About Swarm:
Swarm is a cluster management tool officially provided by Docker. Its main function is to abstract several Docker hosts as a whole, and manage all kinds of Docker resources on these Docker hosts through a single portal. Swarm and kubernetes are similar, but lighter, and have fewer functions than kubernetes
Experimental environment:
server1: 172.25.66.1 manager server2: 172.25.66.2 node1 server3: 172.25.66.3 node2
1. Deploy docker swarm cluster
1. Make certificate on physical machine
[root@foundation66 ~]# vim /etc/hosts
[root@foundation66 ~]# cd /tmp/docker/ [root@foundation66 docker]# mkdir certs [root@foundation66 docker]# openssl req -newkey rsa:4096 -nodes -sha256 -keyout certs/domain.key -x509 -days 365 -out certs/domain.crt
[root@foundation66 docker]# cd certs/ [root@foundation66 certs]# ll total 8 -rw-r--r--. 1 root root 2098 Mar 14 18:44 domain.crt -rw-r--r--. 1 root root 3272 Mar 14 18:44 domain.key
[root@foundation66 certs]# cd .. [root@foundation66 docker]# docker run -d \ > --restart=always \ > --name registry \ > -v `pwd`/certs:/certs \ > -e REGISTRY_HTTP_ADDR=0.0.0.0:443 \ > -e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/domain.crt \ > -e REGISTRY_HTTP_TLS_KEY=/certs/domain.key \ > -p 443:443 \ > registry:2 Unable to find image 'registry:2' locally 2: Pulling from library/registry Digest: sha256:3b00e5438ebd8835bcfa7bf5246445a6b57b9a50473e89c02ecc8e575be3ebb5 Status: Downloaded newer image for registry:2 21de9d97895639d9a371b4dde56ae121c36716947985589e3a9b4546d6fb5735
[root@foundation66 docker]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 21de9d978956 registry:2 "/entrypoint.sh /etc..." 20 seconds ago Up 18 seconds 0.0.0.0:443->443/tcp, 5000/tcp registry [root@foundation66 docker]# netstat -antlp |grep :443 tcp 0 0 192.168.43.230:44402 111.7.188.1:443 ESTABLISHED 3264/firefox tcp6 0 0 :::443 :::* LISTEN 8963/docker-proxy [root@foundation66 docker]# cd /etc/docker [root@foundation66 docker]# ls certs.d daemon.json key.json
2. Configure the master node
(1) download and install docker engine
Installation kit:
docker-engine-17.05.0.ce-1.el7.centos.x86_64.rpm docker-engine-selinux-17.05.0.ce-1.el7.centos.noarch.rpm
[root@server1 ~]# ls docker-engine-17.05.0.ce-1.el7.centos.x86_64.rpm docker-engine-selinux-17.05.0.ce-1.el7.centos.noarch.rpm [root@server1 ~]# yum install -y * [root@sever1 ~]# yum install -y bash-*
(2) start docker
[root@server1 ~]# systemctl start docker [root@sever1 ~]# netstat -antlp
(3) initialize swarm cluster
[root@server1 ~]# docker swarm init
3. Configure slave node
[root@sever1 ~]# scp * root@172.25.66.2: [root@sever1 ~]# scp * root@172.25.66.3:
On server2:
(1) install docker engine
[root@server2 ~]# ls docker-engine-17.05.0.ce-1.el7.centos.x86_64.rpm docker-engine-selinux-17.05.0.ce-1.el7.centos.noarch.rpm [root@server2 ~]# yum install -y *
(2) start docker
[root@server2 ~]# systemctl start docker
(3) join swarm cluster
[root@server2 ~]# docker swarm join \ > --token SWMTKN-1-442o8zq8ph6h83sne03le48n2kslswc5yxrfd7tqef4vvr6dmw-d80ugn7jvlrs6b336r0zkptpe \ > 172.25.66.1:2377 This node joined a swarm as a worker.
On server3: (the operation is the same as server2)
(1) install docker engine
[root@server3 ~]# ls docker-engine-17.05.0.ce-1.el7.centos.x86_64.rpm docker-engine-selinux-17.05.0.ce-1.el7.centos.noarch.rpm [root@server3 ~]# yum install -y *
(2) start docker
[root@server3 ~]# systemctl start docker
(3) join the warm cluster
[root@server3 ~]# docker swarm join \ > --token SWMTKN-1-442o8zq8ph6h83sne03le48n2kslswc5yxrfd7tqef4vvr6dmw-d80ugn7jvlrs6b336r0zkptpe \ > 172.25.66.1:2377 This node joined a swarm as a worker.
Test:
[root@server1 ~]# docker node ls
4. Transmission certificate
[root@foundation66 ~]# cd /etc/docker/ [root@foundation66 docker]# ls certs.d daemon.json key.json [root@foundation66 docker]# scp -r certs.d/ root@172.25.66.1:/etc/docker [root@foundation66 docker]# scp -r certs.d/ root@172.25.66.2:/etc/docker [root@foundation66 docker]# scp -r certs.d/ root@172.25.66.3:/etc/docker
5. Add resolution
[root@server1 ~]# vim /etc/hosts
[root@server2 ~]# vim /etc/hosts
[root@server3 ~]# vim /etc/hosts
6. Upload image
[root@foundation66 ~]# cd /etc/docker/ [root@foundation66 docker]# docker tag nginx westos.org/nginx [root@foundation66 docker]# docker push westos.org/nginx
7. Create nginx service
#The number of services is 3, the specified port is exposed as 8080 mapping container 80, and nginx image is used [root@server1 ~]# docker service create --name nginx --publish 80:80 --replicas 3 westos.org/nginx
#Execute it several times more. If you see 3 / 3, the node deployment is successful [root@server1 ~]# docker service ls ID NAME MODE REPLICAS IMAGE PORTS aaw4wl9q7bvd nginx replicated 3/3 westos.org/nginx:latest *:80->80/tcp [root@server1 ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES ceace64fe731 westos.org/nginx:latest "nginx -g 'daemon ..." 9 minutes ago Up 8 minutes 80/tcp nginx.1.ijwxybakh8iuzz5hu6hf2m0ma [root@server1 ~]# docker service ps nginx ID NAME IMAGE NODE DESIRED STATE CURRENT STATE ERROR PORTS ijwxybakh8iu nginx.1 westos.org/nginx:latest server1 Running Running 9 minutes ago rol3e3dh55eh nginx.2 westos.org/nginx:latest server2 Running Running 9 minutes ago xghzsv46okz1 nginx.3 westos.org/nginx:latest server3 Running Running 9 minutes ago
#Add 3 nginx services [root@server1 ~]# docker service scale nginx=3 nginx scaled to 3 [root@server1 ~]# docker service ps nginx ID NAME IMAGE NODE DESIRED STATE CURRENT STATE ERROR PORTS ijwxybakh8iu nginx.1 westos.org/nginx:latest server1 Running Running 12 minutes ago rol3e3dh55eh nginx.2 westos.org/nginx:latest server2 Running Running 12 minutes ago xghzsv46okz1 nginx.3 westos.org/nginx:latest server3 Running Running 12 minutes ago #It is found that each node is divided into one nginx service [root@server1 ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES ceace64fe731 westos.org/nginx:latest "nginx -g 'daemon ..." 12 minutes ago Up 12 minutes 80/tcp nginx.1.ijwxybakh8iuzz5hu6hf2m0ma [root@server2 ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 48385ae882d3 westos.org/nginx:latest "nginx -g 'daemon ..." 12 minutes ago Up 12 minutes 80/tcp nginx.2.rol3e3dh55eh1ox9wmv430ydy [root@server3 ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 42ca62659a89 westos.org/nginx:latest "nginx -g 'daemon ..." 12 minutes ago Up 12 minutes 80/tcp nginx.3.xghzsv46okz1l2b1yvullo90w
Note: if the nginx service is created incorrectly, execute the following command to delete it, and then recreate it
[root@sever1 ~]# docker service rm nginx nginx
Test:
No matter you enter the ip address of three nodes, you can see the default publishing homepage of nginx
2. Cluster load balancing
1. Pull image
[root@foundation66 Desktop]# docker pull docker.io/dockersamples/visualizer
2. Upload image
#change one's name [root@foundation66 Desktop]# docker tag dockersamples/visualizer westos.org/visualizer #Upload mirroring [root@foundation66 Desktop]# docker push westos.org/visualizer
3. Create visualizer service
[root@server1 ~]# docker service create \ > --name=viz \ > --publish=8080:8080/tcp \ > --constraint=node.role==manager \ > --mount=type=bind,src=/var/run/docker.sock,dst=/var/run/docker.sock \ > westos.org/visualizer 8lxnuxxt8ayuaifk04209nd7m Since --detach=false was not specified, tasks will be created in the background. In a future release, --detach=false will become the default.
#Perform several more times until you see that replication changes to 1 / 1 [root@server1 ~]# docker service ls
4. Write release page
On server1:
#1. Preparation of documents [root@server1 docker]# echo server1 > index.html [root@server1 ~]# cat index.html server1 #2. Copy documents [root@server1 ~]# docker ps [root@server1 ~]# docker container cp index.html nginx.2.ykxkni9lxcy306jtyyr089e9u:/usr/share/nginx/html
On server2:
[root@server2 ~]# echo server2 > index.html [root@sever2 ~]# cat index.html server2 [root@server2 ~]# docker ps [root@server2 ~]# docker container cp index.html nginx.3.tcitff6ljd980kzua8os540lq:/usr/share/nginx/html
On server3:
[root@server3 ~]# echo server3 > index.html [root@server3 ~]# cat index.html server3 [root@server3 ~]# docker ps [root@server3 ~]# docker container cp index.html nginx.1.vc2goxg1rjxchn2mbyfvntqqw:/usr/share/nginx/html
Test:
#Use the for loop to access 10 times. It is found that server1 alternates with server2 and server3, which indicates that the load balancing is built successfully
[root@foundation66 ~]# for i in {1..10}; do curl 172.25.66.1;done
Enter: 172.25.66.1:8080 on the web page
Simulate server 3 node downtime
[root@server3 ~]# systemctl stop docker
Refresh page: