以下の書籍「Docker/Kubernetes 実践コンテナ」にある
- 3.5.1 Docker Swarm
- 3.5.2 Service
- 3.5.3 Stack
- 3.5.4 ServiceをSwarm外から利用する
の写経。が、本日時点では、自分の理解が怪しい
目次
Docker Swarm
┌─Docker───────────────────┐ │┌Registry ─────┐ ┌Manager ──┤ ││ │port: ┏┥docker in d │ ││ ┝━━━┫└──────┤ ││┌Dir ───────┤ 5000 ┃┌Worker1~3─┤ │││/var/lib/registry │ ┗┥docker in d │ └┴┴──┰──────┴────┴──────┘ ┃volume mount ┌─┬Dir ┸──────┬───────────┐ │ │registry-data │ │ │ └─────────┘ │ └─Host────────────────────┘
$ vi docker-compose.yml
version: "3" services: registry: container_name: registry image: registry:2.6 ports: - 5000:5000 volumes: - "./registry-data:/var/lib/registry" manager: container_name: manager image: docker:20.10.23-dind # hostの全deviceに接続okになるらしいが、詳細は理解:未 privileged: true # cf. https://zenn.dev/hohner/articles/43a0da20181d34 tty: true ports: - 8000:80 - 9000:9000 depends_on: - registry # hostには公開されない、container側のport expose: - 3375 # 以下は https以外のhttp:5000で アクセスOKにする為 command: "--insecure-registry registry:5000" volumes: - "./stack:/stack" worker01: container_name: worker01 image: docker:20.10.23-dind privileged: true tty: true depends_on: - manager - registry expose: - 7946 - 7946/udp - 4789/udp command: "--insecure-registry registry:5000" worker02: container_name: worker02 image: docker:20.10.23-dind privileged: true tty: true depends_on: - manager - registry expose: - 7946 - 7946/udp - 4789/udp command: "--insecure-registry registry:5000"
docker compose 起動と、起動していることの確認
$ docker compose up -d $ docker container ls CONTAINER ID PORTS NAMES 3247a5969ab6 2375-2376/tcp,4789/udp,7946/tcp,7946/udp worker02 0aecc7a262b6 2375-2376/tcp,4789/udp,7946/tcp,7946/udp worker03 9a8f932cc2f9 2375-2376/tcp,4789/udp,7946/tcp,7946/udp worker01 cd870561d281 2375-2376/tcp,3375/tcp,:::9000->9000/tcp,:::8000->80/tcp manager 32d8ae5003e2 :::5000->5000/tcp registry
managerコンテナをswarnのマネージャに設定
$ docker container exec -it manager docker swarm init Swarm initialized: current node (u6xgdpg665085m0qf64cnct0u) is now a manager. To add a worker to this swarm, run the following command: docker swarm join --token \ SWMTKN-1-4byqlau1bcz52zaj9jpmigudblrk3d482v8arwfd4syvywsfbo-50ow5mvipbyfagm4m8uken59k 172.18.0.3:2377 To add a manager to this swarm, run 'docker swarm join-token manager' and follow the instructions.
worker01~03をswarnのノードに設定
$ docker container exec -it worker01 docker swarm join --token \ SWMTKN-1-4byqlau1bcz52zaj9jpmigudblrk3d482v8arwfd4syvywsfbo-50ow5mvipbyfagm4m8uken59k \ manager:2377 $ docker container exec -it worker02 docker swarm join --token \ SWMTKN-1-4byqlau1bcz52zaj9jpmigudblrk3d482v8arwfd4syvywsfbo-50ow5mvipbyfagm4m8uken59k \ manager:2377 $ docker container exec -it worker03 docker swarm join --token \ SWMTKN-1-4byqlau1bcz52zaj9jpmigudblrk3d482v8arwfd4syvywsfbo-50ow5mvipbyfagm4m8uken59k \ manager:2377
swarnノードの確認
$ docker container exec -it manager docker node ls ID HOSTNAME STATUS MANAGER STATUS u6xgdpg665085m0qf64cnct0u * 98e4c5b93225 Ready Leader ssgz4ker8lvrfbpj3mtctjtsh 120608a59677 Ready q5nuauip96qcgdctl4fmdj4j9 d4dc2bd958ec Ready lt3r8tnj48riejbozf7itsq1l e54446b93f5e Ready
dockerレジストリへ、イメージをpush
https://end0tknr.hateblo.jp/entry/20230125/1674635932
以前、上記のentryで作成した Dockerfile と main.go のイメージをタグ付けし、 Registry(port:5000)へ push
$ docker image tag example/echo:latest localhost:5000/example/echo:latest $ docker image push localhost:5000/example/echo:latest
worker01で、先程、登録したイメージをpull
$ docker container exec -it worker01 docker image pull registry:5000/example/echo:latest $ docker container exec -it worker01 docker image ls REPOSITORY TAG IMAGE ID CREATED SIZE registry:5000/example/echo latest 2cc31d7badf8 45 hours ago 803MB
Serviceの作成
$ docker container exec -it manager \ docker service create --replicas 1 --publish 8000:8080 --name echo \ registry:5000/example/echo:latest $ docker container exec -it manager docker service ls ID NAME MODE REPLICAS IMAGE PORTS se9z57opyzi9 echo replicated 1/1 registry:5000/example/echo:latest *:8000->8080/tcp
6コのcontainerで分散実行
$ docker container exec -it manager docker service scale echo=6 $ docker container exec -it manager docker service ps echo | grep Running echo.1 registry:5000/example/echo:latest Running 15 minutes ago echo.2 registry:5000/example/echo:latest Running 3 minutes ago echo.3 registry:5000/example/echo:latest Running 3 minutes ago echo.4 registry:5000/example/echo:latest Running 2 minutes ago echo.5 registry:5000/example/echo:latest Running 2 minutes ago echo.6 registry:5000/example/echo:latest Running 2 minutes ago
serviceを削除する場合、rm
$ docker container exec -it manager docker service rm echo $ docker container exec -it manager docker service ls
Docker Stack
1コのイメージのみを扱うServiceに対し、Stackは複数Serviceをグルーピング
ch03という名称のoverlayネットワーク作成
$ docker container exec -it manager docker network create \ --driver=overlay --attachable ch03
$ vi ./stack/ch03-webapi.yml
version: "3" services: nginx: image: gihyodocker/nginx-proxy:latest deploy: replicas: 3 placement: constraints: [node.role != manager] environment: SERVICE_PORTS: 80 BACKEND_HOST: echo_api:8080 depends_on: - api networks: - ch03 api: image: registry:5000/example/echo:latest deploy: replicas: 3 placement: constraints: [node.role != manager] networks: - ch03 networks: ch03: external: true
stackの配備
「echo」というstack名称で、deploy
$ docker container exec -it manager docker stack deploy \ -c ./stack/ch03-webapi.yml echo
stack配備結果の確認
docker container exec -it manager docker stack ps echo
$ docker container exec -it manager docker stack services echo NAME MODE REPLICAS IMAGE echo_api replicated 3/3 registry:5000/example/echo:latest echo_nginx replicated 3/3 gihyodocker/nginx-proxy:latest $ docker container exec -it manager docker stack ps echo NAME IMAGE NODE CURRENT STATE echo_api.1 registry:5000/example/echo:latest e54446b93f5e Running 4 minutes ago echo_api.2 registry:5000/example/echo:latest 120608a59677 Running 4 minutes ago echo_api.3 registry:5000/example/echo:latest d4dc2bd958ec Running 4 minutes ago echo_nginx.1 gihyodocker/nginx-proxy:latest e54446b93f5e Running 4 minutes ago echo_nginx.2 gihyodocker/nginx-proxy:latest 120608a59677 Running 4 minutes ago echo_nginx.3 gihyodocker/nginx-proxy:latest d4dc2bd958ec Running 4 minutes ago
visualizerによる stack配備結果の確認
vi ./stack/visualizer.yml
version: "3" services: app: image: dockersamples/visualizer ports: - "9000:8080" volumes: - /var/run/docker.sock:/var/run/docker.sock deploy: mode: global placement: constraints: [node.role == manager]
visualizerによる stack配備結果の確認
$ docker container exec -it manager docker stack deploy \ -c ./stack/visualizer.yml \ visualizer
上記を実行後、ブラウザで、http://192.168.56.113:9000/ へ アクセスすると、以下が表示されます。
stackの削除
$ docker container exec -it manager docker stack rm echo
HAProxyによるswarmクラスタ外からのservice利用
vi ./stack/ch03-ingress.yml
version: "3" services: haproxy: image: dockercloud/haproxy networks: - ch03 volumes: - /var/run/docker.sock:/var/run/docker.sock deploy: mode: global placement: constraints: - node.role == manager ports: - 80:80 - 1936:1936 # for stats page (basic auth. stats:stats) networks: ch03: external: true
配備
$ docker container exec -it manager docker stack deploy \ -c /stack/ch03-webapi.yml echo $ docker container exec -it manager docker stack deploy \ -c /stack/ch03-ingress.yml ingress $ docker container exec -it manager docker service ls NAME MODE REPLICAS IMAGE PORTS echo replicated 6/6 registry:5000/example/echo:latest *:8000->8080/tcp echo_api replicated 3/3 registry:5000/example/echo:latest echo_nginx replicated 3/3 gihyodocker/nginx-proxy:latest ingress_haproxy global 1/1 dockercloud/haproxy:latest *:80->80/tcp, *:1936->1936/tcp visualizer_app global 1/1 dockersamples/visualizer:latest *:9000->8080/tcp $ curl http://localhost:8000/ Hello Docker!!