devbox
从前慢现在也慢
这个屌丝很懒,什么也没留下!
关注作者
热门标签
热门文章
当前位置:   article > 正文

centos7 Docker可视化管理工具shipyard中文版安装与使用_centos7下docker安装shipyard

作者:从前慢现在也慢 | 2024-02-20 13:33:10

centos7下docker安装shipyard

补充:如果shipyard没有显示本地容器和镜像

1、防火墙打开2375端口

  1. firewall-cmd --zone=public --permanent --add-port=2375/tcp
  2. firewall-cmd --reload

2、重启shipyard的容器

  1. docker restart shipyard-controller shipyard-rethinkdb shipyard-swarm-agent shipyard-swarm-manager shipyard-proxy shipyard-certs  shipyard-discovery shipyard-rethinkdb
  2. #或者直接重启docker
  3. systemctl restart docker

一、安装与卸载

1、创建自动安装脚本

在服务器下运行

vim backup.sh

然后把下面内容添加到backup.sh 中,保存并退出,

  1. #!/bin/bash
  2.  
  3. if [ "$1" != "" ] && [ "$1" = "-h" ]; then
  4.     echo "Shipyard Deploy uses the following environment variables:"
  5.     echo "  ACTION: this is the action to use (deploy, upgrade, node, remove)"
  6.     echo "  DISCOVERY: discovery system used by Swarm (only if using 'node' action)"
  7.     echo "  IMAGE: this overrides the default Shipyard image"
  8.     echo "  PREFIX: prefix for container names"
  9.     echo "  SHIPYARD_ARGS: these are passed to the Shipyard controller container as controller args"
  10.     echo "  TLS_CERT_PATH: path to certs to enable TLS for Shipyard"
  11.     echo "  PORT: specify the listen port for the controller (default: 8080)"
  12.     echo "  IP: specify the address at which the controller or node will be available (default: eth0 ip)"
  13.     echo "  PROXY_PORT: port to run docker proxy (default: 2375)"
  14.     exit 1
  15. fi
  16.  
  17. if [ -z "`which docker`" ]; then
  18.     echo "You must have the Docker CLI installed on your \$PATH"
  19.     echo "  See http://docs.docker.com for details"
  20.     exit 1
  21. fi
  22.  
  23. ACTION=${ACTION:-deploy}
  24. IMAGE=${IMAGE:-dockerclub/shipyard:latest}
  25. PREFIX=${PREFIX:-shipyard}
  26. SHIPYARD_ARGS=${SHIPYARD_ARGS:-""}
  27. TLS_CERT_PATH=${TLS_CERT_PATH:-}
  28. CERT_PATH="/etc/shipyard"
  29. PROXY_PORT=${PROXY_PORT:-2375}
  30. SWARM_PORT=3375
  31. SHIPYARD_PROTOCOL=http
  32. SHIPYARD_PORT=${PORT:-8080}
  33. SHIPYARD_IP=${IP}
  34. DISCOVERY_BACKEND=etcd
  35. DISCOVERY_PORT=4001
  36. DISCOVERY_PEER_PORT=7001
  37. ENABLE_TLS=0
  38. CERT_FINGERPRINT=""
  39. LOCAL_CA_CERT=""
  40. LOCAL_SSL_CERT=""
  41. LOCAL_SSL_KEY=""
  42. LOCAL_SSL_CLIENT_CERT=""
  43. LOCAL_SSL_CLIENT_KEY=""
  44. SSL_CA_CERT=""
  45. SSL_CERT=""
  46. SSL_KEY=""
  47. SSL_CLIENT_CERT=""
  48. SSL_CLIENT_KEY=""
  49.  
  50. show_cert_help() {
  51.     echo "To use TLS in Shipyard, you must have existing certificates."
  52.     echo "The certs must be named ca.pem, server.pem, server-key.pem, cert.pem and key.pem"
  53.     echo "If you need to generate certificates, see https://github.com/ehazlett/certm for examples."
  54. }
  55.  
  56. check_certs() {
  57.     if [ -z "$TLS_CERT_PATH" ]; then
  58.         return
  59.     fi
  60.  
  61.     if [ ! -e $TLS_CERT_PATH ]; then
  62.         echo "Error: unable to find certificates in $TLS_CERT_PATH"
  63.         show_cert_help
  64.         exit 1
  65.     fi
  66.  
  67.     if [ "$PROXY_PORT" = "2375" ]; then
  68.         PROXY_PORT=2376
  69.     fi
  70.     SWARM_PORT=3376
  71.     SHIPYARD_PROTOCOL=https
  72.     LOCAL_SSL_CA_CERT="$TLS_CERT_PATH/ca.pem"
  73.     LOCAL_SSL_CERT="$TLS_CERT_PATH/server.pem"
  74.     LOCAL_SSL_KEY="$TLS_CERT_PATH/server-key.pem"
  75.     LOCAL_SSL_CLIENT_CERT="$TLS_CERT_PATH/cert.pem"
  76.     LOCAL_SSL_CLIENT_KEY="$TLS_CERT_PATH/key.pem"
  77.     SSL_CA_CERT="$CERT_PATH/ca.pem"
  78.     SSL_CERT="$CERT_PATH/server.pem"
  79.     SSL_KEY="$CERT_PATH/server-key.pem"
  80.     SSL_CLIENT_CERT="$CERT_PATH/cert.pem"
  81.     SSL_CLIENT_KEY="$CERT_PATH/key.pem"
  82.     CERT_FINGERPRINT=$(openssl x509 -noout -in $LOCAL_SSL_CERT -fingerprint -sha256 | awk -F= '{print $2;}')
  83.  
  84.     if [ ! -e $LOCAL_SSL_CA_CERT ] || [ ! -e $LOCAL_SSL_CERT ] || [ ! -e $LOCAL_SSL_KEY ] || [ ! -e $LOCAL_SSL_CLIENT_CERT ] || [ ! -e $LOCAL_SSL_CLIENT_KEY ]; then
  85.         echo "Error: unable to find certificates"
  86.         show_cert_help
  87.         exit 1
  88.     fi
  89.  
  90.     ENABLE_TLS=1
  91. }
  92.  
  93. # container functions
  94. start_certs() {
  95.     ID=$(docker run \
  96.         -ti \
  97.         -d \
  98.         --restart=always \
  99.         --name $PREFIX-certs \
  100.         -v $CERT_PATH \
  101.         alpine \
  102.         sh)
  103.     if [ $ENABLE_TLS = 1 ]; then
  104.         docker cp $LOCAL_SSL_CA_CERT $PREFIX-certs:$SSL_CA_CERT
  105.         docker cp $LOCAL_SSL_CERT $PREFIX-certs:$SSL_CERT
  106.         docker cp $LOCAL_SSL_KEY $PREFIX-certs:$SSL_KEY
  107.         docker cp $LOCAL_SSL_CLIENT_CERT $PREFIX-certs:$SSL_CLIENT_CERT
  108.         docker cp $LOCAL_SSL_CLIENT_KEY $PREFIX-certs:$SSL_CLIENT_KEY
  109.     fi
  110. }
  111.  
  112. remove_certs() {
  113.     docker rm -fv $PREFIX-certs > /dev/null 2>&1
  114. }
  115.  
  116. get_ip() {
  117.     if [ -z "$SHIPYARD_IP" ]; then
  118.         SHIPYARD_IP=`docker run --rm --net=host alpine ip route get 8.8.8.8 | awk '{ print $7;  }'`
  119.     fi
  120. }
  121.  
  122. start_discovery() {
  123.     get_ip
  124.  
  125.     ID=$(docker run \
  126.         -ti \
  127.         -d \
  128.         -p 4001:4001 \
  129.         -p 7001:7001 \
  130.         --restart=always \
  131.         --name $PREFIX-discovery \
  132.         microbox/etcd:latest -addr $SHIPYARD_IP:$DISCOVERY_PORT -peer-addr $SHIPYARD_IP:$DISCOVERY_PEER_PORT)
  133. }
  134.  
  135. remove_discovery() {
  136.     docker rm -fv $PREFIX-discovery > /dev/null 2>&1
  137. }
  138.  
  139. start_rethinkdb() {
  140.     ID=$(docker run \
  141.         -ti \
  142.         -d \
  143.         --restart=always \
  144.         --name $PREFIX-rethinkdb \
  145.         rethinkdb)
  146. }
  147.  
  148. remove_rethinkdb() {
  149.     docker rm -fv $PREFIX-rethinkdb > /dev/null 2>&1
  150. }
  151.  
  152. start_proxy() {
  153.     TLS_OPTS=""
  154.     if [ $ENABLE_TLS = 1 ]; then
  155.         TLS_OPTS="-e SSL_CA=$SSL_CA_CERT -e SSL_CERT=$SSL_CERT -e SSL_KEY=$SSL_KEY -e SSL_SKIP_VERIFY=1"
  156.     fi
  157.     # Note: we add SSL_SKIP_VERIFY=1 to skip verification of the client
  158.     # certificate in the proxy image.  this will pass it to swarm that
  159.     # does verify.  this helps with performance and avoids certificate issues
  160.     # when running through the proxy.  ultimately if the cert is invalid
  161.     # swarm will fail to return.
  162.     ID=$(docker run \
  163.         -ti \
  164.         -d \
  165.         -p $PROXY_PORT:$PROXY_PORT \
  166.         --hostname=$HOSTNAME \
  167.         --restart=always \
  168.         --name $PREFIX-proxy \
  169.         -v /var/run/docker.sock:/var/run/docker.sock \
  170.         -e PORT=$PROXY_PORT \
  171.         --volumes-from=$PREFIX-certs $TLS_OPTS\
  172.         shipyard/docker-proxy:latest)
  173. }
  174.  
  175. remove_proxy() {
  176.     docker rm -fv $PREFIX-proxy > /dev/null 2>&1
  177. }
  178.  
  179. start_swarm_manager() {
  180.     get_ip
  181.  
  182.     TLS_OPTS=""
  183.     if [ $ENABLE_TLS = 1 ]; then
  184.         TLS_OPTS="--tlsverify --tlscacert=$SSL_CA_CERT --tlscert=$SSL_CERT --tlskey=$SSL_KEY"
  185.     fi
  186.  
  187.     EXTRA_RUN_OPTS=""
  188.  
  189.     if [ -z "$DISCOVERY" ]; then
  190.         DISCOVERY="$DISCOVERY_BACKEND://discovery:$DISCOVERY_PORT"
  191.         EXTRA_RUN_OPTS="--link $PREFIX-discovery:discovery"
  192.     fi
  193.     ID=$(docker run \
  194.         -ti \
  195.         -d \
  196.         --restart=always \
  197.         --name $PREFIX-swarm-manager \
  198.         --volumes-from=$PREFIX-certs $EXTRA_RUN_OPTS \
  199.         swarm:latest \
  200.         m --replication --addr $SHIPYARD_IP:$SWARM_PORT --host tcp://0.0.0.0:$SWARM_PORT $TLS_OPTS $DISCOVERY)
  201. }
  202.  
  203. remove_swarm_manager() {
  204.     docker rm -fv $PREFIX-swarm-manager > /dev/null 2>&1
  205. }
  206.  
  207. start_swarm_agent() {
  208.     get_ip
  209.  
  210.     if [ -z "$DISCOVERY" ]; then
  211.         DISCOVERY="$DISCOVERY_BACKEND://discovery:$DISCOVERY_PORT"
  212.         EXTRA_RUN_OPTS="--link $PREFIX-discovery:discovery"
  213.     fi
  214.     ID=$(docker run \
  215.         -ti \
  216.         -d \
  217.         --restart=always \
  218.         --name $PREFIX-swarm-agent $EXTRA_RUN_OPTS \
  219.         swarm:latest \
  220.         j --addr $SHIPYARD_IP:$PROXY_PORT $DISCOVERY)
  221. }
  222.  
  223. remove_swarm_agent() {
  224.     docker rm -fv $PREFIX-swarm-agent > /dev/null 2>&1
  225. }
  226.  
  227. start_controller() {
  228.     #-v $CERT_PATH:/etc/docker:ro \
  229.     TLS_OPTS=""
  230.     if [ $ENABLE_TLS = 1 ]; then
  231.         TLS_OPTS="--tls-ca-cert $SSL_CA_CERT --tls-cert=$SSL_CERT --tls-key=$SSL_KEY --shipyard-tls-ca-cert=$SSL_CA_CERT --shipyard-tls-cert=$SSL_CERT --shipyard-tls-key=$SSL_KEY"
  232.     fi
  233.  
  234.     ID=$(docker run \
  235.         -ti \
  236.         -d \
  237.         --restart=always \
  238.         --name $PREFIX-controller \
  239.         --link $PREFIX-rethinkdb:rethinkdb \
  240.         --link $PREFIX-swarm-manager:swarm \
  241.         -p $SHIPYARD_PORT:$SHIPYARD_PORT \
  242.         --volumes-from=$PREFIX-certs \
  243.         $IMAGE \
  244.         --debug \
  245.         server \
  246.         --listen :$SHIPYARD_PORT \
  247.         -d tcp://swarm:$SWARM_PORT $TLS_OPTS $SHIPYARD_ARGS)
  248. }
  249.  
  250. wait_for_available() {
  251.     set +e 
  252.     IP=$1
  253.     PORT=$2
  254.     echo Waiting for Shipyard on $IP:$PORT
  255.  
  256.     docker pull ehazlett/curl > /dev/null 2>&1
  257.  
  258.     TLS_OPTS=""
  259.     if [ $ENABLE_TLS = 1 ]; then
  260.         TLS_OPTS="-k"
  261.     fi
  262.  
  263.     until $(docker run --rm ehazlett/curl --output /dev/null --connect-timeout 1 --silent --head --fail $TLS_OPTS $SHIPYARD_PROTOCOL://$IP:$PORT/ > /dev/null 2>&1); do
  264.         printf '.'
  265.         sleep 1 
  266.     done
  267.     printf '\n'
  268. }
  269.  
  270. remove_controller() {
  271.     docker rm -fv $PREFIX-controller > /dev/null 2>&1
  272. }
  273.  
  274. if [ "$ACTION" = "deploy" ]; then
  275.     set -e
  276.  
  277.     check_certs
  278.  
  279.     get_ip 
  280.  
  281.     echo "Deploying Shipyard"
  282.     echo " -> Starting Database"
  283.     start_rethinkdb
  284.     echo " -> Starting Discovery"
  285.     start_discovery
  286.     echo " -> Starting Cert Volume"
  287.     start_certs
  288.     echo " -> Starting Proxy"
  289.     start_proxy
  290.     echo " -> Starting Swarm Manager"
  291.     start_swarm_manager
  292.     echo " -> Starting Swarm Agent"
  293.     start_swarm_agent
  294.     echo " -> Starting Controller"
  295.     start_controller
  296.  
  297.     wait_for_available $SHIPYARD_IP $SHIPYARD_PORT
  298.  
  299.     echo "Shipyard available at $SHIPYARD_PROTOCOL://$SHIPYARD_IP:$SHIPYARD_PORT"
  300.     if [ $ENABLE_TLS = 1 ] && [ ! -z "$CERT_FINGERPRINT" ]; then
  301.         echo "SSL SHA-256 Fingerprint: $CERT_FINGERPRINT"
  302.     fi
  303.     echo "Username: admin Password: shipyard"
  304.  
  305. elif [ "$ACTION" = "node" ]; then
  306.     set -e
  307.  
  308.     if [ -z "$DISCOVERY" ]; then
  309.         echo "You must set the DISCOVERY environment variable"
  310.         echo "with the discovery system used with Swarm"
  311.         exit 1
  312.     fi
  313.  
  314.     check_certs
  315.  
  316.     echo "Adding Node"
  317.     echo " -> Starting Cert Volume"
  318.     start_certs
  319.     echo " -> Starting Proxy"
  320.     start_proxy
  321.     echo " -> Starting Swarm Manager"
  322.     start_swarm_manager $DISCOVERY
  323.     echo " -> Starting Swarm Agent"
  324.     start_swarm_agent
  325.  
  326.     echo "Node added to Swarm: $SHIPYARD_IP"
  327.     
  328. elif [ "$ACTION" = "upgrade" ]; then
  329.     set -e
  330.  
  331.     check_certs
  332.  
  333.     get_ip
  334.  
  335.     echo "Upgrading Shipyard"
  336.     echo " -> Pulling $IMAGE"
  337.     docker pull $IMAGE
  338.  
  339.     echo " -> Upgrading Controller"
  340.     remove_controller
  341.     start_controller
  342.  
  343.     wait_for_available $SHIPYARD_IP $SHIPYARD_PORT
  344.  
  345.     echo "Shipyard controller updated"
  346.  
  347. elif [ "$ACTION" = "remove" ]; then
  348.     # ignore errors
  349.     set +e
  350.  
  351.     echo "Removing Shipyard"
  352.     echo " -> Removing Database"
  353.     remove_rethinkdb
  354.     echo " -> Removing Discovery"
  355.     remove_discovery
  356.     echo " -> Removing Cert Volume"
  357.     remove_certs
  358.     echo " -> Removing Proxy"
  359.     remove_proxy
  360.     echo " -> Removing Swarm Agent"
  361.     remove_swarm_agent
  362.     echo " -> Removing Swarm Manager"
  363.     remove_swarm_manager
  364.     echo " -> Removing Controller"
  365.     remove_controller
  366.  
  367.     echo "Done"
  368. else
  369.     echo "Unknown action $ACTION"
  370.     exit 1
  371. fi

注意:如果想使用其他端口,可以修改 SHIPYARD_PORT=${PORT:-8080} 中的8080为其他端口

2、安装

首先设置backup.sh权限

chmod 755 backup.sh 

 然后执行安装

./backup.sh 

返回如下内容代表安装成功:

  1. Shipyard available at http://172.31.36.172:8080
  2. Username: admin Password: shipyard

最后就可以使用服务器ip地址直接访问了,初始账号密码Username: admin Password: shipyard;

如果直接使用http://ip:8080访问防火墙需要打开8080端口

  1. firewall-cmd --zone=public --permanent --add-port=8080/tcp
  2. firewall-cmd --reload

 

详细操作过程:

  1. [root@ip-172-31-36-172 soft]# vim deploy.sh
  2. [root@ip-172-31-36-172 soft]# ./deploy.sh
  3. -bash: ./deploy.sh: Permission denied
  4. [root@ip-172-31-36-172 soft]# chmod 755 deploy.sh 
  5. [root@ip-172-31-36-172 soft]# ./deploy.sh
  6. Deploying Shipyard
  7.  -> Starting Database
  8.  -> Starting Discovery
  9.  -> Starting Cert Volume
  10.  -> Starting Proxy
  11.  -> Starting Swarm Manager
  12.  -> Starting Swarm Agent
  13.  -> Starting Controller
  14. Waiting for Shipyard on 172.31.36.172:8080
  15.  
  16. Shipyard available at http://172.31.36.172:8080
  17. Username: admin Password: shipyard
  18. [root@ip-172-31-36-172 gitblit-1.8.0]# firewall-cmd --zone=public --permanent --add-port=8080/tcp
  19. success
  20. [root@ip-172-31-36-172 gitblit-1.8.0]# firewall-cmd --reload
  21. success

3、使用nginx设置域名访问,修改nginx配置文件/etc/nginx/conf.d/default.conf

  1. server {
  2.     listen       80;
  3.     #listen       443 ssl;
  4.     server_name  shipyard.*****.com;
  5. 		
  6.     #ssl_certificate      /etc/nginx/conf.d/mycert.crt;
  7.     #ssl_certificate_key  /etc/nginx/conf.d/mycert.key;
  8.  
  9.     location / {	
  10.         proxy_pass  http://172.31.36.172:8080;
  11.     }
  12. }

 然后重启nginx -s reload就可以使用域名访问了。

4、卸载

执行如下命令,就可以再次步骤一重新安装shipyard

docker rm -f shipyard-controller shipyard-rethinkdb shipyard-swarm-agent shipyard-swarm-manager shipyard-proxy shipyard-certs  shipyard-discovery shipyard-rethinkdb

二、使用

1、增加节点

./deploy.sh | ACTION=node DISCOVERY=etcd://节点IP:4001 bash -s

 

本文内容由网友自发贡献,转载请注明出处:https://www.wpsshop.cn/w/从前慢现在也慢/article/detail/119970
推荐阅读
相关标签

Copyright © 2003-2013 www.wpsshop.cn 版权所有,并保留所有权利。

  

闽ICP备14008679号