docker swarm 搭建及跨主机网络互连案例分析,dockerswarm


一、开放相关端口

firewall-cmd --zone=public --add-port=2377/tcp --permanent
firewall-cmd --zone=public --add-port=7946/tcp --permanent
firewall-cmd --zone=public --add-port=7946/udp --permanent
firewall-cmd --zone=public --add-port=4789/tcp --permanent
firewall-cmd --zone=public --add-port=4789/udp --permanent
firewall-cmd --reload

有关集群的docker命令如下:

创建swarm 集群

查看docker swarm 命令说明

# docker swarm -h
Flag shorthand -h has been deprecated, please use --help
Usage:    docker swarm COMMAND
Manage Docker Swarm
Options:
      --help   Print usage
Commands:
  init        Initialize a swarm
  join        Join a swarm as a node and/or manager
  join-token  Manage join tokens
  update      Update the swarm
  leave       Leave a swarm
Run 'docker swarm COMMAND --help' for more information on a command.

创建集群

#命令格式: docker swarm init --listen-addr <MANAGER-IP>:<PORT>
[root@centos-web ~]# docker swarm init --listen-addr 172.18.30.29:2377 
Swarm initialized: current node (a60d5c3ttymvtozr46uvk17q4) is now a manager.

查看集群

# docker node ls
ID                           HOSTNAME      MEMBERSHIP  STATUS  AVAILABILITY  MANAGER STATUS
a60d5c3ttymvtozr46uvk17q4 *  centos-web  Accepted    Ready   Active        Leader

获取加入集群命令token

#docker swarm join-token manager
docker swarm join \
    --token ********* \
    172.18.30.29:2377

子节点加入集群

docker swarm join \
    --token ********* \
    172.18.30.29:2377

删除集群子节点

docker swarm leave --force(节点上)
docker node rm --force(manager上)

创建一个overlay 跨主机网络

查看当前网络

[root@H-T-29 ~]# docker network ls
NETWORK ID          NAME                DRIVER              SCOPE
47d05fd82e77        bridge              bridge              local                             
76e0302f7929        docker_gwbridge     bridge              local               
81c22e7f1b48        host                host                local               
4enpk54t9oy2        ingress             overlay             swarm               
c80502ba134b        none                null                local

创建一个新的overlay网络

#swarm上默认已有一个名为ingress的overlay 网络

 [root@centos-node4 ~]# docker network create --driver overlay docker-net
2o223p435s5glx69dw211u5d2
 [root@centos-web ~]# docker network ls
NETWORK ID          NAME                DRIVER              SCOPE
abec77415f48        bridge              bridge              local
aoqs3p835s5g        docker-net          overlay             swarm
e2fff9d572a6        docker_gwbridge     bridge              local
166bd71f7d0e        host                host                local
9gr6bfff1rv9        ingress             overlay             swarm
1d2bfc590294        none                null                local

docker-net就是新创建的网络

在新的跨主机overlay 网络(docker-net)上创建应用

部署应用

docker service create --replicas 2 --publish 2222:22 --name lvs --network=docker-net inits/lvs

–replicas 副本数量
–publish 服务发现,端口映射
–mount 挂载文件
–name service名称

#前提节点服务器上images上有inits/lvs镜像

部署结果

docker service ls
ID            NAME        REPLICAS  IMAGE   COMMAND
5lgdq3ihiez0  lvs         0/2       inits/lvs
[root@centos-node4 ~]# docker service tasks helloworld
ID                         NAME          SERVICE     IMAGE   LAST STATE          DESIRED STATE  NODE
eul3bus45qz3b555wekotdmo5  lvs.1  helloworld  alpine  Running 14 seconds  Running        centos-node5
55uhq6xxcv53xlkqv2f0be9b9  lvs.2  helloworld  alpine  Running 14 seconds  Running        centos-node4

分别在运行两个节点上查看容器运行情况

#ssh 172.18.30.29
[root@H-T-29 ~]# docker ps
CONTAINER ID        IMAGE               COMMAND               CREATED             STATUS              PORTS               NAMES
389f9eefe455        inits/lvs:latest    "/usr/sbin/sshd -D"   15 minutes ago      Up 15 minutes       22/tcp              lvs.1.aco0uuf1of90tl31skh6a6ndv
#ssh 172.18.30.12
[root@H-C-12 ~]# docker ps
CONTAINER ID        IMAGE               COMMAND               CREATED             STATUS              PORTS               NAMES
af573b0ae945        inits/lvs:latest    "/usr/sbin/sshd -D"   15 minutes ago      Up 15 minutes       22/tcp              lvs.2.0a1s4la7prc3qmfdfdqazitsn

其他

docker service ls 查看集群列表
docker service ps lvs 查看集群下所有节点状态
docker service rm lvs 删除集群
docker service inspect --pretty lvs 集群属性
docker service scale lvs=4 #扩容集群节点数量

测试两个主机的网络是否能互通

# docker exec -ti lvs.2.0a1s4la7prc3qmfdfdqazitsn sh
/ # ping lvs.1.aco0uuf1of90tl31skh6a6ndv
PING lvs.1.aco0uuf1of90tl31skh6a6ndv (10.0.9.3): 56 data bytes
64 bytes from 10.0.9.3: seq=0 ttl=64 time=0.514 ms
64 bytes from 10.0.9.3: seq=1 ttl=64 time=0.508 ms
64 bytes from 10.0.9.3: seq=2 ttl=64 time=0.381 ms
64 bytes from 10.0.9.3: seq=3 ttl=64 time=0.408 ms
^C
--- lvs.1.aco0uuf1of90tl31skh6a6ndv ping statistics ---
4 packets transmitted, 4 packets received, 0% packet loss
round-trip min/avg/max = 0.381/0.452/0.514 ms

同理去另一台主机测试网络是否正常

或已暴露22端口,直接

ssh 172.18.30.29 -p 2222 
ifconfig
172.18.30.29内部ip
ping 172.18.30.12内部ip
ssh 172.18.30.12 -p 2222 
ifconfig
172.18.30.12内部ip
ping 172.18.30.29内部ip

dokcer swarm自带的负载均衡

创建一组服务

docker service create --replicas 2 --name nginx -p 80:80 --network=docker-net inits/nginx

测试服务

浏览器访问:
http://172.18.30.29
刷新浏览器
系统将轮询访问集群节点下服务

 

相关内容

    暂无相关文章