GCP
mkdir dbserver && cd $_- 컨테이너 이미지 다지우기
docker rmi -f $(docker images -q)
docker run -itd -p 3306:3306 --name mysql --network gcp-network ubuntu:18.04 # -it의 기능 command 에서 /bin/bash
docker exec -it mysql bash
sed -i 's/archive.ubuntu.com/ftp.daumkakao.com/g' /etc/apt/sources.list
# "/etc/apt/sources.list" 파일에서 "archive.ubuntu.com"을 "ftp.daumkakao.com"으로 모두 찾아 대체합니다. 이를 통해 Ubuntu 시스템의 패키지 관리자인 APT의 저장소 목록을 "archive.ubuntu.com"에서 "ftp.daumkakao.com"으로 변경할 수 있습니다.
apt-get update
apt-get install -y mariadb-server
sed -i "s/bind-address/#bind-address/g" /etc/mysql/mariadb.conf.d/50-server.cnf
service mysql start
mysql_secure_installation # root pw 빼고 다 y
service mysql restart
mysql -u root -p
CREATE USER 'wpuser'@'%' IDENTIFIED BY 'wppass';
CREATE DATABASE IF NOT EXISTS wordpress;
GRANT ALL PRIVILEGES ON wordpress.* TO 'wpuser'@'%';
quit- 3306 포트 잘열려있음
docker rename mysql dbserver
vi Dockerfile
FROM mysql-base:v1.0
ENTRYPOINT ["mysqld"]
docker build -t eeapbh/gcp-dbserver:eagle .
docker push eeapbh/gcp-dbserver:eagle
docker rm -f aefbe5e91bfd 452081761c56
docker run -d -p 3306:3306 --name dbserver --network gcp-network eeapbh/gcp-dbserver:eagle
docker run -d -p 80:80 --name wordpress --network gcp-network eeapbh/gcp-wordpress:tiger
docker stop dbserver
docker commit -a "bonghyeon" -m "hello world" dbserver eeapbh/gcp-dbserver:falcon
docker push eeapbh/gcp-dbserver:falcon
docker rm -f dbserver
docker run -d -p 3306:3306 --name dbserver --network gcp-network eeapbh/gcp-dbserver:falcon
개발자 역할
mkdir onbuild && cd $_
ls
ls ~/
sudo cp ~/aws.tar .
ls 
mv food.tar website.tar
docker build -t eeapbh/web-site:food .
docker run -d -p 8080:80 --name web-site2 eeapbh/web-site:food
docker images
docker ps
docker push eeapbh/web-site:food도커 사설 레지스트리(AWS)
docker run -d -p 5000:5000 --restart=always --name private-docker-registry registry # 저장소 서버
# restart=always docker host가 켜지면 컨테이너도 실행되는 설정# vi /etc/docker/daemon.json # 클라이언트
{ "insecure-registries":["blog.bong0918.shop:5000"] }
# systemctl restart docker
docker update --restart always wordpress
docker update --restart always dbserver
ubuntu
# vi /etc/docker/daemon.json # 클라이언트
{ "insecure-registries":["blog.bong0918.shop:5000"] }
# systemctl restart dockerdocker tag eeapbh/web-site:aws blog.bong0918.shop:5000/web-site:aws
docker tag eeapbh/web-site:food blog.bong0918.shop:5000/web-site:food
docker push blog.bong0918.shop:5000/web-site:aws
docker push blog.bong0918.shop:5000/web-site:food
개발자가 개발 다하고 사설 -> 올림
운영자
- 약한 보안
# vi /etc/docker/daemon.json # 클라이언트
{ "insecure-registries":["blog.bong0918.shop:5000"] }
# systemctl restart dockerdocker rmi -f $(docker images -q)
# curl -L "https://github.com/docker/compose/releases/download/1.26.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
# chmod +x /usr/local/bin/docker-compose
# mkdir my_wordpress && cd $_
# vi docker-compose.yml
version: "3.3"
services:
dbserver:
image: mysql:5.7
volumes:
- db_data:/var/lib/mysql
restart: always
environment: # -e
MYSQL_ROOT_PASSWORD: password
MYSQL_DATABASE: wordpress
MYSQL_USER: wpuser
MYSQL_PASSWORD: wppass
wordpress:
depends_on:
- dbserver
image: wordpress:latest
volumes:
- wordpress_data:/var/www/html
ports: # -p 80:80
- "8888:80"
restart: always
environment:
WORDPRESS_DB_HOST: dbserver:3306
WORDPRESS_DB_USER: wpuser
WORDPRESS_DB_PASSWORD: wppass
WORDPRESS_DB_NAME: wordpress
volumes:
db_data: {}
wordpress_data: {}
# docker-compose up -d
# docker-compose ps
# docker-compose pause
# docker-compose unpause
# docker-compose port wordpress 80
# docker-compose config # 앞서 정의했던 스크립트를 보여줌
# docker-compose stop wordpress
# docker-compose rm wordpress
# docker-compose down # 네트워크도 지워지고 컨테이너도 지워짐
# docker-compose down -v # 볼륨까지 지우기
# docker-compose down --rmi all
도커 컨테이너 모니터링
컨테이너가 지워지더라도 다시 복원되도록
VERSION=v0.44.0 # use the latest release version from https://github.com/google/cadvisor/releases
docker run \
--volume=/:/rootfs:ro \
--volume=/var/run:/var/run:ro \
--volume=/sys:/sys:ro \
--volume=/var/lib/docker/:/var/lib/docker:ro \
--volume=/dev/disk/:/dev/disk:ro \
--publish=8080:8080 \
--detach=true \
--name=cadvisor \
--privileged \
--device=/dev/kmsg \
gcr.io/cadvisor/cadvisor:$VERSIONdocker-compose up -d
docker-compose down
docker system df
docker system prune -f -a
free -h
poweroff
우분투도 sudo poweroff
도커 스웜(Cluster)
# curl -fsSL https://get.docker.com/ | sh
# yum -y install bash-completion wget unzip mysql
# curl https://raw.githubusercontent.com/docker/docker-ce/master/components/cli/contrib/completion/bash/docker -o /etc/bash_completion.d/docker.sh
# systemctl enable --now docker
- 복제하기
- 복제하나 더하고 그룹만들기 ㄱ
# firewall-cmd --permanent --zone=public --add-port=2377/tcp # manager랑 worker들 통신하게 열어줌
# firewall-cmd --reload
# hostnamectl set-hostname manager1
# cat <<EOF >> /etc/hosts
192.168.2.61 manager1
192.168.2.62 worker1
192.168.2.63 worker2
EOF
- manager1
# docker swarm init --advertise-addr 192.168.2.5
- worker1, worker2
# docker swarm join --token SWMTKN-1-2p5475ly394vx9ocm8wbdp9a58njtuale1azygula20v04qqna-etq2tfsduvr4m6sjvg1tlsbgm 192.168.2.5:2377- manager1
# docker node ls
# docker service create --name my_web --replicas 3 --publish published=8080,target=80 eeapbh/web-site:food
- task 안에는 여러개의 container가 있을수 있다. 쿠버네티스에서는 이 task를 pod라고 부른다. 쿠브,쿠베라고 부른다.
하나의 호스트가 다운되더라도 클러스터를 통해 로드밸런싱
# docker service ls
# docker service ps my_web- manager1에서만 작업했는데 worker1, worker2 가보면 컨테이너 만들어져있는거 확인가능
# docker service logs my_web
# docker service inspect --pretty my_web
# docker service scale my_web=6
# docker service ps my_web- 2개씩 생김
# docker service rm my_web
