VMware vSphere® Integrated Containers™ Engine (VIC)－echochio

參考 https://vmware.github.io/vic-product/assets/files/html/0.8/vic_installation/vch_installer_examples.html#static-ip

下載 VIC --> https://bintray.com/vmware/vic/Download ( 我用 vic_0.9.0.tar.gz)

Firewall must permit dst 2377/tcp outbound to the VCH management interface

PS : 會請你輸入 ESXI 的 root 密碼

# ./vic-machine-linux create --target root@192.168.0.12  --public-network-ip 192.168.0.13/24 --public-network-gateway 192.168.0.2 --no-tlsverify --force --name 'vch' --force
Apr 11 2017 16:42:50.335+08:00 INFO  ### Installing VCH ####
Apr 11 2017 16:42:50.335+08:00 vSphere password for root:
Apr 11 2017 16:42:50.335+08:00 WARN  Using administrative user for VCH operation - use --ops-user to improve security (see -x for advanced help)
Apr 11 2017 16:42:50.335+08:00 INFO  Using public-network-ip as cname where needed - use --tls-cname to override: 192.168.0.13/24
Apr 11 2017 16:42:50.336+08:00 ERROR Provided cname does not match that in existing server certificate:
Apr 11 2017 16:42:50.336+08:00 ERROR Unable to load certificates: cname option doesn't match existing server certificate in certificate path vch
Apr 11 2017 16:42:50.336+08:00 WARN  Ignoring error loading certificates due to --force
Apr 11 2017 16:42:50.336+08:00 INFO  Generating self-signed certificate/key pair - private key in vch/server-key.pem
Apr 11 2017 16:42:50.563+08:00 WARN  Configuring without TLS verify - certificate-based authentication disabled
Apr 11 2017 16:42:50.704+08:00 INFO  Validating supplied configuration
Apr 11 2017 16:42:50.795+08:00 INFO  Using default datastore: datastore1
Apr 11 2017 16:42:50.799+08:00 INFO  Configuring static IP for additional networks using port group "VM Network"
Apr 11 2017 16:42:50.851+08:00 INFO  Firewall status: ENABLED on "/ha-datacenter/host/localhost.tw.demo/localhost.tw.demo"
Apr 11 2017 16:42:50.864+08:00 INFO  Firewall configuration OK on hosts:
Apr 11 2017 16:42:50.864+08:00 INFO     "/ha-datacenter/host/localhost.tw.demo/localhost.tw.demo"
Apr 11 2017 16:42:50.879+08:00 INFO  License check OK
Apr 11 2017 16:42:50.879+08:00 INFO  DRS check SKIPPED - target is standalone host
Apr 11 2017 16:42:50.923+08:00 INFO
Apr 11 2017 16:42:51.000+08:00 INFO  Creating Resource Pool "vch"
Apr 11 2017 16:42:51.005+08:00 INFO  Creating VirtualSwitch
Apr 11 2017 16:42:51.034+08:00 INFO  Creating Portgroup
Apr 11 2017 16:42:51.066+08:00 INFO  Creating appliance on target
Apr 11 2017 16:42:51.071+08:00 INFO  Network role "public" is sharing NIC with "management"
Apr 11 2017 16:42:51.071+08:00 INFO  Network role "client" is sharing NIC with "management"
Apr 11 2017 16:42:53.612+08:00 INFO  Uploading images for container
Apr 11 2017 16:42:53.612+08:00 INFO     "bootstrap.iso"
Apr 11 2017 16:42:53.612+08:00 INFO     "appliance.iso"
Apr 11 2017 16:43:01.062+08:00 INFO  Waiting for IP information
Apr 11 2017 16:43:06.392+08:00 INFO  Waiting for major appliance components to launch
Apr 11 2017 16:43:06.820+08:00 INFO  Obtained IP address for client interface: "192.168.0.13"
Apr 11 2017 16:43:06.820+08:00 INFO  Checking VCH connectivity with vSphere target
Apr 11 2017 16:43:06.899+08:00 INFO  vSphere API Test: https://192.168.0.12 vSphere API target responds as expected
Apr 11 2017 16:43:15.930+08:00 INFO  Initialization of appliance successful
Apr 11 2017 16:43:15.930+08:00 INFO
Apr 11 2017 16:43:15.930+08:00 INFO  VCH Admin Portal:
Apr 11 2017 16:43:15.930+08:00 INFO  https://192.168.0.13:2378
Apr 11 2017 16:43:15.930+08:00 INFO
Apr 11 2017 16:43:15.930+08:00 INFO  Published ports can be reached at:
Apr 11 2017 16:43:15.930+08:00 INFO  192.168.0.13
Apr 11 2017 16:43:15.930+08:00 INFO
Apr 11 2017 16:43:15.930+08:00 INFO  Docker environment variables:
Apr 11 2017 16:43:15.930+08:00 INFO  DOCKER_HOST=192.168.0.13:2376
Apr 11 2017 16:43:15.930+08:00 INFO
Apr 11 2017 16:43:15.930+08:00 INFO  Environment saved in vch/vch.env
Apr 11 2017 16:43:15.930+08:00 INFO
Apr 11 2017 16:43:15.930+08:00 INFO  Connect to docker:
Apr 11 2017 16:43:15.930+08:00 INFO  docker -H 192.168.0.13:2376 --tls info
Apr 11 2017 16:43:15.930+08:00 INFO  Installer completed successfully

PS 如果你的網卡是 vic-public ...不是 VM Network ...要加 ...management-network & public-network 參數如 :

./vic-machine-linux create --target root@192.168.0.12 \
--management-network vic-public --public-network vic-public \
--public-network-ip 192.168.0.7/24 --public-network-gateway 192.168.0.2 \
--no-tlsverify --force --name 'vch2' --force

查看 ESXi 上的 docker host 是否 OK

#  docker -H 192.168.0.13:2376 --tls info
Containers: 0
 Running: 0
 Paused: 0
 Stopped: 0
Images: 0
Server Version: v0.8.0-8351-f5d2542
Storage Driver: vSphere Integrated Containers v0.8.0-8351-f5d2542 Backend Engine
VolumeStores:
vSphere Integrated Containers v0.8.0-8351-f5d2542 Backend Engine: RUNNING
 VCH CPU limit: 9259 MHz
 VCH memory limit: 27.88 GiB
 VCH CPU usage: 29 MHz
 VCH memory usage: 2.298 GiB
 VMware Product: VMware ESXi
 VMware OS: vmnix-x86
 VMware OS version: 6.5.0
Plugins:
 Volume:
 Network: bridge
Swarm: inactive
Operating System: vmnix-x86
OSType: vmnix-x86
Architecture: x86_64
CPUs: 9259
Total Memory: 27.88GiB
Name: vch
ID: vSphere Integrated Containers
Docker Root Dir:
Debug Mode (client): false
Debug Mode (server): false
Registry: registry-1.docker.io
Experimental: false
live Restore Enabled: false

放個 docker images 在 host 看看

# docker -H 192.168.0.13:2376 --tls pull docker.io/echochio/go-web
Using default tag: latest
Pulling from echochio/go-web
a3ed95caeb02: Pull complete
09c979f45514: Pull complete
818a31092953: Pull complete
Digest: sha256:ce364c7be0b2f2833854197f6a26e22b8b37a1254f22277b327d32031b986522
Status: Downloaded newer image for echochio/go-web:latest
# docker -H 192.168.0.13:2376 --tls images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
echochio/go-web     latest              a64d4e6d90c2        2 months ago        140MB

執行 docker ...

# docker -H 192.168.0.13:2376 --tls  run -d -p 9090:9090 echochio/go-web
a54bad569f6c8430b6945e40a094df294645d9815c33c247af0e438bdc722c30
# docker -H 192.168.0.13:2376 --tls ps
CONTAINER ID        IMAGE               COMMAND             CREATED              STATUS              PORTS                         NAMES
a54bad569f6c        echochio/go-web     "/bin/sh -c /web"   About a minute ago   Up About a minute   192.168.0.13:9090->9090/tcp   suspicious_keller

確定 widnows 的 docker 也行 (我的 widnwos docker Containers 是 windows 的不是 linux)

Microsoft Windows [版本 10.0.14393]
(c) 2016 Microsoft Corporation. 著作權所有，並保留一切權利。

C:\WINDOWS\system32>docker -H 192.168.0.69:2376 --tls  ps -a
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS                         NAMES
00c18bc471fe        echochio/go-web     "/bin/sh -c /web"   About an hour ago   Up About an hour    192.168.0.13:9090->9090/tcp   web-go

C:\WINDOWS\system32>

看到 Esxi 上多了個 ...... susp ....

執行成果是 :

如何 ssh 到 VCH ....

用 debug mode ......
先記錄 thumbprint 值

# ./vic-machine-linux debug --target root@192.168.0.12 --enable-ssh --rootpw echochio --name 'vch2'
Apr 12 2017 16:55:41.947+08:00 INFO  vSphere password for root:
Apr 12 2017 16:55:46.627+08:00 INFO  ### Configuring VCH for debug ####
Apr 12 2017 16:55:46.677+08:00 ERROR Failed to verify certificate for target=192.168.0.12 (thumbprint=2F:72:1E:FE:AD:CE:9D:29:9C:55:1A:69:33:33:1A:5C:81:AC:0F:C5)
Apr 12 2017 16:55:46.677+08:00 ERROR Debug cannot continue - failed to create validator: x509: certificate signed by unknown authority
Apr 12 2017 16:55:46.677+08:00 ERROR --------------------
Apr 12 2017 16:55:46.677+08:00 ERROR vic-machine-linux debug failed: debug failed

看到 thumbprint=2F:72:1E ...... 再用 ....這樣就可 ssh & root 密碼了

# ./vic-machine-linux debug --target root@192.168.0.12 --enable-ssh --rootpw echochio --name 'vch2' --thumbprint 2F:72:1E:FE:AD:CE:9D:29:9C:55:1A:69:33:33:1A:5C:81:AC:0F:C5
Apr 12 2017 16:53:04.749+08:00 INFO  vSphere password for root:
Apr 12 2017 16:53:09.964+08:00 INFO  ### Configuring VCH for debug ####
Apr 12 2017 16:53:10.080+08:00 INFO  Validating target
Apr 12 2017 16:53:10.112+08:00 WARN  Disabling ha-host hostd.log collection (ServerFaultCode: Cannot complete the operation due to an incorrect request to the server.)
Apr 12 2017 16:53:10.112+08:00 INFO
Apr 12 2017 16:53:10.112+08:00 INFO  VCH ID: VirtualMachine:15
Apr 12 2017 16:53:10.118+08:00 INFO
Apr 12 2017 16:53:10.118+08:00 INFO  Installer version: v0.8.0-8351-f5d2542
Apr 12 2017 16:53:10.118+08:00 INFO  VCH version: v0.8.0-8351-f5d2542
Apr 12 2017 16:53:10.253+08:00 WARN  Unable to identify address acceptable to host certificate
Apr 12 2017 16:53:10.254+08:00 INFO
Apr 12 2017 16:53:10.254+08:00 INFO  SSH to appliance:
Apr 12 2017 16:53:10.254+08:00 INFO  ssh root@192.168.0.7
Apr 12 2017 16:53:10.254+08:00 INFO
Apr 12 2017 16:53:10.254+08:00 INFO  VCH Admin Portal:
Apr 12 2017 16:53:10.254+08:00 INFO  https://192.168.0.7:2378
Apr 12 2017 16:53:10.254+08:00 INFO
Apr 12 2017 16:53:10.254+08:00 INFO  Published ports can be reached at:
Apr 12 2017 16:53:10.254+08:00 INFO  192.168.0.7
Apr 12 2017 16:53:10.254+08:00 INFO
Apr 12 2017 16:53:10.254+08:00 INFO  Docker environment variables:
Apr 12 2017 16:53:10.254+08:00 INFO  DOCKER_HOST=192.168.0.7:2376
Apr 12 2017 16:53:10.254+08:00 INFO
Apr 12 2017 16:53:10.254+08:00 INFO  Connect to docker:
Apr 12 2017 16:53:10.254+08:00 INFO  docker -H 192.168.0.7:2376 --tls info
Apr 12 2017 16:53:10.254+08:00 INFO  Completed successfully

echochio

echochio 發表在痞客邦留言(0) 人氣()

echochio

echochio的部落格跳到主文歡迎光臨echochio在痞客邦的小天地，我是一個(C/P)收集工程師^ ^ 所以想要跟(C/P)同好收集內容因此有需要(C/P)下面程式語法的同好請來和我交流, 分享相片

VMware vSphere® Integrated Containers™ Engine (VIC)

歷史上的今天

留言列表

站方公告

活動快報

超細纖...

我的好友

熱門文章

文章分類

雜七雜八 (1)

程式 (5)

最新文章

最新留言

動態訂閱

文章精選

文章搜尋

新聞交換(RSS)

誰來我家

參觀人氣

QR Code

POWERED BY

echochio

echochio的部落格跳到主文歡迎光臨echochio在痞客邦的小天地 ，我是一個(C/P)收集工程師^ ^ 所以想要跟(C/P)同好收集內容 因此有需要(C/P)下面程式語法的同好請來和我交流, 分享相片

VMware vSphere® Integrated Containers™ Engine (VIC)

歷史上的今天

留言列表

站方公告

活動快報

超細纖...

我的好友

熱門文章

文章分類

雜七雜八 (1)

程式 (5)

最新文章

最新留言

動態訂閱

文章精選

文章搜尋

新聞交換(RSS)

誰來我家

參觀人氣

QR Code

POWERED BY

echochio的部落格跳到主文歡迎光臨echochio在痞客邦的小天地，我是一個(C/P)收集工程師^ ^ 所以想要跟(C/P)同好收集內容因此有需要(C/P)下面程式語法的同好請來和我交流, 分享相片