The practice of Docker Web Management

2016-01-06 Open Source Technology community Openskill

Background

At present, many companies are using Docker,docker is also a trend, our company is also using Docker, so I also learn to use Docker, according to the basic needs, combined with the API to make a Web program

Experimental environment

This test uses two physical machines to do the simulation Docker cluster, a virtual machine to do Docker mirror server, a virtual machine to do Web Management system software Environment and version: SELinux disabled iptables-f Three Docker machine systems using CentOS 7.1, two simulation cluster docker software Docker+pipework+openswitch+etcd+dhcp,docker mirror server ran a registry container provides image Service Web management machine using ubuntu,python+ Django+uwsgi

Schematic diagram

650) this.width=650; "Src=" http://mmbiz.qpic.cn/mmbiz/ 6vihibrydtspl0s9p1mxmg2ubcy3nkft9eolukeube5vhibikeznq5qibaqdsjrqbldfaeaiajqwwnh3zx8zmjockw/640?wx_fmt=jpeg &wxfrom=5&wx_lazy=1 "style=" Width:auto;height:auto; "alt=" 640?wx_fmt=jpeg&wxfrom=5&wx_lazy=1 "/ >

Program Flowchart

650) this.width=650; "Src=" http://mmbiz.qpic.cn/mmbiz/ 6vihibrydtspl0s9p1mxmg2ubcy3nkft9ibgogh0sgprneadspfjc6oqv7mstevauh31wyqedcibkrakxrlr8zurq/640?wx_fmt=jpeg& Wxfrom=5&wx_lazy=1 "style=" Width:auto;height:auto; "alt=" 640?wx_fmt=jpeg&wxfrom=5&wx_lazy=1 "/>

Principle

By creating a delete container and mirror from the Web interface, the Web server operates three Docker machines through the API, creates the container, obtains the ip,pipework to the container by DHCP, and writes the container information to the ETCD library, because the IP disappears after the container restarts. I re-attach IP to a container that launches no IP through a monitoring script. The container supports SSH, and there are benefits and risks. Network this piece I was using the network segment provided by the switch, the container uses the IP and the physical machine in the same VALN, you can also use a cluster for a valn, here I am using the same valn. Container IP can be obtained from the switch DHCP, do not understand the switch, I directly with a Docker entity machine DHCP service, to provide DHCP services for the segment.

Installation

1.1 Docker cluster Node

Two machine software, I have the same ab difference, the software is basically the same, a more than a DHCP, not using the switch to provide DHCP

1.2 Installing the Openswitch:

If you do not want to partition the VLAN in the Docker cluster later, you can use the system's own BRCTL command to create the bridge network card, the following script to create the bridge network card corresponding change, OVS-VSCTL changed to BRCTLYUM INSTALL GCC  make python-devel openssl-devel kernel-devel graphviz kernel-debug-devel  autoconf automake rpm-build redhat-rpm-config   libtoolwget http:// Openvswitch.org/releases/openvswitch-2.3.1.tar.gztar zxvf openvswitch-2.3.1.tar.gzmkdir -p  ~/rpmbuild/SOURCEScp openvswitch-2.3.1.tar.gz ~/rpmbuild/SOURCES/sed  ' S/openvswitch-kmod,  //g '  openvswitch-2.3.1/rhel/openvswitch.spec > openvswitch-2.3.1/rhel/openvswitch_no_ After the kmod.specrpmbuild -bb --without check openvswitch-2.3.1/rhel/openvswitch_no_kmod.spec# will be There are 2 files in ~/rpmbuild/rpms/x86_64/-rw-rw-r-- 1 ovswitch ovswitch 2013688 jan 15  03:20 openvswitch-2.3.1-1.x86_64.rpm-rw-rw-r-- 1 ovswitch ovswitch 7712168 jan  15 03:20 openvswItch-debuginfo-2.3.1-1.x86_64.rpmyum localinstall ~/rpmbuild/rpms/x86_64/openvswitch-2.3.1-1.x86_64. Rpmsystemctl enable openvswitchsystemctl start openvswitch

1.3 Download Pipework:

git clone https://github.com/jpetazzo/pipework.gitchmod +x PIPEWORKCP pipework/usr/bin/pipework

1.4 NIC Configuration
Script

pwd /rootcheck_modify_container.py create_docker_container_use_dhcp_ip.sh    on the node machine  openvswitch_docker.sh#openvswitch_docker.sh  is the NIC initialization script #create_docker_container_use_dhcp_ip.sh  Is the script that will be called when the container is created #check_modify_container.py   container IP monitoring script crontab -e*/5 * * * *  python /root/check_modify_container.py   #监控脚本每五分钟执行一次em1   for Management network segment IPOVS1 bridging on EM2, Configure the NIC for the Docker intranet segment IP, where you use the bridging cat openvswitch_docker.sh#!/bin/bash# to remove the Docker test #docker rm  ' Docker  stop $ (docker ps -a -q) ' #删除已有的openvswitch交换机ovs-vsctl list-br|xargs -i  {} ovs-vsctl del-br {} #创建交换机ovs-vsctl add-br ovs1# Add the physical NIC to the ovs1ovs-vsctl  Add-port ovs1 em2ip link set ovs1 upifconfig em2 0ifconfig ovs1  192.168.157.21 netmask 255.255.255.0chmod +x openvswitch_docker.shsh  Openvswitch_docker.sh can also write to the config file in my em1 for the management NIC 10.0.0.21A machineDHCP is installed in the cluster, a machine is configured to DHCP, and the network segment changes according to your environment yum install -y dhcpvim /etc/dhcp/dhcpd.conf      log-facility local7;    ddns-update-style none;     subnet 192.168.157.0 netmask 255.255.255.0 {           range 192.168.157.100 192.168.157.200;           option domain-name-servers 202.106.0.20;           option routers 192.168.157.1;           option broadcast-address 192.168.157.255;           default-lease-time 80000;           max-lease-time 80000;        }     systemctl enable dhCpdsystemctl start dhcpd 

1.5 Installing Docker

Yum install-y dockervim/etc/sysconfig/docker options= '--selinux-enabled--insecure-registry 192.168.46.130:5000-b=n One-h tcp://0.0.0.0:2375-h Unix:///var/run/docker.sock ' # Specifies that the mirror server uses the None mode for 192.168.46.130,net, listens on port 2375, this port provides API access to SYSTEMCTL start Docker.servicesystemctl enable Docker.service

1.6 ETCD Installation

Yum Install libffi libffi-devel python-develyum-y install epel-releaseyum-y install Python-pipyum install Etcd-yvim/et C/etcd/etcd.confetcd_name=defaultetcd_data_dir= "/VAR/LIB/ETCD/DEFAULT.ETCD" etcd_listen_client_urls= "http// localhost:2379 "etcd_advertise_client_urls=" http://localhost:2379 "# # #这里etcd我没有做成集群, the data for each docker is stored in the native ETCD library, Do not synchronize with other nodes, and do not need to provide other node access, here set the listening native Systemctl enable Etcdsystemctl start ETCD

2.1 Docker mirror server

Mirror server after installing Docker, pull down a registry image from official website, start creating a mirror server container docker search Registrydocker pull Docker.io/registry Docker Run--restart always-d-P 5000:5000-v/opt/data/registry:/tmp/registry docker.io/registry

To install Docker, repeat 1.5

3.1 Web server
Django Web Program

Web Server System I use Ubuntu, mainly installs the software simple, the source and the software updates relatively fast >>> import django>>> django. Version (1, 7, 1,  ' final ',  0) This is my Django version apt-get install mysql-server  mysql-clientapt-get install python-pippip install django==1.7.1   #你也可以安装最新版本, Unsure whether the program I wrote will work properly   apt-get install python-mysqldb pip install docker-py         #要调用docker  api, so to install the relevant Python package Apt-get install curlapt-get  install mysql-serverapt-get isntall mysql-clientsudo apt-get install  libmysqlclient-dev apt-get install python-paramiko   #web程序中也会用到curl和paramikogit   clone https://github.com/somethingcm/web-for-docker.git  to local Cd web-for-docker/docker_demovim  docker_demo/settings.py# Modifying the database configuration databases = {    ' default ': {          ' ENGINE ':   ' Django.db.backends.mysql ',         ' NAME ':  ' Docker ',  #docker   Library name              ' USER ':  ' root ',     #mysql登陆用户              ' PASSWORD ':   ' Dockerchen ', #密码, if MySQL settings username password can be filled in, no then empty               ' HOST ': ',             ' PORT ': ',         }   &NBSP,} #修改完以后创建表./manage.py syncdb# Execution will let you set the background root user password, two times to enter the password to create the table successfully./manage.py runserver 0.0.0.0:80

Initialize configuration

Enter Ip:port/admin in the browser to set the background IP to the IP of the Web server

Login Background Admin initialization settings

650) this.width=650; "Src=" http://mmbiz.qpic.cn/mmbiz/ 6vihibrydtspl0s9p1mxmg2ubcy3nkft91wdwsxyjrhpvvussfiahcxxzgebrdvybo5kx2ezn7zmbxtcplhbtenq/640?wx_fmt=png& Wxfrom=5&wx_lazy=1 "style=" Width:auto;height:auto; "alt=" 640?wx_fmt=png&wxfrom=5&wx_lazy=1 "/>
650) this.width=650; "Src=" http://mmbiz.qpic.cn/mmbiz/ 6vihibrydtspl0s9p1mxmg2ubcy3nkft9debosbibge5yvvju3lmlozbgu04uqkokbyn2yhforfcolixfwyt5ehw/640?wx_fmt=png& Wxfrom=5&wx_lazy=1 "style=" Width:auto;height:auto; "alt=" 640?wx_fmt=png&wxfrom=5&wx_lazy=1 "/>

Add a warehouse node

650) this.width=650; "Src=" http://mmbiz.qpic.cn/mmbiz/ 6vihibrydtspl0s9p1mxmg2ubcy3nkft9lplsrtzpofxnc0lpax2gxk0yzrocpyxpeombehzmcpx2xyusgtj2fa/640?wx_fmt=png& Wxfrom=5&wx_lazy=1 "style=" Width:auto;height:auto; "alt=" 640?wx_fmt=png&wxfrom=5&wx_lazy=1 "/>

Adding nodes

650 "this.width=650;" src= "http:/ mmbiz.qpic.cn/mmbiz/6vihibrydtspl0s9p1mxmg2ubcy3nkft9gwkqrddstnu3q0hbxusitwyiglzqy3scicjkhjw7nl4pag86pxxd4mq/ 640?wx_fmt=png&wxfrom=5&wx_lazy=1 "style=" Width:auto;height:auto; "alt=" 640?wx_fmt=png&wxfrom=5& Wx_lazy=1 "/>
650) this.width=650; src=" http://mmbiz.qpic.cn/mmbiz/ 6vihibrydtspl0s9p1mxmg2ubcy3nkft9ymtwaiaianox3c9kaxmz4bmkcicwlbnhmuknuw4xxlwsilkmxwuyh1cua/640?wx_fmt=png& Wxfrom=5&wx_lazy=1 "style=" Width:auto;height:auto; "alt=" 640?wx_fmt=png&wxfrom=5&wx_lazy=1 "/>
650) this.width=650; "Src=" http://mmbiz.qpic.cn/mmbiz/ 6vihibrydtspl0s9p1mxmg2ubcy3nkft9bmsk2icmygufxn6veb30ka1mefntzmww3uqn1kbvkyget5gviagt1z2w/640?wx_fmt=png& Wxfrom=5&wx_lazy=1 "style=" Width:auto;height:auto; "alt=" 640?wx_fmt=png&wxfrom=5&wx_lazy=1 "/>

Front desk login

650) this.width=650; "Src=" http://mmbiz.qpic.cn/mmbiz/ 6vihibrydtspl0s9p1mxmg2ubcy3nkft9mqyjwll63akjd6gmxeaw8mwuuuxrydoic3kwcet3ylriavj7hial7toja/640?wx_fmt=png& Wxfrom=5&wx_lazy=1 "style=" Width:auto;height:auto; "alt=" 640?wx_fmt=png&wxfrom=5&wx_lazy=1 "/>
650) this.width=650; "Src=" http://mmbiz.qpic.cn/mmbiz/ 6vihibrydtspl0s9p1mxmg2ubcy3nkft9puiajtkcwabctzevi2iwbjx5iymuicy8sbfdm5nibjqrwv9ks5fibj9tdg/640?wx_fmt=png &wxfrom=5&wx_lazy=1 "style=" Width:auto;height:auto; "alt=" 640?wx_fmt=png&wxfrom=5&wx_lazy=1 "/
650) this.width=650; "Src=" http://mmbiz.qpic.cn/mmbiz/ 6vihibrydtspl0s9p1mxmg2ubcy3nkft9kuscniaywnp3hwohokteezzrgqiaycnk1weghmihalgrqzdfibgunbe9g/640?wx_fmt=png& Wxfrom=5&wx_lazy=1 "style=" Width:auto;height:auto; "alt=" 640?wx_fmt=png&wxfrom=5&wx_lazy=1 "/>

Write Dockerfile Create image

650) this.width=650; "Src=" http://mmbiz.qpic.cn/mmbiz/ 6vihibrydtspl0s9p1mxmg2ubcy3nkft9c2nebuba7v5qwspty6xgufysbzw3zkd5kic9xd8tlwnmfpswau0iclpq/640?wx_fmt=png& Wxfrom=5&wx_lazy=1 "style=" Width:auto;height:auto; "alt=" 640?wx_fmt=png&wxfrom=5&wx_lazy=1 "/>
650) this.width=650; "Src=" http://mmbiz.qpic.cn/mmbiz/ 6vihibrydtspl0s9p1mxmg2ubcy3nkft9cqquizgsnotd6uzftfw0eszzjug27icosmmgziacvxf11dlnzzhwh5tq/640?wx_fmt=png& Wxfrom=5&wx_lazy=1 "style=" Width:auto;height:auto; "alt=" 640?wx_fmt=png&wxfrom=5&wx_lazy=1 "/>

Package existing containers into mirrors

650) this.width=650; "Src=" http://mmbiz.qpic.cn/mmbiz/ 6vihibrydtspl0s9p1mxmg2ubcy3nkft9poxldrs5maoex6tpbjamje43iajex0fria2do9tso1zsic9uejdtoksica/640?wx_fmt=png &wxfrom=5&wx_lazy=1 "style=" Width:auto;height:auto; "alt=" 640?wx_fmt=png&wxfrom=5&wx_lazy=1 "/ >

Create a container

650) this.width=650; "Src=" http://mmbiz.qpic.cn/mmbiz/ 6vihibrydtspl0s9p1mxmg2ubcy3nkft9ek34k5qhk78pxwgasazmyv1ylhtuhzak0t3rlilg0uxknauslbkm9w/640?wx_fmt=png& Wxfrom=5&wx_lazy=1 "style=" Width:auto;height:auto; "alt=" 640?wx_fmt=png&wxfrom=5&wx_lazy=1 "/>

This article is from the "Cruisezhao" blog, make sure to keep this source http://132408.blog.51cto.com/122408/1736647

The practice of Docker Web Management