20170602

1.docker run -itd --name=zhang1 --net="bridge"  nginx-php /bin/bash

swarm搭建：

node dkmanager:

1001* systemctl docker
1002 systemctl status docker
1003 docker swarm init
1004 cat /etc/docker/daemon.json
1005 vi /etc/docker/daemon.json
1006 systemctl restart docker
1007 docker swarm init --advertise-addr 192.168.36.141
1008 docker node ls
1009 docker info
1010 docker node ls
1011 history

node1.node2:

997 vi /etc/docker/daemon.json
998 systemctl restart docker
999 docker swarm join --token SWMTKN-1-0ibg226yu582kg5a3yy4p3sz7voqokuqxr813l9siy5b29ay0z-9j5x0782v92hb8ezahdhejxl4 192.168.36.141:2377
1000 history

最后：集群信息

[root@node ~]# docker node ls
ID HOSTNAME STATUS AVAILABILITY MANAGER STATUS
6uylrjuug1dj4bepbqpltjoof * node.srv.word Ready Active Leader
cwv31c38ubktin716270isyvr node02.srv.word Ready Active
elz4aksaqcb9ny33v370qorqq node01.srv.word Ready Active
[root@node ~]# docker info
Containers: 11
Running: 0
Paused: 0
Stopped: 11
Images: 15
Server Version: 1.12.5
Storage Driver: devicemapper
Pool Name: docker-253:0-68171607-pool
Pool Blocksize: 65.54 kB
Base Device Size: 10.74 GB
Backing Filesystem: xfs
Data file: /dev/loop0
Metadata file: /dev/loop1
Data Space Used: 1.556 GB
Data Space Total: 107.4 GB
Data Space Available: 49.02 GB
Metadata Space Used: 3.24 MB
Metadata Space Total: 2.147 GB
Metadata Space Available: 2.144 GB
Thin Pool Minimum Free Space: 10.74 GB
Udev Sync Supported: true
Deferred Removal Enabled: false
Deferred Deletion Enabled: false
Deferred Deleted Device Count: 0
Data loop file: /var/lib/docker/devicemapper/devicemapper/data
WARNING: Usage of loopback devices is strongly discouraged for production use. Use `--storage-opt dm.thinpooldev` to specify a custom block storage device.
Metadata loop file: /var/lib/docker/devicemapper/devicemapper/metadata
Library Version: 1.02.135-RHEL7 (2016-11-16)
Logging Driver: journald
Cgroup Driver: systemd
Plugins:
Volume: local
Network: overlay null host bridge
Swarm: active
NodeID: 6uylrjuug1dj4bepbqpltjoof
Is Manager: true
ClusterID: 4h119wtvwk72tl2b01zcsprqv
Managers: 1
Nodes: 3
Orchestration:
Task History Retention Limit: 5
Raft:
Snapshot Interval: 10000
Heartbeat Tick: 1
Election Tick: 3
Dispatcher:
Heartbeat Period: 5 seconds
CA Configuration:
Expiry Duration: 3 months
Node Address: 192.168.36.141
Runtimes: runc docker-runc
Default Runtime: docker-runc
Security Options: seccomp
Kernel Version: 3.10.0-229.el7.x86_64
Operating System: CentOS Linux 7 (Core)
OSType: linux
Architecture: x86_64
Number of Docker Hooks: 2
CPUs: 1
Total Memory: 1.687 GiB
Name: node.srv.word
ID: ZXA2:27HR:OLD3:GVGG:3ZRF:7UXO:N6EM:75VB:BGGE:N3GP:LUWK:MT57
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
WARNING: bridge-nf-call-ip6tables is disabled
Insecure Registries:
127.0.0.0/8
Registries: docker.io (secure)
[root@node ~]#

再来个web管理工具：Portainer

成了!!!

添加services:

1001 docker node list
1002 docker service create -p 80:80 --name webserver nginx
1003 docker service ls
1004 docker service ps webserver
1005 docker service ls
1006 docker service ps webserver

docker service scale webserver=5
1012 docker service ps
1013 docker service ps webserver
1014 docker images

 报错处理：

If you have this
cat /etc/docker/daemon.json 
{
"live-restore": true
}

you should change to:

cat /etc/docker/daemon.json 
{
"live-restore": false
}

systemctl restart docker

docker swarm init

Failed to get D-Bus connection: Operation not permitted:

My guess is that you're running a non-privileged container. systemd requires CAP_SYS_ADMIN capability but Docker drops that capability in the non privileged containers, in order to add more security.

systemd also requires RO access to the cgroup file system within a container. You can add it with –v /sys/fs/cgroup:/sys/fs/cgroup:ro

So, here a few steps on how to run CentOS with systemd inside a Docker container:

1. Pull centos image
2. Set up a docker file like the one below:

FROM centos MAINTAINER “Yourname" <youremail@address.com> ENV container docker RUN yum -y update; yum clean all RUN yum -y install systemd; yum clean all; (cd /lib/systemd/system/sysinit.target.wants/; for i in *; do [ $i == systemd-tmpfiles-setup.service ] || rm -f $i; done); rm -f /lib/systemd/system/multi-user.target.wants/*; rm -f /etc/systemd/system/*.wants/*; rm -f /lib/systemd/system/local-fs.target.wants/*; rm -f /lib/systemd/system/sockets.target.wants/*udev*; rm -f /lib/systemd/system/sockets.target.wants/*initctl*; rm -f /lib/systemd/system/basic.target.wants/*; rm -f /lib/systemd/system/anaconda.target.wants/*; VOLUME [ “/sys/fs/cgroup” ] CMD [“/usr/sbin/init”]

3. Build it - docker build --rm -t centos7-systemd - < mydockerfile

4. Run a container with docker run --privileged -ti -e container=docker -v /sys/fs/cgroup:/sys/fs/cgroup centos7-systemd /usr/sbin/init

5. You should have systemd in your container

6. root@node ~]# cat Dockerfile
   FROM centos7:base
   MAINTAINER “jt" <youremail@address.com>
   ENV container docker
   RUN yum -y update; yum clean all

7. 
   RUN yum -y install systemd; yum clean all;
   (cd /lib/systemd/system/sysinit.target.wants/; for i in *; do [ $i == systemd-tmpfiles-setup.service ] || rm -f $i; done);
   rm -f /lib/systemd/system/multi-user.target.wants/*;
   rm -f /etc/systemd/system/*.wants/*;
   rm -f /lib/systemd/system/local-fs.target.wants/*;
   rm -f /lib/systemd/system/sockets.target.wants/*udev*;
   rm -f /lib/systemd/system/sockets.target.wants/*initctl*;
   rm -f /lib/systemd/system/basic.target.wants/*;
   rm -f /lib/systemd/system/anaconda.target.wants/*;
   VOLUME [ “/sys/fs/cgroup” ]
   CMD [“/usr/sbin/init”]

ssh-keygen -R 伺服器端的IP或網址
备份和恢复：

docker save -o ~/centos7cg.tar ff37bc5ab732

docker load -i centos7cg.tar 

添加集群service：

怀疑CPU存在瓶颈，可用 sar -u 和 sar -q 等来查看

怀疑内存存在瓶颈，可用 sar -B、sar -r 和 sar -W 等来查看

怀疑I/O存在瓶颈，可用 sar -b、sar -u 和 sar -d 等来查看