浅尝docker swarm

docker ,

概览:

基础配置

docker启用swarm

1
docker starm init

创建swarm共享网络

1
2
3
4
5
docker network create \
  --driver overlay \
  --subnet=192.168.6.0/24 \
  --attachable \
  aida_ingress

配置准备

  • nginx
  • gitea
  • registry
1
2
3
4
5
6
## nginx
docker pull nginx:1.21.6-alpine
## gitea
docker pull gitea/gitea:1.16.9
## registry
docker pull registry:2.8.1

docker image ls

1
2
3
4
5
root@labs:~# docker image ls
REPOSITORY    TAG             IMAGE ID       CREATED        SIZE
registry      2.8.1           4206ae70dd03   6 days ago     22.6MB
gitea/gitea   1.16.9          190484b8225a   4 weeks ago    241MB
nginx         1.21.6-alpine   4995f23c9063   3 months ago   22MB

registry账号配置

1
2
apt install apache2-utils
htpasswd -Bbn <user> <passwd> > registry.htpasswd

docker compose

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
version: "3.9"

services:
  nginx:
    image: nginx:1.21.6-alpine
    networks:
      - ingress
    ports:
      - "80:80"
      - "443:443"
    configs:
      - source: nginx
        target: /etc/nginx/nginx.conf
    secrets:
      - source: cakey
        target: /etc/nginx/certs/cert.key
        mode: 0440
      - source: capem
        target: /etc/nginx/certs/cert.pem
        mode: 0440
      - source: registry
        target: /etc/nginx/registry.htpasswd
        mode: 0777
    volumes:
      - ./conf.d:/etc/nginx/conf.d
      - /data/nginx/web_root:/usr/share/nginx/html:ro
    depends_on:
      - gitea
      - registry

  registry:
    image: registry:2.8.1
    networks:
      - ingress
    volumes:
      - /data/registry:/var/lib/registry

  gitea:
    image: gitea/gitea:1.16.9
    networks:
      - ingress
    environment:
      - USER_UID=1000
      - USER_GID=1000
      - APP_NAME=Where the world builds software
      - RUN_MODE=prod
      - RUN_USER=git
      - DISABLE_SSH=true
      - DOMAIN=<domain>
    volumes:
      - /etc/timezone:/etc/timezone:ro
      - /etc/localtime:/etc/localtime:ro
      - /data/gitea:/data

configs:
  nginx:
    file: ./nginx.conf

networks:
  ingress:
    external: true
    name: aida_ingress

secrets:
  cakey:
    file: ./acme.sh/certs/cert.key
  capem:
    file: ./acme.sh/certs/cert.pem
  registry:
    file: ./registry.htpasswd

启动服务

1
docker stack deploy -c docker-compose.yml devops

Mardan MDevOps Engineer

Hi there, I’m Mardan(ka1i).