#修改主机名称
hostname # 主机名称
hostnamectl set-hostname node1
#关闭防火墙
systemctl stop firewalld && systemctl disable firewalld
#init swarm
docker swarm init
#创建网络
docker network create -d overlay mynet
# docker ui界面
#创建
docker service create \
--name=viz \
--publish=8080:8080/tcp \
--constraint=node.role==manager \
--mount type=bind,src=/var/run/docker.sock,dst=/var/run/docker.sock,readonly \
dockersamples/visualizer
# docker ui界面 portainer
docker service create \
--name=portainer \
--publish=9000:9000 \
--constraint=node.role==manager \
--mount type=bind,src=/var/run/docker.sock,dst=/var/run/docker.sock \
--mount type=volume,src=portainer_data,dst=/data \
--mount type=volume,src=portainer_public,dst=/public \
portainer/portainer
#docker in docker 的思路
#关键点是:将宿主机 docker.sock 文件挂载到容器,
#实现容器内 docker 操作宿主机 docker 的目的
docker run -it \
-v /var/run/docker.sock:/var/run/docker.sock \
-v /usr/bin/docker:/usr/bin/docker \
dockerindocker:1.0 /bin/bash
docker run -it \
--name dind \
--mount type=bind,src=/usr/bin/docker,dst=/usr/bin/docker,readonly \
--mount type=bind,src=/var/run/docker.sock,dst=/var/run/docker.sock,readonly \
openjdk /bin/bash
docker service create \
--name dind \
--mount type=bind,src=/usr/bin/docker,dst=/usr/bin/docker,readonly \
--mount type=bind,src=/var/run/docker.sock,dst=/var/run/docker.sock,readonly \
--network mynet \
--constraint=node.role==manager \
openjdk
#查看服务
docker service ls
#查询日志
docker service logs -f --tail=n 服务名称
docker service logs -f --tail=20 viz
#创建测试 --replicas=1
docker service create --network mynet --name nginx2 zhaokuner/nginx
docker volume create myregistry
#使用http,修改insecure-registries,加入 ip:port or domain:port
vim /etc/docker/daemon.json
"insecure-registries": ["registry.access.redhat.com","quay.io","myregistry:5000"],
# 创建数据卷 type=volume,src=volume名称,dst=容器目录
docker service create \
--network mynet \
--mount type=volume,src=myregistr,dst=/var/lib/registry \
-p 5000:5000 \
--name myregistry \
registry:2
docker run -d -p 5000:5000 --mount type=volume,src=myregistry,dst=/var/lib/registry --restart=always --name myregistry registry:2
#查看
http://172.16.34.149:5000/v2/
#安装界面
docker pull hyper/docker-registry-web
docker run -d --restart=always -p 8080:8080 --name registry-web --link myregistry -e REGISTRY_URL=http://myregistry:5000/v2 -e REGISTRY_NAME=myregistry:5000 hyper/docker-registry-web
#添加删除功能
#第一步,修改registry,开启删除功能
https://docs.docker.com/registry/configuration/#delete
/etc/docker/registry/config.yml
storage:
delete:
enabled: true
#第二步,修改docker-registry-web,关闭只读
https://hub.docker.com/r/hyper/docker-registry-web
/conf/config.yml
readonly: false
echo "This is a config" | docker config create myconfig -
docker config create tomcat-server ./server.xml
#使用
docker service create --name masl --config source=tomcat-server,target=/usr/local/apache-tomcat-8.5.50/conf/server.xml --replicas 2 -p 8080:8080 tomcat
echo '123456' | docker secret create mypwd -
#使用
docker service create --name db --secret mypwd -e MYSQL_ROOT_PASSWORD_FILE=/run/secrets/mypwd mysql:5.7.27
#查看指定的密码 进入容器
cat /run/secrets/mypwd
docker stack deploy -c docker-compose.yml