Practice of using container to deploy docker container

Time:2021-10-15

1、 Background

Recently, when deploying redis master-slave replication using Ranger 2.5.5, I found that Ranger will generate many iptables rules. These rules make it impossible for us to use redis master-slave replication function on the machine where Ranger is deployed, because my understanding of Ranger and k8s is limited to understanding the network architecture and use, and I don’t go deep into the underlying layer, The problem of network conflict cannot be solved in a short time;

Therefore, I changed the mode of docker management by rancher to the mode of using a container. This container is relatively lightweight. It also took several hours to learn in the process of building. Now let’s restore the whole process as much as possible for your reference.

2、 Operation steps

  1. Installing portiner
  2. Management node
  3. Deployment container

3、 Installing portiner

There are many ways to install portiner, but I always like to use the simplest way to complete what needs to be done, so here I will use docker to build it.

3.1 docker deployment

The docker deployment method is very simple. You only need to execute a simple run container command, as shown below.

docker run -d \
-p 9000:9000 \
-p 8000:8000 \
--restart always \
-v /var/run/docker.sock:/var/run/docker.sock \
-v /opt/docker/portainer-ce/data:/data \
--name portainer-ce portainer/portainer-ce

The command maps the 8000 port and 9000 port of the physical machine to the 8000 port and 9000 port in the container, and the docker communication file of the host machine/var/run/docker.sockIt is also mapped to the container. In addition, for persistent deployment, the directory is also mapped/opt/docker/portainer-ce/dataMapped to container/dataDirectory, after the command is executed, the returned result information is shown in the following figure

Practice of using container to deploy docker container

In the figure above, you can see that a docker container has been successfully run. Next, I need to verify whether the service is running normally and use the browser to access the URLhttp://127.0.0.1:9000/Address, the result is as follows

Practice of using container to deploy docker container
In the figure above, you can see that the portal system has been accessed, indicating that the system has been installed successfully.

3.2 node initialization

Now I need to set the administrator’s account password. Here I simply fill in the password and confirm the password, and clickCreate userButton to create an administrator account.

After the administrator account is set, it needs to be initialized, as shown in the figure below

Practice of using container to deploy docker container
There are three options in the figure above. I choose to use portal to manage the local docker program, and clickConnectButton to complete the initialization operation.

3.3 function discussion

After initialization, you can enter the working interface of the container, as shown in the following figure

Practice of using container to deploy docker container

Find the one in the figure above. You can see that there is already one in the portal systemlocalFor the local node, we can click it to enter the node management, as shown in the figure below

Practice of using container to deploy docker container

In the figure above, you can see that the portal system is listedlocalThe stack, container information, image information, disk information, network information, etc. of the node, I can click here at willContainersBlock, you can see the container list, as shown in the following figure

Practice of using container to deploy docker container

In the above figure, you can see that there are two containers in the container list and the operation status of the containers. You can also control these containers.

4、 Management node

Now the local docker can be controlled, but I am not satisfied with this. I need to control other machines as well.

4.1 start adding nodes

In the portal system, there is aendpointsYou can add multiple nodes in this menu, as shown in the following figure
Practice of using container to deploy docker container
As you can see in the figure above, there is already onelocalThere is a node at the top of the listAdd endpointButton. Click the button to go to the details page of adding nodes, as shown in the figure below

Practice of using container to deploy docker container

In the figure above, you can see that there are five options. Here I choose the simplest way to useDocker APIControl.

4.2 open API control

This method needs to add parameters to the docker startup program of the node, so I need to log in to the node server first. The command of SSH login to the server is as follows

ssh [email protected]

After the command is executed, return as shown in the following figure
Practice of using container to deploy docker container

In the figure above, you can see that you have entered the server where the node is located. Then you need to edit the configuration file started by docker. The command is as follows

vim /usr/lib/systemd/system/docker.service

After the command is executed, you can modify the configuration in the VIM editing interface, as shown in the following figure
Practice of using container to deploy docker container

Add the open remote access code to the start command line of docker, as shown below

-H tcp://0.0.0.0:2375 -H unix:///var/run/docker.sock

Copy code to/usr/bin/dockerdAfter the program, as shown in the figure below
Practice of using container to deploy docker container

After saving the configuration file, you need to restart the docker service. The command to restart docker is as follows

systemctl daemon-reload  && systemctl restart docker

After restarting docker, everything will be completed if everything is normal

4.3 verify port status

View the configuration information of docker. The command is as follows:

docker info

After the command is executed, the returned information is shown in the following figure
Practice of using container to deploy docker container
In the figure above, you can see that docker gives a warning prompt, telling me that there is a security risk when enabling remote access, which is ignored here for the time being. However, this prompt indicates that the remote access function is indeed enabled

In addition, you can check whether the opening is successful by opening the port. The command is as follows

netstat -ntl

After the command is executed, the port opening status of the current host will be returned, as shown in the following figure
Practice of using container to deploy docker container
You can see in the above figure2375The port has been opened successfully, indicating that the node itself is OK to open the docker;

However, when the portal accesses this node through IP, it is necessary to consider whether the firewall in the network will shield this port. It can be used herenmapTool to detect whether the port of the node can be accessed. Now I go back to the command terminal of the portal system and use the nmap tool to detect. The command is as follows

nmap -p 2375 xxx.xxx.xxx.xxx

After the command is executed, it will return whether 2375 is on. The execution result is shown in the figure below

Practice of using container to deploy docker container

You can see the node in the figure above2375The port is open and can be connected.

4.4 finish adding nodes

Next, go back to the browser window, as shown in the following figure

Practice of using container to deploy docker container

In the web page shown in the figure above, fill in the IP address and port of the node in the form of URL, and then clickAdd endpodintButton to add a node. If the node is added successfully, there will be a corresponding prompt, as shown in the following figure

Practice of using container to deploy docker container

In the figure above, you can see that the portal system prompts that the node has been added successfully, and you can see this node in the node list.

5、 Deployment container

After adding nodes, I am ready to deploy my container in the remote node;

5.1 deploying a single container

Go back to the portal homepage, where you can see the node information just added, as shown in the following figure

Practice of using container to deploy docker container

Select the node just added in the figure above, and then enter the container menu option to see the container list of this node, as shown in the figure below

Practice of using container to deploy docker container

Above the list on the page shown above, there is aAdd containerButton. After clicking this button, it will be adjusted to the add container details page

Practice of using container to deploy docker container
In the page shown in the figure above, I need to fill in the docker image address. Here I randomly selected an nginx image and mapped the 8888 port of the host to port 80 of the container. After submitting these information, the portal system will tell you whether the container is running successfully, as shown in the figure below

Practice of using container to deploy docker container
In the figure above, we can see that the container has run successfully and jumped to the container list. Next, we can access the 8888 port corresponding to this node to verify whether the service is available

Open the browser and fill in the URL in the address barhttp://xxx.xxx.xxx.xxx:8888/, the returned results after accessing are shown in the following figure
Practice of using container to deploy docker container

You can see in the above figurenginxThe service has run successfully;

5.2 deploy docker compose

In addition to deploying containers on the container list page, the container system also supports the use of docker compose for deployment, which is calledstacks, select this item in the menu bar to enter the list of docker compose services, as shown in the following figure
Practice of using container to deploy docker container

There is one at the top of the listAdd stackButton, click this button to adddocker-composeService, as shown in the figure below

Practice of using container to deploy docker container

On the page shown in the figure above, I will be asked to fill in the docker compose information. Here I have prepared a redis servicedocker-composeThe configuration code is shown below

version: '3.5'
services:
  redis:
    image: "redis:latest"
    container_name: redis_test
    command: redis-server
    ports:
      - "16379:16379"

After the drop configuration is filled in the page, submit it, and the portal will deploy the configuration on the corresponding nodedocker-composeService, as shown in the figure below
Practice of using container to deploy docker container
After successful deployment, you can see the service just deployed in the stacks list. You can also click the service name in the list to enter the details page for viewing and modification, as shown in the following figure

Practice of using container to deploy docker container

In the figure above, you can see what container this service is running, and you can also terminate or delete the container.

This article is also a preliminary exploration of portal. You need to explore more details tirelessly.


About the author

Author: Tang Qingsong

Wechat: songboy8888

Date: April 10, 2021

This work adoptsCC agreement, reprint must indicate the author and the link to this article

Recommended Today

Awk command is used in actual combat

We know the three swordsmen of Linux. They aregrep、sed、awk。 As I said earliergrepandsed, students who haven’t seen it can directly click to read. What we want to share today is more powerfulawk。 Sed can realize non interactive string replacement, and grep can realize effective filtering function. Compared with the two, awk is a powerful text […]