Docker中Web集群迁移及共享数据
实验环境
| ip | 服务 | 备注 |
|---|---|---|
| 192.168.1.11 | DockerA | |
| 192.168.1.12 | DockerB | |
| 192.168.1.13 | NFS&Docker Registry |
实验目的
DockerA主机内创建apache集群三台容器,热数据htdocs目录持久化到本地。(要求页面显示结果为chaiyanjiang.com)
迁移DockerA主机中的apache集群到DockerB中,需要连同htdocs目录内的数据一并迁移(把DockerA主机内的所有数据打包到镜像层中,并上传到Registry中,在DockerB下载该镜像后直接做成集群)
DockerA主机新建三台集群容器,数据来自NFS服务器,内容为“2020ComeOnWH”
实验步骤
DockerA中搭建web集群
创建热数据持久化目录
[root@dockera ~]# mkdir cyj
[root@dockera ~]# echo "ChaiYanJiang.com" > cyj/index.html运行集群容器
[root@dockera ~]# docker run -d -p 80 --name cyj --volume /root/cyj/:/usr/local/apache2/htdocs httpd
7e555e2f168f905d6008dfe6c429d33cf268f9669baceddf95b1ac1d18249947
[root@dockera ~]# docker run -d -p 80 --name cyj1 --volume /root/cyj/:/usr/local/apache2/htdocs httpd
07404ab9b1ca3f16d58a50b1b882342122152269d5a1b71d1127df5a5edfa561
[root@dockera ~]# docker run -d -p 80 --name cyj2 --volume /root/cyj/:/usr/local/apache2/htdocs httpd
490e509a69a8f150cfa130ee7a5ff03057b49d1d5edc10477dbeeb0cb205a493查看三台apache容器的80端口在物理机的映射端口
[root@dockera ~]# docker ps
PORTS NAMES
0.0.0.0:32770->80/tcp cyj2
0.0.0.0:32769->80/tcp cyj1
0.0.0.0:32768->80/tcp cyj用物理机ip访问这些端口,来验证物理机的cyj目录是否被每台容器的htdocs挂载使用
[root@dockera ~]# curl 192.168.1.11:32768
ChaiYanJiang.com
[root@dockera ~]# curl 192.168.1.11:32769
ChaiYanJiang.com
[root@dockera ~]# curl 192.168.1.11:32770
ChaiYanJiang.com迁移DockerA中的集群以及热数据到DockerB
设置私库
迁移时需要用到Registry私有仓库,所以需要现在NFS服务器中pull私库镜像
[root@nfs-reg ~]# docker pull registry:2
2: Pulling from library/registry
486039affc0a: Pull complete
ba51a3b098e6: Pull complete
8bb4c43d6c8e: Pull complete
6f5f453e5f2d: Pull complete
42bc10b72f42: Pull complete
Digest: sha256:7d081088e4bfd632a88e3f3bcd9e007ef44a796fddfe3261407a3f9f04abe1e7
Status: Downloaded newer image for registry:2
docker.io/library/registry:2将私库在后台运行,并将5000端口映射到物理机1.13的5000端口
[root@nfs-reg ~]# docker run -itd -p 5000:5000 --restart always \
> --volume /opt/data/registry/:/var/lib/registry registry:2
0c39d61762b334b75eef70a0c3c0c6486e883e1f685524d100ab20e88aea3922在三台服务器中指定私库地址
NFS&Registry(192.168.1.13)
[root@nfs-reg ~]# vim /usr/lib/systemd/system/docker.service
# 14行的末尾添加--insecure-registry 192.168.1.13:5000
[root@nfs-reg ~]# systemctl daemon-reload
[root@nfs-reg ~]# systemctl restart dockerDockerA
[root@dockera ~]# vim /usr/lib/systemd/system/docker.service
# 14行的末尾添加--insecure-registry 192.168.1.13:5000
[root@dockera ~]# systemctl daemon-reload
[root@dockera ~]# systemctl restart dockerDockerB
[root@dockerb ~]# vim /usr/lib/systemd/system/docker.service
# 14行的末尾添加--insecure-registry 192.168.1.13:5000
[root@dockerb ~]# systemctl daemon-reload
[root@dockerb ~]# systemctl restart docker构建带有热数据的镜像
在DockerA中编写Dockerfile
[root@dockera ~]# vim Dockerfile
FROM busybox
ADD cyj /usr/local/apache2/htdocs
VOLUME /usr/local/apache2/htdocs构建镜像
[root@dockera ~]# docker build -t httpd_cluster /root/
Sending build context to Docker daemon 4.334MB
Step 1/3 : FROM busybox
---> 83aa35aa1c79
Step 2/3 : ADD cyj /usr/local/apache2/htdocs
---> 6f5a649b086e
Step 3/3 : VOLUME /usr/local/apache2/htdocs
---> Running in e2250ab0fc33
Removing intermediate container e2250ab0fc33
---> 0a871be05cb9
Successfully built 0a871be05cb9
Successfully tagged httpd_cluster:latest上传镜像到私库中
[root@dockera ~]# docker tag httpd_cluster:latest 192.168.1.13:5000/httpd_cluster
[root@dockera ~]# docker push 192.168.1.13:5000/httpd_cluster
The push refers to repository [192.168.1.13:5000/httpd_cluster]
88f052c2e3a4: Pushed
a6d503001157: Pushed
latest: digest: sha256:530a24268f88724372962618a309bb4948b0448845f9c41dc464b279890e30d0 size: 734验证是否上传成功
[root@dockera ~]# curl 192.168.1.13:5000/v2/_catalog
{"repositories":["httpd_cluster"]}DockerB下载镜像
[root@dockerb ~]# docker pull 192.168.1.13:5000/httpd_cluster
Using default tag: latest
latest: Pulling from httpd_cluster
0669b0daf1fb: Already exists
be1e4990839e: Pull complete
Digest: sha256:530a24268f88724372962618a309bb4948b0448845f9c41dc464b279890e30d0
Status: Downloaded newer image for 192.168.1.13:5000/httpd_cluster:latest
192.168.1.13:5000/httpd_cluster:latestDockerB构建与DockerA访问数据相同的集群
更改标签方便使用
[root@dockerb ~]# docker tag 192.168.1.13:5000/httpd_cluster:latest httpd:cluster
[root@dockerb ~]# docker rmi 192.168.1.13:5000/httpd_cluster:latest
[root@dockerb ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
httpd cluster 0a871be05cb9 6 minutes ago 1.22MB使用httpd:cluster创建容器,但不运行,作为volume使用
[root@dockerb ~]# docker create --name dockerbweb httpd:cluster
a95dd3e7acc1cde8c3f568ebc6476687b97a993d2f34a82ec9aeb3171a6fb6b0使用dockerbweb运行容器,搭建集群
[root@dockerb ~]# docker run -d -p 80 --name cyj3 --volumes-from dockerbweb httpd
8a3df766ccf203cc1674a95130495e51a84c25bb5c85cc8ed4f1450d80503c03
[root@dockerb ~]# docker run -d -p 80 --name cyj4 --volumes-from dockerbweb httpd
70e07c361c081b50c3c57bb4459dfe5d730502d30d8c3ebc8b0e92e3690902ce
[root@dockerb ~]# docker run -d -p 80 --name cyj5 --volumes-from dockerbweb httpd
87c14785547f4782b6dd4902037a0c70484fb471e1862f389b79fdd02fb30371查看三个web容器在主机物理机1.12映射的端口
[root@dockerb ~]# docker ps
PORTS NAMES
0.0.0.0:32771->80/tcp cyj5
0.0.0.0:32770->80/tcp cyj4
0.0.0.0:32769->80/tcp cyj3访问验证与DockerA主机集群中的页面是否一致
[root@dockerb ~]# curl 192.168.1.12:32769
ChaiYanJiang.com
[root@dockerb ~]# curl 192.168.1.12:32770
ChaiYanJiang.com
[root@dockerb ~]# curl 192.168.1.12:32771
ChaiYanJiang.comDockerA新建集群,使用NFS共享数据
NFS&Registry
安装NFS
[root@nfs-reg ~]# yum -y install nfs-utils rpcbind创建共享目录
[root@nfs-reg ~]# mkdir /dockera将目录共享到所有网段
[root@nfs-reg ~]# vim /etc/exports
/dockera *(rw,no_root_squash,sync)
[root@nfs-reg ~]# exportfs -r启动nfs服务
[root@nfs-reg ~]# systemctl start rpcbind nfs-server
[root@nfs-reg ~]# systemctl enable rpcbind nfs-server清空防火墙策略
[root@nfs-reg ~]# iptables -F
[root@nfs-reg ~]# iptables-save DockerA
查看是否可以获取到NFS的共享目录
[root@dockera ~]# showmount -e 192.168.1.13
Export list for 192.168.1.13:
/dockera *使用docker创建驱动类型为nfs的磁盘,并指定nfs的ip和目录
[root@dockera ~]# docker volume create --driver local \
> --opt type=nfs --opt o=addr=192.168.1.13,rw \
> --opt device=:/dockera --name dockera-nfs
dockera-nfs查看创建好的volume
[root@dockera ~]# docker volume ls
DRIVER VOLUME NAME
local dockera-nfs使用dockera-nfs卷来启动httpd镜像的web集群
[root@dockera ~]# docker run -d -p 80 --name cyj6 --volume dockera-nfs:/usr/local/apache2/htdocs httpd
4d95750c36e80116d93be8cd9a10c3aa5f51c3b10e21f074bc48f7764cff22fb
[root@dockera ~]# docker run -d -p 80 --name cyj7 --volume dockera-nfs:/usr/local/apache2/htdocs httpd
91fd01cfc297c10b7c8a576bd33d7946867edb6ed464f25d454ca2312772b571
[root@dockera ~]# docker run -d -p 80 --name cyj8 --volume dockera-nfs:/usr/local/apache2/htdocs httpd
d4df27537c122396104ab1f78b8e05cc3d06ecd401fa9470cd817f973c024a1c查看三个集群容器在主机的映射端口
[root@dockera ~]# docker ps
PORTS NAMES
0.0.0.0:32770->80/tcp cyj8
0.0.0.0:32769->80/tcp cyj7
0.0.0.0:32768->80/tcp cyj6 访问这几个映射端口,查看得到的页面内容
[root@dockera ~]# curl 192.168.1.11:32768
<html><body><h1>It works!</h1></body></html>
[root@dockera ~]# curl 192.168.1.11:32769
<html><body><h1>It works!</h1></body></html>
[root@dockera ~]# curl 192.168.1.11:32770
<html><body><h1>It works!</h1></body></html>发现都是It works!这是因为我们的NFS共享目录中的内容是空的
NFS&Registry
[root@nfs-reg ~]# echo "2020ComeOnWH" > /dockera/index.html再次访问验证
[root@nfs-reg ~]# curl 192.168.1.11:32768
2020ComeOnWH
[root@nfs-reg ~]# curl 192.168.1.11:32769
2020ComeOnWH
[root@nfs-reg ~]# curl 192.168.1.11:32770
2020ComeOnWH