十、Doocker Swarm
Swarm 简介
Docker Swarm 是 Docker 的集群管理工具。它将 Docker 主机池转变为单个虚拟 Docker 主机。 Docker Swarm 提供了标准的 Docker API,所有任何已经与 Docker 守护程序通信的工具都可以使用 Swarm 轻松地扩展到多个主机。
Swarm 原理
如下图所示,swarm 集群由管理节点(manager)和工作节点(work node)构成。
swarm mananger:负责整个集群的管理工作包括集群配置、服务管理等所有跟集群有关的工作。
work node:即图中的 worker,主要负责运行相应的服务来执行任务。
# 查看 docker swarm 命令帮助信息
[root@docker ~]# docker swarm --help
Usage: docker swarm COMMAND
Manage Swarm
Commands:
ca Display and rotate the root CA
init Initialize a swarm
join Join a swarm as a node and/or manager
join-token Manage join tokens
leave Leave the swarm
unlock Unlock swarm
unlock-key Manage the unlock key
update Update the swarmSwarm 使用
1.准备4台相同配置机器
# 1.centos 7及以上Linux
[root@docker ~]# cat /etc/centos-release
CentOS Linux release 7.9.2009 (Core)
# 2.安装gcc相关环境
[root@docker ~]# yum install -y gcc gcc-c++
[root@docker ~]# yum update -y
# 3.安装Docker
# (详细步骤见第二篇)
[root@docker ~]# docker version
Client: Docker Engine - Community
Version: 20.10.17
......
......
Server: Docker Engine - Community
Engine:
Version: 20.10.17
......
......2.部署集群
1. 初始化生成主节点 docker swarm init
2. 以 manager 或 worker 身份加入集群
# 初始化 swarm 集群,进行初始化的这台机器,就是集群的管理节点
# 将 dcoker-1 初始化成为主节点
[root@dcoker-1 ~]# docker swarm init --advertise-addr 192.168.10.131
Swarm initialized: current node (mvl1u5xscrpsz1eyh95nw0h8d) is now a manager.
To add a worker to this swarm, run the following command:
docker swarm join --token SWMTKN-1-5qcgyboe58rc3vbp87legjqwhd1c5gk7zynalnstvwoze53aeu-66bq8qbw0g6nf4sa73uiv10up 192.168.10.131:2377
To add a manager to this swarm, run 'docker swarm join-token manager' and follow the instructions.
# 将 docker-2 以 worker 身份加入
[root@dcoker-2 ~]# docker swarm join --token SWMTKN-1-5qcgyboe58rc3vbp87legjqwhd1c5gk7zynalnstvwoze53aeu-66bq8qbw0g6nf4sa73uiv10up 192.168.10.131:2377
This node joined a swarm as a worker.
# 将 docker-3 以 worker 身份加入
[root@dcoker-3 ~]# docker swarm join --token SWMTKN-1-5qcgyboe58rc3vbp87legjqwhd1c5gk7zynalnstvwoze53aeu-66bq8qbw0g6nf4sa73uiv10up 192.168.10.131:2377
This node joined a swarm as a worker.
# 生成可以以管理者身份加入的令牌
[root@dcoker-1 ~]# docker swarm join-token manager
To add a manager to this swarm, run the following command:
docker swarm join --token SWMTKN-1-5qcgyboe58rc3vbp87legjqwhd1c5gk7zynalnstvwoze53aeu-df3olm2lg4d8fnmes29f59q48 192.168.10.131:2377
# 将 docker-4 以 管理者 身份加入
[root@dcoker-4 ~]# docker swarm join --token SWMTKN-1-5qcgyboe58rc3vbp87legjqwhd1c5gk7zynalnstvwoze53aeu-df3olm2lg4d8fnmes29f59q48 192.168.10.131:2377
This node joined a swarm as a manager.查看各节点信息
( 双主双从 )
[root@dcoker-1 ~]# docker node ls
ID HOSTNAME STATUS AVAILABILITY MANAGER STATUS ENGINE VERSION
eksgn44obh21fkyxc2szppibm Unknown Active
mvl1u5xscrpsz1eyh95nw0h8d * dcoker-1 Ready Active Leader 20.10.17
hxhtnvdehz9ddn15bt5no377t dcoker-2 Ready Active 20.10.17
47zbgmx99hbxz10z74jxdu6j3 dcoker-3 Ready Active 20.10.17
rp1rwcvr2napy82mb5o4pj4em dcoker-4 Ready Active Reachable 20.10.17若使用swarm搭建集群时出现如下错误:
[root@dcoker-2 ~]# docker swarm join --token SWMTKN-1-5qcgyboe58rc3vbp87legjqwhd1c5gk7zynalnstvwoze53aeu-66bq8qbw0g6nf4sa73uiv10up 192.168.10.131:2377
Error response from daemon: rpc error: code = Unavailable desc = connection error: desc = "transport: Error while dialing dial tcp 192.168.10.131:2377: connect: no route to host"将 manager上的防火墙关闭即可 :
systemctl stop firewalld
systemctl disable firewalld3.Raft协议
Raft 协议:保证大多数节点存活才可以用。至少大与1台,集群至少大于3台
双主双从:若一个节点故障,其他节点是否可用?
实验
1.将 docker-1 停止(宕机),双主,另外一个主节点 ( docker-4 ) 也不能使用了
[root@dcoker-1 ~]# systemctl stop docker
[root@dcoker-4 ~]# docker node ls
Error response from daemon: rpc error: code = Unknown desc = The swarm does not have a leader. It's possible that too few managers are online. Make sure more than half of the managers are online.# 恢复docker-1
[root@dcoker-1 ~]# systemctl start docker
# 查看节点信息
[root@dcoker-1 ~]# docker node ls
ID HOSTNAME STATUS AVAILABILITY MANAGER STATUS ENGINE VERSION
eksgn44obh21fkyxc2szppibm Unknown Active
mvl1u5xscrpsz1eyh95nw0h8d * dcoker-1 Ready Active Reachable 20.10.17
hxhtnvdehz9ddn15bt5no377t dcoker-2 Ready Active 20.10.17
47zbgmx99hbxz10z74jxdu6j3 dcoker-3 Ready Active 20.10.17
rp1rwcvr2napy82mb5o4pj4em dcoker-4 Ready Active Leader 20.10.17
# dcoker-1 恢复,但身份从 Leader 变成了 Reachable
# docker-1 宕机时,docker-4 顶替成为 Leader ,但服务无法正常运行2.将 docker-3 离开,仍正常运行
# 正常运行
[root@dcoker-1 ~]# docker node ls
ID HOSTNAME STATUS AVAILABILITY MANAGER STATUS ENGINE VERSION
eksgn44obh21fkyxc2szppibm Down Active
mvl1u5xscrpsz1eyh95nw0h8d * dcoker-1 Ready Active Reachable 20.10.17
hxhtnvdehz9ddn15bt5no377t dcoker-2 Ready Active 20.10.17
47zbgmx99hbxz10z74jxdu6j3 dcoker-3 Ready Active 20.10.17
rp1rwcvr2napy82mb5o4pj4em dcoker-4 Ready Active Leader 20.10.17
# 将 dcoker-3 离开集群
[root@dcoker-3 ~]# docker swarm leave
Node left the swarm.
# docker-3 的状态成为 Down
# 但集群服务仍可以正常运行
[root@dcoker-1 ~]# docker node ls
ID HOSTNAME STATUS AVAILABILITY MANAGER STATUS ENGINE VERSION
eksgn44obh21fkyxc2szppibm Down Active
mvl1u5xscrpsz1eyh95nw0h8d * dcoker-1 Ready Active Reachable 20.10.17
hxhtnvdehz9ddn15bt5no377t dcoker-2 Ready Active 20.10.17
47zbgmx99hbxz10z74jxdu6j3 dcoker-3 Down Active 20.10.17
rp1rwcvr2napy82mb5o4pj4em dcoker-4 Ready Active Leader 20.10.173.将 docker-3 也设置为管理者,(此时 1、3、4 为管理者,2 为工作者)再将 docker-1 关闭,服务仍可正常运行
# 获取令牌
[root@dcoker-1 ~]# docker swarm join-token manager
To add a manager to this swarm, run the following command:
docker swarm join --token SWMTKN-1-5qcgyboe58rc3vbp87legjqwhd1c5gk7zynalnstvwoze53aeu-df3olm2lg4d8fnmes29f59q48 192.168.10.131:2377
[root@dcoker-3 ~]# docker swarm join --token SWMTKN-1-5qcgyboe58rc3vbp87legjqwhd1c5gk7zynalnstvwoze53aeu-df3olm2lg4d8fnmes29f59q48 192.168.10.131:2377
This node joined a swarm as a manager.
# 停止 docker-1
[root@dcoker-1 ~]# systemctl stop docker
# dcoker-1 宕机,但服务正常运行
[root@dcoker-4 ~]# docker node ls
ID HOSTNAME STATUS AVAILABILITY MANAGER STATUS ENGINE VERSION
eksgn44obh21fkyxc2szppibm Down Active
mvl1u5xscrpsz1eyh95nw0h8d dcoker-1 Down Active Unreachable 20.10.17
hxhtnvdehz9ddn15bt5no377t dcoker-2 Ready Active 20.10.17
l178ccqkj63nh2m7w7z3alpkm dcoker-3 Ready Active Reachable 20.10.17
rp1rwcvr2napy82mb5o4pj4em * dcoker-4 Ready Active Leader 20.10.17Raft 协议:保证大多数节点存活集群才可以正常运行
(至少两台管理节点存活,才能正常运行)
4.动态伸缩
docker run 无法弹性伸缩
docker service 可以弹性伸缩,滚动更新
# 查看 docker service 帮助信息
[root@dcoker-1 ~]# docker service --help
Usage: docker service COMMAND
Manage services
Commands:
create Create a new service
inspect Display detailed information on one or more services
logs Fetch the logs of a service or task
ls List services
ps List the tasks of one or more services
rm Remove one or more services
rollback Revert changes to a service's configuration
scale Scale one or multiple replicated services
update Update a service# 创建 nginx 服务
[root@dcoker-1 ~]# docker service create -p 80:80 --name my-nginx nginx
i33e3tdgt7ihszl2cak0wmyz2
overall progress: 1 out of 1 tasks
1/1: running [==================================================>]
verify: Service converged
[root@dcoker-1 ~]# docker service ls
ID NAME MODE REPLICAS IMAGE PORTS
i33e3tdgt7ih my-nginx replicated 1/1 nginx:latest *:80->80/tcp
# 服务会随机部署到一个节点上(此时是在docker-2)
[root@dcoker-2 ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
6456a900017f nginx:latest "/docker-entrypoint.…" 4 minutes ago Up 4 minutes 80/tcp my-nginx.1.j5ihup81sdnem1ismxdcwu62w创建10个副本
[root@dcoker-1 ~]# docker service update --replicas 10 my-nginx
my-nginx
overall progress: 10 out of 10 tasks
1/10: running [==================================================>]
2/10: running [==================================================>]
3/10: running [==================================================>]
4/10: running [==================================================>]
5/10: running [==================================================>]
6/10: running [==================================================>]
7/10: running [==================================================>]
8/10: running [==================================================>]
9/10: running [==================================================>]
10/10: running [==================================================>]
verify: Service converged
[root@dcoker-1 ~]# docker service ls
ID NAME MODE REPLICAS IMAGE PORTS
i33e3tdgt7ih my-nginx replicated 10/10 nginx:latest *:80->80/tcp服务,集群中任意的节点都可以访问该服务,服务可以有多个副本动态扩缩容实现高可用!
# docker service scale my-nginx=5
# 等同于 docker service update --replicas 10 my-nginx
[root@dcoker-4 ~]# docker service scale my-nginx=5
my-nginx scaled to 5
overall progress: 5 out of 5 tasks
1/5: running [==================================================>]
2/5: running [==================================================>]
3/5: running [==================================================>]
4/5: running [==================================================>]
5/5: running [==================================================>]
verify: Service converged# 删除服务
[root@dcoker-4 ~]# docker service rm my-nginx
my-nginx拓展:
网络模式:"PublishMode":"ingress"
Swarm
Overlay
ingress:特殊的 Overlay 网络,具有负载均衡的功能
上面docker在4台机器上,实际网络是同一个。ingress网络,是一个特殊的Overlay网络
总结:
Swarm 搭建集群、启动服务、动态管理容器
概念总结
Swarm
集群的管理和编号。
docker 可以初始化一个 swarm 集群,其它节点可以加入。(管理者、工作者)
Node
就是一个 docker 节点。
多个节点就组成了网络集群。(管理者、工作者)
Service
服务。
可以在管理节点或者工作节点来运行。集群的核心,用户访问的地方。
Task
容器内的命令,细节任务!
本文作者:CharlieBrown
本文链接:https://www.cnblogs.com/simplerude/p/16416159.html
版权声明:本作品采用知识共享署名-非商业性使用-禁止演绎 2.5 中国大陆许可协议进行许可。
【推荐】国内首个AI IDE,深度理解中文开发场景,立即下载体验Trae
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步