docker-machine使用
docker-machine命令
[root@master ~]# docker-machine --help Usage: docker-machine [OPTIONS] COMMAND [arg...] Create and manage machines running Docker. Version: 0.14.0, build 89b8332 Author: Docker Machine Contributors - <https://github.com/docker/machine> Options: --debug, -D Enable debug mode --storage-path, -s "/root/.docker/machine" Configures storage path [$MACHINE_STORAGE_PATH] --tls-ca-cert CA to verify remotes against [$MACHINE_TLS_CA_CERT] --tls-ca-key Private key to generate certificates [$MACHINE_TLS_CA_KEY] --tls-client-cert Client cert to use for TLS [$MACHINE_TLS_CLIENT_CERT] --tls-client-key Private key used in client TLS auth [$MACHINE_TLS_CLIENT_KEY] --github-api-token Token to use for requests to the Github API [$MACHINE_GITHUB_API_TOKEN] --native-ssh Use the native (Go-based) SSH implementation. [$MACHINE_NATIVE_SSH] --bugsnag-api-token BugSnag API token for crash reporting [$MACHINE_BUGSNAG_API_TOKEN] --help, -h show help --version, -v print the version Commands: active Print which machine is active config Print the connection config for machine create Create a machine env Display the commands to set up the environment for the Docker client inspect Inspect information about a machine ip Get the IP address of a machine kill Kill a machine ls List machines provision Re-provision existing machines regenerate-certs Regenerate TLS Certificates for a machine restart Restart a machine rm Remove a machine ssh Log into or run a command on a machine with SSH. scp Copy files between machines mount Mount or unmount a directory from a machine with SSHFS. start Start a machine status Get the status of a machine stop Stop a machine upgrade Upgrade a machine to the latest version of Docker url Get the URL of a machine version Show the Docker Machine version or a machine docker version help Shows a list of commands or help for one command docker-machine active 显示当前的活动主机 docker-machine config 显示连接主机的配置 docker-machine create 创建一个主机 docker-machine env 设置当前的环境与哪个主机通信 docker-machine inspect 查看主机的详细信息 docker-machine ip 查看主机的IP docker-machine kill 强制关闭一个主机 docker-machine ls 查看所有的主机信息 docker-machine provision 重新配置现在主机 docker-machine regenerate-certs 为主机重新生成证书 docker-machine restart 重启主机 docker-machine rm 删除主机 docker-machine ssh 以SSH的方式连接到主机上 docker-machine scp 远程复制 docker-machine status 查看主机的状态 docker-machine stop 停止一个正在运行的主机 docker-machine upgrade 升级主机的docker服务到最新版本 docker-machine version 查看docker-machine版本
查看版本
[root@master ~]# docker-machine -v docker-machine version 0.15.0, build b48dc28d
使用
通过Docker Machine 创建docker(我用了两台机器)
- 192.168.0.200 安装docker machine的机器 主机名:master
- 192.168.0.201 被管理的机器 主机名:node01
创建步骤:
1. 配置主机间的SSH免密(在192.168.0.200上面创建)
# 生成keys并配置可以免密登录主机(这个是必须要做的)
[root@master ~]# ssh-keygen Generating public/private rsa key pair. Enter file in which to save the key (/root/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /root/.ssh/id_rsa. Your public key has been saved in /root/.ssh/id_rsa.pub. The key fingerprint is: SHA256:z51IwBSr8MFDAAuZyVKtQ/PxzEr2Su3KM0OVpLH7V8k root@master The key's randomart image is: +---[RSA 2048]----+ |o=oo... o. | |=oo.+o.o . | |...+.X+.+ | | o *o*+ . | | + *o S... | | = o +Eo . | | o + .+ o | | .= o . | | o= . | +----[SHA256]-----+
# 将keys拷贝到node01上去
[root@master ~]# ssh-copy-id root@192.168.0.201 /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub" /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys root@192.168.0.201's password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh 'root@192.168.0.201'" and check to make sure that only the key(s) you wanted were added. [root@master ~]# ssh root@192.168.0.201 Last login: Tue Jul 14 09:10:07 2020 from 192.168.0.102 [root@node01 ~]# exit 登出 Connection to 192.168.0.201 closed.
使用docker machine创建docker host
# 使用docker machine 创建 # 对于docker machine来将,术语Machine就是运行docker daemon的主机,创建machine就是在host上安装docker # 执行docker-macine ls查看当前的machine [root@master ~]# docker-machine ls NAME ACTIVE DRIVER STATE URL SWARM DOCKER ERRORS
# 当前还没有一个machine,接下来我们创建第一个machine
[root@master ~]# docker-machine create --driver generic --generic-ip-address=192.168.0.201 docker02 Running pre-create checks... Creating machine... (docker02) No SSH key specified. Assuming an existing key at the default location. Waiting for machine to be running, this may take a few minutes... Detecting operating system of created instance... Waiting for SSH to be available... Detecting the provisioner... Provisioning with centos... Copying certs to the local machine directory... Copying certs to the remote machine... Setting Docker configuration on the remote daemon... Checking connection to Docker... Docker is up and running! To see how to connect your Docker Client to the Docker Engine running on this virtual machine, run: docker-machine env docker02 [root@master ~]# docker-machine ls NAME ACTIVE DRIVER STATE URL SWARM DOCKER ERRORS docker01 - generic Running tcp://192.168.0.201:2376 v19.03.12 docker02 - generic Running tcp://192.168.0.201:2376 v19.03.12
注意:这里会出现Error creating machine: Error running provisioning: error installing docker: 这样的错误 原因就是因为网络的原因,没有安装docker
# 登录到node01查看配置项
[root@master ~]# ssh root@192.168.0.201 Last login: Tue Jul 14 10:18:55 2020 from master [root@docker02 ~]# cat /etc/systemd/system/docker.service.d/10-machine.conf [Service] ExecStart= ExecStart=/usr/bin/dockerd -H tcp://0.0.0.0:2376 -H unix:///var/run/docker.sock --storage-driver devicemapper --tlsverify --tlscacert /etc/docker/ca.pem --tlscert /etc/docker/server.pem --tlskey /etc/docker/server-key.pem --label provider=generic Environment=
注:-H tcp:
//0
.0.0.0:2376 使docker daemon接受远程连接
--tls*对远程连接启用安全认证和加密
注:大家可能会发现这里的主机名变成了docker02 原因就是docker-machine创建的时候会把主机名也一起修改
# 查看docker02的环境变量
[root@master ~]# docker-machine env docker02 export DOCKER_TLS_VERIFY="1" export DOCKER_HOST="tcp://192.168.0.201:2376" export DOCKER_CERT_PATH="/root/.docker/machine/machines/docker02" export DOCKER_MACHINE_NAME="docker02" # Run this command to configure your shell: # eval $(docker-machine env docker02)
其他命令操作
# 其他命令 # create 命令 选项包括: ·--driver,-d"none" 指定驱动类型; ·--engine-install-url"https://get.docker.com" 配置Dokcer主机时候的安装URL; ·--engine-opt option 以键值对格式指定所创建Docker引擎的参数; ·--engine-insecure-registry option 以键值对格式指定所创建Docker引擎允许访问的不支持认证的注册仓库服务; ·--engine-registry-mirror option 指定使用注册仓库镜像; ·--engine-label option 为所创建的Docker引擎添加标签; ·--engine-storage-driver 存储后端驱动类型; ·--engine-env option 指定环境变量; ·--swarm 指定使用Swarm; ·--swarm-image"swarm:latest" 使用Swarm时候采用的镜像; ·--swarm-master 配置机器作为Swarm集群的master节点; ·--swarm-discovery Swarm集群的服务发现机制参数; ·--swarm-strategy"spread" Swarm默认调度策略; ·--swarm-opt option 任意传递给Swarm的参数; ·--swarm-host"tcp://0.0.0.0:3376" 指定地址将监听 Swarm master节点请求; ·--swarm-addr 从指定地址发送广播加入Swarm集群服务。 实例: docker-machine create -d virtualbox \ --engine-storage-driver overlay \ --engine-label name=testmachine \ --engine-label year=2018 \ --engine-opt dns=8.8.8.8 \ --engine-env HTTP_PROXY=http://proxy.com:3128 \ --engine-insecure-registry registry.private.com \ mydockermachine
# active命令
[root@master ~]# docker-machine ls NAME ACTIVE DRIVER STATE URL SWARM DOCKER ERRORS docker01 * generic Running tcp://192.168.0.201:2376 v19.03.12 docker02 * generic Running tcp://192.168.0.201:2376 v19.03.12
# 这里的状态是没有被激活
[root@master ~]# docker-machine env docker02 export DOCKER_TLS_VERIFY="1" export DOCKER_HOST="tcp://192.168.0.201:2376" export DOCKER_CERT_PATH="/root/.docker/machine/machines/docker02" export DOCKER_MACHINE_NAME="docker02" # Run this command to configure your shell: # eval $(docker-machine env docker02)
# config命令
[root@master ~]# docker-machine config docker02 --tlsverify --tlscacert="/root/.docker/machine/machines/docker02/ca.pem" --tlscert="/root/.docker/machine/machines/docker02/cert.pem" --tlskey="/root/.docker/machine/machines/docker02/key.pem" -H=tcp://192.168.0.201:2376
# inspect命令
[root@master ~]# docker-machine inspect docker02 { "ConfigVersion": 3, "Driver": { "IPAddress": "192.168.0.201", "MachineName": "docker02", "SSHUser": "root", "SSHPort": 22, "SSHKeyPath": "", "StorePath": "/root/.docker/machine", "SwarmMaster": false, "SwarmHost": "", "SwarmDiscovery": "", "EnginePort": 2376, "SSHKey": "" }, "DriverName": "generic", "HostOptions": { "Driver": "", "Memory": 0, "Disk": 0, "EngineOptions": { "ArbitraryFlags": [], "Dns": null, "GraphDir": "", "Env": [], "Ipv6": false, "InsecureRegistry": [], "Labels": [], "LogLevel": "", "StorageDriver": "", "SelinuxEnabled": false, "TlsVerify": true, "RegistryMirror": [], "InstallURL": "https://get.docker.com" }, "SwarmOptions": { "IsSwarm": false, "Address": "", "Discovery": "", "Agent": false, "Master": false, "Host": "tcp://0.0.0.0:3376", "Image": "swarm:latest", "Strategy": "spread", "Heartbeat": 0, "Overcommit": 0, "ArbitraryFlags": [], "ArbitraryJoinFlags": [], "Env": null, "IsExperimental": false }, "AuthOptions": { "CertDir": "/root/.docker/machine/certs", "CaCertPath": "/root/.docker/machine/certs/ca.pem", "CaPrivateKeyPath": "/root/.docker/machine/certs/ca-key.pem", "CaCertRemotePath": "", "ServerCertPath": "/root/.docker/machine/machines/docker02/server.pem", "ServerKeyPath": "/root/.docker/machine/machines/docker02/server-key.pem", "ClientKeyPath": "/root/.docker/machine/certs/key.pem", "ServerCertRemotePath": "", "ServerKeyRemotePath": "", "ClientCertPath": "/root/.docker/machine/certs/cert.pem", "ServerCertSANs": [], "StorePath": "/root/.docker/machine/machines/docker02" } }, "Name": "docker02" }
#ssh命令
[root@master ~]# docker-machine ssh dock02 docker images Docker machine "dock02" does not exist. Use "docker-machine ls" to list machines. Use "docker-machine create" to add a new one. [root@master ~]# docker-machine ssh docker02 Last login: Tue Jul 14 10:53:54 2020 from master
# url命令
root@master ~]# docker-machine url docker02 tcp://192.168.0.201:2376
# status命令
[root@master ~]# docker-machine status docker02
Running
# version命令
[root@master ~]# docker-machine version docker02 19.03.12