如何在swarm的service中使用volume或者bind 挂载?
volume和bind volume都是持久化容器数据的方案。
通过持久化容器中的数据,避免了将数据写入到容器的可写层,从而呢,可以最大化的容器的性能!更重要的是,提升了容器的可移植性!在service中,同样的可以使用数据卷和绑定挂载(bind mount)
接下来的部门,说说在service中如何使用数据卷和bind挂载,及其关键注意事项!
数据卷
数据卷容器之外的,存储数据的区域。当容器,task的结束之后,数据卷还是存在的,数据卷需要单独的进行管理。
数据卷的创建原则
- 可以在部署service之前进行创建
- 可以在调度的时候,会自动的创建
示例
举个例子,创建service的时候指定volume参数
# 默认没有任何的数据卷 [root@nccztsjb-node-01 ~]# docker volume ls DRIVER VOLUME NAME [root@nccztsjb-node-01 ~]# # 创建service指定数据卷 docker service create \ --with-registry-auth \ --name=nginx \ --replicas=4 \ --publish published=8080,target=80 \ --mount type=volume,src=nginx-vol,dst=/data \ 172.20.58.152/middleware/nginx:1.21.4
部署过程的详细信息,如下:
- type是volume,也可以不指定,默认就是volume
- src是数据卷的名字
- dst是容器中挂载的目录的名字
[root@nccztsjb-node-01 ~]# docker service create \ > --with-registry-auth \ > --name=nginx \ > --replicas=4 \ > --publish published=8080,target=80 \ > --mount type=volume,src=nginx-vol,dst=/data \ > 172.20.58.152/middleware/nginx:1.21.4 iz53dp7yop4q157nev4eu5i19 overall progress: 4 out of 4 tasks 1/4: running [==================================================>] 2/4: running [==================================================>] 3/4: running [==================================================>] 4/4: running [==================================================>] verify: Service converged [root@nccztsjb-node-01 ~]#
查看service的部署情况和volume的信息
service的4个task分布在集群的4个节点上,并且每个节点上都自动创建了volume,默认的数据卷的类型是local
[root@nccztsjb-node-01 ~]# docker service ls ID NAME MODE REPLICAS IMAGE PORTS iz53dp7yop4q nginx replicated 4/4 172.20.58.152/middleware/nginx:1.21.4 *:8080->80/tcp [root@nccztsjb-node-01 ~]# docker service ps nginx ID NAME IMAGE NODE DESIRED STATE CURRENT STATE ERROR PORTS k05fk94n9d9x nginx.1 172.20.58.152/middleware/nginx:1.21.4 nccztsjb-node-04 Running Running about a minute ago phm5xmwq4ntb nginx.2 172.20.58.152/middleware/nginx:1.21.4 nccztsjb-node-02 Running Running about a minute ago 97x4izunap3r nginx.3 172.20.58.152/middleware/nginx:1.21.4 nccztsjb-node-01 Running Running about a minute ago c809xnt9wwab nginx.4 172.20.58.152/middleware/nginx:1.21.4 nccztsjb-node-05 Running Running about a minute ago [root@nccztsjb-node-01 ~]# [root@nccztsjb-node-01 ~]# # 节点1 [root@nccztsjb-node-01 ~]# docker volume ls DRIVER VOLUME NAME local nginx-vol [root@nccztsjb-node-01 ~]# # 节点2 [root@nccztsjb-node-02 ~]# docker volume ls DRIVER VOLUME NAME local nginx-vol [root@nccztsjb-node-02 ~]# # 节点3 RIVER VOLUME NAME local nginx-vol [root@nccztsjb-node-04 ~]# # 节点4 [root@nccztsjb-node-05 ~]# docker volume ls DRIVER VOLUME NAME local nginx-vol [root@nccztsjb-node-05 ~]#
数据卷在宿主机上的位置
[root@nccztsjb-node-01 ~]# docker volume inspect nginx-vol [ { "CreatedAt": "2022-09-22T10:12:04+08:00", "Driver": "local", "Labels": null, "Mountpoint": "/var/lib/docker/volumes/nginx-vol/_data", "Name": "nginx-vol", "Options": null, "Scope": "local" } ] [root@nccztsjb-node-01 ~]#
容器中的挂载情况,已经挂载到容器中的/data目录上了
[root@nccztsjb-node-01 ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES aeb3fbd6b431 172.20.58.152/middleware/nginx:1.21.4 "/docker-entrypoint.…" 7 minutes ago Up 7 minutes 80/tcp nginx.3.97x4izunap3rgdejsemzwe8pv [root@nccztsjb-node-01 ~]# docker exec -it aeb3fbd6b431 df -h Filesystem Size Used Avail Use% Mounted on overlay 49G 20G 27G 43% / tmpfs 64M 0 64M 0% /dev tmpfs 7.6G 0 7.6G 0% /sys/fs/cgroup shm 64M 0 64M 0% /dev/shm /dev/vda2 49G 20G 27G 43% /data tmpfs 7.6G 0 7.6G 0% /proc/acpi tmpfs 7.6G 0 7.6G 0% /proc/scsi tmpfs 7.6G 0 7.6G 0% /sys/firmware [root@nccztsjb-node-01 ~]#
OK,再来看bind 挂载的部分······
bind挂载
bind挂载,就是一个宿主机上的文件目录。在task被调度到这个主机上的时候,必须要先有这个目录才行,这个是非常重要的一点!要十分的注意!
更加需要注意的是,如果集群有多个节点,要确保每个节点上都要有这个目录,因为,task会调度到任意的节点,或重新被调度,如果没有该目录,调度就会失败!无法最大化的利用集群的能力!也就是调度的能力!
来看个示例
挂载读写的bind目录
- 这里的type是bind
- src是宿主机上的目录
- dst是目标容器上的挂载目录
docker service create \ --with-registry-auth \ --name=nginx \ --replicas=4 \ --publish published=8080,target=80 \ --mount type=bind,src=/data/nginxdata,dst=/data \ 172.20.58.152/middleware/nginx:1.21.4
如果宿主机上的目录不存在,部署会失败!
在每个节点,创建这个目录
mkdir -p /data/nginxdata
service部署就正常了
[root@nccztsjb-node-01 ~]# docker service ls ID NAME MODE REPLICAS IMAGE PORTS hjtliru1qhmy nginx replicated 4/4 172.20.58.152/middleware/nginx:1.21.4 *:8080->80/tcp [root@nccztsjb-node-01 ~]# docker service ps nginx ID NAME IMAGE NODE DESIRED STATE CURRENT STATE ERROR PORTS uabtj2k6esws nginx.1 172.20.58.152/middleware/nginx:1.21.4 nccztsjb-node-01 Running Running 26 seconds ago uj3i2bbnpeh7 \_ nginx.1 172.20.58.152/middleware/nginx:1.21.4 nccztsjb-node-04 Shutdown Rejected 37 seconds ago "invalid mount config for type…" vrgxk1dnytoe \_ nginx.1 172.20.58.152/middleware/nginx:1.21.4 nccztsjb-node-04 Shutdown Rejected 42 seconds ago "invalid mount config for type…" kvylyopxi64x \_ nginx.1 172.20.58.152/middleware/nginx:1.21.4 nccztsjb-node-05 Shutdown Rejected 47 seconds ago "invalid mount config for type…" 4j7oqqq57ijn \_ nginx.1 172.20.58.152/middleware/nginx:1.21.4 nccztsjb-node-05 Shutdown Rejected 52 seconds ago "invalid mount config for type…" ji3uentc2bgj nginx.2 172.20.58.152/middleware/nginx:1.21.4 nccztsjb-node-01 Running Running 20 seconds ago lu4v0h7grbnv \_ nginx.2 172.20.58.152/middleware/nginx:1.21.4 nccztsjb-node-04 Shutdown Rejected 32 seconds ago "invalid mount config for type…" cb699gtqwud5 \_ nginx.2 172.20.58.152/middleware/nginx:1.21.4 nccztsjb-node-01 Shutdown Rejected 37 seconds ago "invalid mount config for type…" zqwnhvteobt1 \_ nginx.2 172.20.58.152/middleware/nginx:1.21.4 nccztsjb-node-01 Shutdown Rejected 42 seconds ago "invalid mount config for type…" gm2u2zf0blov \_ nginx.2 172.20.58.152/middleware/nginx:1.21.4 nccztsjb-node-02 Shutdown Rejected 47 seconds ago "invalid mount config for type…" 3fr37xdbcfr3 nginx.3 172.20.58.152/middleware/nginx:1.21.4 nccztsjb-node-01 Running Running 20 seconds ago tovkq5krz0wl \_ nginx.3 172.20.58.152/middleware/nginx:1.21.4 nccztsjb-node-02 Shutdown Rejected 32 seconds ago "invalid mount config for type…" 71mruquh4w7b \_ nginx.3 172.20.58.152/middleware/nginx:1.21.4 nccztsjb-node-05 Shutdown Rejected 37 seconds ago "invalid mount config for type…" w76hx98xxt5j \_ nginx.3 172.20.58.152/middleware/nginx:1.21.4 nccztsjb-node-05 Shutdown Rejected 42 seconds ago "invalid mount config for type…" 4hq6p8wdiksd \_ nginx.3 172.20.58.152/middleware/nginx:1.21.4 nccztsjb-node-01 Shutdown Rejected 47 seconds ago "invalid mount config for type…" m0jz3jtq24ex nginx.4 172.20.58.152/middleware/nginx:1.21.4 nccztsjb-node-01 Running Running 21 seconds ago llfevbb0053b \_ nginx.4 172.20.58.152/middleware/nginx:1.21.4 nccztsjb-node-05 Shutdown Rejected 32 seconds ago "invalid mount config for type…" s1au6l84btzl \_ nginx.4 172.20.58.152/middleware/nginx:1.21.4 nccztsjb-node-02 Shutdown Rejected 37 seconds ago "invalid mount config for type…" xn6ulpdzfa0y \_ nginx.4 172.20.58.152/middleware/nginx:1.21.4 nccztsjb-node-02 Shutdown Rejected 42 seconds ago "invalid mount config for type…" junisllhm4yu \_ nginx.4 172.20.58.152/middleware/nginx:1.21.4 nccztsjb-node-04 Shutdown Rejected 47 seconds ago "invalid mount config for type…" [root@nccztsjb-node-01 ~]#
绑定挂载的使用风险
绑定挂载可能很有用,但也可能导致问题。在大多数情况下,建议您在部署应用程序时不必从主机挂载路径。
主要风险包括以下几个方面:
- 需要在每个swarm节点创建目录,因为swarm调度器,有可能将容器调度任意的节点
- 如果服务容器变得不健康或不可达,Docker群集模式调度程序可以随时重新调度正在运行的服务容器。
- 主机绑定挂载是不可移植的。当您使用绑定挂载时,不能保证您的应用程序在开发中以与在生产中相同的方式运行。
so,建议在应用部署的时候,使用数据卷的挂载的方式!这就不需要考虑宿主机的目录创建和管理!
