Docker-machine 环境安装部署
1、docker-machine是什么
在前面我们手工安装了第一个 docker ,步骤包括:
- 安装 https CA 证书
- 添加 GPG key
- 添加 docker apt 源
- 安装 docker
可见步骤还是挺多的,对于多主机环境手工方式效率低且不容易保证一致性,针对这个问题,docker 给出的解决方案是 Docker Machine。 Docker Machine 可以批量安装和配置 docker , 可以是本地的虚拟机、物理机,也可以是公有云中的云主机。
实验环境:
node1 10.0.0.10 Centos 7.6
host1 10.0.0.11 Centos 7.6
host2 10.0.0.12 Centos 7.6
2、安装docker-machine
1.下载二进制包
[root@node1 ~]# wget - O https://github.com/docker/machine/releases/download/v0.9.0/docker-machine- Linux-x86_64/usr/local/bin/docker-machine
[root@node1 ~]# mv docker-machine-Linux-x86_64 /usr/local/bin/docker-machine
[root@node1 /usr/local/bin]# chmod +x /usr/local/bin/docker-machine
[root@node1 ~]# docker-machine version
docker-machine version 0.9.0, build 15fd4c7
3、创建docker-machine
对于 Docker Machine 来说,术语 Machine 就是运行 docker daemon 的主机。“创建 Machine” 指的就是在 host 上安装和部署 docker。先执行 docker-machine ls 查看一下当前的 machine:
[root@node1 /usr/local/bin]# docker-machine ls
NAME ACTIVE DRIVER STATE URL SWARM DOCKER ERRORS
当前还没有 machine,接下来我们创建第一个 machine: host1 10.0.0.10
分发秘钥
[root@node1 /usr/local/bin]# ssh-keygen
[root@node1 /usr/local/bin]# ssh-copy-id -i ~/.ssh/id_rsa.pub 10.0.0.11
[root@node1 /usr/local/bin]# ssh-copy-id -i ~/.ssh/id_rsa.pub 10.0.0.12
[root@node1 ~]# docker-machine create --driver=generic --generic-ip-address=10.0.0.11 host1(host2)#这一步时间比较长,耐心等候
[root@node1 ~]# Creating CA: /root/.docker/machine/certs/ca.pem
Creating client certificate: /root/.docker/machine/certs/cert.pem
Running pre-create checks...
Creating machine...
#ssh登陆到远程主机
(host1) No SSH key specified. Assuming an existing key at the default location.
Waiting for machine to be running, this may take a few minutes...
Detecting operating system of created instance...
Waiting for SSH to be available...
Detecting the provisioner...
#安装docker
Provisioning with centos...
#拷贝证书
Copying certs to the local machine directory...
Copying certs to the remote machine...
#配置docker daemon
Setting Docker configuration on the remote daemon...
Checking connection to Docker...
#启动docker
Docker is up and running!
To see how to connect your Docker Client to the Docker Engine running on this virtual machine, run: docker-machine env host1
[root@node1 ~]# docker-machine ls
NAME ACTIVE DRIVER STATE URL SWARM DOCKER ERRORS
host1 - generic Running tcp://10.0.0.11:2376 v18.09.0
[root@node1 ~]# docker-machine ls
NAME ACTIVE DRIVER STATE URL SWARM DOCKER ERRORS
host1 - generic Running tcp://10.0.0.12:2376 v18.09.0
4、管理docker-machine
用 docker-machine 创建 machine 的过程很简洁,非常适合多主机环境。除此之外,Docker Machine 也提供了一些子命令方便对 machine 进行管理。其中最常用的就是无需登录到 machine 就能执行 docker 相关操作。
我们前面学过,要执行远程 docker 命令我们需要通过 -H 指定目标主机的连接字符串,比如:
docker -H tcp://10.0.0.11:2376 ps
Docker Machine则让这个过程更简单
docker-machine env host1 直接访问host1的所有环境变量
[root@node1 ~]# docker-machine env host1
export DOCKER_TLS_VERIFY="1"
export DOCKER_HOST="tcp://192.168.2.120:2376"
export DOCKER_CERT_PATH="/root/.docker/machine/machines/host1"
export DOCKER_MACHINE_NAME="host1"
# Run this command to configure your shell:
# eval $(docker-machine env host1)
[root@node1 ~]# docker-machine env host2
export DOCKER_TLS_VERIFY="1"
export DOCKER_HOST="tcp://10.0.0.12:2376"
export DOCKER_CERT_PATH="/root/.docker/machine/machines/host2"
export DOCKER_MACHINE_NAME="host2"
# Run this command to configure your shell:
# eval $(docker-machine env host2)
根据提示,执行 eval $(docker-machine env host1):
[root@node1 ~]# eval $(docker-machine env host1)
[root@node1 ~ [host1]]#
[root@node1 ~ [host1]]#
[root@node1 ~ [host1]]# docker run --name w1 -itd busybox
Unable to find image 'busybox:latest' locally
latest: Pulling from library/busybox
57c14dd66db0: Pull complete
Digest: sha256:7964ad52e396a6e045c39b5a44438424ac52e12e4d5a25d94895f2058cb863a0
Status: Downloaded newer image for busybox:latest
0dada375dee242eca50ab534cf39efe44cd5c502c4bc19e9888b94092faebcf2
docker: Error response from daemon: OCI runtime create failed: rootfs (/var/lib/docker/devicemapper/mnt/6f719b81e2a0c68c48629815696efb4e596575694176f424941d06545164569d/rootfs) does not exist: unknown.
[root@node1 ~ [host1]]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
执行 eval $(docker-machine env host2) 切换到 host2:
[root@node1 ~ [host1]]# eval $(docker-machine env host2)
[root@node1 ~ [host2]]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
docker-machine 子命令:
docker-machine upgrade 更新 machine 的 docker 到最新版本,可以批量执行:
[root@node1 ~ [host2]]# docker-machine upgrade host1 host2
Waiting for SSH to be available...
Waiting for SSH to be available...
Detecting the provisioner...
Detecting the provisioner...
Upgrading docker...
Upgrading docker...
Restarting docker...
Restarting docker...
docker-machine config 查看 machine 的 docker daemon 配置:
[root@node1 ~]# docker-machine config host1
--tlsverify
--tlscacert="/root/.docker/machine/machines/host1/ca.pem"
--tlscert="/root/.docker/machine/machines/host1/cert.pem"
--tlskey="/root/.docker/machine/machines/host1/key.pem"
-H=tcp://10.0.0.11:2376
[root@node1 ~]# docker-machine config host2
--tlsverify
--tlscacert="/root/.docker/machine/machines/host2/ca.pem"
--tlscert="/root/.docker/machine/machines/host2/cert.pem"
--tlskey="/root/.docker/machine/machines/host2/key.pem"
-H=tcp://10.0.0.12:2376
docker-machine scp 可以在不同 machine 之间拷贝文件,比如:
docker-machine scp host1:/tmp/a host2:/tmp/b