利用ansible centos7 系统批量安装docker1.12 并添加docker macvlan 网络支持
Posted
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了利用ansible centos7 系统批量安装docker1.12 并添加docker macvlan 网络支持相关的知识,希望对你有一定的参考价值。
利用ansible centos7 系统批量安装docker 1.12并添加docker macvlan 网络支持
ansible 目录结构
. ├── hosts ├── roles │ └── docker_client │ ├── defaults │ ├── files │ ├── handlers │ ├── meta │ ├── tasks │ │ └── main.yml # ansible 安装docker 脚本 │ ├── templates │ │ └── docker.repo # docker 最新yum源 │ └── vars ├── site.retry └── site.yml # ansible 主控制脚本
site.yml 文件内容说明 - hosts: all # 所有客户机 user: root #root用户执行 vars: network_card: eth0 # 添加macvlan 参加 本地网卡名字根据实际情况修改 subnet: 192.168.0.0/21 # 网段跟宿主机一个网段 gateway: 192.168.0.210 # 网关docker 使用 netname: eth0_1 #docker macvlan 网卡名字 roles: - docker_client # docker 安装项目
main.yml 文件内容说明
- stat: path=/usr/bin/docker # 判断是否安装docker
register: docker_path_register
- name: yum old docker
yum: name=docker* state=removed # 卸载docker
when: docker_path_register.stat.exists == True # 已经安装卸载已经安装docker
- name: cp docker.repo client
template: src=docker.repo dest=/etc/yum.repos.d/docker.repo # 上传最新docker yum 源到客户机
- name: yum install docker-engine # 安装docker
yum: name=docker-engine state=present
- name: enabled service docker.service #打开docker 服务开机启动
service: name=docker.service enabled=yes
- name: start service docker.service
service: name=docker state=started #启动docker 服务
- name: chmod +x /etc/rc.d/rc.local
shell: chmod +x /etc/rc.d/rc.local #设置rc.local 执行权限
- lineinfile: dest=/etc/rc.d/rc.local line="ip link set {{ network_card }} promisc on" #添加 打开网卡混合模式 必须打开不然docker macvlan 不能访问外面网络
- name: ip link set {{ network_card }} promisc on 打开 立即生效
shell: ip link set {{ network_card }} promisc on
- name: docker network ls |grep macvlan
shell: docker network ls |grep macvlan # 判断是否添加docker macvlan 网卡
register: result
ignore_errors: True # 忽略错误
- name: create docker macvlan
shell: docker network create -d macvlan --subnet={{ subnet }} --gateway={{ gateway }} -o parent={{ network_card }} -o macvlan_mode=bridge {{ netname }} # 配置docker macvlan 网卡
when: result.rc == True #result 返回真执行其它说明:
ansible-playbook -i hosts site.yml -verbose 执行 docker macvlan 使用 docker run -it -d --net=eth0_1(docker macvlan 网卡名字 ) --ip=192.168.2.210 (docker ip) d0de804bd957(docker image) /usr/sbin/init
centos7,6 基础镜像制作脚本中文支持修改时区上海脚本
#!/usr/bin/env bash
#
# Create a base CentOS Docker image.
#
# This script is useful on systems with yum installed (e.g., building
# a CentOS image on CentOS). See contrib/mkimage-rinse.sh for a way
# to build CentOS images on other systems.
usage() {
cat <<EOOPTS
$(basename $0) [OPTIONS] <name>
OPTIONS:
-p "<packages>" The list of packages to install in the container.
The default is blank.
-g "<groups>" The groups of packages to install in the container.
The default is "Core".
-y <yumconf> The path to the yum config to install packages from. The
default is /etc/yum.conf for Centos/RHEL and /etc/dnf/dnf.conf for Fedora
EOOPTS
exit 1
}
# option defaults
yum_config=/etc/yum.conf
if [ -f /etc/dnf/dnf.conf ] && command -v dnf &> /dev/null; then
yum_config=/etc/dnf/dnf.conf
alias yum=dnf
fi
install_groups="Core"
while getopts ":y:p:g:h" opt; do
case $opt in
y)
yum_config=$OPTARG
;;
h)
usage
;;
p)
install_packages="$OPTARG"
;;
g)
install_groups="$OPTARG"
;;
\?)
echo "Invalid option: -$OPTARG"
usage
;;
esac
done
shift $((OPTIND - 1))
name=$1
if [[ -z $name ]]; then
usage
fi
target=$(mktemp -d --tmpdir $(basename $0).XXXXXX)
set -x
mkdir -m 755 "$target"/dev
mknod -m 600 "$target"/dev/console c 5 1
mknod -m 600 "$target"/dev/initctl p
mknod -m 666 "$target"/dev/full c 1 7
mknod -m 666 "$target"/dev/null c 1 3
mknod -m 666 "$target"/dev/ptmx c 5 2
mknod -m 666 "$target"/dev/random c 1 8
mknod -m 666 "$target"/dev/tty c 5 0
mknod -m 666 "$target"/dev/tty0 c 4 0
mknod -m 666 "$target"/dev/urandom c 1 9
mknod -m 666 "$target"/dev/zero c 1 5
# amazon linux yum will fail without vars set
if [ -d /etc/yum/vars ]; then
mkdir -p -m 755 "$target"/etc/yum
cp -a /etc/yum/vars "$target"/etc/yum/
fi
if [[ -n "$install_groups" ]];
then
yum -c "$yum_config" --installroot="$target" --releasever=/ --setopt=tsflags=nodocs --setopt=group_package_types=mandatory -y groupinstall $install_groups
fi
if [[ -n "$install_packages" ]];
then
yum -c "$yum_config" --installroot="$target" --releasever=/ --setopt=tsflags=nodocs --setopt=group_package_types=mandatory -y install $install_packages
fi
yum -c "$yum_config" --installroot="$target" -y clean all
cat > "$target"/etc/sysconfig/network <<EOF
NETWORKING=yes
HOSTNAME=localhost.localdomain
EOF
#zh_cn datetime shanghai
rm -rf "$target"/etc/localtime
cp -d /etc/localtime "$target"/etc/localtime
# effectively: febootstgap-minimize --keep-zoneinfo --keep-rpmdb --keep-services "$target".
# locales
rm -rf "$target"/usr/{{lib,share}/locale,{lib,lib64}/gconv,bin/localedef,sbin/build-locale-archive}
# docs and man pages
rm -rf "$target"/usr/share/{man,doc,info,gnome/help}
# cracklib
rm -rf "$target"/usr/share/cracklib
# i18n
rm -rf "$target"/usr/share/i18n
# yum cache
rm -rf "$target"/var/cache/yum
mkdir -p --mode=0755 "$target"/var/cache/yum
# sln
rm -rf "$target"/sbin/sln
# ldconfig
rm -rf "$target"/etc/ld.so.cache "$target"/var/cache/ldconfig
mkdir -p --mode=0755 "$target"/var/cache/ldconfig
# reinstall glibc-common zh_cn
yum --installroot="$target" --releasever=/ --setopt=tsflags=nodocs --setopt=group_package_types=mandatory -y reinstall glibc-common
yum -c "$yum_config" --installroot="$target" -y clean all
version=
for file in "$target"/etc/{redhat,system}-release
do
if [ -r "$file" ]; then
version="$(sed ‘s/^[^0-9\]*\([0-9.]\+\).*$/\1/‘ "$file")"
break
fi
done
if [ -z "$version" ]; then
echo >&2 "warning: cannot autodetect OS version, using ‘$name‘ as tag"
version=$name
fi
# cn LANG
cat >> "$target"/etc/profile << EOF
ulimit -u 102400
ulimit -n 102400
ulimit -d unlimited
ulimit -m unlimited
ulimit -s unlimited
ulimit -v unlimited
ulimit -t unlimited
ulimit -c unlimited
export LC_ALL="zh_CN.UTF-8"
export LANG="zh_CN.UTF-8"
EOF
tar --numeric-owner -c -C "$target" . | docker import - $name:$version
docker run -i -t --rm $name:$version /bin/bash -c ‘echo success‘
rm -rf "$target"本文出自 “成长记录” 博客,请务必保留此出处http://juestnow.blog.51cto.com/1515305/1877651
以上是关于利用ansible centos7 系统批量安装docker1.12 并添加docker macvlan 网络支持的主要内容,如果未能解决你的问题,请参考以下文章