: Download complete
20181367ea9b: Verifying Checksum
20181367ea9b: Download complete
1e96e4039912: Download complete
7a6db449b51b: Download complete
7a6db449b51b: Pull complete
20181367ea9b: Pull complete
d4c59a6fbe9d: Pull complete
54db2c71fcb0: Verifying Checksum
54db2c71fcb0: Download complete
54db2c71fcb0: Pull complete
1e96e4039912: Pull complete
Digest: sha256:bc30f504fc823240c64552a7983b6da55d83dd0966ab17cab12c5fb9e45576ce
Status: Downloaded newer image for rethinkdb:latest
-> Starting Discovery
Unable to find image 'microbox/etcd:latest' locally
latest: Pulling from microbox/etcd
Image docker.io/microbox/etcd:latest uses outdated schema1 manifest format. Please upgrade to a schema2 image for better future compatibility. More information at https://docs.docker.com/registry/spec/deprecated-schema-v1/
8ded6e8ab3fd: Pulling fs layer
bf8f85223d7a: Pulling fs layer
a3ed95caeb02: Pulling fs layer
a3ed95caeb02: Verifying Checksum
a3ed95caeb02: Download complete
bf8f85223d7a: Verifying Checksum
bf8f85223d7a: Download complete
8ded6e8ab3fd: Verifying Checksum
8ded6e8ab3fd: Download complete
8ded6e8ab3fd: Pull complete
bf8f85223d7a: Pull complete
a3ed95caeb02: Pull complete
Digest: sha256:941fd46b4eab265c65da9bfbf33397b853a7cef6c16df93a1e3fea7b4e47fc90
Status: Downloaded newer image for microbox/etcd:latest
-> Starting Cert Volume
-> Starting Proxy
Unable to find image 'shipyard/docker-proxy:latest' locally
latest: Pulling from shipyard/docker-proxy
Image docker.io/shipyard/docker-proxy:latest uses outdated schema1 manifest format. Please upgrade to a schema2 image for better future compatibility. More information at https://docs.docker.com/registry/spec/deprecated-schema-v1/
8f4ec95ceaee: Pulling fs layer
ac77a345f217: Pulling fs layer
43039e3ef672: Pulling fs layer
a3ed95caeb02: Pulling fs layer
a3ed95caeb02: Waiting
8f4ec95ceaee: Download complete
8f4ec95ceaee: Pull complete
ac77a345f217: Verifying Checksum
ac77a345f217: Download complete
ac77a345f217: Pull complete
a3ed95caeb02: Verifying Checksum
a3ed95caeb02: Download complete
43039e3ef672: Verifying Checksum
43039e3ef672: Download complete
43039e3ef672: Pull complete
a3ed95caeb02: Pull complete
Digest: sha256:da6bbd1a145581a940d44940cce0f43705d7f8ec552a4e97e77104ec1b6dc3d1
Status: Downloaded newer image for shipyard/docker-proxy:latest
-> Starting Swarm Manager
Unable to find image 'swarm:latest' locally
latest: Pulling from library/swarm
38e5683d7755: Pulling fs layer
083aff163606: Pulling fs layer
2064f1a73c6b: Pulling fs layer
083aff163606: Verifying Checksum
083aff163606: Download complete
2064f1a73c6b: Verifying Checksum
2064f1a73c6b: Download complete
38e5683d7755: Verifying Checksum
38e5683d7755: Download complete
38e5683d7755: Pull complete
083aff163606: Pull complete
2064f1a73c6b: Pull complete
Digest: sha256Docker可视化web界面管理-Portainer部署记录