Instalación de Docker en Ubuntu 14.04
¿Usando un sistema diferente? Docker es una aplicación que permite implementar programas que se ejecutan como contenedores. Fue escrito en el popular programa Go
This guide will show you how to create and configure a Docker swarm using multiple Alpine Linux 3.9.0 servers and Portainer. Please be aware that Vultr offers a One-Click Docker App that currently supports both CentOS 7 x64 and Ubuntu 16.04 x64.
To begin, you will need at least two VC2 servers running Alpine Linux 3.9.0. Within your Docker swarm, one of these servers will act as a manager node
- interfacing with external networks and delegating jobs to worker nodes. The other server will then act as a worker node
- executing jobs delegated to it by the manager node.
Note that you can launch more than two servers if your application requires redundancy and/or more computing power, and the steps provided in this guide will still apply.
Visit the Vultr server deployment interface.
Ensure that the Vultr Cloud (VC2)
tab is selected at the top of the page.
You can select any location from the Server Location
section, however all servers must be in the same location, otherwise it will not be possible to deploy a Docker swarm to them.
Select the ISO Library
tab of the Server Type
section and choose the Alpine Linux 3.9.0 x86_64
image.
Select an appropriate option from the Server Size
section. This guide will use the 25 GB SSD server size, but this may be insufficient to meet your application's resource requirements. While Vultr makes it easy to upgrade a server's size after it has already been launched, you should still carefully consider which server size your application needs to perform optimally.
In the Additional Features
section, you must select the Enable Private Networking
option. While the other options are not required to follow this guide, you should consider whether or not each one makes sense in the context of your application.
If you've previously enabled the Multiple Private Networks
option on your account, you will then need to either select an existing or create a new private network for your servers. If you have not enabled it, then you can ignore this section. For information on manually configuring private networks, see this guide.
Skip the Firewall Group
section for now. Only the server acting as a manager node in the Docker swarm will need exposed ports, and this should be configured after server deployment.
At the very bottom of the page, you must enter a Server Qty
of at least two. As mentioned previously, you may need more than two servers, but two is sufficient to follow this guide.
Finally, in the Server Hostname & Label
section, enter meaningful and memorable hostnames and labels for each server. For the purposes of this guide, the hostname and label of the first server will be docker-manager
and Docker Manager
, respectively- and docker-worker
and Docker Worker
for the second, respectively.
After double checking all your configurations, you can then click the Deploy Now
button at the bottom of the page to launch your servers.
Because you chose an OS from Vultr's ISO library, you'll need to manually install and configure Alpine Linux 3.9.0 on each server.
After giving Vultr a minute or two to allocate your servers, click the triple dot more options
icon for the Docker Manager
server on the server management interface, and then choose the View Console
option.
You should be redirected to a console with a login prompt. If not, please wait another minute for Vultr to finish deploying your servers.
At that login prompt, enter root
as the username. The live version of Alpine Linux 3.9.0 (which is what your servers are currently running) does not require the superuser to enter a password when logging in.
Once you have successfully logged into the root account, you will see a welcome message followed by a shell prompt that looks like the following:
localhost:~#
To start the Alpine Linux installer, enter the following command:
# setup-alpine
First, choose an appropriate keyboard layout. This guide will use the us
layout and variant.
When setting the hostname, choose the same hostname that you set for this server during deployment. If you've been following this guide exactly, the hostname should be docker-manager
.
Two network interfaces should be available: eth0
and eth1
. If you only see eth0
, that means you did not configure your servers' private network correctly. Initialize eth0
using dhcp
, and initialize eth1
using the private IP address, netmask, and gateway this server was assigned during deployment. You can access these details from the settings interface of your server. When prompted, do not perform any manual network configuration.
Enter a new password for the root account, and then select a timezone appropriate for the location you chose to deploy these servers to.
If you intend to use an HTTP/FTP proxy, enter its URL, otherwise do not set a proxy URL.
Choose an NTP client to manage system clock synchronization. This guide will use busybox
.
When asked for a package repository mirror to use, either pick one explicitly by entering its number; automatically detect and select the fastest one by entering f
; or manually edit the repository configuration file by entering e
, which is not recommended unless you're familiar with Alpine Linux. This guide will use the first mirror.
If you plan to use SSH to access your servers or to host an SSH based file system, select an SSH server to use. This guide will use openssh
.
When prompted for a disk to use, choose disk vda
as sys
type.
Alpine Linux 3.9.0 should now be installed on your server. Repeat this process for all other servers you deployed earlier, ensuring you substitute the correct values for hostname and the eth1
network interface.
At this point, your servers are still running the live ISO version of Alpine Linux 3.9.0. To boot from the SSD installation, visit the settings interface of your server, navigate to the Custom ISO
side menu entry, and click the Remove ISO
button. This should reboot the server. If it does not, then manually reboot.
Once the server has finished rebooting, navigate back to the web console for the server Docker Manager
.
Log into the root account using the password you set earlier during the installation process.
Enable the community package repository by uncommenting the third line of /etc/apk/repositories
using vi
. You can enable the edge and testing repositories in a similar manner, but they are not required to follow this guide.
Synchronize the server's local package index with the remote repository you selected earlier by entering the following shell command:
# apk update
Then upgrade outdated packages:
# apk upgrade
As before, repeat this configuration process for each server you deployed earlier.
Before installing the Docker package itself, you may want to create a separate docker
user. You can do this using the following command:
# adduser docker
Note: This new user and any users added to the new docker
group will have root privileges once the Docker package has been installed. See the following issue from the Moby Github repository:
Due to the
--privileged
in docker, anyone added to the 'docker' group is root equivalent. Anyone in the docker group has a back door around all privilege escalation policy and auditing on the system.This is different from someone being able to run running sudo to root, where they have policy, and audit applied to them.
If you'd like to give sudo permission to the docker
user, first install the sudo
package:
# apk add sudo
Then create a sudo
group:
# addgroup sudo
Finally, add the docker
user to the sudo
group:
# adduser docker sudo
Now you can follow step 4 of this guide to finish configuring sudo.
At this point, you're ready to install the Docker package. Note that it is not strictly necessary to have a separate, sudo-capable docker
user to install and configure Docker, but this guide follows that convention.
Install the Docker package with the following command:
# apk add docker
Then enable the Docker init script:
# rc-update add docker
Finally, start the Docker daemon:
# rc-service docker start
You can verify that Docker is running with this command:
# docker info
As with last time, repeat this Docker installation process for each server you deployed at the start.
With all of that setup dealt with, you're finally ready to create the Docker swarm.
Navigate back to the web console of your Docker Manager
server. You will configure this server as a manager node in your swarm. If you chose to create the docker
user earlier, log in using that account rather than the superuser.
Enter the following command, but replace 192.0.2.1
with the private, (not the public), IP address your Docker Manager
server was assigned:
$ docker swarm init --advertise-addr 192.0.2.1
Docker will display a command you can execute on other servers in the private network to add them as worker nodes to this new swarm. Save this command.
Now navigate to the web console of your Docker Worker
server, signing in with the docker
user if you created it.
To add this server as a worker node to the swarm you just created, execute the command you saved from the output of the swarm creation command. It will look similar to the following:
$ docker swarm join --token SWMTKN-1-XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX-XXXXXXXXXXXXXXXXXXXXXXXXX 192.0.2.1:2377
Docker will output whether the node was able to join the swarm. If you encounter issues adding worker nodes to the swarm, double check your private network configuration and refer to this guide for troubleshooting.
If you deployed more than two servers at the beginning, you can add the rest as worker nodes to your swarm using the command above, increasing the amount resources available to your application. Alternatively, you can add additional manager nodes, but that's beyond the scope of this guide.
At this point your Docker swarm is ready for use. You may, however, optionally launch a Portainer stack on the manager node in your swarm. Portainer offers a convenient web interface for managing your swarm and the nodes therein.
It's now time to create a firewall group for your swarm. Unless your application specifically requires it, only expose ports on your manager nodes. Exposing ports on your worker nodes without careful consideration can introduce vulnerabilities.
Navigate to the firewall management interface and create a new firewall group. Your application should dictate which ports to expose, but you must, at the very least, expose port 9000
for Portainer. Apply this firewall group to the Docker Manager
server.
While it isn't required, securing Portainer with SSL is strongly recommended. For the sake of this guide, you'll only be using a self-signed OpenSSL certificate, but you should consider using Let's Encrypt in production.
Navigate to the web console of the Docker Manager
server, log in using the docker
user, and use the following commands to generate a self-signed OpenSSL certificate:
$ mkdir ~/certs
$ openssl genrsa -out ~/certs/portainer.key 2048
$ openssl req -new -x509 -sha256 -key ~/certs/portainer.key -out ~/certs/portainer.pem -days 3650
Create a new file, ~/portainer-agent-stack.yml
, with the following contents:
version: '3.2'
services:
agent:
image: portainer/agent
environment:
AGENT_CLUSTER_ADDR: tasks.agent
CAP_HOST_MANAGEMENT: 1
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /var/lib/docker/volumes:/var/lib/docker/volumes
- /:/host
networks:
- agent_network
deploy:
mode: global
portainer:
image: portainer/portainer
command: -H tcp://tasks.agent:9001 --tlsskipverify --ssl --sslcert /certs/portainer.pem --sslkey /certs/portainer.key
ports:
- target: 9000
published: 9000
protocol: tcp
mode: host
volumes:
- portainer_data:/data
- /home/docker/certs:/certs
networks:
- agent_network
deploy:
mode: replicated
replicas: 1
placement:
constraints: [node.role == manager]
networks:
agent_network:
driver: overlay
attachable: true
volumes:
portainer_data:
After modifying this Docker stack configuration file to conform to your requirements, you can deploy it:
$ docker stack deploy --compose-file ~/portainer-agent-stack.yml portainer
To verify that Portainer is working, execute the following command after having given Docker a minute or two to deploy the stack:
$ docker ps
You will see two containers with the images portainer/portainer:latest
and portainer/agent:latest
, verifying that Portainer started correctly.
You can now configure and manage your Docker swarm by visiting the public IP address of your Docker Manager
server on port 9000
using HTTPS.
¿Usando un sistema diferente? Docker es una aplicación que permite implementar programas que se ejecutan como contenedores. Fue escrito en el popular programa Go
Using a Different System? Introduction Sentry is an open source solution for error tracking. Sentry tracks exceptions and other useful messages fro
Descripción general RancherOS es un sistema operativo increíblemente liviano (solo unos 60 MB) que ejecuta un demonio Docker del sistema como PID 0 para ejecutar servicios del sistema
Este tutorial explica los conceptos básicos para comenzar a usar Docker. Supongo que ya tienes instalado Docker. Los pasos de este tutorial funcionarán en un
Al ejecutar una aplicación web, normalmente desea aprovechar al máximo sus recursos sin tener que convertir su software para usar subprocesos múltiples o
Todos conocemos y amamos Docker, una plataforma para crear, administrar y distribuir contenedores de aplicaciones en múltiples máquinas. Docker Inc. proporciona un servicio t
Este artículo le mostrará cómo implementar su aplicación Node dentro de un contenedor Docker. Nota: Este tutorial asume que tienes Docker instalado y leído
Rancher OS es una distribución de Linux muy ligera construida alrededor de Docker. El sistema operativo en sí pesa alrededor de 20 MB. Este tutorial lo pondrá en funcionamiento con
Overview This article is meant to help you get a Kubernetes cluster up and running with kubeadm in no time. This guide will be deploying two servers, on
Este artículo explica cómo instalar docker-compose en CoreOS. En CoreOS, la carpeta / usr / es inmutable, por lo que la ruta estándar / usr / local / bin no está disponible para
Harbor es un servidor de registro de clase empresarial de código abierto que almacena y distribuye imágenes de Docker. Harbor extiende el código abierto Docker Distribution b
Introduction Docker is an application that allows us to deploy programs that are run as containers. It was written in the popular Go programming language
Requisitos previos Docker engine 1.8+. Mínimo de 4 GB de espacio en disco. Mínimo de 4 GB de RAM. Paso 1. Instalar Docker Para instalar SQL-Server, Docker mus
Kubernetes es una plataforma de código abierto desarrollada por Google para administrar aplicaciones en contenedores en un grupo de servidores. Se basa en una década y
Las aplicaciones PHP generalmente están compuestas por un servidor web, un sistema de base de datos relacional y el propio intérprete de idiomas. En este tutorial estaremos apalancando
¿Usando un sistema diferente? Introducción Rancher es una plataforma de código abierto para ejecutar contenedores y crear un servicio de contenedor privado. Ranchero es base
Using a Different System? Introduction Docker Swarm turns your individual servers into a cluster of computers; facilitating scaling, high-availability an
La tecnología de contenedores Docker le permite ejecutar aplicaciones en un entorno específico y aislado. Docker Community Edition (CE) es el nuevo nombre para el fre
¿Usando un sistema diferente? Introducción Docker es una aplicación que permite la implementación de software en contenedores virtuales. Fue escrito en el G
Los ataques de ransomware van en aumento, pero ¿puede la IA ayudar a lidiar con el último virus informático? ¿Es la IA la respuesta? Lea aquí, sepa que la IA es una bendición o una perdición
ReactOS, un sistema operativo de código abierto y gratuito, está aquí con la última versión. ¿Puede satisfacer las necesidades de los usuarios de Windows de hoy en día y acabar con Microsoft? Averigüemos más sobre este estilo antiguo, pero una experiencia de sistema operativo más nueva.
Whatsapp finalmente lanzó la aplicación de escritorio para usuarios de Mac y Windows. Ahora puede acceder a Whatsapp desde Windows o Mac fácilmente. Disponible para Windows 8+ y Mac OS 10.9+
Lea esto para saber cómo la Inteligencia Artificial se está volviendo popular entre las empresas de pequeña escala y cómo está aumentando las probabilidades de hacerlas crecer y dar ventaja a sus competidores.
Recientemente, Apple lanzó macOS Catalina 10.15.4, una actualización complementaria para solucionar problemas, pero parece que la actualización está causando más problemas que conducen al bloqueo de las máquinas Mac. Lee este artículo para obtener más información
13 Herramientas comerciales de extracción de datos de Big Data
Nuestra computadora almacena todos los datos de una manera organizada conocida como sistema de archivos de diario. Es un método eficiente que permite a la computadora buscar y mostrar archivos tan pronto como presiona buscar.
A medida que la ciencia evoluciona a un ritmo rápido, asumiendo muchos de nuestros esfuerzos, también aumentan los riesgos de someternos a una singularidad inexplicable. Lea, lo que la singularidad podría significar para nosotros.
Una mirada a 26 técnicas analíticas de Big Data: Parte 1
La IA en la salud ha dado grandes pasos desde las últimas décadas. Por tanto, el futuro de la IA en el sector sanitario sigue creciendo día a día.