目标：在docker v1.12版本搭建swarm集群，熟悉其用法，验证其功能。

环境：

swarm-manager：192.168.12.190，centos7.2

swarm-node01：192.168.12.191，centos7.2

软件版本：

docker：v1.12.0

实施步骤：

1.检查docker版本

#版本要求>= docker v1.12

[root@swarm-manager ~]# docker version

Client:

Version:      1.12.0

API version:  1.24

Go version:  go1.6.3

Git commit:  8eab29e

Built:

OS/Arch:      linux/amd64

Server:

Version:      1.12.0

API version:  1.24

Go version:  go1.6.3

Git commit:  8eab29e

Built:

OS/Arch:      linux/amd64

2.部署swarm

2.1部署manager（12.190）

#初始化manager

[root@swarm-manager ~]# docker swarm init --advertise-addr 192.168.12.190

Swarm initialized: current node (9a8h4zctcf4qb0naylgu5bpf5) is now a manager.

To add a worker to this swarm, run the following command:

docker swarm join \

--token SWMTKN-1-0bm6shp8luiko6yyr8f7g130k5gwfwnynomtu2teer1qhnn1h6-7u6rwvasabu3efhdboo1gxk84 \

192.168.12.190:2377

To add a manager to this swarm, run the following command:

docker swarm join \

--token SWMTKN-1-0bm6shp8luiko6yyr8f7g130k5gwfwnynomtu2teer1qhnn1h6-c0fwiq4dm5x3vgsbsyut2quk7 \

192.168.12.190:2377

#查看

[root@swarm-manager ~]# docker info

....

Swarm: active

NodeID: 9a8h4zctcf4qb0naylgu5bpf5

Is Manager: true

ClusterID: d48nl1v887o9b59b9uoe6hfj1

Managers: 1

Nodes: 1

Orchestration:

Task History Retention Limit: 5

Raft:

Snapshot interval: 10000

Heartbeat tick: 1

Election tick: 3

Dispatcher:

Heartbeat period: 5 seconds

CA configuration:

Expiry duration: 3 months

Node Address: 192.168.12.190

....

[root@swarm-manager ~]# docker node ls

ID                          HOSTNAME      STATUS  AVAILABILITY  MANAGER STATUS

9a8h4zctcf4qb0naylgu5bpf5 *  swarm-manager  Ready  Active        Leader

2.2部署node（12.191）

#添加node

root@swarm-node01 ~]#    docker swarm join \

--token SWMTKN-1-0bm6shp8luiko6yyr8f7g130k5gwfwnynomtu2teer1qhnn1h6-7u6rwvasabu3efhdboo1gxk84 \

192.168.12.190:2377

This node joined a swarm as a worker.

#查看：

[root@swarm-manager ~]# docker node ls

ID                          HOSTNAME      STATUS  AVAILABILITY  MANAGER STATUS

4u80il22c6r9hp9avzqgbe9yf    swarm-node01  Ready  Active

9a8h4zctcf4qb0naylgu5bpf5 *  swarm-manager  Ready  Active        Leader

[root@swarm-manager ~]# docker info

...

Swarm: active

NodeID: 9a8h4zctcf4qb0naylgu5bpf5

Is Manager: true

ClusterID: d48nl1v887o9b59b9uoe6hfj1

Managers: 1

Nodes: 2

....

2.3查看manager和node的token值

可以看到创建manager或者node时需要使用token，使用如下命令可以列出token。

#列出manager的token

[root@swarm-manager ~]# docker swarm join-token manager

To add a manager to this swarm, run the following command:

docker swarm join \

--token SWMTKN-1-0bm6shp8luiko6yyr8f7g130k5gwfwnynomtu2teer1qhnn1h6-c0fwiq4dm5x3vgsbsyut2quk7 \

192.168.12.190:2377

#列出node的token

[root@swarm-manager ~]# docker swarm join-token worker

To add a worker to this swarm, run the following command:

docker swarm join \

--token SWMTKN-1-0bm6shp8luiko6yyr8f7g130k5gwfwnynomtu2teer1qhnn1h6-7u6rwvasabu3efhdboo1gxk84 \

192.168.12.190:2377

3.docker servie的使用

#docker service指令

[root@swarm-manager ~]# docker service -h

....

Commands:

create      Create a new service

inspect    Display detailed information on one or more services

ps          List the tasks of a service

ls          List services

rm          Remove a service

scale      Scale one or multiple services

update      Update a service

#新建nginx

[root@swarm-manager ~]# docker service create --replicas 1 --name nginx00 nginx

b3n4rdl7dctmi99j2bwcr77wx

#查看

[root@swarm-manager ~]# docker service ls

ID            NAME    REPLICAS  IMAGE  COMMAND

b3n4rdl7dctm  nginx00  1/1      nginx

[root@swarm-manager ~]# docker service ps nginx00

ID                        NAME      IMAGE  NODE          DESIRED STATE  CURRENT STATE          ERROR

05488zncdeu4fh4l3partfcjn  nginx00.1  nginx  swarm-node01  Running        Running 3 minutes ago

[root@swarm-node01 ~]# docker ps

CONTAINER ID        IMAGE              COMMAND                  CREATED            STATUS              PORTS              NAMES

342cbfcdfa9b        nginx:latest        "nginx -g 'daemon off"  4 minutes ago      Up 4 minutes        80/tcp, 443/tcp    nginx00.1.05488zncdeu4fh4l3partfcjn

#在线扩容

[root@swarm-manager ~]# docker service scale nginx00=2

nginx00 scaled to 2

[root@swarm-manager ~]# docker service ls

ID            NAME    REPLICAS  IMAGE  COMMAND

b3n4rdl7dctm  nginx00  2/2      nginx

[root@swarm-manager ~]# docker service ps nginx00

ID                        NAME      IMAGE  NODE          DESIRED STATE  CURRENT STATE          ERROR

05488zncdeu4fh4l3partfcjn  nginx00.1  nginx  swarm-node01  Running        Running 11 minutes ago

0m8tj5in3gzzwmkx74chu2u2o  nginx00.2  nginx  swarm-manager  Running        Running 37 seconds ago

#在线缩减

[root@swarm-manager ~]# docker service scale nginx00=0

nginx00 scaled to 0

[root@swarm-manager ~]# docker service ls

ID            NAME    REPLICAS  IMAGE  COMMAND

b3n4rdl7dctm  nginx00  0/0      nginx

[root@swarm-manager ~]# docker service ps nginx00

ID                        NAME      IMAGE  NODE          DESIRED STATE  CURRENT STATE            ERROR

05488zncdeu4fh4l3partfcjn  nginx00.1  nginx  swarm-node01  Shutdown      Shutdown 15 seconds ago

0m8tj5in3gzzwmkx74chu2u2o  nginx00.2  nginx  swarm-manager  Shutdown      Shutdown 14 seconds ago

#删除service

[root@swarm-manager ~]# docker service ls

ID            NAME    REPLICAS  IMAGE  COMMAND

b3n4rdl7dctm  nginx00  1/1      nginx

[root@swarm-manager ~]# docker service rm nginx00

nginx00

[root@swarm-manager ~]# docker service ls

ID  NAME  REPLICAS  IMAGE  COMMAND

#滚动升级

[root@swarm-manager ~]# docker service create --replicas 2 --name tomcat00 tomcat:6

7akh1a171jqdbnumewa8d7iwr

[root@swarm-manager ~]# docker service ls

ID            NAME      REPLICAS  IMAGE    COMMAND

7akh1a171jqd  tomcat00  2/2      tomcat:6

[root@swarm-manager ~]# docker service ps tomcat00

ID                        NAME        IMAGE    NODE          DESIRED STATE  CURRENT STATE              ERROR

dhnfyn0tjjgbi5sefscya6yrc  tomcat00.1  tomcat:6  swarm-manager  Running        Running about a minute ago

0wy7zcpjh17ny1cm7wohx3to6  tomcat00.2  tomcat:6  swarm-node01  Running        Running 20 seconds ago

[root@swarm-manager ~]# docker service update --image tomcat:7 tomcat00

tomcat00

[root@swarm-manager ~]# docker service ls

ID            NAME      REPLICAS  IMAGE    COMMAND

7akh1a171jqd  tomcat00  2/2      tomcat:7

[root@swarm-manager ~]# docker service ps tomcat00

ID                        NAME            IMAGE    NODE          DESIRED STATE  CURRENT STATE                ERROR

cltwnjh8c6l0w5wi8u4rk6pei  tomcat00.1      tomcat:7  swarm-manager  Running        Running 30 seconds ago

dhnfyn0tjjgbi5sefscya6yrc  \_ tomcat00.1  tomcat:6  swarm-manager  Shutdown      Shutdown about a minute ago

bf6l3wi3f3rhj5g59u6zo4n7o  tomcat00.2      tomcat:7  swarm-node01  Running        Running about a minute ago

0wy7zcpjh17ny1cm7wohx3to6  \_ tomcat00.2  tomcat:6  swarm-node01  Shutdown      Shutdown about a minute ago

4.网络

4.1容器间的互通

#默认网桥

[root@swarm-manager ~]# docker network ls

NETWORK ID          NAME                DRIVER              SCOPE

1a7673941702        bridge              bridge              local

6fbc212201c6        docker_gwbridge    bridge              local

f427b46c5246        host                host                local

7fter2mqj5zf        ingress            overlay            swarm

3f067508d7fc        none                null                local

新建service（不带-p参数）使用name=bridge网桥；

新建service（带-p参数）使name=ingress网桥。

容器间互通需使用overlay模式，所以新建一个overlay的网桥。

#新建network[root@swarm-manager ~]# docker network create -d overlay  --subnet 10.254.0.0/16 --gateway  10.254.0.1 test00dvhjl166f2hejlps2rd4a43pq#新建tomcat01和tomcat02[root@swarm-manager ~]# docker service create --replicas 2 --name tomcat01  --network test00 tomcat:72c1qs8gwmlk6w3ujos122m31m[root@swarm-manager ~]# docker service create --replicas 2 --name tomcat02  --network test00 tomcat:77v97krliu5g5lj0awe2kqk2yy[root@swarm-manager ~]# docker service lsID            NAME      REPLICAS  IMAGE    COMMAND2c1qs8gwmlk6  tomcat01  2/2      tomcat:7  7v97krliu5g5  tomcat02  2/2      tomcat:7  [root@swarm-manager ~]# docker service ps tomcat01ID                        NAME        IMAGE    NODE          DESIRED STATE  CURRENT STATE          ERROR69xfelfbq1j684fg3dxhxvbwx  tomcat01.1  tomcat:7  swarm-manager  Running        Running 12 minutes ago  9ul1julgkhox5c00m0dws1adz  tomcat01.2  tomcat:7  swarm-node01  Running        Running 12 minutes ago  [root@swarm-manager ~]# docker service ps tomcat02ID                        NAME        IMAGE    NODE          DESIRED STATE  CURRENT STATE          ERROR1wgmjm1g5lh85yiswwnnvy3i9  tomcat02.1  tomcat:7  swarm-node01  Running        Running 59 seconds ago  6iybysdoove9qtbd0qzgqfnbd  tomcat02.2  tomcat:7  swarm-manager  Running        Running 58 seconds ago  #查看容器信息[root@swarm-manager ~]# docker psCONTAINER ID        IMAGE              COMMAND            CREATED              STATUS              PORTS              NAMESf7468890b410        tomcat:7            "catalina.sh run"  About a minute ago  Up About a minute  8080/tcp            tomcat01.1.69xfelfbq1j684fg3dxhxvbwx[root@swarm-manager ~]# docker exec -ti f7468890b410 bashroot@f7468890b410:/usr/local/tomcat# ip add1: lo:mtu 65536 qdisc noqueue state UNKNOWN group default    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00    inet 127.0.0.1/8 scope host lo      valid_lft forever preferred_lft forever    inet6 ::1/128 scope host        valid_lft forever preferred_lft forever48: eth0@if49:mtu 1450 qdisc noqueue state UP group default    link/ether 02:42:0a:fe:00:03 brd ff:ff:ff:ff:ff:ff    inet 10.254.0.3/16 scope global eth0      valid_lft forever preferred_lft forever    inet 10.254.0.2/32 scope global eth0      valid_lft forever preferred_lft forever    inet6 fe80::42:aff:fefe:3/64 scope link        valid_lft forever preferred_lft forever50: eth1@if51:mtu 1500 qdisc noqueue state UP group default

link/ether 02:42:ac:12:00:03 brd ff:ff:ff:ff:ff:ff

inet 172.18.0.3/16 scope global eth1

valid_lft forever preferred_lft forever

inet6 fe80::42:acff:fe12:3/64 scope link

valid_lft forever preferred_lft forever

root@f7468890b410:/usr/local/tomcat# more /etc/hosts

127.0.0.1      localhost

::1    localhost ip6-localhost ip6-loopback

fe00::0 ip6-localnet

ff00::0 ip6-mcastprefix

ff02::1 ip6-allnodes

ff02::2 ip6-allrouters

10.254.0.3      f7468890b410

172.18.0.3      f7468890b410

root@f7468890b410:/usr/local/tomcat# more /etc/resolv.conf

nameserver 127.0.0.11

options ndots:0

root@f7468890b410:/usr/local/tomcat# ping tomcat01

PING tomcat01 (10.254.0.2): 56 data bytes

64 bytes from 10.254.0.2: icmp_seq=0 ttl=64 time=0.088 ms

root@f7468890b410:/usr/local/tomcat# ping tomcat02

PING tomcat02 (10.254.0.5): 56 data bytes

64 bytes from 10.254.0.5: icmp_seq=0 ttl=64 time=0.259 ms

#swarm集群，使用容器内部的dns解析servie的name

4.2外部访问容器

测试过程中发现，当–replicas=1，只有容器所在宿主机端口可以被访问，不知道是不是swarm集群的bug。

#新建tomcat03 --replicas=1

[root@swarm-manager ~]# docker service ls

ID  NAME  REPLICAS  IMAGE  COMMAND

[root@swarm-manager ~]# docker service create --replicas 1 --name tomcat03 -p 30030:8080 tomcat:7

6yv4xi2pevzn33yiby9l78e7p

[root@swarm-manager ~]# docker service ls

ID            NAME      REPLICAS  IMAGE    COMMAND

6yv4xi2pevzn  tomcat03  1/1      tomcat:7

[root@swarm-manager ~]# docker service ps tomcat03

ID                        NAME        IMAGE    NODE          DESIRED STATE  CURRENT STATE          ERROR

8iox4mb1v0of7igsh631w8v4o  tomcat03.1  tomcat:7  swarm-node01  Running        Running 10 seconds ago

[root@swarm-manager ~]# curl 192.168.12.190:30030

curl: (7) Failed connect to 192.168.12.190:30030; Connection refused

[root@swarm-manager ~]# curl 192.168.12.191:30030

...

....

#scale tomcat03=2,此时因2个宿主机均有容器，测试正常。

[root@swarm-manager ~]# docker service scale tomcat03=2

tomcat03 scaled to 2

[root@swarm-manager ~]# docker service ps tomcat03

ID                        NAME        IMAGE    NODE          DESIRED STATE  CURRENT STATE          ERROR

8iox4mb1v0of7igsh631w8v4o  tomcat03.1  tomcat:7  swarm-node01  Running        Running 5 minutes ago

f3d6n57uyea4vxu4gp6ndgcz8  tomcat03.2  tomcat:7  swarm-manager  Running        Running 29 seconds ago

[root@swarm-manager ~]# curl 192.168.12.190:30030

...

...

[root@swarm-manager ~]# curl 192.168.12.191:30030

...

...

#非swarm主机访问tomcat03，也可以。

[root@k8s-node02 ~]# curl 192.168.12.191:30030

...

...

5.node的管理

#docker node指令

[root@swarm-manager ~]# docker node -h

...

Commands:

demote      Demote a node from manager in the swarm

inspect    Display detailed information on one or more nodes

ls          List nodes in the swarm

promote    Promote a node to a manager in the swarm

rm          Remove a node from the swarm

ps          List tasks running on a node

update      Update a node

5.1node去激活（drain）

#查看状态

[root@swarm-manager ~]# docker node ls

ID                          HOSTNAME      STATUS  AVAILABILITY  MANAGER STATUS

4u80il22c6r9hp9avzqgbe9yf    swarm-node01  Ready  Active

9a8h4zctcf4qb0naylgu5bpf5 *  swarm-manager  Ready  Active        Leader

[root@swarm-manager ~]# docker service ps tomcat03

ID                        NAME        IMAGE    NODE          DESIRED STATE  CURRENT STATE          ERROR

7shjqfybdy385r9jy5i29x8oa  tomcat03.1  tomcat:7  swarm-manager  Running        Running 9 minutes ago

33n5lucts3b3hdyzhfh2pte4i  tomcat03.2  tomcat:7  swarm-node01  Running        Running 1 seconds ago

#node去激活

[root@swarm-manager ~]# docker node update --availability drain swarm-node01

swarm-node01

#去激活后查看状态

[root@swarm-manager ~]# docker node ls

ID                          HOSTNAME      STATUS  AVAILABILITY  MANAGER STATUS

4u80il22c6r9hp9avzqgbe9yf    swarm-node01  Ready  Drain

9a8h4zctcf4qb0naylgu5bpf5 *  swarm-manager  Ready  Active        Leader

[root@swarm-manager ~]# docker service ps tomcat03

ID                        NAME            IMAGE    NODE          DESIRED STATE  CURRENT STATE            ERROR

7shjqfybdy385r9jy5i29x8oa  tomcat03.1      tomcat:7  swarm-manager  Running        Running 11 minutes ago

5f6y6vikdf32kfvgtgibemkwb  tomcat03.2      tomcat:7  swarm-manager  Running        Preparing 9 seconds ago

33n5lucts3b3hdyzhfh2pte4i  \_ tomcat03.2  tomcat:7  swarm-node01  Shutdown      Shutdown 10 seconds ago

#可以看到node01的容器，自动迁移到了manager

#激活node

[root@swarm-manager ~]# docker node update --availability active swarm-node01

swarm-node01

[root@swarm-manager ~]# docker node ls

ID                          HOSTNAME      STATUS  AVAILABILITY  MANAGER STATUS

4u80il22c6r9hp9avzqgbe9yf    swarm-node01  Ready  Active

9a8h4zctcf4qb0naylgu5bpf5 *  swarm-manager  Ready  Active        Leader

5.2node角色的升级和降级（promote/demote）

#查看状态

[root@swarm-manager ~]# docker node ls

ID                          HOSTNAME      STATUS  AVAILABILITY  MANAGER STATUS

4u80il22c6r9hp9avzqgbe9yf    swarm-node01  Ready  Active

9a8h4zctcf4qb0naylgu5bpf5 *  swarm-manager  Ready  Active        Leader

#node角色提升

[root@swarm-manager ~]# docker node promote swarm-node01

Node swarm-node01 promoted to a manager in the swarm.

[root@swarm-manager ~]# docker node ls

ID                          HOSTNAME      STATUS  AVAILABILITY  MANAGER STATUS

4u80il22c6r9hp9avzqgbe9yf    swarm-node01  Ready  Active        Reachable

9a8h4zctcf4qb0naylgu5bpf5 *  swarm-manager  Ready  Active        Leader

#node角色降级

[root@swarm-manager ~]# docker node demote swarm-node01

Manager swarm-node01 demoted in the swarm.

[root@swarm-manager ~]# docker node ls

ID                          HOSTNAME      STATUS  AVAILABILITY  MANAGER STATUS

4u80il22c6r9hp9avzqgbe9yf    swarm-node01  Ready  Active

9a8h4zctcf4qb0naylgu5bpf5 *  swarm-manager  Ready  Active        Leader

via：http://www.pangxie.space/docker/1061