【摘要】docker 除了可以使用在本机使用 docker 命令来进行各种操作外,还可以使用访问 remote docker api 的方式,如果有多台docker宿主的话就方便进行统一集中管理,下面我们一块体验一下。
(1)使用socket方式访问 docker api
默认docker启动是socket方式(Debian)下,可以以socket方式来访问docker API。
命令行方式:
$ docker images REPOSITORY TAG IMAGE ID CREATED SIZE ubuntu latest e4415b714b62 11 days ago 128.1 MB
API方式:
$ curl --unix-socket /var/run/docker.sock http://localhost/images/json | python -m json.tool
[
{
"Created": 1479329906,
"Id": "sha256:e4415b714b624040f19f45994b51daed5cbdb00e0eb9a07221ff0bd6bcf55ed7",
"Labels": {},
"ParentId": "",
"RepoDigests": [
"ubuntu@sha256:35bc48a1ca97c3971611dc4662d08d131869daa692acb281c7e9e052924e38b1"
],
"RepoTags": [
"ubuntu:latest"
],
"Size": 128115414,
"VirtualSize": 128115414
}
]
再来两组例子:
$ docker ps --all
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
9c2e6ebab75b ubuntu "/bin/bash" 36 minutes ago Up 34 minutes fervent_euler
30ad267e904c ubuntu "/bin/echo 'Hello wor" 37 minutes ago Exited (0) 34 minutes ago gloomy_kalam
$ curl --unix-socket /var/run/docker.sock http://localhost/containers/json?all=1 | python -m json.tool
[
{
"Command": "/bin/bash",
"Created": 1480323914,
"HostConfig": {
"NetworkMode": "default"
},
"Id": "9c2e6ebab75b791df4fdd978a507340e8068b655f0285b2a74a9d0e33bede811",
"Image": "ubuntu",
"ImageID": "sha256:e4415b714b624040f19f45994b51daed5cbdb00e0eb9a07221ff0bd6bcf55ed7",
"Labels": {},
"Mounts": [],
"Names": [
"/fervent_euler"
],
"NetworkSettings": {
"Networks": {
"bridge": {
"Aliases": null,
"EndpointID": "5cff60a96ba0bb6505db3138d80c7d0daf5334054b50a074d8f8ce451d93bd18",
"Gateway": "172.17.0.1",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"IPAMConfig": null,
"IPAddress": "172.17.0.2",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"Links": null,
"MacAddress": "02:42:ac:11:00:02",
"NetworkID": "da0febf987e7bd348949ca50b4d1c1e1fdd1965e5bf4dd31f90fbc1ed0e7f748"
}
}
},
"Ports": [],
"State": "running",
"Status": "Up 34 minutes"
},
{
"Command": "/bin/echo 'Hello world'",
"Created": 1480323861,
"HostConfig": {
"NetworkMode": "default"
},
"Id": "30ad267e904c9e5650be5606ccdccc124179124c31ff2f3f2d9689cbd1be1c54",
"Image": "ubuntu",
"ImageID": "sha256:e4415b714b624040f19f45994b51daed5cbdb00e0eb9a07221ff0bd6bcf55ed7",
"Labels": {},
"Mounts": [],
"Names": [
"/gloomy_kalam"
],
"NetworkSettings": {
"Networks": {
"bridge": {
"Aliases": null,
"EndpointID": "",
"Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"IPAMConfig": null,
"IPAddress": "",
"IPPrefixLen": 0,
"IPv6Gateway": "",
"Links": null,
"MacAddress": "",
"NetworkID": "da0febf987e7bd348949ca50b4d1c1e1fdd1965e5bf4dd31f90fbc1ed0e7f748"
}
}
},
"Ports": [],
"State": "exited",
"Status": "Exited (0) 34 minutes ago"
}
]
$ docker info
Containers: 2
Running: 1
Paused: 0
Stopped: 1
Images: 1
Server Version: 1.12.3
Storage Driver: aufs
Root Dir: /var/lib/docker/aufs
Backing Filesystem: extfs
Dirs: 9
Dirperm1 Supported: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
Volume: local
Network: bridge null host overlay
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Security Options:
Kernel Version: 3.16.0-4-amd64
Operating System: Debian GNU/Linux stretch/sid
OSType: linux
Architecture: x86_64
CPUs: 2
Total Memory: 3.871 GiB
Name: debian
ID: ATFR:PAOT:FFFY:TX76:JVLS:DGE6:LQS5:SMSJ:LNMT:LAEM:J263:MD7I
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
Insecure Registries:
127.0.0.0/8
$ curl --unix-socket /var/run/docker.sock http://localhost/info | python -m json.tool
{
"Architecture": "x86_64",
"BridgeNfIp6tables": true,
"BridgeNfIptables": true,
"CPUSet": true,
"CPUShares": true,
"CgroupDriver": "cgroupfs",
"ClusterAdvertise": "",
"ClusterStore": "",
"Containers": 2,
"ContainersPaused": 0,
"ContainersRunning": 1,
"ContainersStopped": 1,
"CpuCfsPeriod": false,
"CpuCfsQuota": false,
"Debug": false,
"DefaultRuntime": "runc",
"DockerRootDir": "/var/lib/docker",
"Driver": "aufs",
"DriverStatus": [
[
"Root Dir",
"/var/lib/docker/aufs"
],
[
"Backing Filesystem",
"extfs"
],
[
"Dirs",
"9"
],
[
"Dirperm1 Supported",
"true"
]
],
"ExecutionDriver": "",
"ExperimentalBuild": false,
"HttpProxy": "",
"HttpsProxy": "",
"ID": "ATFR:PAOT:FFFY:TX76:JVLS:DGE6:LQS5:SMSJ:LNMT:LAEM:J263:MD7I",
"IPv4Forwarding": true,
"Images": 1,
"IndexServerAddress": "https://index.docker.io/v1/",
"KernelMemory": false,
"KernelVersion": "3.16.0-4-amd64",
"Labels": null,
"LiveRestoreEnabled": false,
"LoggingDriver": "json-file",
"MemTotal": 4156346368,
"MemoryLimit": false,
"NCPU": 2,
"NEventsListener": 0,
"NFd": 21,
"NGoroutines": 29,
"Name": "debian",
"NoProxy": "",
"OSType": "linux",
"OomKillDisable": false,
"OperatingSystem": "Debian GNU/Linux stretch/sid",
"Plugins": {
"Authorization": null,
"Network": [
"bridge",
"null",
"host",
"overlay"
],
"Volume": [
"local"
]
},
"RegistryConfig": {
"IndexConfigs": {
"docker.io": {
"Mirrors": null,
"Name": "docker.io",
"Official": true,
"Secure": true
}
},
"InsecureRegistryCIDRs": [
"127.0.0.0/8"
],
"Mirrors": null
},
"Runtimes": {
"runc": {
"path": "docker-runc"
}
},
"SecurityOptions": null,
"ServerVersion": "1.12.3",
"SwapLimit": false,
"Swarm": {
"Cluster": {
"CreatedAt": "0001-01-01T00:00:00Z",
"ID": "",
"Spec": {
"CAConfig": {},
"Dispatcher": {},
"Orchestration": {},
"Raft": {},
"TaskDefaults": {}
},
"UpdatedAt": "0001-01-01T00:00:00Z",
"Version": {}
},
"ControlAvailable": false,
"Error": "",
"LocalNodeState": "inactive",
"Managers": 0,
"NodeAddr": "",
"NodeID": "",
"Nodes": 0,
"RemoteManagers": null
},
"SystemStatus": null,
"SystemTime": "2016-11-28T17:48:08.022062393+08:00"
}
(2)使用tcp方式访问 docker api
$ curl http://10.0.0.71:2376/images/json
[
{
"Created": 1479329906,
"Id": "sha256:e4415b714b624040f19f45994b51daed5cbdb00e0eb9a07221ff0bd6bcf55ed7",
"Labels": {},
"ParentId": "",
"RepoDigests": [
"ubuntu@sha256:35bc48a1ca97c3971611dc4662d08d131869daa692acb281c7e9e052924e38b1"
],
"RepoTags": [
"ubuntu:latest"
],
"Size": 128115414,
"VirtualSize": 128115414
}
]
$ curl http://10.0.0.71:2376/containers/json?all=1 | python -m json.tool
[
{
"Command": "/bin/bash",
"Created": 1480323914,
"HostConfig": {
"NetworkMode": "default"
},
"Id": "9c2e6ebab75b791df4fdd978a507340e8068b655f0285b2a74a9d0e33bede811",
"Image": "ubuntu",
"ImageID": "sha256:e4415b714b624040f19f45994b51daed5cbdb00e0eb9a07221ff0bd6bcf55ed7",
"Labels": {},
"Mounts": [],
"Names": [
"/fervent_euler"
],
"NetworkSettings": {
"Networks": {
"bridge": {
"Aliases": null,
"EndpointID": "5cff60a96ba0bb6505db3138d80c7d0daf5334054b50a074d8f8ce451d93bd18",
"Gateway": "172.17.0.1",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"IPAMConfig": null,
"IPAddress": "172.17.0.2",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"Links": null,
"MacAddress": "02:42:ac:11:00:02",
"NetworkID": "da0febf987e7bd348949ca50b4d1c1e1fdd1965e5bf4dd31f90fbc1ed0e7f748"
}
}
},
"Ports": [],
"State": "running",
"Status": "Up 36 minutes"
},
{
"Command": "/bin/echo 'Hello world'",
"Created": 1480323861,
"HostConfig": {
"NetworkMode": "default"
},
"Id": "30ad267e904c9e5650be5606ccdccc124179124c31ff2f3f2d9689cbd1be1c54",
"Image": "ubuntu",
"ImageID": "sha256:e4415b714b624040f19f45994b51daed5cbdb00e0eb9a07221ff0bd6bcf55ed7",
"Labels": {},
"Mounts": [],
"Names": [
"/gloomy_kalam"
],
"NetworkSettings": {
"Networks": {
"bridge": {
"Aliases": null,
"EndpointID": "",
"Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"IPAMConfig": null,
"IPAddress": "",
"IPPrefixLen": 0,
"IPv6Gateway": "",
"Links": null,
"MacAddress": "",
"NetworkID": "da0febf987e7bd348949ca50b4d1c1e1fdd1965e5bf4dd31f90fbc1ed0e7f748"
}
}
},
"Ports": [],
"State": "exited",
"Status": "Exited (0) 36 minutes ago"
}
]
*** 接下来是介绍的重点,Debian下如何通过修改docker启动方式,增加对tcp的监听!(CentOS下的修改方式略有不同)
编辑: /lib/systemd/system/docker.service ExecStart=/usr/bin/dockerd -H fd:// 改成: ExecStart=/usr/bin/dockerd -H tcp://0.0.0.0:2376 -H unix:///var/run/docker.sock #0.0.0.0为全部网卡,也可以只监听内网 执行 systemctl daemon-reload 然后重启启动docker /etc/init.d/docker restart
很简单吧,这样就可以从远程以API调用的方式对 docker api 进行操作,比如查询dokcer状态,创建、启动docker容器等等。
docker API其他的访问方式请参考docker官方文档.
