安裝docker
# 卸載老版本
apt-get remove docker docker-engine docker.io containerd runc
apt-get update
apt-get install apt-transport-https ca-certificates curl gnupg-agent software-properties-common
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
apt-get update
apt-get install docker-ce docker-ce-cli containerd.io
列出docker版本
apt-cache madison docker-ce
安裝指定版本,不知道安裝最新版
apt-get install docker-ce=<VERSION_STRING> docker-ce-cli=<VERSION_STRING> containerd.io
確認是否安裝成功
docker run hello-world
添加可以操作docker的用戶,將用戶添加到“docker”組授予他們運行容器的能力,這些容器可用於獲取Docker主機上的root權限,命令如下:
usermod -aG docker your-user
安裝docker-compose swarm
從節點不必須安裝docker-compose
安裝dcoker-compose
sudo curl -L "https://github.com/docker/compose/releases/download/1.23.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
chmod +x /usr/local/bin/docker-compose
啓動docker swarm模式
docker swarm init --advertise-addr
docker node ls
運行完docker swarm init出現如下命令:
docker swarm join \
--token SWMTKN-1-49nj1cmql0jkz5s954yi3oex3nedyz0fb0xx14ie39trti4wxv-8vxv8rssmk743ojnwacrr2e7c \
192.168.99.100:2377
This node joined a swarm as a worker
在其他節點執行,加入swarm集羣
創建服務
- 創建overlay網絡
docker network create --driver=overlay traefik-net - 創建服務:
docker stack deploy -c admin.yml traefik
腳本如下:
cat admin.yml
version: '3'
services:
reverse-proxy:
image: traefik:1.7.9-alpine # The official Traefik docker image
command: --api --docker --docker.swarmMode --logLevel=DEBUG
deploy:
placement:
constraints:
- node.role == manager
labels:
traefik.docker.network: traefik-net
ports:
- "80:80" # 前端端口
- "8080:8080" # 管理Web
volumes:
- /var/run/docker.sock:/var/run/docker.sock
networks:
- traefik-net
# 管理後臺PHP-FPM
admin_fpm:
image: php:7.1-fpm-alpine3.8
deploy:
replicas: 2
labels:
traefik.docker.network: traefik-net
resources:
limits:
cpus: '0.50'
memory: 50M
reservations:
cpus: '0.25'
memory: 20M
restart_policy:
condition: on-failure
delay: 5s
max_attempts: 3
update_config:
parallelism: 1
delay: 10s
networks:
- traefik-net
volumes:
- "./index.php:/code/backend/web/index.php"
# 管理後臺Nginx
admin_nginx:
image: nginx:1.14-alpine
deploy:
replicas: 2
resources:
limits:
cpus: '0.50'
memory: 50M
reservations:
cpus: '0.25'
memory: 20M
restart_policy:
condition: on-failure
delay: 5s
max_attempts: 3
update_config:
parallelism: 1
delay: 10s
labels:
traefik.frontend.rule: Host:admin.example.com
traefik.port: 80
traefik.docker.network: traefik-net
networks:
- traefik-net
volumes:
- "./site.conf:/etc/nginx/conf.d/default.conf"
- "./index.php:/code/backend/web/index.php"
networks:
traefik-net:
調試時把site.conf index.php放到和上面腳本統一目錄下
site.conf內容如下:
server {
listen 80;
root /code/backend/web;
index index.html index.php;
location / {
try_files $uri $uri/ /index.php$is_args$args;
}
location ~ \.(js|css|png|jpg|gif|swf|ico|pdf|mov|fla|zip|rar)$ {
try_files $uri = 404;
}
location ~ \.php$ {
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_pass admin_fpm:9000;
try_files $uri =404;
}
}
- 基本路由轉發功能實現
- 後期需測試更新,回滾操作
- ssl證書功能沒有實現,需添加修改traefik配置文件
- 集羣監控
- 日誌收集
docker-compose參考文檔
docker swarm參考文檔
traefik官方參考文檔
swarm集羣監控方案參考
集羣管理軟件參考