mobaxterm으로 접속
- 192.168.0.188 (centos)
--- 센토스 도커 설치
# curl -fsSL https://get.docker.com/ | sh
# yum -y install bash-completion wget unzip net-tools mysql telnet rdate
# rdate -s time.bora.net && clock -w
# curl https://raw.githubusercontent.com/docker/docker-ce/master/components/cli/contrib/completion/bash/docker -o /etc/bash_completion.d/docker.sh
# systemctl enable --now docker- centos를 manager1으로 이름변경
- manager1 연결 복제해서 worker1, worker2로 생성
- Volume 생성
[root@localhost ~]# docker volume create my-vol01
my-vol01
[root@localhost ~]# docker volume ls
DRIVER VOLUME NAME
local my-vol01
[root@localhost ~]# docker inspect my-vol01 //bind mount와 유사, 관리를 할 수 있음
[
{
"CreatedAt": "2022-07-13T09:46:24+09:00",
"Driver": "local",
"Labels": {},
"Mountpoint": "/var/lib/docker/volumes/my-vol01/_data", //경로
"Name": "my-vol01",
"Options": {},
"Scope": "local"
}
]
--- 도커 네트워크 관리
[root@localhost ~]# docker network ls
NETWORK ID NAME DRIVER SCOPE
b99e293310cf bridge bridge local //bridge가 공유기 역할
a8bb609c895f host host local
cc338030dd27 none null local
[root@localhost ~]# docker inspect bridge
[
{
"Name": "bridge",
"Id": "b99e293310cfa5fea7df22494cf25f18bc04acfbbdf38df2768d75ff9ae30ae4",
"Created": "2022-07-13T09:36:10.684879046+09:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": null,
"Config": [
{
"Subnet": "172.17.0.0/16",
"Gateway": "172.17.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {},
"Options": {
"com.docker.network.bridge.default_bridge": "true",
"com.docker.network.bridge.enable_icc": "true",
"com.docker.network.bridge.enable_ip_masquerade": "true",
"com.docker.network.bridge.host_binding_ipv4": "0.0.0.0",
"com.docker.network.bridge.name": "docker0", //실제 이름은 docker0 -> 하나의 가상 LAN 카드, 컨테이너와 연결되어 있음
"com.docker.network.driver.mtu": "1500"
},
"Labels": {}
}
]
[root@localhost ~]# docker network create new-net --subnet 10.24.0.0/16 --ip-range 10.24.0.0/20 --gateway 10.24.0.1
1efbf1ba286fd5c39daacc96e7d7716c0d6221c1d0e77ec602bd26e36d61d26d
[root@localhost ~]# docker inspect new-net
[
{
"Name": "new-net",
"Id": "1efbf1ba286fd5c39daacc96e7d7716c0d6221c1d0e77ec602bd26e36d61d26d",
"Created": "2022-07-13T10:08:08.696103314+09:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "10.24.0.0/16",
"IPRange": "10.24.0.0/20",
"Gateway": "10.24.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {},
"Options": {},
"Labels": {}
}
]--- onbuild 명령어 활용
- 운영자
[root@localhost ~]# mkdir onbuild && cd $_
[root@localhost onbuild]# vi Dockerfile.base
FROM ubuntu:18.04
RUN sed -i 's/archive.ubuntu.com/ftp.daumkakao.com/g' /etc/apt/sources.list
RUN apt-get -y update
RUN apt-get -y install nginx
EXPOSE 80
ONBUILD ADD website*.tar /var/www/html/
CMD ["nginx", "-g", "daemon off;"]
[root@localhost onbuild]# docker build -t seozzang3/web-base:v2.0 -f Dockerfile.base . //seozzang3/web-base=>리포지토리 이름, :v2.0=>tag , 다합쳐서 이미지 이름
[root@localhost onbuild]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
seozzang3/web-base v2.0 4c836c760048 57 seconds ago 165MB
ubuntu 18.04 ad080923604a 5 weeks ago 63.1MB
[root@localhost onbuild]# docker login
Authenticating with existing credentials...
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded- push
[root@localhost onbuild]# docker push seozzang3/web-base:v2.0
The push refers to repository [docker.io/seozzang3/web-base]
e9144dc49637: Pushed
54a40f4a0798: Pushed
520d1697dc47: Pushed
95129a5fe07e: Layer already exists
v2.0: digest: sha256:833b266e0202c733ec5273316c91bed1fbab24355250f1eec78fbea70a5f8e13 size: 1160
[root@localhost onbuild]# vi Dockerfile
FROM seozzang3/web-base:v2.0 //메뉴얼 마냥,,, - 개발자
[root@localhost onbuild]# pwd
/root/onbuild
[root@localhost onbuild]# ls
Dockerfile Dockerfile.base- onbuild폴더에 website.tar 파일 업로드
[root@localhost onbuild]# ls
Dockerfile Dockerfile.base website.tar
[root@localhost onbuild]# docker build -t seozzang3/web-site:v2.0 .
Sending build context to Docker daemon 6.852MB
Step 1/1 : FROM seozzang3/web-base:v2.0
# Executing 1 build trigger
---> c813917c01ba
Successfully built c813917c01ba
Successfully tagged seozzang3/web-site:v2.0
[root@localhost onbuild]# docker run -d -p 80:80 --name=web-site seozzang3/web-site:v2.0
3ea95859c346c2d5f948d46c3cd3b9395421cb8b91d9d6b35103b0d361bae65a
[root@localhost onbuild]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
3ea95859c346 seozzang3/web-site:v2.0 "nginx -g 'daemon of…" 3 seconds ago Up 2 seconds 0.0.0.0:80->80/tcp, :::80->80/tcp web-site-
docker ip인 192.168.0.188로 접속
-
push
[root@localhost onbuild]# docker push seozzang3/web-site:v2.0
The push refers to repository [docker.io/seozzang3/web-site]
da40fa1d5c53: Pushed
e9144dc49637: Mounted from seozzang3/web-base
54a40f4a0798: Mounted from seozzang3/web-base
520d1697dc47: Mounted from seozzang3/web-base
95129a5fe07e: Layer already exists
v2.0: digest: sha256:f1f4c66384788c1733c846c62bd21c0d958faf1e93a7d08a5d3a4b22c728417e size: 1371- docker hub 에서 확인 가능
AWS console
인스턴스 생성
- 이름 : docker
- 사용자 데이터 추가
#!/bin/bash
sudo amazon-linux-extras install docker -y
sudo systemctl start docker && systemctl enable docker
curl https://raw.githubusercontent.com/docker/docker-ce/master/components/cli/contrib/completion/bash/docker -o /etc/bash_completion.d/docker.sh
sudo usermod -a -G docker ec2-user
docker run -d -p 80:80 --name=test-site seozzang3/web-site:v2.0 - 보안그룹 인바운드 규칙에 포트번호 5000 허용해주어야 함
-
route53에 레코드 추가 (ec2 인스턴스 퍼블릭 ip)
-
만든 도메인으로 접속 (docker.hyejin36.shop)
-
tag
[root@localhost onbuild]# vi /etc/docker/daemon.json
{ "insecure-registries":["docker.hyejin36.shop:5000"] }
[root@localhost onbuild]# systemctl restart docker
[root@localhost onbuild]# docker tag seozzang3/web-site:v2.0 docker.hyejin36.shop:5000/web-site:v2.0
[root@localhost onbuild]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
docker.hyejin36.shop:5000/web-site v2.0 c813917c01ba 38 minutes ago 172MB
seozzang3/web-site v2.0 c813917c01ba 38 minutes ago 172MB
seozzang3/web-base v2.0 4c836c760048 48 minutes ago 165MB
ubuntu 18.04 ad080923604a 5 weeks ago 63.1MB
[root@localhost onbuild]# docker push docker.hyejin36.shop:5000/web-site:v2.0
The push refers to repository [docker.hyejin36.shop:5000/web-site]
da40fa1d5c53: Pushed
e9144dc49637: Pushed
54a40f4a0798: Pushed
520d1697dc47: Pushed
95129a5fe07e: Pushed
v2.0: digest: sha256:f1f4c66384788c1733c846c62bd21c0d958faf1e93a7d08a5d3a4b22c728417e size: 1371--- 도커 컴포즈
- 스크립트로 만들어서 yaml파일을 run
- yaml -> 들여쓰기
- compose : 프로덕션, 스테이징, 개발, 테스트, CI 워크플로
[root@localhost onbuild]# cd ~
[root@localhost ~]# curl -L "https://github.com/docker/compose/releases/download/1.26.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0
100 11.6M 100 11.6M 0 0 1673k 0 0:00:07 0:00:07 --:--:-- 2187k
[root@localhost ~]# chmod +x /usr/local/bin/docker-compose
[root@localhost ~]# mkdir my_wordpress && cd $_
[root@localhost ~]# vi docker-compose.yml
version: "3.3"
services:
dbserver:
image: mysql:5.7
volumes:
- db_data:/var/lib/mysql
restart: always
environment: // -e, 컨테이너에 저장되는 변수값
MYSQL_ROOT_PASSWORD: password
MYSQL_DATABASE: wordpress
MYSQL_USER: wpuser
MYSQL_PASSWORD: wppass
wordpress:
depends_on: // 우선순위: wordpress가 dbserver보다 후순위로 생성되게끔 설정, dbserver가 먼저 생성되고 wordpress랑 연결
- dbserver
image: wordpress:latest // docker image 만들어놓은것 가져오기
volumes:
- wordpress_data:/var/www/html
ports:
- "80:80" # 충돌날 수 있으니 8888로 변경
restart: always # 껐다 켜지더라도 자동으로 활성화되도록 설정
environment: # wp-config.php파일에 들어갈 정보들
WORDPRESS_DB_HOST: dbserver:3306
WORDPRESS_DB_USER: wpuser
WORDPRESS_DB_PASSWORD: wppass
WORDPRESS_DB_NAME: wordpress
volumes: # 실제로 사용하겠다고 선언하는 부분
db_data: {}
wordpress_data: {}
[root@localhost my_wordpress]# docker-compose up -d
[root@localhost my_wordpress]# docker-compose ps
Name Command State Ports
------------------------------------------------------------------------------------
my_wordpress_dbserver_1 docker-entrypoint.sh Up 3306/tcp, 33060/tcp
mysqld
my_wordpress_wordpress_1 docker-entrypoint.sh Up 0.0.0.0:8888->80/tcp,::
apach ... :8888->80/tcp
[root@localhost my_wordpress]# docker inspect my_wordpress_db_data
[
{
"CreatedAt": "2022-07-13T12:11:38+09:00",
"Driver": "local",
"Labels": {
"com.docker.compose.project": "my_wordpress",
"com.docker.compose.version": "1.26.2",
"com.docker.compose.volume": "db_data"
},
"Mountpoint": "/var/lib/docker/volumes/my_wordpress_db_data/_data",
"Name": "my_wordpress_db_data",
"Options": null,
"Scope": "local"
}
]
[root@localhost my_wordpress]# cd /var/lib/docker/volumes/my_wordpress_db_data/_data
[root@localhost my_wordpress_db_data]# cd ~/my_wordpress/
[root@localhost my_wordpress]# ls
docker-compose.yml
[root@localhost my_wordpress]# cd /var/lib/docker/volumes/my_wordpress_wordpress_data/_data
[root@localhost _data]# ls
index.php wp-comments-post.php wp-includes wp-signup.php
license.txt wp-config-docker.php wp-links-opml.php wp-trackback.php
readme.html wp-config.php wp-load.php xmlrpc.php
wp-activate.php wp-config-sample.php wp-login.php
wp-admin wp-content wp-mail.php
wp-blog-header.php wp-cron.php wp-settings.php- 잠시 멈추기
[root@localhost _data]# cd ~/my_wordpress/
[root@localhost my_wordpress]# docker-compose pause
Pausing my_wordpress_dbserver_1 ... done
Pausing my_wordpress_wordpress_1 ... done- 다시 실행
[root@localhost my_wordpress]# docker-compose unpause
Unpausing my_wordpress_wordpress_1 ... done
Unpausing my_wordpress_dbserver_1 ... done[root@localhost my_wordpress]# docker-compose port wordpress 80
0.0.0.0:8888
[root@localhost my_wordpress]# docker-compose config
services:
dbserver:
environment:
MYSQL_DATABASE: wordpress
MYSQL_PASSWORD: wppass
MYSQL_ROOT_PASSWORD: password
MYSQL_USER: wpuser
image: mysql:5.7
restart: always
volumes:
- db_data:/var/lib/mysql:rw
wordpress:
depends_on:
- dbserver
environment:
WORDPRESS_DB_HOST: dbserver:3306
WORDPRESS_DB_NAME: wordpress
WORDPRESS_DB_PASSWORD: wppass
WORDPRESS_DB_USER: wpuser
image: wordpress:latest
ports:
- published: 8888
target: 80
restart: always
volumes:
- wordpress_data:/var/www/html:rw
version: '3.3'
volumes:
db_data: {}
wordpress_data: {}- 삭제하려면 먼저 멈추고 삭제해야함
[root@localhost my_wordpress]# docker-compose stop wordpress
Stopping my_wordpress_wordpress_1 ... done
[root@localhost my_wordpress]# docker-compose ps
Name Command State Ports
------------------------------------------------------------------------------------
my_wordpress_dbserver_1 docker-entrypoint.sh Up 3306/tcp, 33060/tcp
mysqld
my_wordpress_wordpress_1 docker-entrypoint.sh apach Exit 0
...
[root@localhost my_wordpress]# docker-compose rm wordpress
Going to remove my_wordpress_wordpress_1
Are you sure? [yN] y
Removing my_wordpress_wordpress_1 ... done- down(stop+rm)
[root@localhost my_wordpress]# docker-compose down
Stopping my_wordpress_dbserver_1 ... done
Removing my_wordpress_dbserver_1 ... done
Removing network my_wordpress_default
[root@localhost my_wordpress]# docker-compose ps
Name Command State Ports
------------------------------- volume이 살아있기 때문에 down 하고 다시 up하면 그대로 살아남
[root@localhost my_wordpress]# docker-compose down
Stopping my_wordpress_wordpress_1 ... done
Stopping my_wordpress_dbserver_1 ... done
Removing my_wordpress_wordpress_1 ... done
Removing my_wordpress_dbserver_1 ... done
Removing network my_wordpress_default
[root@localhost my_wordpress]# docker-compose ps
Name Command State Ports
------------------------------
[root@localhost my_wordpress]# docker-compose up -d
Creating network "my_wordpress_default" with the default driver
Creating my_wordpress_dbserver_1 ... done
Creating my_wordpress_wordpress_1 ... done
[root@localhost my_wordpress]# docker-compose down -v //-v를 넣으면 container, volume 다 삭제
Stopping my_wordpress_wordpress_1 ... done
Stopping my_wordpress_dbserver_1 ... done
Removing my_wordpress_wordpress_1 ... done
Removing my_wordpress_dbserver_1 ... done
Removing network my_wordpress_default
Removing volume my_wordpress_db_data
Removing volume my_wordpress_wordpress_data- rmi (remove image)
[root@localhost my_wordpress]# docker-compose down --rmi all
Removing network my_wordpress_default
WARNING: Network my_wordpress_default not found.
Removing image mysql:5.7
Removing image wordpress:latestyml파일 있는 곳에서 docker-compose 실행해야 함
--- 도커 컨테이너 모니터링
[root@localhost my_wordpress]# docker stats web-site
CONTAINER ID NAME CPU % MEM USAGE / LIMIT MEM % NET I/O BLOCK I/O PIDS
3ea95859c346 web-site 0.00% 2.371MiB / 3.7GiB 0.06% 656B / 0B 0B / 0B 3
CONTAINER ID NAME CPU % MEM USAGE / LIMIT MEM % NET I/O BLOCK I/O PIDS
3ea95859c346 web-site 0.00% 2.371MiB / 3.7GiB 0.06% 656B / 0B 0B / 0B 3
[root@localhost my_wordpress]# VERSION=v0.44.0
[root@localhost my_wordpress]# docker run \
> --volume=/:/rootfs:ro \
> --volume=/var/run:/var/run:ro \
> --volume=/sys:/sys:ro \
> --volume=/var/lib/docker/:/var/lib/docker:ro \
> --volume=/dev/disk/:/dev/disk:ro \
> --publish=8080:8080 \
> --detach=true \
> --name=cadvisor \
> --privileged \
> --device=/dev/kmsg \
> gcr.io/cadvisor/cadvisor:$VERSION
Unable to find image 'gcr.io/cadvisor/cadvisor:v0.44.0' locally
v0.44.0: Pulling from cadvisor/cadvisor
8572bc8fb8a3: Pull complete
767fa50f0abb: Pull complete
ea01cc345381: Pull complete
292822dcb406: Pull complete
fe825e66ed0f: Pull complete
Digest: sha256:ef1e224267584fc9cb8d189867f178598443c122d9068686f9c3898c735b711f
Status: Downloaded newer image for gcr.io/cadvisor/cadvisor:v0.44.0
839c0bfeb59bdd2ba7639c3fdb00dd21f8a842432a5f40903f483bc88f1274cf
- 192.168.0.188로 접속
--- 도커 스웜(Cluster)
- manager1 / worker1 / worker2 에 동시에 추가
# hostnamectl set-hostname master1
# cat <<EOF >> /etc/hosts
192.168.0.188 manager1
192.168.1.129 worker1
192.168.1.149 worker2
EOF- manager1
[root@master1 ~]# docker swarm init --advertise-addr 192.168.0.188
Swarm initialized: current node (gjfe1r20f7c95wi7aoax5d21p) is now a manager.
To add a worker to this swarm, run the following command:
docker swarm join --token SWMTKN-1-59mjzyl0ao7k8h8ge905rjusulbcwxwk01em24zlplpuf5p4cw-ahom04ogjauemo2x5cnz3k1sb 192.168.0.188:2377
To add a manager to this swarm, run 'docker swarm join-token manager' and follow the instructions.- worker1 / worker2
[root@worker1 ~]# docker swarm join --token SWMTKN-1-59mjzyl0ao7k8h8ge905rjusulbcwxwk01em24zlplpuf5p4cw-ahom04ogjauemo2x5cnz3k1sb 192.168.0.188:2377
This node joined a swarm as a worker.
[root@worker2 ~]# docker swarm join --token SWMTKN-1-59mjzyl0ao7k8h8ge905rjusulbcwxwk01em24zlplpuf5p4cw-ahom04ogjauemo2x5cnz3k1sb 192.168.0.188:2377
This node joined a swarm as a worker.- manager1
[root@master1 ~]# docker service create --name my_web --replicas 3 --publish published=8080,target=80 nginx
clwr4uwdhqrgrx0iw8y0lf50p
overall progress: 3 out of 3 tasks
1/3: running
2/3: running
3/3: running
verify: Service converged
-
최소단위를 컨테이너가 아닌 task로,,,
-
192.168.0.188:8080으로 접속
-
각각의 노드로 접속 가능
--- 롤링 업데이트
- 한번에 멈추지 않고 조금씩 업데이트
--- 클러스터에서 특정 노드 드레인하기
# docker node ls
# docker service ps my_web
# docker node update --availability drain worker1
# docker node inspect --pretty worker1
# docker service ps my_web
# docker node update --availability active worker1
# docker service scale my_web=2
# docker service scale my_web=3
# docker node inspect --pretty worker1
# docker node update --availability pause worker2
# docker service scale my_web=5
# docker node inspect --pretty worker2
# docker node lsKubernetes
- 선언적 구성(desired state) : yml 파일 구성
- kubelet : node마다 존재, pod를 생성
- 컨트롤 플레인 컴포넌트 : ex) 스케줄링-pod 배치
- 디플로이먼트★★ : replicas=5(desired state) 요구 조건이 충족되지 않을 경우 새로운 pod 구동시키는 것 => 자아치유
- etcd : KVS 중요
- kube-scheduler : 노드 배정안된 pod 감지, 리소스(CPU, RAM)
