20170602
1.docker run -itd --name=zhang1 --net="bridge" nginx-php /bin/bash
swarm搭建:
node dkmanager:
1001* systemctl docker
1002 systemctl status docker
1003 docker swarm init
1004 cat /etc/docker/daemon.json
1005 vi /etc/docker/daemon.json
1006 systemctl restart docker
1007 docker swarm init --advertise-addr 192.168.36.141
1008 docker node ls
1009 docker info
1010 docker node ls
1011 history
node1.node2:
997 vi /etc/docker/daemon.json
998 systemctl restart docker
999 docker swarm join --token SWMTKN-1-0ibg226yu582kg5a3yy4p3sz7voqokuqxr813l9siy5b29ay0z-9j5x0782v92hb8ezahdhejxl4 192.168.36.141:2377
1000 history
最后:集群信息
[root@node ~]# docker node ls
ID HOSTNAME STATUS AVAILABILITY MANAGER STATUS
6uylrjuug1dj4bepbqpltjoof * node.srv.word Ready Active Leader
cwv31c38ubktin716270isyvr node02.srv.word Ready Active
elz4aksaqcb9ny33v370qorqq node01.srv.word Ready Active
[root@node ~]# docker info
Containers: 11
Running: 0
Paused: 0
Stopped: 11
Images: 15
Server Version: 1.12.5
Storage Driver: devicemapper
Pool Name: docker-253:0-68171607-pool
Pool Blocksize: 65.54 kB
Base Device Size: 10.74 GB
Backing Filesystem: xfs
Data file: /dev/loop0
Metadata file: /dev/loop1
Data Space Used: 1.556 GB
Data Space Total: 107.4 GB
Data Space Available: 49.02 GB
Metadata Space Used: 3.24 MB
Metadata Space Total: 2.147 GB
Metadata Space Available: 2.144 GB
Thin Pool Minimum Free Space: 10.74 GB
Udev Sync Supported: true
Deferred Removal Enabled: false
Deferred Deletion Enabled: false
Deferred Deleted Device Count: 0
Data loop file: /var/lib/docker/devicemapper/devicemapper/data
WARNING: Usage of loopback devices is strongly discouraged for production use. Use `--storage-opt dm.thinpooldev` to specify a custom block storage device.
Metadata loop file: /var/lib/docker/devicemapper/devicemapper/metadata
Library Version: 1.02.135-RHEL7 (2016-11-16)
Logging Driver: journald
Cgroup Driver: systemd
Plugins:
Volume: local
Network: overlay null host bridge
Swarm: active
NodeID: 6uylrjuug1dj4bepbqpltjoof
Is Manager: true
ClusterID: 4h119wtvwk72tl2b01zcsprqv
Managers: 1
Nodes: 3
Orchestration:
Task History Retention Limit: 5
Raft:
Snapshot Interval: 10000
Heartbeat Tick: 1
Election Tick: 3
Dispatcher:
Heartbeat Period: 5 seconds
CA Configuration:
Expiry Duration: 3 months
Node Address: 192.168.36.141
Runtimes: runc docker-runc
Default Runtime: docker-runc
Security Options: seccomp
Kernel Version: 3.10.0-229.el7.x86_64
Operating System: CentOS Linux 7 (Core)
OSType: linux
Architecture: x86_64
Number of Docker Hooks: 2
CPUs: 1
Total Memory: 1.687 GiB
Name: node.srv.word
ID: ZXA2:27HR:OLD3:GVGG:3ZRF:7UXO:N6EM:75VB:BGGE:N3GP:LUWK:MT57
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
WARNING: bridge-nf-call-ip6tables is disabled
Insecure Registries:
127.0.0.0/8
Registries: docker.io (secure)
[root@node ~]#
再来个web管理工具:Portainer
成了!!!
添加services:
1001 docker node list
1002 docker service create -p 80:80 --name webserver nginx
1003 docker service ls
1004 docker service ps webserver
1005 docker service ls
1006 docker service ps webserver
docker service scale webserver=5
1012 docker service ps
1013 docker service ps webserver
1014 docker images
报错处理:
If you have this
cat /etc/docker/daemon.json
{
"live-restore": true
}
you should change to:
cat /etc/docker/daemon.json
{
"live-restore": false
}
systemctl restart docker
docker swarm init
Failed to get D-Bus connection: Operation not permitted:
My guess is that you're running a non-privileged
container. systemd requires CAP_SYS_ADMIN capability but Docker drops that capability in the non privileged containers, in order to add more security.
systemd also requires RO access to the cgroup file system within a container. You can add it with –v /sys/fs/cgroup:/sys/fs/cgroup:ro
So, here a few steps on how to run CentOS with systemd inside a Docker container:
- Pull centos image
- Set up a docker file like the one below:
FROM centos MAINTAINER “Yourname" <youremail@address.com> ENV container docker RUN yum -y update; yum clean all RUN yum -y install systemd; yum clean all; \ (cd /lib/systemd/system/sysinit.target.wants/; for i in *; do [ $i == systemd-tmpfiles-setup.service ] || rm -f $i; done); \ rm -f /lib/systemd/system/multi-user.target.wants/*;\ rm -f /etc/systemd/system/*.wants/*;\ rm -f /lib/systemd/system/local-fs.target.wants/*; \ rm -f /lib/systemd/system/sockets.target.wants/*udev*; \ rm -f /lib/systemd/system/sockets.target.wants/*initctl*; \ rm -f /lib/systemd/system/basic.target.wants/*;\ rm -f /lib/systemd/system/anaconda.target.wants/*; VOLUME [ “/sys/fs/cgroup” ] CMD [“/usr/sbin/init”]
- Build it -
docker build --rm -t centos7-systemd - < mydockerfile
-
Run a container with
docker run --privileged -ti -e container=docker -v /sys/fs/cgroup:/sys/fs/cgroup centos7-systemd /usr/sbin/init
-
You should have systemd in your container
-
root@node ~]# cat Dockerfile
FROM centos7:base
MAINTAINER “jt" <youremail@address.com>
ENV container docker
RUN yum -y update; yum clean all -
RUN yum -y install systemd; yum clean all; \
(cd /lib/systemd/system/sysinit.target.wants/; for i in *; do [ $i == systemd-tmpfiles-setup.service ] || rm -f $i; done); \
rm -f /lib/systemd/system/multi-user.target.wants/*;\
rm -f /etc/systemd/system/*.wants/*;\
rm -f /lib/systemd/system/local-fs.target.wants/*; \
rm -f /lib/systemd/system/sockets.target.wants/*udev*; \
rm -f /lib/systemd/system/sockets.target.wants/*initctl*; \
rm -f /lib/systemd/system/basic.target.wants/*;\
rm -f /lib/systemd/system/anaconda.target.wants/*;
VOLUME [ “/sys/fs/cgroup” ]
CMD [“/usr/sbin/init”]
ssh-keygen -R 伺服器端的IP或網址
备份和恢复:
docker save -o ~/centos7cg.tar ff37bc5ab732
docker load -i centos7cg.tar
添加集群service:
怀疑CPU存在瓶颈,可用 sar -u 和 sar -q 等来查看
怀疑内存存在瓶颈,可用 sar -B、sar -r 和 sar -W 等来查看
怀疑I/O存在瓶颈,可用 sar -b、sar -u 和 sar -d 等来查看