CenOS 7.1安装Docker、Docker-compose

关闭centos7自带的firewall防火墙

关闭firewall

systemctl stop firewalld.service #停止firewall
systemctl disable firewalld.service #禁止firewall开机启动

安装iptables防火墙

yum install iptables-services #安装
systemctl restart iptables.service #最后重启防火墙使配置生效
systemctl enable iptables.service #设置防火墙开机启动

安装docker

yum install docker-io

安装docker-compose

最新版本（2016-04-19）
curl -L https://github.com/docker/compose/releases/download/1.7.0/docker-compose-`uname -s-uname -m` > /usr/local/bin/docker-compose
chmod +x /usr/local/bin/docker-compose

docker-compose template文件:docker-compose.yml

#简单的web服务器，可以用 docker-compose scale web=n命令扩展到n个实例
web:
  image: yeasy/simple-web:latest
  environment:
    SERVICE_80_NAME: http
    SERVICE_NAME: web
    SERVICE_TAGS: backend
  ports:
  - "80"
#ngnix负载均衡，使用consul-template自动加载配置
lb:
  image: yeasy/nginx-consul-template:latest
  hostname: lb
  links:
  - consulserver:consul
  ports:
  - "80:80"
 #consul服务端，可以方便管理docker container
consulserver:
  image: gliderlabs/consul-server:latest
  hostname: consulserver
  ports:
  - "8300"
  - "8400"
  - "8500:8500"
  - "53"
  command: -data-dir /tmp/consul -bootstrap -client 0.0.0.0
#监听本地的docker sock，并将web服务器的container注册到consul服务端
#listen on local docker sock to register the container with public ports to the consul service
registrator:
  image: gliderlabs/registrator:master
  hostname: registrator
  links:
  - consulserver:consul
  volumes:
  - "/var/run/docker.sock:/tmp/docker.sock"
  command: -internal consul://consul:8500

使用docker-compose启动

docker-compose up #在docker-compose.yml所在的目录下
日志实例：

#consulserver_1是consul的服务端日志
#lb_1是ngnix的日志
[root@localhost docker-compose]# docker-compose up
Recreating dockercompose_web_1...
Recreating dockercompose_consulserver_1...
Recreating dockercompose_lb_1...
Recreating dockercompose_registrator_1...
Attaching to dockercompose_web_1, dockercompose_consulserver_1, dockercompose_lb_1
consulserver_1 | ==> Failed to check for updates: Get https://checkpoint-api.hashicorp.com/v1/check/consul?arch=amd64&os=linux&signature=990d4634-bb34-ccad-b5fb-b1a4bfd1f4e9&version=0.6.3: dial tcp: lookup checkpoint-api.hashicorp.com on 202.96.128.86:53: read udp 172.17.0.2:36822->202.96.128.86:53: i/o timeout
lb_1           | 2016/04/19 05:20:56 [error] 18#0: *1 connect() failed (111: Connection refused) while connecting to upstream, client: 192.168.17.116, server: , request: "GET / HTTP/1.1", upstream: "http://127.0.0.1:65535/", host: "192.168.17.160"
lb_1           | 192.168.17.116 - - [19/Apr/2016:05:20:56 +0000] "GET / HTTP/1.1" 502 575 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 Safari/537.36" "-"

web容器扩容

docker-compose scale web=3#扩展到3个实例

[root@localhost docker-compose]# docker-compose scale web=3
Creating dockercompose_web_2...
Creating dockercompose_web_3...
Starting dockercompose_web_2...
Starting dockercompose_web_3...

连接docker container（借助nsenter）

[root@localhost ~]# docker inspect --format "{{.State.Pid}}" dockercompose_web_1
3488
[root@localhost ~]# nsenter --target 3488 --mount --ipc --uts --net --pid
root@0b1e4a76e802:/# ps      
  PID TTY          TIME CMD
   59 ?        00: 00:00 bash
   63 ?        00: 00:00 ps
root@0b1e4a76e802:/#

来源：oschina

链接：https://my.oschina.net/u/1375657/blog/662257