Docker的可视化界面工具
1. Portainer1.1 Introduction1.1.1 Official
1.2 Download And Deploy1.3 Dashboard1.3.1 Dashboard
2. Shipyard2.1 Introduction2.1.1 Character2.1.2 Official
2.2 Download And Deploy2.2.1 脚本下载镜像2.2.2 执行脚本2.2.2 查看下载的镜像
2.3 Dashboard2.3.1 访问服务2.3.2 Dashboard
3.Awakening
 
1. Portainer
1.1 Introduction
Portainer是一个可视化的容器镜像的图形管理工具,利用Portainer可以轻松构建,管理和维护Docker环境。 而且完全免费,基于容器化的安装方式,方便高效部署。
1.1.1 Official
1.2 Download And Deploy
下载镜像 docker search portainer |head -n 3 docker pull portainer/portainer 启动容器(我只有8889和8890) 先创建volumn的目录,run和portainer_data docker run -d -p 8889:8000 -p 8890:9000 --name=myportainer --restart=always -v /var/run/docker.sock:/var/run/docker.sock -v /var/portainer_data:/data portainer/portainer
1.3 Dashboard
访问服务 http://10.136.xxx.xxxx:8890 admin/Tomcat@123 home page 
1.3.1 Dashboard
Dashboard  App Template  command 
2. Shipyard
2.1 Introduction
Shipyard是docker的web可视化界面管理工具,是建立在docker集群管理工具Citadel之上,可以管理镜像、容器、主机等资源的web图形化工具,包括core和extension两个版本,core即shipyard主要是把多个 Docker host上的 containers 统一管理(支持跨越多个host),extension即shipyard-extensions添加了应用路由和负载均衡、集中化日志、部署等。Shipyard是在Docker Swarm实现对容器、镜像、docker集群、仓库、节点进行管理的web系统。
2.1.1 Character
其特性主要包括:
支持节点动态集群,可扩展节点的规模(swarm、etcd方案)支持镜像管理、容器管理、节点管理等功能可视化的容器管理和监控管理在线连接容器console终端
2.1.2 Official
Official Website: https://shipyard-project.com/deploy. 
2.2 Download And Deploy
2.2.1 脚本下载镜像
[root@docker ~]$cat deploy
#!/bin/bash
if [ "$1" != "" ] && [ "$1" = "-h" ]; then
echo "Shipyard Deploy uses the following environment variables:"
echo " ACTION: this is the action to use (deploy, upgrade, node, remove)"
echo " DISCOVERY: discovery system used by Swarm (only if using 'node' action)"
echo " IMAGE: this overrides the default Shipyard image"
echo " PREFIX: prefix for container names"
echo " SHIPYARD_ARGS: these are passed to the Shipyard controller container as controller args"
echo " TLS_CERT_PATH: path to certs to enable TLS for Shipyard"
echo " PORT: specify the listen port for the controller (default: 8080)"
echo " IP: specify the address at which the controller or node will be available (default: eth0 ip)"
echo " PROXY_PORT: port to run docker proxy (default: 2375)"
exit 1
fi
if [ -z "`which docker`" ]; then
echo "You must have the Docker CLI installed on your \$PATH"
echo " See http://docs.docker.com for details"
exit 1
fi
ACTION=${ACTION:-deploy}
IMAGE=${IMAGE:-dockerclub/shipyard:latest}
PREFIX=${PREFIX:-shipyard}
SHIPYARD_ARGS=${SHIPYARD_ARGS:-""}
TLS_CERT_PATH=${TLS_CERT_PATH:-}
CERT_PATH="/etc/shipyard"
PROXY_PORT=${PROXY_PORT:-2376}
SWARM_PORT=3375
SHIPYARD_PROTOCOL=http
SHIPYARD_PORT=${PORT:-8080}
SHIPYARD_IP=${IP}
DISCOVERY_BACKEND=etcd
DISCOVERY_PORT=4001
DISCOVERY_PEER_PORT=7001
ENABLE_TLS=0
CERT_FINGERPRINT=""
LOCAL_CA_CERT=""
LOCAL_SSL_CERT=""
LOCAL_SSL_KEY=""
LOCAL_SSL_CLIENT_CERT=""
LOCAL_SSL_CLIENT_KEY=""
SSL_CA_CERT=""
SSL_CERT=""
SSL_KEY=""
SSL_CLIENT_CERT=""
SSL_CLIENT_KEY=""
show_cert_help() {
echo "To use TLS in Shipyard, you must have existing certificates."
echo "The certs must be named ca.pem, server.pem, server-key.pem, cert.pem and key.pem"
echo "If you need to generate certificates, see https://github.com/ehazlett/certm for examples."
}
check_certs() {
if [ -z "$TLS_CERT_PATH" ]; then
return
fi
if [ ! -e $TLS_CERT_PATH ]; then
echo "Error: unable to find certificates in $TLS_CERT_PATH"
show_cert_help
exit 1
fi
if [ "$PROXY_PORT" = "2375" ]; then
PROXY_PORT=2376
fi
SWARM_PORT=3376
SHIPYARD_PROTOCOL=https
LOCAL_SSL_CA_CERT="$TLS_CERT_PATH/ca.pem"
LOCAL_SSL_CERT="$TLS_CERT_PATH/server.pem"
LOCAL_SSL_KEY="$TLS_CERT_PATH/server-key.pem"
LOCAL_SSL_CLIENT_CERT="$TLS_CERT_PATH/cert.pem"
LOCAL_SSL_CLIENT_KEY="$TLS_CERT_PATH/key.pem"
SSL_CA_CERT="$CERT_PATH/ca.pem"
SSL_CERT="$CERT_PATH/server.pem"
SSL_KEY="$CERT_PATH/server-key.pem"
SSL_CLIENT_CERT="$CERT_PATH/cert.pem"
SSL_CLIENT_KEY="$CERT_PATH/key.pem"
CERT_FINGERPRINT=$(openssl x509 -noout -in $LOCAL_SSL_CERT -fingerprint -sha256 | awk -F= '{print $2;}')
if [ ! -e $LOCAL_SSL_CA_CERT ] || [ ! -e $LOCAL_SSL_CERT ] || [ ! -e $LOCAL_SSL_KEY ] || [ ! -e $LOCAL_SSL_CLIENT_CERT ] || [ ! -e $LOCAL_SSL_CLIENT_KEY ]; then
echo "Error: unable to find certificates"
show_cert_help
exit 1
fi
ENABLE_TLS=1
}
# container functions
start_certs() {
ID=$(docker run \
-ti \
-d \
--restart=always \
--name $PREFIX-certs \
-v $CERT_PATH \
alpine \
sh)
if [ $ENABLE_TLS = 1 ]; then
docker cp $LOCAL_SSL_CA_CERT $PREFIX-certs:$SSL_CA_CERT
docker cp $LOCAL_SSL_CERT $PREFIX-certs:$SSL_CERT
docker cp $LOCAL_SSL_KEY $PREFIX-certs:$SSL_KEY
docker cp $LOCAL_SSL_CLIENT_CERT $PREFIX-certs:$SSL_CLIENT_CERT
docker cp $LOCAL_SSL_CLIENT_KEY $PREFIX-certs:$SSL_CLIENT_KEY
fi
}
remove_certs() {
docker rm -fv $PREFIX-certs > /dev/null 2>&1
}
get_ip() {
if [ -z "$SHIPYARD_IP" ]; then
SHIPYARD_IP=`docker run --rm --net=host alpine ip route get 8.8.8.8 | awk '{ print $7; }'`
fi
}
start_discovery() {
get_ip
ID=$(docker run \
-ti \
-d \
-p 4001:4001 \
-p 7001:7001 \
--restart=always \
--name $PREFIX-discovery \
microbox/etcd:latest -addr $SHIPYARD_IP:$DISCOVERY_PORT -peer-addr $SHIPYARD_IP:$DISCOVERY_PEER_PORT)
}
remove_discovery() {
docker rm -fv $PREFIX-discovery > /dev/null 2>&1
}
start_rethinkdb() {
ID=$(docker run \
-ti \
-d \
--restart=always \
--name $PREFIX-rethinkdb \
rethinkdb)
}
remove_rethinkdb() {
docker rm -fv $PREFIX-rethinkdb > /dev/null 2>&1
}
start_proxy() {
TLS_OPTS=""
if [ $ENABLE_TLS = 1 ]; then
TLS_OPTS="-e SSL_CA=$SSL_CA_CERT -e SSL_CERT=$SSL_CERT -e SSL_KEY=$SSL_KEY -e SSL_SKIP_VERIFY=1"
fi
# Note: we add SSL_SKIP_VERIFY=1 to skip verification of the client
# certificate in the proxy image. this will pass it to swarm that
# does verify. this helps with performance and avoids certificate issues
# when running through the proxy. ultimately if the cert is invalid
# swarm will fail to return.
ID=$(docker run \
-ti \
-d \
-p $PROXY_PORT:$PROXY_PORT \
--hostname=$HOSTNAME \
--restart=always \
--name $PREFIX-proxy \
-v /var/run/docker.sock:/var/run/docker.sock \
-e PORT=$PROXY_PORT \
--volumes-from=$PREFIX-certs $TLS_OPTS\
shipyard/docker-proxy:latest)
}
remove_proxy() {
docker rm -fv $PREFIX-proxy > /dev/null 2>&1
}
start_swarm_manager() {
get_ip
TLS_OPTS=""
if [ $ENABLE_TLS = 1 ]; then
TLS_OPTS="--tlsverify --tlscacert=$SSL_CA_CERT --tlscert=$SSL_CERT --tlskey=$SSL_KEY"
fi
EXTRA_RUN_OPTS=""
if [ -z "$DISCOVERY" ]; then
DISCOVERY="$DISCOVERY_BACKEND://discovery:$DISCOVERY_PORT"
EXTRA_RUN_OPTS="--link $PREFIX-discovery:discovery"
fi
ID=$(docker run \
-ti \
-d \
--restart=always \
--name $PREFIX-swarm-manager \
--volumes-from=$PREFIX-certs $EXTRA_RUN_OPTS \
swarm:latest \
m --replication --addr $SHIPYARD_IP:$SWARM_PORT --host tcp://0.0.0.0:$SWARM_PORT $TLS_OPTS $DISCOVERY)
}
remove_swarm_manager() {
docker rm -fv $PREFIX-swarm-manager > /dev/null 2>&1
}
start_swarm_agent() {
get_ip
if [ -z "$DISCOVERY" ]; then
DISCOVERY="$DISCOVERY_BACKEND://discovery:$DISCOVERY_PORT"
EXTRA_RUN_OPTS="--link $PREFIX-discovery:discovery"
fi
ID=$(docker run \
-ti \
-d \
--restart=always \
--name $PREFIX-swarm-agent $EXTRA_RUN_OPTS \
swarm:latest \
j --addr $SHIPYARD_IP:$PROXY_PORT $DISCOVERY)
}
remove_swarm_agent() {
docker rm -fv $PREFIX-swarm-agent > /dev/null 2>&1
}
start_controller() {
#-v $CERT_PATH:/etc/docker:ro \
TLS_OPTS=""
if [ $ENABLE_TLS = 1 ]; then
TLS_OPTS="--tls-ca-cert $SSL_CA_CERT --tls-cert=$SSL_CERT --tls-key=$SSL_KEY --shipyard-tls-ca-cert=$SSL_CA_CERT --shipyard-tls-cert=$SSL_CERT --shipyard-tls-key=$SSL_KEY"
fi
ID=$(docker run \
-ti \
-d \
--restart=always \
--name $PREFIX-controller \
--link $PREFIX-rethinkdb:rethinkdb \
--link $PREFIX-swarm-manager:swarm \
-p $SHIPYARD_PORT:$SHIPYARD_PORT \
--volumes-from=$PREFIX-certs \
$IMAGE \
--debug \
server \
--listen :$SHIPYARD_PORT \
-d tcp://swarm:$SWARM_PORT $TLS_OPTS $SHIPYARD_ARGS)
}
wait_for_available() {
set +e
IP=$1
PORT=$2
echo Waiting for Shipyard on $IP:$PORT
docker pull ehazlett/curl > /dev/null 2>&1
TLS_OPTS=""
if [ $ENABLE_TLS = 1 ]; then
TLS_OPTS="-k"
fi
until $(docker run --rm ehazlett/curl --output /dev/null --connect-timeout 1 --silent --head --fail $TLS_OPTS $SHIPYARD_PROTOCOL://$IP:$PORT/ > /dev/null 2>&1); do
printf '.'
sleep 1
done
printf '\n'
}
remove_controller() {
docker rm -fv $PREFIX-controller > /dev/null 2>&1
}
if [ "$ACTION" = "deploy" ]; then
set -e
check_certs
get_ip
echo "Deploying Shipyard"
echo " -> Starting Database"
start_rethinkdb
echo " -> Starting Discovery"
start_discovery
echo " -> Starting Cert Volume"
start_certs
echo " -> Starting Proxy"
start_proxy
echo " -> Starting Swarm Manager"
start_swarm_manager
echo " -> Starting Swarm Agent"
start_swarm_agent
echo " -> Starting Controller"
start_controller
wait_for_available $SHIPYARD_IP $SHIPYARD_PORT
echo "Shipyard available at $SHIPYARD_PROTOCOL://$SHIPYARD_IP:$SHIPYARD_PORT"
if [ $ENABLE_TLS = 1 ] && [ ! -z "$CERT_FINGERPRINT" ]; then
echo "SSL SHA-256 Fingerprint: $CERT_FINGERPRINT"
fi
echo "Username: admin Password: shipyard"
elif [ "$ACTION" = "node" ]; then
set -e
if [ -z "$DISCOVERY" ]; then
echo "You must set the DISCOVERY environment variable"
echo "with the discovery system used with Swarm"
exit 1
fi
check_certs
echo "Adding Node"
echo " -> Starting Cert Volume"
start_certs
echo " -> Starting Proxy"
start_proxy
echo " -> Starting Swarm Manager"
start_swarm_manager $DISCOVERY
echo " -> Starting Swarm Agent"
start_swarm_agent
echo "Node added to Swarm: $SHIPYARD_IP"
elif [ "$ACTION" = "upgrade" ]; then
set -e
check_certs
get_ip
echo "Upgrading Shipyard"
echo " -> Pulling $IMAGE"
docker pull $IMAGE
echo " -> Upgrading Controller"
remove_controller
start_controller
wait_for_available $SHIPYARD_IP $SHIPYARD_PORT
echo "Shipyard controller updated"
elif [ "$ACTION" = "remove" ]; then
# ignore errors
set +e
echo "Removing Shipyard"
echo " -> Removing Database"
remove_rethinkdb
echo " -> Removing Discovery"
remove_discovery
echo " -> Removing Cert Volume"
remove_certs
echo " -> Removing Proxy"
remove_proxy
echo " -> Removing Swarm Agent"
remove_swarm_agent
echo " -> Removing Swarm Manager"
remove_swarm_manager
echo " -> Removing Controller"
remove_controller
echo "Done"
else
echo "Unknown action $ACTION"
exit 1
fi
2.2.2 执行脚本
[root@docker ~]$./deploy
Unable to find image 'alpine:latest' locally
latest: Pulling from library/alpine
213ec9aee27d: Pulling fs layer
213ec9aee27d: Verifying Checksum
213ec9aee27d: Download complete
213ec9aee27d: Pull complete
Digest: sha256:bc41182d7ef5ffc53a40b044e725193bc10142a1243f395ee852a8d9730fc2ad
Status: Downloaded newer image for alpine:latest
Deploying Shipyard
-> Starting Database
Unable to find image 'rethinkdb:latest' locally
latest: Pulling from library/rethinkdb
7a6db449b51b: Pulling fs layer
20181367ea9b: Pulling fs layer
d4c59a6fbe9d: Pulling fs layer
54db2c71fcb0: Pulling fs layer
1e96e4039912: Pulling fs layer
54db2c71fcb0: Waiting
1e96e4039912: Waiting
d4c59a6fbe9d: Verifying Checksum
d4c59a6fbe9d: Download complete
20181367ea9b: Verifying Checksum
20181367ea9b: Download complete
1e96e4039912: Download complete
7a6db449b51b: Download complete
7a6db449b51b: Pull complete
20181367ea9b: Pull complete
d4c59a6fbe9d: Pull complete
54db2c71fcb0: Verifying Checksum
54db2c71fcb0: Download complete
54db2c71fcb0: Pull complete
1e96e4039912: Pull complete
Digest: sha256:bc30f504fc823240c64552a7983b6da55d83dd0966ab17cab12c5fb9e45576ce
Status: Downloaded newer image for rethinkdb:latest
-> Starting Discovery
Unable to find image 'microbox/etcd:latest' locally
latest: Pulling from microbox/etcd
Image docker.io/microbox/etcd:latest uses outdated schema1 manifest format. Please upgrade to a schema2 image for better future compatibility. More information at https://docs.docker.com/registry/spec/deprecated-schema-v1/
8ded6e8ab3fd: Pulling fs layer
bf8f85223d7a: Pulling fs layer
a3ed95caeb02: Pulling fs layer
a3ed95caeb02: Verifying Checksum
a3ed95caeb02: Download complete
bf8f85223d7a: Verifying Checksum
bf8f85223d7a: Download complete
8ded6e8ab3fd: Verifying Checksum
8ded6e8ab3fd: Download complete
8ded6e8ab3fd: Pull complete
bf8f85223d7a: Pull complete
a3ed95caeb02: Pull complete
Digest: sha256:941fd46b4eab265c65da9bfbf33397b853a7cef6c16df93a1e3fea7b4e47fc90
Status: Downloaded newer image for microbox/etcd:latest
-> Starting Cert Volume
-> Starting Proxy
Unable to find image 'shipyard/docker-proxy:latest' locally
latest: Pulling from shipyard/docker-proxy
Image docker.io/shipyard/docker-proxy:latest uses outdated schema1 manifest format. Please upgrade to a schema2 image for better future compatibility. More information at https://docs.docker.com/registry/spec/deprecated-schema-v1/
8f4ec95ceaee: Pulling fs layer
ac77a345f217: Pulling fs layer
43039e3ef672: Pulling fs layer
a3ed95caeb02: Pulling fs layer
a3ed95caeb02: Waiting
8f4ec95ceaee: Download complete
8f4ec95ceaee: Pull complete
ac77a345f217: Verifying Checksum
ac77a345f217: Download complete
ac77a345f217: Pull complete
a3ed95caeb02: Verifying Checksum
a3ed95caeb02: Download complete
43039e3ef672: Verifying Checksum
43039e3ef672: Download complete
43039e3ef672: Pull complete
a3ed95caeb02: Pull complete
Digest: sha256:da6bbd1a145581a940d44940cce0f43705d7f8ec552a4e97e77104ec1b6dc3d1
Status: Downloaded newer image for shipyard/docker-proxy:latest
-> Starting Swarm Manager
Unable to find image 'swarm:latest' locally
latest: Pulling from library/swarm
38e5683d7755: Pulling fs layer
083aff163606: Pulling fs layer
2064f1a73c6b: Pulling fs layer
083aff163606: Verifying Checksum
083aff163606: Download complete
2064f1a73c6b: Verifying Checksum
2064f1a73c6b: Download complete
38e5683d7755: Verifying Checksum
38e5683d7755: Download complete
38e5683d7755: Pull complete
083aff163606: Pull complete
2064f1a73c6b: Pull complete
Digest: sha256:2de8883e2933840ed7ee7360ea1eed314bf8aeac37c0692b9ca651630fde3b7f
Status: Downloaded newer image for swarm:latest
-> Starting Swarm Agent
-> Starting Controller
Unable to find image 'dockerclub/shipyard:latest' locally
latest: Pulling from dockerclub/shipyard
Image docker.io/dockerclub/shipyard:latest uses outdated schema1 manifest format. Please upgrade to a schema2 image for better future compatibility. More information at https://docs.docker.com/registry/spec/deprecated-schema-v1/
4d06f2521e4f: Pulling fs layer
64100628847a: Pulling fs layer
36a170440d6d: Pulling fs layer
a823ae228c2d: Pulling fs layer
a3ed95caeb02: Pulling fs layer
a823ae228c2d: Waiting
a3ed95caeb02: Waiting
4d06f2521e4f: Verifying Checksum
4d06f2521e4f: Download complete
4d06f2521e4f: Pull complete
36a170440d6d: Verifying Checksum
36a170440d6d: Download complete
a3ed95caeb02: Verifying Checksum
a3ed95caeb02: Download complete
64100628847a: Verifying Checksum
64100628847a: Download complete
64100628847a: Pull complete
36a170440d6d: Pull complete
a823ae228c2d: Verifying Checksum
a823ae228c2d: Download complete
a823ae228c2d: Pull complete
a3ed95caeb02: Pull complete
Digest: sha256:bd5ac58c556506012f7788db18fc6fed3bcefb294e469babbeb87ad7ef15e219
Status: Downloaded newer image for dockerclub/shipyard:latest
Waiting for Shipyard on 10.0.0.100:8080
........................................
Shipyard available at http://10.0.0.100:8080
Username: admin Password: shipyard
2.2.2 查看下载的镜像
[root@docker ~]$docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
2308552f63a9 dockerclub/shipyard:latest "/bin/controller --d…" About an hour ago Up About an hour 0.0.0.0:8080->8080/tcp, :::8080->8080/tcp shipyard-controller
1676327a4e5a swarm:latest "/swarm j --addr 10.…" About an hour ago Up About an hour 2375/tcp shipyard-swarm-agent
2f368d9f81df swarm:latest "/swarm m --replicat…" About an hour ago Up About an hour 2375/tcp shipyard-swarm-manager
c38108f757c5 shipyard/docker-proxy:latest "/usr/local/bin/run" About an hour ago Up About an hour 2375/tcp, 0.0.0.0:2376->2376/tcp, :::2376->2376/tcp shipyard-proxy
e610645dfe8e alpine "sh" About an hour ago Up About an hour shipyard-certs
c444c7df39f4 microbox/etcd:latest "/bin/etcd -addr 10.…" About an hour ago Up About an hour 0.0.0.0:4001->4001/tcp, :::4001->4001/tcp, 0.0.0.0:7001->7001/tcp, :::7001->7001/tcp shipyard-discovery
307b4cec4659 rethinkdb "rethinkdb --bind all" About an hour ago Up About an hour 8080/tcp, 28015/tcp, 29015/tcp shipyard-rethinkdb
2.3 Dashboard
2.3.1 访问服务
访问 http://10.136.xxx.xxx:8080 admin/shipyard
2.3.2 Dashboard
user   下载镜像  管理容器   log 
3.Awakening
在一秒钟内看到本质的人和花半辈子也看不清一件事本质的人,自然是不一样的命运。
 https://blog.csdn.net/zfw_666666/article/details/126538026
|