24.01.17 최초 작성
1. 개요
Private Registry ServiceCeph Storage Service
1.1 가상 머신 소개
-
Storage Server: 192.168.56.101CEPH Storage Server구축- 저장장치 담당
-
Private Registry Service: 192.168.56.102Nexus3orHarbor RegistryCeph의 오브젝트 Storage의 활용
-
General Docker Node: 192.168.56.103
2. vagrant 준비
- 3대의 가상머신을 준비하기 위한
Vagrantfile
VAGRANTFILE_API_VERSION = "2"
Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
config.vm.box = "ubuntu/focal64"
config.vm.provider "virtualbox" do |vb|
vb.memory = 2048
end
if Vagrant.has_plugin?("vagrant-vbguest")
config.vbguest.auto_update = false
end
config.vm.synced_folder ".", "/vagrant", type: "rsync", rsync__exclude: [".git/"]
config.vm.provision "shell", inline: <<-SHELL
export DEBIAN_FRONTEND=noninteractive
sudo apt -y update
sudo apt install -y ca-certificates curl gnupg libnss-mdns
sudo install -m 0755 -d /etc/apt/keyrings
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | \
sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg
sudo chmod a+r /etc/apt/keyrings/docker.gpg
echo "deb [arch="$(dpkg --print-architecture)" signed-by=/etc/apt/keyrings/docker.gpg] \
https://download.docker.com/linux/ubuntu \
$(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \
sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt -y update
sudo apt install -y docker-ce docker-ce-cli containerd.io docker-compose-plugin
sudo usermod -aG docker vagrant
SHELL
config.vm.define "ceph", primary: true do |ceph|
ceph.vm.hostname = "ceph.local"
ceph.vm.network "private_network", ip: "192.168.56.101"
end
config.vm.define "registry", primary: false do |registry|
registry.vm.hostname = "registry.local"
registry.vm.network "private_network", ip: "192.168.56.102"
end
config.vm.define "node", primary: false do |node|
node.vm.hostname = "node.local"
node.vm.network "private_network", ip: "192.168.56.103"
end
end3. CEPH Storage Server 설정
3.1 가상머신 설정
-
virtualbox에서가상머신 > Stop > ACPI종료를 통해 머신 종료 -
설정 > 저장소에서컨트롤러: SCSI에 디스크 추가하기 클릭
-
만들기클릭해 HDD 추가 >VD > 적절한 설정을 통해 디스크 생성, 선택하고select로 나가기
-
해당 가상머신
헤드리스 시작
3.2 Server 설정
-
1개의 마스터와 다수의 노드로 구성 가능, 이번에는 단독 노드로 구성
-
vagrant ssh ceph로 접속 -
ceph/daemon이미지를 통해 구성, key-value 저장소(암호화한 파일 시스템) 설정 (ETCD 사용 시 생략)
docker pull ceph/daemon
# key-value 저장
docker run -d --net=host \
-e KV_TYPE=etcd \
-e KV_IP=127.0.0.1 \
-e KV_PORT=2379 \
ceph/daemon populate_kvstore
docker run -d --net=host -e KV_TYPE=etcd -e KV_IP=127.0.0.1 -e KV_PORT=2379 ceph/daemon populate_kvstore
# CEPH 모니터 구성 (kvstore 없음)
docker run -d --net=host \
-v /etc/ceph:/etc/ceph \
-v /var/lib/ceph/:/var/lib/ceph \
-e MON_IP=192.168.56.101 \ #도커를 실행하는 host IP
-e CEPH_PUBLIC_NETWORK=192.168.56.0./24 \ #host의 CIDR
ceph/daemon mon
docker run -d --net=host -v /etc/ceph:/etc/ceph -v /var/lib/ceph/:/var/lib/ceph -e MON_IP=192.168.56.101 -e CEPH_PUBLIC_NETWORK=192.168.56.0/24 ceph/daemon mon mon (OSD노드 모니터링 노드)실행
docker run -d --net=host --name=ceph-mon \
-v /etc/ceph:/etc/ceph \
-v /var/lib/ceph/:/var/lib/ceph/ \
-e MON_IP=192.168.34.101 \
-e CEPH_PUBLIC_NETWORK=192.168.34.0/24 \
ceph/daemon:latest-mimic mon
docker run -d --net=host --name=ceph-mon -v /etc/ceph:/etc/ceph -v /var/lib/ceph/:/var/lib/ceph/ -e MON_IP=192.168.34.101 -e CEPH_PUBLIC_NETWORK=192.168.34.0/24 ceph/daemon:latest-mimic mon- 관리 데몬 배포
docker run -d --net=host \
-v /etc/ceph:/etc/ceph \
-v /var/lib/ceph/:/var/lib/ceph/ \
ceph/daemon mgr
docker run -d --net=host -v /etc/ceph:/etc/ceph -v /var/lib/ceph/:/var/lib/ceph/ ceph/daemon mgrMGR (매니저 노드)실행
docker run -d --net=host --name ceph-mgr \
-v /etc/ceph:/etc/ceph \
-v /var/lib/ceph/:/var/lib/ceph/ \
ceph/daemon:latest-mimic mgr
docker run -d --net=host --name ceph-mgr -v /etc/ceph:/etc/ceph -v /var/lib/ceph/:/var/lib/ceph/ ceph/daemon:latest-mimic mgr3단계에서 추가한 디스크 확인OSD배포 및 실행
docker run -d --net=host --name ceph-osd \
--privileged=true \
-v /etc/ceph:/etc/ceph \
-v /var/lib/ceph/:/var/lib/ceph \
-v /dev/:/dev/ \
-e OSD_DEVICE=/dev/sdc \
-e OSD_TYPE=disk \
ceph/daemon:latest-mimic osd
docker run -d --net=host --name ceph-osd --privileged=true -v /etc/ceph:/etc/ceph -v /var/lib/ceph/:/var/lib/ceph -v /dev/:/dev/ -e OSD_DEVICE=/dev/sdc -e OSD_TYPE=disk ceph/daemon:latest-mimic osd- 메타데이터 서버 배포
docker run -d --net=host \
-v /var/lib/ceph/:/var/lib/ceph/ \
-v /etc/ceph:/etc/ceph \
-e CEPHFS_CREATE=1 \ #파일 시스템 생성하면서 실행
ceph/daemon mds
docker run -d --net=host
-v /var/lib/ceph/:/var/lib/ceph/ -v /etc/ceph:/etc/ceph -e CEPHFS_CREATE=1 ceph/daemon mds- mds 실행
docker run -d --net=host --name ceph-mds \
-v /var/lib/ceph/:/var/lib/ceph/ \
-v /etc/ceph:/etc/ceph \
-e CEPHFS_CREATE=1 \
ceph/daemon:latest-mimic mds
docker run -d --net=host --name ceph-mds -v /var/lib/ceph/:/var/lib/ceph/ -v /etc/ceph:/etc/ceph -e CEPHFS_CREATE=1 ceph/daemon:latest-mimic mds- ceph 대시보드 활성화 & url 확인
docker exec -it ceph-mgr ceph mgr module enable dashboard
docker exec -it ceph-mgr ceph dashboard create-self-signed-cert
docker exec –it ceph-mgr ceph mgr services-
포트포워딩
-
ceph 계정 생성
docker exec -it ceph-mgr ceph dashboard \
set-login-credentials <USER> <PWD>
docker exec -it ceph-mgr ceph dashboard \
set-login-credentials admin secret3.3 docker-compose.yml 파일 작성
version: "3"
services:
mon:
image: ceph/daemon:latest-mimic
container_name: ceph-mon
network_mode: host
volumes:
- /etc/ceph:/etc/ceph
- /var/lib/ceph/:/var/lib/ceph/
environment:
- MON_IP=192.168.56.101
- CEPH_PUBLIC_NETWORK=192.168.56.0/24
command:
- mon
mgr:
image: ceph/daemon:latest-mimic
container_name: ceph-mgr
network_mode: host
volumes:
- /etc/ceph:/etc/ceph
- /var/lib/ceph/:/var/lib/ceph/
command:
- mgr
depends_on:
- mon
osd:
image: ceph/daemon:latest-mimic
container_name: ceph-osd
network_mode: host
privileged: true
volumes:
- /etc/ceph:/etc/ceph
- /var/lib/ceph/:/var/lib/ceph/
- /dev/:/dev/
environment:
- OSD_DEVICE=/dev/sdc
- OSD_TYPE=disk
command:
- osd
depends_on:
- mon
mds:
image: ceph/daemon:latest-mimic
container_name: ceph-mds
network_mode: host
volumes:
- /var/lib/ceph/:/var/lib/ceph/
- /etc/ceph:/etc/ceph
environment:
- CEPHFS_CREATE=1
command:
- mds
depends_on:
- osd
4. Private Registry
4.1 Nexus 설정
-
vagrant ssh registry로 가상머신 접속 -
볼륨 생성, Nexus3 실행
docker volume create nexus-data
docker run -d -p 8081:8081 --name nexus \
-v nexus-data:/nexus-data sonatype/nexus3
docker run -d -p 8081:8081 --name nexus -v nexus-data:/nexus-data sonatype/nexus3
# 메모리 부족 시 실행 명령
docker run -d -p 8081:8081 -p 5000-5001:5000 --name nexus \
-e INSTALL4J_ADD_VM_PARAMS \
"-Xms1024m -Xmx1024m -XX:MaxDirectMemorySize=512m" \
-v nexus-data:/nexus-data sonatype/nexus3
docker run -d -p 8081:8081 -p 5000-5001:5000 --name nexus -e INSTALL4J_ADD_VM_PARAMS="-Xms1024m -Xmx1024m -XX:MaxDirectMemorySize=512m" -v nexus-data:/nexus-data sonatype/nexus3-
포트포워딩 설정
-
계정 비밀번호 확인
docker exec -it nexus cat /nexus-data/admin.passwordBlob Store에서 다음과 같이 레지스트리 등록
create repository를 통해 레지스트리 생성
docker(proxy)
name: docker-hub
Remote storage: https://registry-1.docker.io
Docker index: Use Docker Hub
Blob store: docker
docker(host)
name: docker-hosted
HTTP: 5001
Blob store: docker
docker(group)
name: docker
HTTP: 5000
Allow anonymous docker pull: check
Blob store: docker
Member repositories: docker-hub, docker-hosted
4.2 docker-compose.yml
version: "3"
services:
nexus:
image: sonatype/nexus3
container_name: nexus
environment:
- INSTALL4J_ADD_VM_PARAMS=-Xms1024m -Xmx1024m -XX:MaxDirectMemorySize=512m \
-Djava.util.prefs.userRoot=${NEXUS_DATA}/javaprefs
ports:
- 8081:8081
- 5000-5001:5000
volumes:
- nexus-data:/nexus-data
volumes:
nexus-data:
external: true
5. image push
-
vagrant ssh node로 가상머신 접속 -
/etc/docker/daemon.json에 다음과 같이 입력
{
"registry-mirrors": ["http://192.168.34.102:5000"],
"insecure-registries": ["http://192.168.34.102:5000", "http://192.168.34.102:5001"]
}Dockerfile작성 및 빌드 (docker build -t django:example .)
FROM python:3.8-bullseye
RUN mkdir -p /data
WORKDIR /data/
RUN pip install Django==3.2.5
RUN python -m django startproject mysite
WORKDIR /data/mysite/
RUN python manage.py startapp polls
RUN python manage.py migrate --noinput
CMD python manage.py runserver 0.0.0.0:8000
EXPOSE 8000- 레지스트리에 push
docker tag 192.168.56.102:5001/myimg/django:example
docker push 192.168.56.102:5001/myimg/django:example
