rancher1.6 설치 및 운영

구축방법 (기본설정)

기본개념 정리

• Master

  • 인증,권한 관리

  • 컨테이너 할당 스케줄링

  • 스케일링, 복제 컨트롤러

  • 설정 정보 관리

• Node

  • rancher slave node 

  • rancher agent로 동작. master와 통신하며 노드 관리.

    
    

INSTALL

공통 

Docker install

$curl -s https://get.docker.com/ | sudo sh
.
.
+ sh -c docker version
Client:
 Version:      17.05.0-ce
 API version:  1.29
 Go version:   go1.7.5
 Git commit:   89658be
 Built:        Thu May  4 22:06:06 2017
 OS/Arch:      linux/amd64
 
Server:
 Version:      17.05.0-ce
 API version:  1.29 (minimum version 1.12)
 Go version:   go1.7.5
 Git commit:   89658be
 Built:        Thu May  4 22:06:06 2017
 OS/Arch:      linux/amd64
 Experimental: false
 
If you would like to use Docker as a non-root user, you should now consider
adding your user to the "docker" group with something like:
 
  sudo usermod -aG docker your-user
 
Remember that you will have to log out and back in for this to take effect!
 
WARNING: Adding a user to the "docker" group will grant the ability to run
         containers which can be used to obtain root privileges on the
         docker host.
         Refer to https://docs.docker.com/engine/security/security/#docker-daemon-attack-surface
         for more information.

• 참고
• 버전별 설치 스크립트 ("http://rancher.com/docs/rancher/v1.6/en/hosts/#supported-docker-versions")
• 특정 버전을 지정하여 설치 가능. ex : curl https://releases.rancher.com/install-docker/17.03.sh | sh )
•  rancher1.6 + kubernetes 운영시, 맞는  버전을 선택 하여 설치 

Master 

rancher1.6 install 

• "rancher_db" 폴더 생성 (옵션) 
• 재설치 하게 될경우, 기존 설정값(rancher_db)을 그대로 유지 하기 위함.   
• "80:8080" 변경 (옵션)
• default 설정은 "8080:8080" 임. 도메인 연결을 위해, 80으로 변경 함. 

$sudo mkdir rancher_db
$docker run -d -v /homes/rancher_db/mysql:/var/lib/mysql --restart=unless-stopped -p 80:8080 rancher/server

• 설치 내역 확인  

$ docker ps
CONTAINER ID        IMAGE                   COMMAND                  CREATED             STATUS              PORTS                            NAMES
273ecca3ed89        rancher/server:latest   "/usr/bin/entry /u..."   3 months ago        Up 3 months         3306/tcp, 0.0.0.0:80->8080/tcp   compassionate_heyrovsky

• web login 
• (http://x.x.x.x/login)
• admin 계정 패스워드 생성 및 login 

 

Node 

docer-compose install (옵션)

• "docker-compose.yml"을 서버에서 직접 배포할경우 사용 

$sudo curl -L https://github.com/docker/compose/releases/download/1.18.0/docker-compose-`uname -s`-`uname -m` -o /usr/local/bin/docker-compose
 
$sudo chmod +x /usr/local/bin/docker-compose
 
$docker-compose --version

insecure 설정 (옵션) 

• docker image용 registry가 있는 경우 등록 해줌.

• setup ( #/etc/default/docker )  - ubuntu14.x 

# Docker Upstart and SysVinit configuration file
 
#
# THIS FILE DOES NOT APPLY TO SYSTEMD
#
#   Please see the documentation for "systemd drop-ins":
#   https://docs.docker.com/engine/admin/systemd/
#
 
# Customize location of Docker binary (especially for development testing).
#DOCKERD="/usr/local/bin/dockerd"
 
# Use DOCKER_OPTS to modify the daemon startup options.
#DOCKER_OPTS="--dns 8.8.8.8 --dns 8.8.4.4"
DOCKER_OPTS="--insecure-registry docker.test.com"
 
# If you need Docker to use an HTTP proxy, it can also be specified here.
#export http_proxy="http://127.0.0.1:3128/"
 
# This is also a handy place to tweak where Docker's temporary files go.
#export DOCKER_TMPDIR="/mnt/bigdrive/docker-tmp"

• insecure 설정 (16.04 이후)   
• setup (#/etc/docker/daemon.json) 

{
    "Insecure-registries" : ["docker.test.com"]
}

• 등록확인 
• "$docker info" 명령 후 아래와 같이 " Insecure Registries" 변경 내역 확인. 

Registry: https://index.docker.io/v1/
Experimental: false
Insecure Registries:
 docker.test.com
 127.0.0.0/8
Live Restore Enabled: false
 
WARNING: No swap limit support

DCS(docker_cli_dashboard) install (옵션)

• Ralf Yang님이 만든 CLI mode dashboard Tool (https://github.com/goody80/docker_cli_dashboard)
  서버에서 docker 현황을 관리하기 좋음.

$curl -sL bit.ly/ralf_dcs -o ./dcs; sudo chmod 755 ./dcs; sudo mv ./dcs /usr/bin/dcs

• CLI Dashboard 내역