Docker私有云管理平台————Docker Shipyard

Posted reasonzzy

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了Docker私有云管理平台————Docker Shipyard相关的知识,希望对你有一定的参考价值。

一、 Docker Shipyard是什么 ?

shipyard是一个开源的docker管理平台,其特性主要包括:

  • 支持节点动态集群,可扩展节点的规模(swarm、etcd方案)
  • 支持镜像管理、容器管理、节点管理等功能
  • 可视化的容器管理和监控管理
  • 在线容器console终端
 

二、 Shipyard中文版源码托管在github(传送门)。

1.登陆界面

 技术图片

2.容器列表

 技术图片

3.容器信息创建

 技术图片

4.容器信息

 技术图片

5.终端连接

 技术图片

6.镜像信息

 技术图片

7.节点信息

 技术图片

8.仓库信息

 技术图片

 

三、shipyard中文版安装(CentOS)

  • 注:本文安装操作均在root用户下,安装前需先安装Docker (传送门)
  1. 下载所需docker镜像

    docker pull rethinkdb
    docker pull microbox/etcd
    docker pull shipyard/docker-proxy
    docker pull swarm
    docker pull dockerclub/shipyard

     

  2. 修改原安装脚本为中文版安装脚本

    #下载官方脚本
    wget https://shipyard-project.com/deploy
    若下载失败请使用
    wget https://raw.githubusercontent.com/shipyard/shipyard- 
    project.com/master/site/themes/shipyard/static/deploy
    
    #替换官方脚本
    grep -n shipyard:latest deploy
    sed -i ‘s/shipyard\/shipyard:latest/dockerclub\/shipyard:latest/g‘ deploy

     

  3. 设置web访问端口(根据需要修改)

    #检查8080端口是否被占用,若占用需修改端口
    yum install -y net-tools    //安装net-tools工具包,若已安装可跳过此步骤
    netstat -tlnp | grep 8080   //查看宿主机8080端口是否被占用
    #配置修改
    grep -n ‘PORT:-8080‘ deploy
    SHIPYARD_PORT=$PORT:-8080
    修改为
    SHIPYARD_PORT=$PORT:-指定端口

     

  4. 安装与删除

    sh deploy                                //安装
    cat deploy | ACTION=remove bash          //删除

     

  5. 使用shipyard

    浏览器输入:http://主机IP:8080
    默认账号:admin
    默认密码:shipyard

     

  6. 安装过程中错误,常用的解决办法 容器冲突:

    #出现错误一般都是提示容器冲突,如果刚搭建,可以直接把容器全部停止并删除
    docker stop $(docker ps -a -q)        //停止所有服务
    docker rm $(docker ps -a -q)          //删除所有服务
    
    #也可以根据提示来找到容器的ID进行停止删除
    docker ps -a
    docker stop ID
    docker rm ID

     

四、 如何使用

  1. 如何增加一个节点
    curl https://shipyard-project.com/deploy | ACTION=node DISCOVERY=etcd://主服务器IP:4001 bash 
    若下载失败请使用
    curl -sSL  https://raw.githubusercontent.com/shipyard/shipyard-project.com/master/site/themes/shipyard/static/deploy | ACTION=node DISCOVERY=etcd://主节点IP:4001 bash -s

     

五、安装脚本下载

  1. 文件说明
    install.sh      //一键安装脚本
    deploy          //官方安装脚本修改版,若已下载前文所需镜像可直接运行此脚本安装

     

  2. 完整脚本 
  3. 技术图片
    #!/bin/bash
    
    if [ "$1" != "" ] && [ "$1" = "-h" ]; then
        echo "Shipyard Deploy uses the following environment variables:"
        echo "  ACTION: this is the action to use (deploy, upgrade, node, remove)"
        echo "  DISCOVERY: discovery system used by Swarm (only if using ‘node‘ action)"
        echo "  IMAGE: this overrides the default Shipyard image"
        echo "  PREFIX: prefix for container names"
        echo "  SHIPYARD_ARGS: these are passed to the Shipyard controller container as controller args"
        echo "  TLS_CERT_PATH: path to certs to enable TLS for Shipyard"
        echo "  PORT: specify the listen port for the controller (default: 8080)"
        echo "  IP: specify the address at which the controller or node will be available (default: eth0 ip)"
        echo "  PROXY_PORT: port to run docker proxy (default: 2375)"
        exit 1
    fi
    
    if [ -z "`which docker`" ]; then
        echo "You must have the Docker CLI installed on your \$PATH"
        echo "  See http://docs.docker.com for details"
        exit 1
    fi
    
    ACTION=$ACTION:-deploy
    IMAGE=$IMAGE:-shipyard/shipyard:latest
    PREFIX=$PREFIX:-shipyard
    SHIPYARD_ARGS=$SHIPYARD_ARGS:-""
    TLS_CERT_PATH=$TLS_CERT_PATH:-
    CERT_PATH="/etc/shipyard"
    PROXY_PORT=$PROXY_PORT:-2375
    SWARM_PORT=3375
    SHIPYARD_PROTOCOL=http
    SHIPYARD_PORT=$PORT:-8080
    SHIPYARD_IP=$IP
    DISCOVERY_BACKEND=etcd
    DISCOVERY_PORT=4001
    DISCOVERY_PEER_PORT=7001
    ENABLE_TLS=0
    CERT_FINGERPRINT=""
    LOCAL_CA_CERT=""
    LOCAL_SSL_CERT=""
    LOCAL_SSL_KEY=""
    LOCAL_SSL_CLIENT_CERT=""
    LOCAL_SSL_CLIENT_KEY=""
    SSL_CA_CERT=""
    SSL_CERT=""
    SSL_KEY=""
    SSL_CLIENT_CERT=""
    SSL_CLIENT_KEY=""
    
    show_cert_help() 
        echo "To use TLS in Shipyard, you must have existing certificates."
        echo "The certs must be named ca.pem, server.pem, server-key.pem, cert.pem and key.pem"
        echo "If you need to generate certificates, see https://github.com/ehazlett/certm for examples."
    
    
    check_certs() 
        if [ -z "$TLS_CERT_PATH" ]; then
            return
        fi
    
        if [ ! -e $TLS_CERT_PATH ]; then
            echo "Error: unable to find certificates in $TLS_CERT_PATH"
            show_cert_help
            exit 1
        fi
    
        if [ "$PROXY_PORT" = "2375" ]; then
            PROXY_PORT=2376
        fi
        SWARM_PORT=3376
        SHIPYARD_PROTOCOL=https
        LOCAL_SSL_CA_CERT="$TLS_CERT_PATH/ca.pem"
        LOCAL_SSL_CERT="$TLS_CERT_PATH/server.pem"
        LOCAL_SSL_KEY="$TLS_CERT_PATH/server-key.pem"
        LOCAL_SSL_CLIENT_CERT="$TLS_CERT_PATH/cert.pem"
        LOCAL_SSL_CLIENT_KEY="$TLS_CERT_PATH/key.pem"
        SSL_CA_CERT="$CERT_PATH/ca.pem"
        SSL_CERT="$CERT_PATH/server.pem"
        SSL_KEY="$CERT_PATH/server-key.pem"
        SSL_CLIENT_CERT="$CERT_PATH/cert.pem"
        SSL_CLIENT_KEY="$CERT_PATH/key.pem"
        CERT_FINGERPRINT=$(openssl x509 -noout -in $LOCAL_SSL_CERT -fingerprint -sha256 | awk -F= ‘print $2;‘)
    
        if [ ! -e $LOCAL_SSL_CA_CERT ] || [ ! -e $LOCAL_SSL_CERT ] || [ ! -e $LOCAL_SSL_KEY ] || [ ! -e $LOCAL_SSL_CLIENT_CERT ] || [ ! -e $LOCAL_SSL_CLIENT_KEY ]; then
            echo "Error: unable to find certificates"
            show_cert_help
            exit 1
        fi
    
        ENABLE_TLS=1
    
    
    # container functions
    start_certs() 
        ID=$(docker run         -ti         -d         --restart=always         --name $PREFIX-certs         -v $CERT_PATH         alpine         sh)
        if [ $ENABLE_TLS = 1 ]; then
            docker cp $LOCAL_SSL_CA_CERT $PREFIX-certs:$SSL_CA_CERT
            docker cp $LOCAL_SSL_CERT $PREFIX-certs:$SSL_CERT
            docker cp $LOCAL_SSL_KEY $PREFIX-certs:$SSL_KEY
            docker cp $LOCAL_SSL_CLIENT_CERT $PREFIX-certs:$SSL_CLIENT_CERT
            docker cp $LOCAL_SSL_CLIENT_KEY $PREFIX-certs:$SSL_CLIENT_KEY
        fi
    
    
    remove_certs() 
        docker rm -fv $PREFIX-certs > /dev/null 2>&1
    
    
    get_ip() 
        if [ -z "$SHIPYARD_IP" ]; then
            SHIPYARD_IP=`docker run --rm --net=host alpine ip route get 8.8.8.8 | awk ‘ print $7;  ‘`
        fi
    
    
    start_discovery() 
        get_ip
    
        ID=$(docker run         -ti         -d         -p 4001:4001         -p 7001:7001         --restart=always         --name $PREFIX-discovery         microbox/etcd:latest -addr $SHIPYARD_IP:$DISCOVERY_PORT -peer-addr $SHIPYARD_IP:$DISCOVERY_PEER_PORT)
    
    
    remove_discovery() 
        docker rm -fv $PREFIX-discovery > /dev/null 2>&1
    
    
    start_rethinkdb() 
        ID=$(docker run         -ti         -d         --restart=always         --name $PREFIX-rethinkdb         rethinkdb)
    
    
    remove_rethinkdb() 
        docker rm -fv $PREFIX-rethinkdb > /dev/null 2>&1
    
    
    start_proxy() 
        TLS_OPTS=""
        if [ $ENABLE_TLS = 1 ]; then
            TLS_OPTS="-e SSL_CA=$SSL_CA_CERT -e SSL_CERT=$SSL_CERT -e SSL_KEY=$SSL_KEY -e SSL_SKIP_VERIFY=1"
        fi
        # Note: we add SSL_SKIP_VERIFY=1 to skip verification of the client
        # certificate in the proxy image.  this will pass it to swarm that
        # does verify.  this helps with performance and avoids certificate issues
        # when running through the proxy.  ultimately if the cert is invalid
        # swarm will fail to return.
        ID=$(docker run         -ti         -d         -p $PROXY_PORT:$PROXY_PORT         --hostname=$HOSTNAME         --restart=always         --name $PREFIX-proxy         -v /var/run/docker.sock:/var/run/docker.sock         -e PORT=$PROXY_PORT         --volumes-from=$PREFIX-certs $TLS_OPTS        shipyard/docker-proxy:latest)
    
    
    remove_proxy() 
        docker rm -fv $PREFIX-proxy > /dev/null 2>&1
    
    
    start_swarm_manager() 
        get_ip
    
        TLS_OPTS=""
        if [ $ENABLE_TLS = 1 ]; then
            TLS_OPTS="--tlsverify --tlscacert=$SSL_CA_CERT --tlscert=$SSL_CERT --tlskey=$SSL_KEY"
        fi
    
        EXTRA_RUN_OPTS=""
    
        if [ -z "$DISCOVERY" ]; then
            DISCOVERY="$DISCOVERY_BACKEND://discovery:$DISCOVERY_PORT"
            EXTRA_RUN_OPTS="--link $PREFIX-discovery:discovery"
        fi
        ID=$(docker run         -ti         -d         --restart=always         --name $PREFIX-swarm-manager         --volumes-from=$PREFIX-certs $EXTRA_RUN_OPTS         swarm:latest         m --replication --addr $SHIPYARD_IP:$SWARM_PORT --host tcp://0.0.0.0:$SWARM_PORT $TLS_OPTS $DISCOVERY)
    
    
    remove_swarm_manager() 
        docker rm -fv $PREFIX-swarm-manager > /dev/null 2>&1
    
    
    start_swarm_agent() 
        get_ip
    
        if [ -z "$DISCOVERY" ]; then
            DISCOVERY="$DISCOVERY_BACKEND://discovery:$DISCOVERY_PORT"
            EXTRA_RUN_OPTS="--link $PREFIX-discovery:discovery"
        fi
        ID=$(docker run         -ti         -d         --restart=always         --name $PREFIX-swarm-agent $EXTRA_RUN_OPTS         swarm:latest         j --addr $SHIPYARD_IP:$PROXY_PORT $DISCOVERY)
    
    
    remove_swarm_agent() 
        docker rm -fv $PREFIX-swarm-agent > /dev/null 2>&1
    
    
    start_controller() 
        #-v $CERT_PATH:/etc/docker:ro     TLS_OPTS=""
        if [ $ENABLE_TLS = 1 ]; then
            TLS_OPTS="--tls-ca-cert $SSL_CA_CERT --tls-cert=$SSL_CERT --tls-key=$SSL_KEY --shipyard-tls-ca-cert=$SSL_CA_CERT --shipyard-tls-cert=$SSL_CERT --shipyard-tls-key=$SSL_KEY"
        fi
    
        ID=$(docker run         -ti         -d         --restart=always         --name $PREFIX-controller         --link $PREFIX-rethinkdb:rethinkdb         --link $PREFIX-swarm-manager:swarm         -p $SHIPYARD_PORT:$SHIPYARD_PORT         --volumes-from=$PREFIX-certs         $IMAGE         --debug         server         --listen :$SHIPYARD_PORT         -d tcp://swarm:$SWARM_PORT $TLS_OPTS $SHIPYARD_ARGS)
    
    
    wait_for_available() 
        set +e 
        IP=$1
        PORT=$2
        echo Waiting for Shipyard on $IP:$PORT
    
        docker pull ehazlett/curl > /dev/null 2>&1
    
        TLS_OPTS=""
        if [ $ENABLE_TLS = 1 ]; then
            TLS_OPTS="-k"
        fi
    
        until $(docker run --rm ehazlett/curl --output /dev/null --connect-timeout 1 --silent --head --fail $TLS_OPTS $SHIPYARD_PROTOCOL://$IP:$PORT/ > /dev/null 2>&1); do
            printf ‘.‘
            sleep 1 
        done
        printf ‘\n‘
    
    
    remove_controller() 
        docker rm -fv $PREFIX-controller > /dev/null 2>&1
    
    
    if [ "$ACTION" = "deploy" ]; then
        set -e
    
        check_certs
    
        get_ip 
    
        echo "Deploying Shipyard"
        echo " -> Starting Database"
        start_rethinkdb
        echo " -> Starting Discovery"
        start_discovery
        echo " -> Starting Cert Volume"
        start_certs
        echo " -> Starting Proxy"
        start_proxy
        echo " -> Starting Swarm Manager"
        start_swarm_manager
        echo " -> Starting Swarm Agent"
        start_swarm_agent
        echo " -> Starting Controller"
        start_controller
    
        wait_for_available $SHIPYARD_IP $SHIPYARD_PORT
    
        echo "Shipyard available at $SHIPYARD_PROTOCOL://$SHIPYARD_IP:$SHIPYARD_PORT"
        if [ $ENABLE_TLS = 1 ] && [ ! -z "$CERT_FINGERPRINT" ]; then
            echo "SSL SHA-256 Fingerprint: $CERT_FINGERPRINT"
        fi
        echo "Username: admin Password: shipyard"
    
    elif [ "$ACTION" = "node" ]; then
        set -e
    
        if [ -z "$DISCOVERY" ]; then
            echo "You must set the DISCOVERY environment variable"
            echo "with the discovery system used with Swarm"
            exit 1
        fi
    
        check_certs
    
        echo "Adding Node"
        echo " -> Starting Cert Volume"
        start_certs
        echo " -> Starting Proxy"
        start_proxy
        echo " -> Starting Swarm Manager"
        start_swarm_manager $DISCOVERY
        echo " -> Starting Swarm Agent"
        start_swarm_agent
    
        echo "Node added to Swarm: $SHIPYARD_IP"
        
    elif [ "$ACTION" = "upgrade" ]; then
        set -e
    
        check_certs
    
        get_ip
    
        echo "Upgrading Shipyard"
        echo " -> Pulling $IMAGE"
        docker pull $IMAGE
    
        echo " -> Upgrading Controller"
        remove_controller
        start_controller
    
        wait_for_available $SHIPYARD_IP $SHIPYARD_PORT
    
        echo "Shipyard controller updated"
    
    elif [ "$ACTION" = "remove" ]; then
        # ignore errors
        set +e
    
        echo "Removing Shipyard"
        echo " -> Removing Database"
        remove_rethinkdb
        echo " -> Removing Discovery"
        remove_discovery
        echo " -> Removing Cert Volume"
        remove_certs
        echo " -> Removing Proxy"
        remove_proxy
        echo " -> Removing Swarm Agent"
        remove_swarm_agent
        echo " -> Removing Swarm Manager"
        remove_swarm_manager
        echo " -> Removing Controller"
        remove_controller
    
        echo "Done"
    else
        echo "Unknown action $ACTION"
        exit 1
    fi
    View Code

     

  4. 注:作者由于没有时间与精力继续维护下去,只能无奈的决定停止这个项目,官网也被关掉了。
  5. 若下载安装失败请尝试替换下载链接为https://raw.githubusercontent.com/shipyard/shipyard-project.com/master/site/themes/shipyard/static/deploy

以上是关于Docker私有云管理平台————Docker Shipyard的主要内容,如果未能解决你的问题,请参考以下文章

Docker私有云管理平台————Docker Shipyard

Docker私有云管理平台————Docker Shipyard

OPS基于Mesos/Docker构建的Elasticsearch容器化私有云

docker 搭建私有云盘 Seafile

云原生之Docker实战部署docker管理平台shipyard

去哪儿网OPS团队基于Mesos/Docker构建的Elasticsearch容器化私有云