Docker私有云管理平臺————Docker Shipyard

1、shipyard中文版安裝(CentOS)

注：本文安裝操做均在root用戶下，安裝前需先安裝Docker (傳送門)

下載所需docker鏡像

docker pull rethinkdb docker pull microbox/etcd docker pull shipyard/docker-proxy docker pull swarm docker pull dockerclub/shipyard

下載官方腳本

wget https://shipyard-project.com/deploy

若下載失敗請使用

wget https://raw.githubusercontent.com/shipyard/shipyard-project.com/master/site/themes/shipyard/static/deploy

或者直接建立文件，將內容複製進去

mkdir -p /usr/local/docker vi /usr/local/docker/deploy

完整腳本

#!/bin/bash if [ "$1" != "" ] && [ "$1" = "-h" ]; then echo "Shipyard Deploy uses the following environment variables:" echo "  ACTION: this is the action to use (deploy, upgrade, node, remove)" echo "  DISCOVERY: discovery system used by Swarm (only if using 'node' action)" echo "  IMAGE: this overrides the default Shipyard image" echo "  PREFIX: prefix for container names" echo "  SHIPYARD_ARGS: these are passed to the Shipyard controller container as controller args" echo "  TLS_CERT_PATH: path to certs to enable TLS for Shipyard" echo "  PORT: specify the listen port for the controller (default: 8080)" echo "  IP: specify the address at which the controller or node will be available (default: eth0 ip)" echo "  PROXY_PORT: port to run docker proxy (default: 2375)" exit 1 fi if [ -z "`which docker`" ]; then echo "You must have the Docker CLI installed on your \$PATH" echo "  See http://docs.docker.com for details" exit 1 fi ACTION=${ACTION:-deploy} #IMAGE=${IMAGE:-shipyard/shipyard:latest} IMAGE=${IMAGE:-dockerclub/shipyard:latest} PREFIX=${PREFIX:-shipyard} SHIPYARD_ARGS=${SHIPYARD_ARGS:-""} TLS_CERT_PATH=${TLS_CERT_PATH:-} CERT_PATH="/etc/shipyard" PROXY_PORT=${PROXY_PORT:-2375} SWARM_PORT=3375 SHIPYARD_PROTOCOL=http SHIPYARD_PORT=${PORT:-8080} SHIPYARD_IP=${IP} DISCOVERY_BACKEND=etcd DISCOVERY_PORT=4001 DISCOVERY_PEER_PORT=7001 ENABLE_TLS=0 CERT_FINGERPRINT="" LOCAL_CA_CERT="" LOCAL_SSL_CERT="" LOCAL_SSL_KEY="" LOCAL_SSL_CLIENT_CERT="" LOCAL_SSL_CLIENT_KEY="" SSL_CA_CERT="" SSL_CERT="" SSL_KEY="" SSL_CLIENT_CERT="" SSL_CLIENT_KEY="" show_cert_help() { echo "To use TLS in Shipyard, you must have existing certificates." echo "The certs must be named ca.pem, server.pem, server-key.pem, cert.pem and key.pem" echo "If you need to generate certificates, see https://github.com/ehazlett/certm for examples." } check_certs() { if [ -z "$TLS_CERT_PATH" ]; then return fi if [ ! -e $TLS_CERT_PATH ]; then echo "Error: unable to find certificates in $TLS_CERT_PATH" show_cert_help exit 1 fi if [ "$PROXY_PORT" = "2375" ]; then PROXY_PORT=2376 fi SWARM_PORT=3376 SHIPYARD_PROTOCOL=https LOCAL_SSL_CA_CERT="$TLS_CERT_PATH/ca.pem" LOCAL_SSL_CERT="$TLS_CERT_PATH/server.pem" LOCAL_SSL_KEY="$TLS_CERT_PATH/server-key.pem" LOCAL_SSL_CLIENT_CERT="$TLS_CERT_PATH/cert.pem" LOCAL_SSL_CLIENT_KEY="$TLS_CERT_PATH/key.pem" SSL_CA_CERT="$CERT_PATH/ca.pem" SSL_CERT="$CERT_PATH/server.pem" SSL_KEY="$CERT_PATH/server-key.pem" SSL_CLIENT_CERT="$CERT_PATH/cert.pem" SSL_CLIENT_KEY="$CERT_PATH/key.pem" CERT_FINGERPRINT=$(openssl x509 -noout -in $LOCAL_SSL_CERT -fingerprint -sha256 | awk -F= '{print $2;}') if [ ! -e $LOCAL_SSL_CA_CERT ] || [ ! -e $LOCAL_SSL_CERT ] || [ ! -e $LOCAL_SSL_KEY ] || [ ! -e $LOCAL_SSL_CLIENT_CERT ] || [ ! -e $LOCAL_SSL_CLIENT_KEY ]; then echo "Error: unable to find certificates" show_cert_help exit 1 fi ENABLE_TLS=1 } # container functions start_certs() { ID=$(docker run \ -ti \ -d \ --restart=always \ --name $PREFIX-certs \ -v $CERT_PATH \ alpine \ sh) if [ $ENABLE_TLS = 1 ]; then docker cp $LOCAL_SSL_CA_CERT $PREFIX-certs:$SSL_CA_CERT docker cp $LOCAL_SSL_CERT $PREFIX-certs:$SSL_CERT docker cp $LOCAL_SSL_KEY $PREFIX-certs:$SSL_KEY docker cp $LOCAL_SSL_CLIENT_CERT $PREFIX-certs:$SSL_CLIENT_CERT docker cp $LOCAL_SSL_CLIENT_KEY $PREFIX-certs:$SSL_CLIENT_KEY fi } remove_certs() { docker rm -fv $PREFIX-certs > /dev/null 2>&1 } get_ip() { if [ -z "$SHIPYARD_IP" ]; then SHIPYARD_IP=`docker run --rm --net=host alpine ip route get 8.8.8.8 | awk '{ print $7;  }'` fi } start_discovery() { get_ip ID=$(docker run \ -ti \ -d \ -p 4001:4001 \ -p 7001:7001 \ --restart=always \ --name $PREFIX-discovery \ microbox/etcd:latest -addr $SHIPYARD_IP:$DISCOVERY_PORT -peer-addr $SHIPYARD_IP:$DISCOVERY_PEER_PORT) } remove_discovery() { docker rm -fv $PREFIX-discovery > /dev/null 2>&1 } start_rethinkdb() { ID=$(docker run \ -ti \ -d \ --restart=always \ --name $PREFIX-rethinkdb \ rethinkdb) } remove_rethinkdb() { docker rm -fv $PREFIX-rethinkdb > /dev/null 2>&1 } start_proxy() { TLS_OPTS=""
    if [ $ENABLE_TLS = 1 ]; then TLS_OPTS="-e SSL_CA=$SSL_CA_CERT -e SSL_CERT=$SSL_CERT -e SSL_KEY=$SSL_KEY -e SSL_SKIP_VERIFY=1" fi # Note: we add SSL_SKIP_VERIFY=1 to skip verification of the client # certificate in the proxy image. this will pass it to swarm that # does verify. this helps with performance and avoids certificate issues # when running through the proxy. ultimately if the cert is invalid # swarm will fail to return. ID=$(docker run \ -ti \ -d \ -p $PROXY_PORT:$PROXY_PORT \ --hostname=$HOSTNAME \ --restart=always \ --name $PREFIX-proxy \ -v /var/run/docker.sock:/var/run/docker.sock \ -e PORT=$PROXY_PORT \ --volumes-from=$PREFIX-certs $TLS_OPTS\ shipyard/docker-proxy:latest) } remove_proxy() { docker rm -fv $PREFIX-proxy > /dev/null 2>&1 } start_swarm_manager() { get_ip TLS_OPTS=""
    if [ $ENABLE_TLS = 1 ]; then TLS_OPTS="--tlsverify --tlscacert=$SSL_CA_CERT --tlscert=$SSL_CERT --tlskey=$SSL_KEY" fi EXTRA_RUN_OPTS=""

    if [ -z "$DISCOVERY" ]; then DISCOVERY="$DISCOVERY_BACKEND://discovery:$DISCOVERY_PORT" EXTRA_RUN_OPTS="--link $PREFIX-discovery:discovery" fi ID=$(docker run \ -ti \ -d \ --restart=always \ --name $PREFIX-swarm-manager \ --volumes-from=$PREFIX-certs $EXTRA_RUN_OPTS \ swarm:latest \ m --replication --addr $SHIPYARD_IP:$SWARM_PORT --host tcp://0.0.0.0:$SWARM_PORT $TLS_OPTS $DISCOVERY)
} remove_swarm_manager() { docker rm -fv $PREFIX-swarm-manager > /dev/null 2>&1 } start_swarm_agent() { get_ip if [ -z "$DISCOVERY" ]; then DISCOVERY="$DISCOVERY_BACKEND://discovery:$DISCOVERY_PORT" EXTRA_RUN_OPTS="--link $PREFIX-discovery:discovery" fi ID=$(docker run \ -ti \ -d \ --restart=always \ --name $PREFIX-swarm-agent $EXTRA_RUN_OPTS \ swarm:latest \ j --addr $SHIPYARD_IP:$PROXY_PORT $DISCOVERY) } remove_swarm_agent() { docker rm -fv $PREFIX-swarm-agent > /dev/null 2>&1 } start_controller() { #-v $CERT_PATH:/etc/docker:ro \ TLS_OPTS=""
    if [ $ENABLE_TLS = 1 ]; then TLS_OPTS="--tls-ca-cert $SSL_CA_CERT --tls-cert=$SSL_CERT --tls-key=$SSL_KEY --shipyard-tls-ca-cert=$SSL_CA_CERT --shipyard-tls-cert=$SSL_CERT --shipyard-tls-key=$SSL_KEY" fi ID=$(docker run \ -ti \ -d \ --restart=always \ --name $PREFIX-controller \ --link $PREFIX-rethinkdb:rethinkdb \ --link $PREFIX-swarm-manager:swarm \ -p $SHIPYARD_PORT:$SHIPYARD_PORT \ --volumes-from=$PREFIX-certs \ $IMAGE \ --debug \ server \ --listen :$SHIPYARD_PORT \ -d tcp://swarm:$SWARM_PORT $TLS_OPTS $SHIPYARD_ARGS)
} wait_for_available() { set +e IP=$1 PORT=$2 echo Waiting for Shipyard on $IP:$PORT docker pull ehazlett/curl > /dev/null 2>&1 TLS_OPTS=""
    if [ $ENABLE_TLS = 1 ]; then TLS_OPTS="-k" fi until $(docker run --rm ehazlett/curl --output /dev/null --connect-timeout 1 --silent --head --fail $TLS_OPTS $SHIPYARD_PROTOCOL://$IP:$PORT/ > /dev/null 2>&1); do
        printf '.' sleep 1 done printf '\n' } remove_controller() { docker rm -fv $PREFIX-controller > /dev/null 2>&1 } if [ "$ACTION" = "deploy" ]; then set -e check_certs get_ip echo "Deploying Shipyard" echo " -> Starting Database" start_rethinkdb echo " -> Starting Discovery" start_discovery echo " -> Starting Cert Volume" start_certs echo " -> Starting Proxy" start_proxy echo " -> Starting Swarm Manager" start_swarm_manager echo " -> Starting Swarm Agent" start_swarm_agent echo " -> Starting Controller" start_controller wait_for_available $SHIPYARD_IP $SHIPYARD_PORT echo "Shipyard available at $SHIPYARD_PROTOCOL://$SHIPYARD_IP:$SHIPYARD_PORT"
    if [ $ENABLE_TLS = 1 ] && [ ! -z "$CERT_FINGERPRINT" ]; then echo "SSL SHA-256 Fingerprint: $CERT_FINGERPRINT" fi echo "Username: admin Password: shipyard" elif [ "$ACTION" = "node" ]; then set -e if [ -z "$DISCOVERY" ]; then echo "You must set the DISCOVERY environment variable" echo "with the discovery system used with Swarm" exit 1 fi check_certs echo "Adding Node" echo " -> Starting Cert Volume" start_certs echo " -> Starting Proxy" start_proxy echo " -> Starting Swarm Manager" start_swarm_manager $DISCOVERY echo " -> Starting Swarm Agent" start_swarm_agent echo "Node added to Swarm: $SHIPYARD_IP" elif [ "$ACTION" = "upgrade" ]; then set -e check_certs get_ip echo "Upgrading Shipyard" echo " -> Pulling $IMAGE" docker pull $IMAGE echo " -> Upgrading Controller" remove_controller start_controller wait_for_available $SHIPYARD_IP $SHIPYARD_PORT echo "Shipyard controller updated" elif [ "$ACTION" = "remove" ]; then # ignore errors set +e echo "Removing Shipyard" echo " -> Removing Database" remove_rethinkdb echo " -> Removing Discovery" remove_discovery echo " -> Removing Cert Volume" remove_certs echo " -> Removing Proxy" remove_proxy echo " -> Removing Swarm Agent" remove_swarm_agent echo " -> Removing Swarm Manager" remove_swarm_manager echo " -> Removing Controller" remove_controller echo "Done"
else echo "Unknown action $ACTION" exit 1 fi

View Code

修改原安裝鏡像爲中文版安裝鏡像

grep -n shipyard:latest deploy sed -i 's/shipyard\/shipyard:latest/dockerclub\/shipyard:latest/g' deploy

 

 設置web訪問端口(根據須要修改)

#檢查8080端口是否被佔用，若佔用需修改端口 yum install -y net-tools    //安裝net-tools工具包，若已安裝可跳過此步驟
netstat -tlnp | grep 8080   //查看宿主機8080端口是否被佔用
#配置修改 grep -n 'PORT:-8080' deploy SHIPYARD_PORT=${PORT:-8080} 修改成 SHIPYARD_PORT=${PORT:-指定端口}

安裝與刪除

sh deploy                                //安裝
cat deploy | ACTION=remove bash          //刪除

使用shipyard

瀏覽器輸入:http://主機IP:8080
默認帳號:admin 默認密碼:shipyard

安裝過程當中錯誤,經常使用的解決辦法 容器衝突：

#出現錯誤通常都是提示容器衝突,若是剛搭建,能夠直接把容器所有中止並刪除 docker stop $(docker ps -a -q)        //中止全部服務
docker rm $(docker ps -a -q)          //刪除全部服務

也能夠根據提示來找到容器的ID進行中止刪除

docker ps -a docker stop ID docker rm ID

 

2、 如何使用

如何增長一個節點

curl https://shipyard-project.com/deploy | ACTION=node DISCOVERY=etcd://主服務器IP:4001 bash

若下載失敗請使用

curl -sSL  https://raw.githubusercontent.com/shipyard/shipyard-project.com/master/site/themes/shipyard/static/deploy | ACTION=node DISCOVERY=etcd://主節點IP:4001 bash -s

 

3、安裝腳本下載

　　　

注：做者因爲沒有時間與精力繼續維護下去，只能無奈的決定中止這個項目，官網也被關掉了。

若下載安裝失敗請嘗試替換下載連接爲

https://raw.githubusercontent.com/shipyard/shipyard-project.com/master/site/themes/shipyard/static/deploy

 

 

4、 Docker Shipyard是什麼 ？

shipyard是一個開源的docker管理平臺，其特性主要包括：

• 支持節點動態集羣，可擴展節點的規模（swarm、etcd方案）
• 支持鏡像管理、容器管理、節點管理等功能
• 可視化的容器管理和監控管理
• 在線容器console終端

 

5、 Shipyard中文版源碼託管在github(傳送門)。

1.登錄界面

 

2.容器列表

 

3.容器信息建立

 

4.容器信息

 

5.終端鏈接

 

6.鏡像信息

 

7.節點信息

 

8.倉庫信息

 

 至此，搭建完成

參考地址： https://www.fcwys.cc/archives/145.html

https://www.cnblogs.com/cainiaoit/p/6543326.html