一、 Docker Shipyard是什么 ?
shipyard是一个开源的docker管理平台,其特性主要包括:
1 支持镜像管理、容器管理。
2 支持控制台命令
3 容器资源消耗监控
4 支持集群swarm,可以随意增加节点
5 支持控制用户管理权限,可以设置某个容器对某个用户只读、管理权限。
6 有汉化版
缺点:
1 不支持image管理;
2 不支持container批量操作。
3 启动容器较多,占用每个节点的一部分资源
Shipyard的几个概念
1)engine
一个shipyard管理的docker集群可以包含一个或多个engine(引擎),一个engine就是监听tcp端口的docker daemon。
shipyard管理docker daemon、images、containers完全基于Docker API,不需要做其他的修改。
另外,shipyard可以对每个engine做资源限制,包括CPU和内存;因为TCP监听相比Unix socket方式会有一定的安全隐患,
所以shipyard还支持通过SSL证书与docker后台进程安全通信。
2)rethinkdb
RethinkDB是一个shipyard项目的一个docker镜像,用来存放账号(account)、引擎(engine)、服务密钥(service key)、
扩展元数据(extension metadata)等信息,但不会存储任何有关容器或镜像的内容。
Shipyard生态
shipyard是由shipyard控制器以及周围生态系统构成,以下按照deploy启动顺序进行介绍(下面几个就是shipyard使用脚本安装后,启动的几个容器名)
1)RethinkDB
deploy首先启动的就是RethinkDB容器,shipyard采用RethinkDB作为数据库来保存用户等信息
2)Discovery
为了使用Swarm,我们需要一个外部的密钥值存储群容器,shipyard默认是采用了etcd。
3)shipyard_certs
证书管理容器,实现证书验证功能
4)Proxy
默认情况下,Docker引擎只监听Socket,我们可以重新配置引擎使用TLS或者使用一个代理容器,转发请求从TCP到Docker监听的UNIX Socket。
5)Swarm Manager
Swarm管理器
6)Swarm Agent
Swarm代理,运行在每个节点上。
7)Controller
shipyard控制器,Remote API的实现和web的实现。
二、安装前准备
系统:Centos7
时间同步
可连接外网,添加yum源
关闭selinux
三安装docker
[root@localhost ~]# yum install docker -y
[root@localhost ~]# docker start docker
[root@localhost ~]# systemctl enable docker
Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /usr/lib/systemd/system/docker.service.
四、安装Shipyard master端
1.下载镜像,下载前需先配置加速器,否则下载速度感人......
使用加速器下载官网镜像方法:
1.打开https://dev.aliyun.com/ 链接,按提示申请一个账户
2.点击容器镜像服务,再点击容器加速器按提示设置即可
加速器配置好后开始下载镜像
[root@localhost ~]#docker pull rethinkdb
[root@localhost ~]#docker pull microbox/etcd
[root@localhost ~]#docker pull shipyard/docker-proxy
[root@localhost ~]#docker pull swarm
[root@localhost ~]#docker pull dockerclub/shipyard
2.修改安装脚本,修改为下载中文镜像
a.修改为下载中文镜像
[root@localhost ~]#wget https://shipyard-project.com/deploy
[root@localhost ~]#grep -n shipyard:latest deploy
[root@localhost ~]#sed -i 's/shipyard\/shipyard:latest/dockerclub\/shipyard:latest/g' deploy
b.修改端口
#确保8080端口没有被使用,否则要修改脚本
[root@localhost ~]#netstat -tlnp | grep 8080
#修改脚本
[root@localhost ~]#grep -n 'PORT:-8080' deploy
SHIPYARD_PORT=${PORT:-8080}
#修改为
SHIPYARD_PORT=${PORT:-指定端口}
[root@localhost ~]#sed 's/PORT:-8080/PORT:-8090/g' deploy | grep "PORT:-8090"
3.启动 sh deploy
[root@localhost ~]# sh deploy
Unable to find image 'alpine:latest' locally
Trying to pull repository docker.io/library/alpine ...
latest: Pulling from docker.io/library/alpine
2fdfe1cd78c2: Pulling fs layer
2fdfe1cd78c2: Verifying Checksum
2fdfe1cd78c2: Download complete
2fdfe1cd78c2: Pull complete
Digest: sha256:ccba511b1d6b5f1d83825a94f9d5b05528db456d9cf14a1ea1db892c939cda64
Deploying Shipyard
-> Starting Database
-> Starting Discovery
-> Starting Cert Volume
-> Starting Proxy
-> Starting Swarm Manager
-> Starting Swarm Agent
-> Starting Controller
Waiting for Shipyard on 192.168.0.104:8080
Shipyard available at http://192.168.0.104:8080
Username: admin Password: shipyard
根据提示信息 访问 http://192.168.0.104:8080 ,用户名和密码为admin:shipyard
注:删除命令 cat deploy | ACTION=remove bash
4.访问Shipyard
输入账号密码登录
5.添加node节点(node节点需要安装docker并启动)
[root@localhost ~]# curl https://shipyard-project.com/deploy | ACTION=node DISCOVERY=etcd://192.168.0.104:4001 bash
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 10119 100 10119 0 0 4445 0 0:00:02 0:00:02 --:--:-- 4444
Adding Node
-> Starting Cert Volume
Unable to find image 'alpine:latest' locally
Trying to pull repository docker.io/library/alpine ...
latest: Pulling from docker.io/library/alpine
2fdfe1cd78c2: Pulling fs layer
2fdfe1cd78c2: Verifying Checksum
2fdfe1cd78c2: Download complete
2fdfe1cd78c2: Pull complete
Digest: sha256:ccba511b1d6b5f1d83825a94f9d5b05528db456d9cf14a1ea1db892c939cda64
-> Starting Proxy
Unable to find image 'shipyard/docker-proxy:latest' locally
Trying to pull repository docker.io/shipyard/docker-proxy ...
latest: Pulling from docker.io/shipyard/docker-proxy
8f4ec95ceaee: Pulling fs layer
ac77a345f217: Pulling fs layer
43039e3ef672: Pulling fs layer
a3ed95caeb02: Pulling fs layer
a3ed95caeb02: Waiting
43039e3ef672: Verifying Checksum
43039e3ef672: Download complete
a3ed95caeb02: Verifying Checksum
a3ed95caeb02: Download complete
ac77a345f217: Verifying Checksum
ac77a345f217: Download complete
8f4ec95ceaee: Verifying Checksum
8f4ec95ceaee: Download complete
8f4ec95ceaee: Pull complete
ac77a345f217: Pull complete
43039e3ef672: Pull complete
a3ed95caeb02: Pull complete
Digest: sha256:da6bbd1a145581a940d44940cce0f43705d7f8ec552a4e97e77104ec1b6dc3d1
-> Starting Swarm Manager
Unable to find image 'swarm:latest' locally
Trying to pull repository docker.io/library/swarm ...
latest: Pulling from docker.io/library/swarm
dd72058debf0: Pulling fs layer
cb543654edaf: Pulling fs layer
44212202dc6d: Pulling fs layer
44212202dc6d: Verifying Checksum
44212202dc6d: Download complete
cb543654edaf: Verifying Checksum
cb543654edaf: Download complete
dd72058debf0: Retrying in 5 seconds
dd72058debf0: Retrying in 4 seconds
dd72058debf0: Retrying in 3 seconds
dd72058debf0: Retrying in 2 seconds
dd72058debf0: Retrying in 1 second
dd72058debf0: Verifying Checksum
dd72058debf0: Download complete
dd72058debf0: Pull complete
cb543654edaf: Pull complete
44212202dc6d: Pull complete
Digest: sha256:c97a27b020ae4439432c842769d8e731661d5987962e33004114e4aba9d03b4c
-> Starting Swarm Agent
Node added to Swarm: 192.168.0.106
提示node添加成功,IP为192.168.0.106,我们在shipyard上查看一下
点击节点管理,192.168.0.106已结添加完成
查看容器列表:
容器部署:
其他:
#停止运行镜像
[root@node-1 ~]# docker stop shipyard-proxy shipyard-certs shipyard-discovery shipyard-rethinkdb shipyard-swarm-agent shipyard-swarm-manager shipyard-controller
#启动运行的镜像
[root@node-1 ~]# docker start shipyard-proxy shipyard-certs shipyard-discovery shipyard-rethinkdb shipyard-swarm-agent shipyard-swarm-manager shipyard-controller
#删除shipyard(在节点机上执行,就会将节点从shipyard管理里踢出)
# curl http://dockerclub.net/public/script/deploy | ACTION=remove bash -s ==> 中文版
# curl -sSL https://shipyard-project.com/deploy | ACTION=remove bash -s ==> 英文版
"一劳永逸" 的话,有是有的,而 "一劳永逸" 的事却极少