分类目录归档:docker

使用docker-enter来进入docker容器

docker容器没起sshd服务的时候,还想进入docker怎么办,我们可以使用nsenter进入docker容器的命名空间namespace来虚拟登入docker容器。
nsenter一般默认自带了,没有的话,安装下。然后把如下这个脚本命名成docker-enter或者别的名字,赋执行权限,放入$PATH下即可,使用方式:docker-enter <container-id>

#!/bin/sh

if [ -e $(dirname "$0")/nsenter ]; then
    # with boot2docker, nsenter is not in the PATH but it is in the same folder
    NSENTER=$(dirname "$0")/nsenter
else
    NSENTER=nsenter
fi

if [ -z "$1" ]; then
    echo "Usage: `basename "$0"` CONTAINER [COMMAND [ARG]...]"
    echo ""
    echo "Enters the Docker CONTAINER and executes the specified COMMAND."
    echo "If COMMAND is not specified, runs an interactive shell in CONTAINER."
else
    PID=$(docker inspect --format "{{.State.Pid}}" "$1")
    if [ -z "$PID" ]; then
      exit 1
    fi
    shift
    OPTS="--target $PID --mount --uts --ipc --net --pid --"
    if [ -z "$1" ]; then
      # No command given.
      # Use su to clear all host environment variables except for TERM,
      # initialize the environment variables HOME, SHELL, USER, LOGNAME, PATH,
      # and start a login shell.
      "$NSENTER" $OPTS su - root
    else
      # Use env to clear all host environment variables.
      "$NSENTER" $OPTS env --ignore-environment -- "$@"
    fi
fi

run docker with python remotely

首先得打开docker host上的远程控制端口,修改/etc/init.d/docker 改成这样启动
nohup $exec -H tcp://0.0.0.0:2375 -H unix:///var/run/docker.sock -d ${OPTIONS} ${DOCKER_STORAGE_OPTIONS} &>> $logfile &
然后就可以在自己的工作电脑上通过docker.py这个模块来远程操作docker
例子如下:

#!python
# run docker on docker hosts with python from windows desktop
# wangfei

import docker

docker_host = 'tcp://54.xx.xx.xx:2375'
docker_image = "wangfeib12/tomcat_prod_v1"
client_version = '1.15'
docker_command = "/opt/tomcat/bin/startup.sh"
docker_volumes = ['/data']
docker_name = "tomcat1"
docker_ports = [8080,22]
port_bindings = {8080:8080,22:2222}

# make connection
docker_client = docker.Client(
        base_url = docker_host, 
        version = client_version, 
        timeout = 10)

# create docker container        
docker_client.create_container(
        image = docker_image,
        stdin_open = True, tty = True,
        command = docker_command,
        volumes = docker_volumes,
        ports = docker_ports,
        name = docker_name)

# start docker container
docker_client.start(
        container = docker_name, 
        binds={docker_volumes[0]:{'bind': docker_volumes[0],'ro': False}},
        port_bindings = port_bindings, lxc_conf=None,
        publish_all_ports=True, links=None, privileged=False,
        dns=None, dns_search=None, volumes_from=None, network_mode=None,
        restart_policy=None, cap_add=None, cap_drop=None)

用shipyard来管理docker

docker多了之后就得需要个管理工具来整合和管理,shipyard是个不错的选择
docker的管理工具用docker运行起来就行,简单步骤如下:
起一个RethinkDB的data volume实例:

docker run -it -d --name shipyard-rethinkdb-data \
    --entrypoint /bin/bash shipyard/rethinkdb -l

用刚才创建的data volume再起一个rethinkdb实例

docker run -it -P -d --name shipyard-rethinkdb \
    --volumes-from shipyard-rethinkdb-data shipyard/rethinkdb

起一个shipyard的controller

docker run -it -p 8080:8080 -d --name shipyard \
    --link shipyard-rethinkdb:rethinkdb shipyard/shipyard

然后浏览器IP:8080就能访问到shipyard管理页面了,前面再加层nginx,配个域名更好
默认用户名是admin shipyard

添加一个docker的host,这里叫Engines
写好名字,标签,填写好host的CPU数和内存数,然后在Address里写的时候发现问题了
docker启动的时候得指定远程管理端口。
如果是源码安装的docker,需要修改下启动配置/etc/init/docker.conf,设置管理端口:

description     "Run docker"
 
start on filesystem or runlevel [2345]
stop on runlevel [!2345]
 
respawn
 
script
    /usr/bin/docker -d -H tcp://0.0.0.0:2375 -H unix:///var/run/docker.sock
end script

或者直接指定启动参数,例如

/usr/bin/docker -d -H tcp://0.0.0.0:2375-H unix:///var/run/docker.sock >> /dev/null 2>&1 &

然后在添加Engines里的Address里写http://ip:2375
然后如果使用SSL on tcp的话,还需要写上证书,这样docker host就添加好了,可以在一处管理多个host上的docker