2017-08-21 18:44:34 +08:00
<!DOCTYPE HTML>
< html lang = "zh-cn" >
< head >
< meta charset = "UTF-8" >
< meta content = "text/html; charset=utf-8" http-equiv = "Content-Type" >
< title > 7.1 Docker最佳实践 · Kubernetes Handbook< / title >
< meta http-equiv = "X-UA-Compatible" content = "IE=edge" / >
< meta name = "description" content = "" >
< meta name = "generator" content = "GitBook 3.2.2" >
< meta name = "author" content = "Jimmy Song" >
< link rel = "stylesheet" href = "../gitbook/style.css" >
< link rel = "stylesheet" href = "../gitbook/gitbook-plugin-splitter/splitter.css" >
< link rel = "stylesheet" href = "../gitbook/gitbook-plugin-page-toc-button/plugin.css" >
< link rel = "stylesheet" href = "../gitbook/gitbook-plugin-image-captions/image-captions.css" >
< link rel = "stylesheet" href = "../gitbook/gitbook-plugin-page-footer-ex/style/plugin.css" >
< link rel = "stylesheet" href = "../gitbook/gitbook-plugin-search-plus/search.css" >
< link rel = "stylesheet" href = "../gitbook/gitbook-plugin-highlight/website.css" >
< link rel = "stylesheet" href = "../gitbook/gitbook-plugin-fontsettings/website.css" >
< meta name = "HandheldFriendly" content = "true" / >
< meta name = "viewport" content = "width=device-width, initial-scale=1, user-scalable=no" >
< meta name = "apple-mobile-web-app-capable" content = "yes" >
< meta name = "apple-mobile-web-app-status-bar-style" content = "black" >
< link rel = "apple-touch-icon-precomposed" sizes = "152x152" href = "../gitbook/images/apple-touch-icon-precomposed-152.png" >
< link rel = "shortcut icon" href = "../gitbook/images/favicon.ico" type = "image/x-icon" >
< link rel = "next" href = "issues.html" / >
< link rel = "prev" href = "./" / >
< / head >
< body >
< div class = "book" >
< div class = "book-summary" >
< div id = "book-search-input" role = "search" >
< input type = "text" placeholder = "輸入並搜尋" / >
< / div >
< nav role = "navigation" >
< ul class = "summary" >
< li class = "chapter " data-level = "1.1" data-path = "../" >
< a href = "../" >
1. 前言
< / a >
< / li >
< li class = "chapter " data-level = "1.2" data-path = "../concepts/" >
< a href = "../concepts/" >
2. 概念原理
< / a >
< ul class = "articles" >
< li class = "chapter " data-level = "1.2.1" data-path = "../concepts/concepts.html" >
< a href = "../concepts/concepts.html" >
2.1 设计理念
< / a >
< / li >
< li class = "chapter " data-level = "1.2.2" data-path = "../concepts/objects.html" >
< a href = "../concepts/objects.html" >
2.2 主要概念
< / a >
< ul class = "articles" >
< li class = "chapter " data-level = "1.2.2.1" data-path = "../concepts/pod-overview.html" >
< a href = "../concepts/pod-overview.html" >
2.2.1 Pod
< / a >
< ul class = "articles" >
< li class = "chapter " data-level = "1.2.2.1.1" data-path = "../concepts/pod.html" >
< a href = "../concepts/pod.html" >
2.2.1.1 Pod解析
< / a >
< / li >
< / ul >
< / li >
< li class = "chapter " data-level = "1.2.2.2" data-path = "../concepts/node.html" >
< a href = "../concepts/node.html" >
2.2.2 Node
< / a >
< / li >
< li class = "chapter " data-level = "1.2.2.3" data-path = "../concepts/namespace.html" >
< a href = "../concepts/namespace.html" >
2.2.3 Namespace
< / a >
< / li >
< li class = "chapter " data-level = "1.2.2.4" data-path = "../concepts/service.html" >
< a href = "../concepts/service.html" >
2.2.4 Service
< / a >
< / li >
< li class = "chapter " data-level = "1.2.2.5" data-path = "../concepts/volume.html" >
< a href = "../concepts/volume.html" >
2.2.5 Volume和Persistent Volume
< / a >
< / li >
< li class = "chapter " data-level = "1.2.2.6" data-path = "../concepts/deployment.html" >
< a href = "../concepts/deployment.html" >
2.2.6 Deployment
< / a >
< / li >
< li class = "chapter " data-level = "1.2.2.7" data-path = "../concepts/secret.html" >
< a href = "../concepts/secret.html" >
2.2.7 Secret
< / a >
< / li >
< li class = "chapter " data-level = "1.2.2.8" data-path = "../concepts/statefulset.html" >
< a href = "../concepts/statefulset.html" >
2.2.8 StatefulSet
< / a >
< / li >
< li class = "chapter " data-level = "1.2.2.9" data-path = "../concepts/daemonset.html" >
< a href = "../concepts/daemonset.html" >
2.2.9 DaemonSet
< / a >
< / li >
< li class = "chapter " data-level = "1.2.2.10" data-path = "../concepts/serviceaccount.html" >
< a href = "../concepts/serviceaccount.html" >
2.2.10 ServiceAccount
< / a >
< / li >
< li class = "chapter " data-level = "1.2.2.11" data-path = "../concepts/replicaset.html" >
< a href = "../concepts/replicaset.html" >
2.2.11 ReplicationController和ReplicaSet
< / a >
< / li >
< li class = "chapter " data-level = "1.2.2.12" data-path = "../concepts/job.html" >
< a href = "../concepts/job.html" >
2.2.12 Job
< / a >
< / li >
< li class = "chapter " data-level = "1.2.2.13" data-path = "../concepts/cronjob.html" >
< a href = "../concepts/cronjob.html" >
2.2.13 CronJob
< / a >
< / li >
< li class = "chapter " data-level = "1.2.2.14" data-path = "../concepts/ingress.html" >
< a href = "../concepts/ingress.html" >
2.2.14 Ingress
< / a >
< / li >
< li class = "chapter " data-level = "1.2.2.15" data-path = "../concepts/configmap.html" >
< a href = "../concepts/configmap.html" >
2.2.15 ConfigMap
< / a >
< / li >
< li class = "chapter " data-level = "1.2.2.16" data-path = "../concepts/horizontal-pod-autoscaling.html" >
< a href = "../concepts/horizontal-pod-autoscaling.html" >
2.2.16 Horizontal Pod Autoscaling
< / a >
< / li >
< li class = "chapter " data-level = "1.2.2.17" data-path = "../concepts/label.html" >
< a href = "../concepts/label.html" >
2.2.17 Label
< / a >
< / li >
< / ul >
< / li >
< / ul >
< / li >
< li class = "chapter " data-level = "1.3" data-path = "../guide/" >
< a href = "../guide/" >
3. 用户指南
< / a >
< ul class = "articles" >
< li class = "chapter " data-level = "1.3.1" data-path = "../guide/resource-configuration.html" >
< a href = "../guide/resource-configuration.html" >
3.1 资源配置
< / a >
< ul class = "articles" >
< li class = "chapter " data-level = "1.3.1.1" data-path = "../guide/configure-liveness-readiness-probes.html" >
< a href = "../guide/configure-liveness-readiness-probes.html" >
3.1.1 配置Pod的liveness和readiness探针
< / a >
< / li >
< li class = "chapter " data-level = "1.3.1.2" data-path = "../guide/configure-pod-service-account.html" >
< a href = "../guide/configure-pod-service-account.html" >
3.1.2 配置Pod的Service Account
< / a >
< / li >
< / ul >
< / li >
< li class = "chapter " data-level = "1.3.2" data-path = "../guide/command-usage.html" >
< a href = "../guide/command-usage.html" >
3.2 命令使用
< / a >
< ul class = "articles" >
< li class = "chapter " data-level = "1.3.2.1" data-path = "../guide/using-kubectl.html" >
< a href = "../guide/using-kubectl.html" >
3.2.1 使用kubectl
< / a >
< / li >
< / ul >
< / li >
< li class = "chapter " data-level = "1.3.3" data-path = "../guide/cluster-management.html" >
< a href = "../guide/cluster-management.html" >
3.3 集群管理
< / a >
< ul class = "articles" >
< li class = "chapter " data-level = "1.3.3.1" data-path = "../guide/managing-tls-in-a-cluster.html" >
< a href = "../guide/managing-tls-in-a-cluster.html" >
3.3.1 管理集群中的TLS
< / a >
< / li >
< li class = "chapter " data-level = "1.3.3.2" data-path = "../guide/kubelet-authentication-authorization.html" >
< a href = "../guide/kubelet-authentication-authorization.html" >
3.3.2 kubelet的认证授权
< / a >
< / li >
< li class = "chapter " data-level = "1.3.3.3" data-path = "../guide/tls-bootstrapping.html" >
< a href = "../guide/tls-bootstrapping.html" >
3.3.3 TLS bootstrap
< / a >
2017-08-31 14:23:44 +08:00
< / li >
< li class = "chapter " data-level = "1.3.3.4" data-path = "../guide/kubectl-user-authentication-authorization.html" >
< a href = "../guide/kubectl-user-authentication-authorization.html" >
3.3.4 kubectl的用户认证授权
< / a >
< / li >
< li class = "chapter " data-level = "1.3.3.5" data-path = "../guide/rbac.html" >
< a href = "../guide/rbac.html" >
3.3.5 RBAC——基于角色的访问控制
< / a >
2017-08-21 18:44:34 +08:00
< / li >
< / ul >
< / li >
< li class = "chapter " data-level = "1.3.4" data-path = "../guide/access-kubernetes-cluster.html" >
< a href = "../guide/access-kubernetes-cluster.html" >
3.4 访问 Kubernetes 集群
< / a >
< ul class = "articles" >
< li class = "chapter " data-level = "1.3.4.1" data-path = "../guide/access-cluster.html" >
< a href = "../guide/access-cluster.html" >
3.4.1 访问集群
< / a >
< / li >
< li class = "chapter " data-level = "1.3.4.2" data-path = "../guide/authenticate-across-clusters-kubeconfig.html" >
< a href = "../guide/authenticate-across-clusters-kubeconfig.html" >
3.4.2 使用 kubeconfig 文件配置跨集群认证
< / a >
< / li >
< li class = "chapter " data-level = "1.3.4.3" data-path = "../guide/connecting-to-applications-port-forward.html" >
< a href = "../guide/connecting-to-applications-port-forward.html" >
3.4.3 通过端口转发访问集群中的应用程序
< / a >
< / li >
< li class = "chapter " data-level = "1.3.4.4" data-path = "../guide/service-access-application-cluster.html" >
< a href = "../guide/service-access-application-cluster.html" >
3.4.4 使用 service 访问群集中的应用程序
< / a >
< / li >
< / ul >
< / li >
< li class = "chapter " data-level = "1.3.5" data-path = "../guide/application-development-deployment-flow.html" >
< a href = "../guide/application-development-deployment-flow.html" >
3.5 在kubernetes中开发部署应用
< / a >
< ul class = "articles" >
< li class = "chapter " data-level = "1.3.5.1" data-path = "../guide/deploy-applications-in-kubernetes.html" >
< a href = "../guide/deploy-applications-in-kubernetes.html" >
3.5.1 适用于kubernetes的应用开发部署流程
< / a >
< / li >
< li class = "chapter " data-level = "1.3.5.2" data-path = "../guide/migrating-hadoop-yarn-to-kubernetes.html" >
< a href = "../guide/migrating-hadoop-yarn-to-kubernetes.html" >
3.5.2 迁移传统应用到kubernetes中——以Hadoop YARN为例
< / a >
< / li >
< / ul >
< / li >
< / ul >
< / li >
< li class = "chapter " data-level = "1.4" data-path = "../practice/" >
< a href = "../practice/" >
4. 最佳实践
< / a >
< ul class = "articles" >
< li class = "chapter " data-level = "1.4.1" data-path = "../practice/install-kbernetes1.6-on-centos.html" >
< a href = "../practice/install-kbernetes1.6-on-centos.html" >
4.1 在CentOS上部署kubernetes1.6集群
< / a >
< ul class = "articles" >
< li class = "chapter " data-level = "1.4.1.1" data-path = "../practice/create-tls-and-secret-key.html" >
< a href = "../practice/create-tls-and-secret-key.html" >
4.1.1 创建TLS证书和秘钥
< / a >
< / li >
< li class = "chapter " data-level = "1.4.1.2" data-path = "../practice/create-kubeconfig.html" >
< a href = "../practice/create-kubeconfig.html" >
4.1.2 创建kubeconfig文件
< / a >
< / li >
< li class = "chapter " data-level = "1.4.1.3" data-path = "../practice/etcd-cluster-installation.html" >
< a href = "../practice/etcd-cluster-installation.html" >
4.1.3 创建高可用etcd集群
< / a >
< / li >
< li class = "chapter " data-level = "1.4.1.4" data-path = "../practice/kubectl-installation.html" >
< a href = "../practice/kubectl-installation.html" >
4.1.4 安装kubectl命令行工具
< / a >
< / li >
< li class = "chapter " data-level = "1.4.1.5" data-path = "../practice/master-installation.html" >
< a href = "../practice/master-installation.html" >
4.1.5 部署master节点
< / a >
< / li >
< li class = "chapter " data-level = "1.4.1.6" data-path = "../practice/node-installation.html" >
< a href = "../practice/node-installation.html" >
4.1.6 部署node节点
< / a >
< / li >
< li class = "chapter " data-level = "1.4.1.7" data-path = "../practice/kubedns-addon-installation.html" >
< a href = "../practice/kubedns-addon-installation.html" >
4.1.7 安装kubedns插件
< / a >
< / li >
< li class = "chapter " data-level = "1.4.1.8" data-path = "../practice/dashboard-addon-installation.html" >
< a href = "../practice/dashboard-addon-installation.html" >
4.1.8 安装dashboard插件
< / a >
< / li >
< li class = "chapter " data-level = "1.4.1.9" data-path = "../practice/heapster-addon-installation.html" >
< a href = "../practice/heapster-addon-installation.html" >
4.1.9 安装heapster插件
< / a >
< / li >
< li class = "chapter " data-level = "1.4.1.10" data-path = "../practice/efk-addon-installation.html" >
< a href = "../practice/efk-addon-installation.html" >
4.1.10 安装EFK插件
< / a >
< / li >
< / ul >
< / li >
< li class = "chapter " data-level = "1.4.2" data-path = "../practice/service-discovery-and-loadbalancing.html" >
< a href = "../practice/service-discovery-and-loadbalancing.html" >
4.2 服务发现与负载均衡
< / a >
< ul class = "articles" >
< li class = "chapter " data-level = "1.4.2.1" data-path = "../practice/traefik-ingress-installation.html" >
< a href = "../practice/traefik-ingress-installation.html" >
4.2.1 安装Traefik ingress
< / a >
< / li >
< li class = "chapter " data-level = "1.4.2.2" data-path = "../practice/distributed-load-test.html" >
< a href = "../practice/distributed-load-test.html" >
4.2.2 分布式负载测试
< / a >
< / li >
< li class = "chapter " data-level = "1.4.2.3" data-path = "../practice/network-and-cluster-perfermance-test.html" >
< a href = "../practice/network-and-cluster-perfermance-test.html" >
4.2.3 网络和集群性能测试
< / a >
< / li >
< li class = "chapter " data-level = "1.4.2.4" data-path = "../practice/edge-node-configuration.html" >
< a href = "../practice/edge-node-configuration.html" >
4.2.4 边缘节点配置
< / a >
< / li >
< / ul >
< / li >
< li class = "chapter " data-level = "1.4.3" data-path = "../practice/operation.html" >
< a href = "../practice/operation.html" >
4.3 运维管理
< / a >
< ul class = "articles" >
< li class = "chapter " data-level = "1.4.3.1" data-path = "../practice/service-rolling-update.html" >
< a href = "../practice/service-rolling-update.html" >
4.3.1 服务滚动升级
< / a >
< / li >
< li class = "chapter " data-level = "1.4.3.2" data-path = "../practice/app-log-collection.html" >
< a href = "../practice/app-log-collection.html" >
4.3.2 应用日志收集
< / a >
< / li >
< li class = "chapter " data-level = "1.4.3.3" data-path = "../practice/configuration-best-practice.html" >
< a href = "../practice/configuration-best-practice.html" >
4.3.3 配置最佳实践
< / a >
< / li >
< li class = "chapter " data-level = "1.4.3.4" data-path = "../practice/monitor.html" >
< a href = "../practice/monitor.html" >
4.3.4 集群及应用监控
< / a >
< / li >
< li class = "chapter " data-level = "1.4.3.5" data-path = "../practice/jenkins-ci-cd.html" >
< a href = "../practice/jenkins-ci-cd.html" >
4.3.5 使用Jenkins进行持续构建与发布
< / a >
< / li >
< li class = "chapter " data-level = "1.4.3.6" data-path = "../practice/data-persistence-problem.html" >
< a href = "../practice/data-persistence-problem.html" >
4.3.6 数据持久化问题
< / a >
< / li >
< / ul >
< / li >
< li class = "chapter " data-level = "1.4.4" data-path = "../practice/storage.html" >
< a href = "../practice/storage.html" >
4.4 存储管理
< / a >
< ul class = "articles" >
< li class = "chapter " data-level = "1.4.4.1" data-path = "../practice/glusterfs.html" >
< a href = "../practice/glusterfs.html" >
4.4.1 GlusterFS
< / a >
< ul class = "articles" >
< li class = "chapter " data-level = "1.4.4.1.1" data-path = "../practice/using-glusterfs-for-persistent-storage.html" >
< a href = "../practice/using-glusterfs-for-persistent-storage.html" >
4.4.1.1 使用GlusterFS做持久化存储
< / a >
< / li >
< li class = "chapter " data-level = "1.4.4.1.2" data-path = "../practice/storage-for-containers-using-glusterfs-with-openshift.html" >
< a href = "../practice/storage-for-containers-using-glusterfs-with-openshift.html" >
4.4.1.2 在OpenShift中使用GlusterFS做持久化存储
< / a >
< / li >
< / ul >
< / li >
< / ul >
< / li >
< / ul >
< / li >
< li class = "chapter " data-level = "1.5" data-path = "../usecases/" >
< a href = "../usecases/" >
5. 领域应用
< / a >
< ul class = "articles" >
< li class = "chapter " data-level = "1.5.1" data-path = "../usecases/microservices.html" >
< a href = "../usecases/microservices.html" >
5.1 微服务架构
< / a >
< ul class = "articles" >
< li class = "chapter " data-level = "1.5.1.1" data-path = "../usecases/istio.html" >
< a href = "../usecases/istio.html" >
5.1.1 Istio
< / a >
< ul class = "articles" >
< li class = "chapter " data-level = "1.5.1.1.1" data-path = "../usecases/istio-installation.html" >
< a href = "../usecases/istio-installation.html" >
5.1.1.1 安装istio
< / a >
< / li >
< li class = "chapter " data-level = "1.5.1.1.2" data-path = "../usecases/configuring-request-routing.html" >
< a href = "../usecases/configuring-request-routing.html" >
5.1.1.2 配置请求的路由规则
< / a >
< / li >
< / ul >
< / li >
< li class = "chapter " data-level = "1.5.1.2" data-path = "../usecases/linkerd.html" >
< a href = "../usecases/linkerd.html" >
5.1.2 Linkerd
< / a >
< ul class = "articles" >
< li class = "chapter " data-level = "1.5.1.2.1" data-path = "../usecases/linkerd-user-guide.html" >
< a href = "../usecases/linkerd-user-guide.html" >
5.1.2.1 Linkerd 使用指南
< / a >
< / li >
< / ul >
< / li >
< li class = "chapter " data-level = "1.5.1.3" data-path = "../usecases/service-discovery-in-microservices.html" >
< a href = "../usecases/service-discovery-in-microservices.html" >
5.1.3 微服务中的服务发现
< / a >
< / li >
< / ul >
< / li >
< li class = "chapter " data-level = "1.5.2" data-path = "../usecases/big-data.html" >
< a href = "../usecases/big-data.html" >
5.2 大数据
< / a >
< ul class = "articles" >
2017-08-30 14:20:52 +08:00
< li class = "chapter " data-level = "1.5.2.1" data-path = "../usecases/spark-standalone-on-kubernetes.html" >
2017-08-21 18:44:34 +08:00
2017-08-30 14:20:52 +08:00
< a href = "../usecases/spark-standalone-on-kubernetes.html" >
2017-08-21 18:44:34 +08:00
2017-08-30 14:20:52 +08:00
5.2.1 Spark standalone on Kubernetes
2017-08-21 18:44:34 +08:00
< / a >
2017-08-31 14:23:44 +08:00
< / li >
< li class = "chapter " data-level = "1.5.2.2" data-path = "../usecases/support-spark-natively-in-kubernetes.html" >
< a href = "../usecases/support-spark-natively-in-kubernetes.html" >
5.2.2 运行支持kubernetes原生调度的Spark程序
< / a >
2017-08-21 18:44:34 +08:00
< / li >
< / ul >
2017-08-30 16:52:33 +08:00
< / li >
< li class = "chapter " data-level = "1.5.3" data-path = "../usecases/serverless.html" >
< a href = "../usecases/serverless.html" >
5.3 Serverless架构
< / a >
2017-08-21 18:44:34 +08:00
< / li >
< / ul >
< / li >
< li class = "chapter " data-level = "1.6" data-path = "../develop/" >
< a href = "../develop/" >
6. 开发指南
< / a >
< ul class = "articles" >
< li class = "chapter " data-level = "1.6.1" data-path = "../develop/developing-environment.html" >
< a href = "../develop/developing-environment.html" >
6.1 开发环境搭建
< / a >
< / li >
< li class = "chapter " data-level = "1.6.2" data-path = "../develop/testing.html" >
< a href = "../develop/testing.html" >
6.2 单元测试和集成测试
< / a >
< / li >
< li class = "chapter " data-level = "1.6.3" data-path = "../develop/client-go-sample.html" >
< a href = "../develop/client-go-sample.html" >
6.3 client-go示例
< / a >
< / li >
< li class = "chapter " data-level = "1.6.4" data-path = "../develop/contribute.html" >
< a href = "../develop/contribute.html" >
6.4 社区贡献
< / a >
< / li >
< / ul >
< / li >
< li class = "chapter " data-level = "1.7" data-path = "./" >
< a href = "./" >
7. 附录
< / a >
< ul class = "articles" >
< li class = "chapter active" data-level = "1.7.1" data-path = "docker-best-practice.html" >
< a href = "docker-best-practice.html" >
7.1 Docker最佳实践
< / a >
< / li >
< li class = "chapter " data-level = "1.7.2" data-path = "issues.html" >
< a href = "issues.html" >
7.2 问题记录
< / a >
< / li >
< li class = "chapter " data-level = "1.7.3" data-path = "tricks.html" >
< a href = "tricks.html" >
7.3 使用技巧
< / a >
< / li >
< / ul >
< / li >
< li class = "divider" > < / li >
< li >
< a href = "https://www.gitbook.com" target = "blank" class = "gitbook-link" >
本書使用 GitBook 釋出
< / a >
< / li >
< / ul >
< / nav >
< / div >
< div class = "book-body" >
< div class = "body-inner" >
< div class = "book-header" role = "navigation" >
<!-- Title -->
< h1 >
< i class = "fa fa-circle-o-notch fa-spin" > < / i >
< a href = ".." > 7.1 Docker最佳实践< / a >
< / h1 >
< / div >
< div class = "page-wrapper" tabindex = "-1" role = "main" >
< div class = "page-inner" >
< div class = "search-plus" id = "book-search-results" >
< div class = "search-noresults" >
< section class = "normal markdown-section" >
< h1 id = "docker最佳实践" > Docker最 佳 实 践 < / h1 >
< p > 本 文 档 旨 在 实 验 Docker1.13新 特 性 和 帮 助 大 家 了 解 docker集 群 的 管 理 和 使 用 。 < / p >
< h2 id = "环境配置" > 环 境 配 置 < / h2 >
< p > < a href = "https://rootsongjc.github.io/docker-practice/docs/docker_env" target = "_blank" > Docker1.13环 境 配 置 < / a > < / p >
< p > < a href = "https://rootsongjc.github.io/docker-practice/docs/docker_compile" target = "_blank" > docker源 码 编 译 < / a > < / p >
< h2 id = "网络管理" > 网 络 管 理 < / h2 >
< p > 网 络 配 置 和 管 理 是 容 器 使 用 中 的 的 一 个 重 点 和 难 点 , 对 比 我 们 之 前 使 用 的 docker版 本 是 1.11.1, docker1.13中 网 络 模 式 跟 之 前 的 变 动 比 较 大 , 我 们 会 花 大 力 气 讲 解 。 < / p >
< p > < a href = "https://rootsongjc.github.io/docker-practice/docs/create_network" target = "_blank" > 如 何 创 建 docker network< / a > < / p >
< p > < a href = "https://rootsongjc.github.io/docker-practice/docs/rancher_network" target = "_blank" > Rancher网 络 探 讨 和 扁 平 网 络 实 现 < / a > < / p >
< p > < a href = "https://rootsongjc.github.io/docker-practice/docs/swarm_mode_routing_mesh" target = "_blank" > swarm mode的 路 由 网 络 < / a > < / p >
< p > < a href = "https://github.com/TalkingData/shrike" target = "_blank" > docker扁 平 化 网 络 插 件 Shrike( 基 于 docker1.11) < / a > < / p >
< h2 id = "存储管理" > 存 储 管 理 < / h2 >
< p > < a href = "https://rootsongjc.github.io/docker-practice/docs/docker_storage_plugin" target = "_blank" > Docker存 储 插 件 < / a > < / p >
< ul >
< li > < a href = "https://rootsongjc.github.io/docker-practice/docs/infinit" target = "_blank" > infinit< / a > 被 docker公 司 收 购 的 法 国 团 队 开 发 < / li >
< li > < a href = "https://rootsongjc.github.io/docker-practice/docs/convoy" target = "_blank" > convoy< / a > rancher开 发 的 docker volume plugin< / li >
< li > < a href = "https://rootsongjc.github.io/docker-practice/docs/torus" target = "_blank" > torus< / a > < strong > 已 废 弃 < / strong > < / li >
< li > < a href = "https://rootsongjc.github.io/docker-practice/docs/flocker" target = "_blank" > flocker< / a > ClusterHQ开 发 < / li >
< / ul >
< h2 id = "日志管理" > 日 志 管 理 < / h2 >
< p > Docker提 供 了 一 系 列 < a href = "https://docs.docker.com/engine/admin/logging/overview/" target = "_blank" > log drivers< / a > , 如 fluentd、 journald、 syslog等 。 < / p >
< p > 需 要 配 置 docker engine的 启 动 参 数 。 < / p >
< p > < a href = "https://rootsongjc.github.io/docker-practice/docs/docker_logging_driver" target = "_blank" > docker logging driver< / a > < / p >
< h2 id = "创建应用" > 创 建 应 用 < / h2 >
< p > 官 方 文 档 : < a href = "https://docs.docker.com/engine/getstarted-voting-app/" target = "_blank" > Docker swarm sample app overview< / a > < / p >
< p > < a href = "https://rootsongjc.github.io/docker-practice/docs/create_swarm_app" target = "_blank" > 基 于 docker1.13手 把 手 教 你 创 建 swarm app< / a > < / p >
< p > < a href = "https://rootsongjc.github.io/docker-practice/docs/swarm_app_manage" target = "_blank" > swarm集 群 应 用 管 理 < / a > < / p >
< p > < a href = "https://rootsongjc.github.io/docker-practice/docs/docker_compose" target = "_blank" > 使 用 docker-compose创 建 应 用 < / a > < / p >
< h2 id = "集群管理" > 集 群 管 理 < / h2 >
< p > 我 们 使 用 docker内 置 的 swarm来 管 理 docker集 群 。 < / p >
< p > < a href = "https://rootsongjc.github.io/docker-practice/docs/swarm_mode" target = "_blank" > swarm mode介 绍 < / a > < / p >
< p > 我 们 推 荐 使 用 开 源 的 docker集 群 管 理 配 置 方 案 : < / p >
< ul >
< li > < a href = "https://github.com/Dataman-Cloud/crane" target = "_blank" > Crane< / a > : 由 数 人 云 开 源 的 基 于 swarmkit的 容 器 管 理 软 件 , 可 以 作 为 docker和 go语 言 开 发 的 一 个 不 错 入 门 项 目 < / li >
< li > < a href = "https://github.com/rancher/rancher" target = "_blank" > Rancher< / a > :Rancher是 一 个 企 业 级 的 容 器 管 理 平 台 , 可 以 使 用 Kubernetes、 swarm和 rancher自 研 的 cattle来 管 理 集 群 。 < / li >
< / ul >
< p > < a href = "https://rootsongjc.github.io/docker-practice/docs/crane_usage" target = "_blank" > Crane的 部 署 和 使 用 < / a > < / p >
< p > < a href = "https://rootsongjc.github.io/docker-practice/docs/rancher_usage" target = "_blank" > Rancher的 部 署 和 使 用 < / a > < / p >
< h2 id = "资源限制" > 资 源 限 制 < / h2 >
< p > < a href = "https://rootsongjc.github.io/docker-practice/docs/memory_resource_limit" target = "_blank" > 内 存 资 源 限 制 < / a > < / p >
< p > < a href = "https://rootsongjc.github.io/docker-practice/docs/cpu_resource_limit" target = "_blank" > CPU资 源 限 制 < / a > < / p >
< p > < a href = "https://rootsongjc.github.io/docker-practice/docs/io_resource_limit" target = "_blank" > IO资 源 限 制 < / a > < / p >
< h2 id = "服务发现" > 服 务 发 现 < / h2 >
< p > 下 面 罗 列 一 些 列 常 见 的 服 务 发 现 工 具 。 < / p >
< p > Etcd:服 务 发 现 /全 局 分 布 式 键 值 对 存 储 。 这 是 CoreOS的 创 建 者 提 供 的 工 具 , 面 向 容 器 和 宿 主 机 提 供 服 务 发 现 和 全 局 配 置 存 储 功 能 。 它 在 每 个 宿 主 机 有 基 于 http协 议 的 API和 命 令 行 的 客 户 端 。 < a href = "https://github.com/docker/etcd" target = "_blank" > https://github.com/docker/etcd< / a > < / p >
< ul >
< li > < a href = "https://github.com/hashicorp/consul" target = "_blank" > Cousul< / a > : 服 务 发 现 /全 局 分 布 式 键 值 对 存 储 。 这 个 服 务 发 现 平 台 有 很 多 高 级 的 特 性 , 使 得 它 能 够 脱 颖 而 出 , 例 如 : 配 置 健 康 检 查 、 ACL功 能 、 HAProxy配 置 等 等 。 < / li >
< li > < a href = "https://github.com/apache/zookeeper" target = "_blank" > Zookeeper< / a > : 诞 生 于 Hadoop生 态 系 统 里 的 组 件 , Apache的 开 源 项 目 。 服 务 发 现 /全 局 分 布 式 键 值 对 存 储 。 这 个 工 具 较 上 面 两 个 都 比 较 老 , 提 供 一 个 更 加 成 熟 的 平 台 和 一 些 新 特 性 。 < / li >
< li > Crypt: 加 密 etcd条 目 的 项 目 。 Crypt允 许 组 建 通 过 采 用 公 钥 加 密 的 方 式 来 保 护 它 们 的 信 息 。 需 要 读 取 数 据 的 组 件 或 被 分 配 密 钥 , 而 其 他 组 件 则 不 能 读 取 数 据 。 < / li >
< li > < a href = "https://github.com/kelseyhightower/confd" target = "_blank" > Confd< / a > : 观 测 键 值 对 存 储 变 更 和 新 值 的 触 发 器 重 新 配 置 服 务 。 Confd项 目 旨 在 基 于 服 务 发 现 的 变 化 , 而 动 态 重 新 配 置 任 意 应 用 程 序 。 该 系 统 包 含 了 一 个 工 具 来 检 测 节 点 中 的 变 化 、 一 个 模 版 系 统 能 够 重 新 加 载 受 影 响 的 应 用 。 < / li >
< li > < a href = "https://github.com/vulcand/vulcand" target = "_blank" > Vulcand< / a > : vulcand在 组 件 中 作 为 负 载 均 衡 使 用 。 它 使 用 etcd作 为 后 端 , 并 基 于 检 测 变 更 来 调 整 它 的 配 置 。 < / li >
< li > < a href = "https://github.com/mesosphere/marathon" target = "_blank" > Marathon< / a > : 虽 然 marathon主 要 是 调 度 器 , 它 也 实 现 了 一 个 基 本 的 重 新 加 载 HAProxy的 功 能 , 当 发 现 变 更 时 , 它 来 协 调 可 用 的 服 务 。 < / li >
< li > Frontrunner: 这 个 项 目 嵌 入 在 marathon中 对 HAproxy的 更 新 提 供 一 个 稳 定 的 解 决 方 案 。 < / li >
< li > < a href = "https://github.com/airbnb/synapse" target = "_blank" > Synapse< / a > : 由 Airbnb出 品 的 , Ruby语 言 开 发 , 这 个 项 目 引 入 嵌 入 式 的 HAProxy组 件 , 它 能 够 发 送 流 量 给 各 个 组 件 。 < a href = "http://bruth.github.io/synapse/docs/" target = "_blank" > http://bruth.github.io/synapse/docs/< / a > < / li >
< li > < a href = "https://github.com/airbnb/nerve" target = "_blank" > Nerve< / a > : 它 被 用 来 与 synapse结 合 在 一 起 来 为 各 个 组 件 提 供 健 康 检 查 , 如 果 组 件 不 可 用 , nerve将 更 新 synapse并 将 该 组 件 移 除 出 去 。 < / li >
< / ul >
< h2 id = "插件开发" > 插 件 开 发 < / h2 >
< p > < a href = "https://rootsongjc.github.io/docker-practice/docs/plugin_developing" target = "_blank" > 插 件 开 发 示 例 -sshfs< / a > < / p >
< p > < a href = "https://rootsongjc.github.io/blogs/docker-plugin-develop/" target = "_blank" > 我 的 docker插 件 开 发 文 章 < / a > < / p >
< p > < a href = "https://rootsongjc.github.io/blogs/docker-plugin-develop/" target = "_blank" > Docker17.03-CE插 件 开 发 举 例 < / a > < / p >
< p > < strong > 网 络 插 件 < / strong > < / p >
< ul >
< li > < a href = "https://rootsongjc.github.io/tags/contiv/" target = "_blank" > Contiv< / a > 思 科 出 的 Docker网 络 插 件 , 趟 坑 全 记 录 , 目 前 还 无 法 上 生 产 , 1.0正 式 版 还 没 出 , 密 切 关 注 中 。 < / li >
< li > < a href = "github.com/calico" > Calico< / a > 产 品 化 做 的 不 错 , 已 经 有 人 用 在 生 产 上 了 。 < / li >
< / ul >
< p > < strong > 存 储 插 件 < / strong > < / p >
< h2 id = "业界使用案例" > 业 界 使 用 案 例 < / h2 >
< p > < a href = "https://rootsongjc.github.io/docker-practice/docs/jd_transform_to_kubernetes" target = "_blank" > 京 东 从 OpenStack切 换 到 Kubernetes的 经 验 之 谈 < / a > < / p >
< p > < a href = "https://rootsongjc.github.io/docker-practice/docs/meituan_docker_platform" target = "_blank" > 美 团 点 评 容 器 平 台 介 绍 < / a > < / p >
< p > < a href = "https://rootsongjc.github.io/docker-practice/docs/ali_docker" target = "_blank" > 阿 里 超 大 规 模 docker化 之 路 < / a > < / p >
< p > < a href = "http://rootsongjc.github.io/projects/yarn-on-docker/" target = "_blank" > TalkingData-容 器 技 术 在 大 数 据 场 景 下 的 应 用 Yarn on Docker< / a > < / p >
< p > < a href = "https://rootsongjc.github.io/docker-practice/docs/letv_docker" target = "_blank" > 乐 视 云 基 于 Kubernetes的 PaaS平 台 建 设 < / a > < / p >
< h2 id = "资源编排" > 资 源 编 排 < / h2 >
< p > 建 议 使 用 kuberentes, 虽 然 比 较 复 杂 , 但 是 专 业 的 工 具 做 专 业 的 事 情 , 将 编 排 这 么 重 要 的 生 产 特 性 绑 定 到 docker上 的 风 险 还 是 很 大 的 , 我 已 经 转 投 到 kubernetes怀 抱 了 , 那 么 你 呢 ? < / p >
< p > < a href = "https://rootsongjc.github.io/tags/kubernetes/" target = "_blank" > 我 的 kubernetes探 险 之 旅 < / a > < / p >
< h2 id = "相关资源" > 相 关 资 源 < / h2 >
< p > < a href = "https://rootsongjc.github.io/docker-practice/docs/tech_resource" target = "_blank" > 容 器 技 术 工 具 与 资 源 < / a > < / p >
< p > < a href = "https://rootsongjc.github.io/docker-practice/docs/container_2016" target = "_blank" > 容 器 技 术 2016年 总 结 < / a > < / p >
< h2 id = "关于" > 关 于 < / h2 >
< p > Author: < a href = "https://rootsongjc.github.io/about" target = "_blank" > Jimmy Song< / a > < / p >
< p > rootsongjc@gmail.com< / p >
< p > 更 多 关 于 < strong > Docker< / strong > 、 < strong > MicroServices< / strong > 、 < strong > Big Data< / strong > 、 < strong > DevOps< / strong > 、 < strong > Deep Learning< / strong > 的 内 容 请 关 注 < a href = "https://rootsongjc.github.io" target = "_blank" > Jimmy Song' s Blog< / a > , 将 不 定 期 更 新 。 < / p >
< footer class = "page-footer-ex" > < span class = "page-footer-ex-copyright" > for GitBook< / span >                       < span class = "page-footer-ex-footer-update" > update
2017-08-21 18:23:34
< / span > < / footer >
< / section >
< / div >
< div class = "search-results" >
< div class = "has-results" >
< h1 class = "search-results-title" > < span class = 'search-results-count' > < / span > results matching "< span class = 'search-query' > < / span > "< / h1 >
< ul class = "search-results-list" > < / ul >
< / div >
< div class = "no-results" >
< h1 class = "search-results-title" > No results matching "< span class = 'search-query' > < / span > "< / h1 >
< / div >
< / div >
< / div >
< / div >
< / div >
< / div >
< a href = "./" class = "navigation navigation-prev " aria-label = "Previous page: 7. 附录" >
< i class = "fa fa-angle-left" > < / i >
< / a >
< a href = "issues.html" class = "navigation navigation-next " aria-label = "Next page: 7.2 问题记录" >
< i class = "fa fa-angle-right" > < / i >
< / a >
< / div >
< script >
var gitbook = gitbook || [];
gitbook.push(function() {
2017-08-31 22:48:18 +08:00
gitbook.page.hasChanged({"page":{"title":"7.1 Docker最佳实践","level":"1.7.1","depth":2,"next":{"title":"7.2 问题记录","level":"1.7.2","depth":2,"path":"appendix/issues.md","ref":"appendix/issues.md","articles":[]},"previous":{"title":"7. 附录","level":"1.7","depth":1,"path":"appendix/index.md","ref":"appendix/index.md","articles":[{"title":"7.1 Docker最佳实践","level":"1.7.1","depth":2,"path":"appendix/docker-best-practice.md","ref":"appendix/docker-best-practice.md","articles":[]},{"title":"7.2 问题记录","level":"1.7.2","depth":2,"path":"appendix/issues.md","ref":"appendix/issues.md","articles":[]},{"title":"7.3 使用技巧","level":"1.7.3","depth":2,"path":"appendix/tricks.md","ref":"appendix/tricks.md","articles":[]}]},"dir":"ltr"},"config":{"plugins":["github","codesnippet","splitter","page-toc-button","image-captions","page-footer-ex","editlink","-lunr","-search","search-plus"],"styles":{"website":"styles/website.css","pdf":"styles/pdf.css","epub":"styles/epub.css","mobi":"styles/mobi.css","ebook":"styles/ebook.css","print":"styles/print.css"},"pluginsConfig":{"github":{"url":"https://github.com/rootsongjc/kubernetes-handbook"},"editlink":{"label":"编辑本页","multilingual":false,"base":"https://github.com/rootsongjc/kubernetes-handbook/blob/master/"},"page-footer-ex":{"copyright":"for GitBook","update_format":"YYYY-MM-DD HH:mm:ss","update_label":"update"},"splitter":{},"codesnippet":{},"fontsettings":{"theme":"white","family":"sans","size":2},"highlight":{},"page-toc-button":{},"sharing":{"facebook":true,"twitter":true,"google":false,"weibo":false,"instapaper":false,"vk":false,"all":["facebook","google","twitter","weibo","instapaper"]},"theme-default":{"styles":{"website":"styles/website.css","pdf":"styles/pdf.css","epub":"styles/epub.css","mobi":"styles/mobi.css","ebook":"styles/ebook.css","print":"styles/print.css"},"showLevel":false},"search-plus":{},"image-captions":{"variable_name":"_pictures"}},"page-footer-ex":{"copyright":"Jimmy Song","update_label":"最后更新:","update_format":"YYYY-MM-DD HH:mm:ss"},"theme":"default","author":"Jimmy Song","pdf":{"pageNumbers":true,"fontSize":12,"fontFamily":"Arial","paperSize":"a4","chapterMark":"pagebreak","pageBreaksBefore":"/","margin":{"right":62,"left":62,"top":56,"bottom":56}},"structure":{"langs":"LANGS.md","readme":"README.md","glossary":"GLOSSARY.md","summary":"SUMMARY.md"},"variables":{"_pictures":[{"backlink":"concepts/index.html#fig1.2.1","level":"1.2","list_caption":"Figure: Borg架构","alt":"Borg架构","nro":1,"url":"../images/borg.png","index":1,"caption_template":"Figure: _CAPTION_","label":"Borg架构","attributes":{},"skip":false,"key":"1.2.1"},{"backlink":"concepts/index.html#fig1.2.2","level":"1.2","list_caption":"Figure: Kubernetes架构","alt":"Kubernetes架构","nro":2,"url":"../images/architecture.png","index":2,"caption_template":"Figure: _CAPTION_","label":"Kubernetes架构","attributes":{},"skip":false,"key":"1.2.2"},{"backlink":"concepts/index.html#fig1.2.3","level":"1.2","list_caption":"Figure: kubernetes整体架构示意图","alt":"kubernetes整体架构示意图","nro":3,"url":"../images/kubernetes-whole-arch.png","index":3,"caption_template":"Figure: _CAPTION_","label":"kubernetes整体架构示意图","attributes":{},"skip":false,"key":"1.2.3"},{"backlink":"concepts/index.html#fig1.2.4","level":"1.2","list_caption":"Figure: Kubernetes master架构示意图","alt":"Kubernetes master架构示意图","nro":4,"url":"../images/kubernetes-master-arch.png","index":4,"caption_template":"Figure: _CAPTION_","label":"Kubernetes master架构示意图","attributes":{},"skip":false,"key":"1.2.4"},{"backlink":"concepts/index.html#fig1.2.5","level":"1.2","list_caption":"Figure: kubernetes node架构示意图","alt":"kubernetes node架构示意图","nro":5,"url":"../images/kubernetes-node-arch.png","index":5,"caption_template":"Figure: _CAPTION_","label":"kubernetes node架构示意图","attributes":{},"skip":false,"key":"1.2.5"},{"backlink":"concepts/index.html#fig1.2.6","level":"1.2","list_caption":"Figure: Kube
2017-08-21 18:44:34 +08:00
});
< / script >
< / div >
< script src = "../gitbook/gitbook.js" > < / script >
< script src = "../gitbook/theme.js" > < / script >
< script src = "../gitbook/gitbook-plugin-github/plugin.js" > < / script >
< script src = "../gitbook/gitbook-plugin-splitter/splitter.js" > < / script >
< script src = "../gitbook/gitbook-plugin-page-toc-button/plugin.js" > < / script >
< script src = "../gitbook/gitbook-plugin-editlink/plugin.js" > < / script >
< script src = "../gitbook/gitbook-plugin-search-plus/jquery.mark.min.js" > < / script >
< script src = "../gitbook/gitbook-plugin-search-plus/search.js" > < / script >
< script src = "../gitbook/gitbook-plugin-sharing/buttons.js" > < / script >
< script src = "../gitbook/gitbook-plugin-fontsettings/fontsettings.js" > < / script >
< / body >
< / html >