跳到主內容

Docker Swarm

相關指令

# 查詢swarm狀態
docker info
# 未開啟
Swarm: inactive

# 初始化swarm
docker swarm init
##########################
Swarm initialized: current node (4szs3vf8x9pb79me4cxfsb9m2) is now a manager.

To add a worker to this swarm, run the following command:
	#加入叢集使用以下命令
    docker swarm join --token SWMTKN-1-3i2aq39bqqudp6p6y3o4ubw4ca1036z85z3huf9lyfijdfns88-33y43c8gw2ch85wbl2jdb4w0e 192.168.65.6:2377

To add a manager to this swarm, run 'docker swarm join-token manager' and follow the instructions.
##########################

#查詢節點
docker node ls
ID                            HOSTNAME         STATUS    AVAILABILITY   MANAGER STATUS   ENGINE VERSION
4szs3vf8x9pb79me4cxfsb9m2 *   docker-desktop   Ready     Active         Leader           20.10.6

# 開啟後查詢 docker info
Swarm: active
  NodeID: 4szs3vf8x9pb79me4cxfsb9m2
  Is Manager: true
  ClusterID: 83phccx66ca4rji17wk8p5kce
  Managers: 1
  Nodes: 1
  Default Address Pool: 10.0.0.0/8
  SubnetSize: 24
  Data Path Port: 4789
  Orchestration:
  
 # 離開docker swarm 叢集
 docker swrm leave -f

 

docker swarm init 背後發生了什麼

主要是PKI和安全相關的自動化

  • 創建swarm集群的根證書

  • manager節點的證書

  • 其它節點加入集群需要的tokens

創建Raft資料庫用於存儲證書,配置,密碼等數據

建立一個service(container)

# docker service create {image}:{tag}
docker service create --name web nginx:latest
# 取得servie id(不是container id)
docker service ls

ID             NAME           MODE         REPLICAS   IMAGE          PORTS
l5wvuxzw9l96   jolly_euclid   replicated   1/1        nginx:latest

# 查看container
docker service ps l5wvuxzw9l96
ID             NAME             IMAGE          NODE             DESIRED STATE   CURRENT STATE           ERROR     PORTS
vp8dkrsqslxw   jolly_euclid.1   nginx:latest   docker-desktop   Running         Running 3 minutes ago

# 建立3個副本(update)
docker service update l5wvuxzw9l96 --replicas 3
l5wvuxzw9l96
overall progress: 3 out of 3 tasks
1/3: running   [==================================================>]
2/3: running   [==================================================>]
3/3: running   [==================================================>]

# 建立4個副本(scale)
docker service scale l5wvuxzw9l96=4
web scaled to 4
overall progress: 4 out of 4 tasks 
1/4: running   [==================================================>] 
2/4: running   [==================================================>] 
3/4: running   [==================================================>] 
4/4: running   [==================================================>] 

#docker sercie ps
docker service ps l5wvuxzw9l96
ID             NAME             IMAGE          NODE             DESIRED STATE   CURRENT STATE            ERROR     PORTS
vp8dkrsqslxw   jolly_euclid.1   nginx:latest   docker-desktop   Running         Running 13 minutes ago
qavp0npxko3l   jolly_euclid.2   nginx:latest   docker-desktop   Running         Running 7 minutes ago
kqs6uvbkxmjh   jolly_euclid.3   nginx:latest   docker-desktop   Running         Running 7 minutes ago

service 刪除

 docker service rm l5wvuxzw9l96

docker swarm的網路:

  • 第一是外部如何訪問部署運行在swarm集群內的服務,可以稱之為 入方向 流量,在swarm裡我們通過 ingress 來解決

  • 第二是部署在swarm集群裡的服務,如何對外進行訪問,這部分又分為兩塊:

    • 第一,東西向流量 ,也就是不同swarm節點上的容器之間如何通信,swarm通過 overlay 網絡來解決;

    • 第二,南北向流量 ,也就是swarm集群裡的容器如何對外訪問,比如互聯網,這個是 Linux bridge + iptables NAT 來解決的

image-1644943091590.png

 

回到頂端