目录搜索
ComposeAbout versions and upgrading (Compose)ASP.NET Core + SQL Server on Linux (Compose)CLI environment variables (Compose)Command-line completion (Compose)Compose(组成)Compose command-line reference(组合命令行参考)Control startup order (Compose)Django and PostgreSQL (Compose)Docker stacks and distributed application bundles (Compose)docker-compose build(docker-compose构建)docker-compose bundledocker-compose configdocker-compose createdocker-compose downdocker-compose eventsdocker-compose execdocker-compose helpdocker-compose imagesdocker-compose killdocker-compose logsdocker-compose pausedocker-compose portdocker-compose psdocker-compose pulldocker-compose pushdocker-compose restartdocker-compose rmdocker-compose rundocker-compose scaledocker-compose startdocker-compose stopdocker-compose topdocker-compose unpausedocker-compose upEnvironment file (Compose)Environment variables in ComposeExtend services in ComposeFrequently asked questions (Compose)Getting started (Compose)Install ComposeLink environment variables (deprecated) (Compose)Networking in ComposeOverview of Docker ComposeOverview of docker-compose CLIQuickstart: Compose and WordPressRails and PostgreSQL (Compose)Sample apps with ComposeUsing Compose in productionUsing Compose with SwarmEngine.NET Core application (Engine)About images, containers, and storage drivers (Engine)Add nodes to the swarm (Engine)Apply custom metadata (Engine)Apply rolling updates (Engine)apt-cacher-ngBest practices for writing Dockerfiles (Engine)Binaries (Engine)Bind container ports to the host (Engine)Breaking changes (Engine)Build your own bridge (Engine)Configure container DNS (Engine)Configure container DNS in user-defined networks (Engine)CouchDB (Engine)Create a base image (Engine)Create a swarm (Engine)Customize the docker0 bridge (Engine)Debian (Engine)Default bridge networkDelete the service (Engine)Deploy a service (Engine)Deploy services to a swarm (Engine)Deprecated Engine featuresDocker container networking (Engine)Docker overview (Engine)Docker run reference (Engine)Dockerfile reference (Engine)Dockerize an applicationDrain a node (Engine)EngineFAQ (Engine)Fedora (Engine)Get started (Engine)Get started with macvlan network driver (Engine)Get started with multi-host networking (Engine)How nodes work (Engine)How services work (Engine)Image management (Engine)Inspect the service (Engine)Install Docker (Engine)IPv6 with Docker (Engine)Join nodes to a swarm (Engine)Legacy container links (Engine)Lock your swarm (Engine)Manage nodes in a swarm (Engine)Manage sensitive data with Docker secrets (Engine)Manage swarm security with PKI (Engine)Manage swarm service networks (Engine)Migrate to Engine 1.10Optional Linux post-installation steps (Engine)Overview (Engine)PostgreSQL (Engine)Raft consensus in swarm mode (Engine)Riak (Engine)Run Docker Engine in swarm modeScale the service (Engine)SDKs (Engine)Select a storage driver (Engine)Set up for the tutorial (Engine)SSHd (Engine)Storage driver overview (Engine)Store service configuration data (Engine)Swarm administration guide (Engine)Swarm mode key concepts (Engine)Swarm mode overlay network security model (Engine)Swarm mode overview (Engine)Understand container communication (Engine)Use multi-stage builds (Engine)Use swarm mode routing mesh (Engine)Use the AUFS storage driver (Engine)Use the Btrfs storage driver (Engine)Use the Device mapper storage driver (Engine)Use the OverlayFS storage driver (Engine)Use the VFS storage driver (Engine)Use the ZFS storage driver (Engine)Engine: Admin GuideAmazon CloudWatch logs logging driver (Engine)Bind mounts (Engine)Collect Docker metrics with Prometheus (Engine)Configuring and running Docker (Engine)Configuring logging drivers (Engine)Control and configure Docker with systemd (Engine)ETW logging driver (Engine)Fluentd logging driver (Engine)Format command and log output (Engine)Google Cloud logging driver (Engine)Graylog Extended Format (GELF) logging driver (Engine)Journald logging driver (Engine)JSON File logging driver (Engine)Keep containers alive during daemon downtime (Engine)Limit a container's resources (Engine)Link via an ambassador container (Engine)Log tags for logging driver (Engine)Logentries logging driver (Engine)PowerShell DSC usage (Engine)Prune unused Docker objects (Engine)Run multiple services in a container (Engine)Runtime metrics (Engine)Splunk logging driver (Engine)Start containers automatically (Engine)Storage overview (Engine)Syslog logging driver (Engine)tmpfs mountsTroubleshoot volume problems (Engine)Use a logging driver plugin (Engine)Using Ansible (Engine)Using Chef (Engine)Using Puppet (Engine)View a container's logs (Engine)Volumes (Engine)Engine: CLIDaemon CLI reference (dockerd) (Engine)dockerdocker attachdocker builddocker checkpointdocker checkpoint createdocker checkpoint lsdocker checkpoint rmdocker commitdocker configdocker config createdocker config inspectdocker config lsdocker config rmdocker containerdocker container attachdocker container commitdocker container cpdocker container createdocker container diffdocker container execdocker container exportdocker container inspectdocker container killdocker container logsdocker container lsdocker container pausedocker container portdocker container prunedocker container renamedocker container restartdocker container rmdocker container rundocker container startdocker container statsdocker container stopdocker container topdocker container unpausedocker container updatedocker container waitdocker cpdocker createdocker deploydocker diffdocker eventsdocker execdocker exportdocker historydocker imagedocker image builddocker image historydocker image importdocker image inspectdocker image loaddocker image lsdocker image prunedocker image pulldocker image pushdocker image rmdocker image savedocker image tagdocker imagesdocker importdocker infodocker inspectdocker killdocker loaddocker logindocker logoutdocker logsdocker networkdocker network connectdocker network createdocker network disconnectdocker network inspectdocker network lsdocker network prunedocker network rmdocker nodedocker node demotedocker node inspectdocker node lsdocker node promotedocker node psdocker node rmdocker node updatedocker pausedocker plugindocker plugin createdocker plugin disabledocker plugin enabledocker plugin inspectdocker plugin installdocker plugin lsdocker plugin pushdocker plugin rmdocker plugin setdocker plugin upgradedocker portdocker psdocker pulldocker pushdocker renamedocker restartdocker rmdocker rmidocker rundocker savedocker searchdocker secretdocker secret createdocker secret inspectdocker secret lsdocker secret rmdocker servicedocker service createdocker service inspectdocker service logsdocker service lsdocker service psdocker service rmdocker service scaledocker service updatedocker stackdocker stack deploydocker stack lsdocker stack psdocker stack rmdocker stack servicesdocker startdocker statsdocker stopdocker swarmdocker swarm cadocker swarm initdocker swarm joindocker swarm join-tokendocker swarm leavedocker swarm unlockdocker swarm unlock-keydocker swarm updatedocker systemdocker system dfdocker system eventsdocker system infodocker system prunedocker tagdocker topdocker unpausedocker updatedocker versiondocker volumedocker volume createdocker volume inspectdocker volume lsdocker volume prunedocker volume rmdocker waitUse the Docker command line (Engine)Engine: ExtendAccess authorization plugin (Engine)Docker log driver pluginsDocker network driver plugins (Engine)Extending Engine with pluginsManaged plugin system (Engine)Plugin configuration (Engine)Plugins API (Engine)Volume plugins (Engine)Engine: SecurityAppArmor security profiles for Docker (Engine)Automation with content trust (Engine)Content trust in Docker (Engine)Delegations for content trust (Engine)Deploying Notary (Engine)Docker security (Engine)Docker security non-events (Engine)Isolate containers with a user namespace (Engine)Manage keys for content trust (Engine)Play in a content trust sandbox (Engine)Protect the Docker daemon socket (Engine)Seccomp security profiles for Docker (Engine)Secure EngineUse trusted imagesUsing certificates for repository client verification (Engine)Engine: TutorialsEngine tutorialsNetwork containers (Engine)Get StartedPart 1: OrientationPart 2: ContainersPart 3: ServicesPart 4: SwarmsPart 5: StacksPart 6: Deploy your appMachineAmazon Web Services (Machine)Digital Ocean (Machine)docker-machine activedocker-machine configdocker-machine createdocker-machine envdocker-machine helpdocker-machine inspectdocker-machine ipdocker-machine killdocker-machine lsdocker-machine provisiondocker-machine regenerate-certsdocker-machine restartdocker-machine rmdocker-machine scpdocker-machine sshdocker-machine startdocker-machine statusdocker-machine stopdocker-machine upgradedocker-machine urlDriver options and operating system defaults (Machine)Drivers overview (Machine)Exoscale (Machine)Generic (Machine)Get started with a local VM (Machine)Google Compute Engine (Machine)IBM Softlayer (Machine)Install MachineMachineMachine CLI overviewMachine command-line completionMachine concepts and helpMachine overviewMicrosoft Azure (Machine)Microsoft Hyper-V (Machine)Migrate from Boot2Docker to MachineOpenStack (Machine)Oracle VirtualBox (Machine)Provision AWS EC2 instances (Machine)Provision Digital Ocean Droplets (Machine)Provision hosts in the cloud (Machine)Rackspace (Machine)VMware Fusion (Machine)VMware vCloud Air (Machine)VMware vSphere (Machine)NotaryClient configuration (Notary)Common Server and signer configurations (Notary)Getting started with NotaryNotary changelogNotary configuration filesRunning a Notary serviceServer configuration (Notary)Signer configuration (Notary)Understand the service architecture (Notary)Use the Notary client
文字

在AmazonWeb服务...

创建机器AmazonWeb服务,您必须提供两个参数:AWS访问密钥ID和AWS秘密访问密钥。

配置凭据

在使用amazonc 2驱动程序之前,请确保您已经配置了凭据。

AWS凭证文件

配置凭据的一种方法是为AmazonAWS使用标准凭据文件~/.aws/credentials文件,该文件可能如下所示:

[default]aws_access_key_id = AKID1234567890
aws_secret_access_key = MY-SECRET-KEY

在mac OS或各种类型的linux上,您可以安装AWS命令行接口%28aws cli%29在终端中使用aws configure命令,它指导您创建凭据文件。

这是最简单的方法,然后您可以使用以下方法创建一台新机器:

$ docker-machine create --driver amazonec2 aws01

命令行标志

或者,您可以使用这些标志。--amazonec2-access-key--amazonec2-secret-key在命令行上:

$ docker-machine create --driver amazonec2 --amazonec2-access-key AKI******* --amazonec2-secret-key 8T93C*******  aws01

环境变量

您可以使用环境变量:

$ export AWS_ACCESS_KEY_ID=AKID1234567890
$ export AWS_SECRET_ACCESS_KEY=MY-SECRET-KEY
$ docker-machine create --driver amazonec2 aws01

备选方案

  • --amazonec2-access-key::AmazonWebServicesAPI的访问密钥ID。

  • --amazonec2-ami要使用的实例的AMI ID。

  • --amazonec2-block-duration-minutes:AWS SPOT实例持续时间(分钟为%2860、120、180、240、300或360%29)。

  • --amazonec2-device-name实例的根设备名称。

  • --amazonec2-endpoint:可选端点URL%28主机名或完全限定URI%29

  • --amazonec2-iam-instance-profileAWS IAM角色名用作实例概要文件。

  • --amazonec2-insecure-transport:在发送请求时禁用SSL

  • --amazonec2-instance-type要运行的实例类型。

  • --amazonec2-keypair-name使用AWS键盘;需要-amazonec2-ssh-keypath

  • --amazonec2-monitoring*启用云监视监视。

  • --amazonec2-open-port::使指定的端口号可从因特网访问。

  • --amazonec2-private-address-only::仅使用专用IP地址。

  • --amazonec2-region启动实例时要使用的区域。

  • --amazonec2-request-spot-instance*使用SPOT实例。

  • --amazonec2-retries:为可恢复故障设置重试计数%28use-1以禁用%29

  • --amazonec2-root-size实例%28的根磁盘大小(GB%29)。

  • --amazonec2-secret-key::AmazonWebServicesAPI的秘密访问密钥。

  • --amazonec2-security-group:AWS VPC安全组名称。

  • --amazonec2-session-token::AmazonWebServicesAPI的会话令牌。

  • --amazonec2-spot-price:竞价型实例竞标价格(以美元计)。要求--amazonec2-request-spot-instance国旗。

  • --amazonec2-ssh-keypath例如,要使用的专用密钥文件的路径。将公钥与。酒吧扩展应该存在

  • --amazonec2-ssh-user:SSH登录用户名,它必须与所使用的ami中的默认SSH用户集相匹配。

  • --amazonec2-subnet-id:AWS VPC子网ID。

  • --amazonec2-tags:AWS额外标签键值对(逗号分隔,例如key1,value1,key2,value2)。

  • --amazonec2-use-ebs-optimized-instance::创建一个EBS优化实例,实例类型必须支持它。

  • --amazonec2-use-private-address使用专用IP地址的对接机,但仍然创建一个公共IP地址.

  • --amazonec2-userdata使用云init用户数据进行文件的路径。

  • --amazonec2-volume-type::要附加到实例的AmazonEBS卷类型。

  • --amazonec2-vpc-id:您的vpc ID启动实例。

  • --amazonec2-zone:在AWS区域中启动实例(即a,b,c,d,e中的一个)。

环境变量和默认值:

CLI选项

环境变量

默认

--amazonec2接入密钥

AWS_ACCESS_KEY_ID

-

--amazonec2秘密密钥

AWS_SECRET_ACCESS_KEY

-

--amazonec2会话令牌

AWS_SESSION_TOKEN

-

--amazonec2-朋友

AWS_AMI

ami-5f709f34

--amazonec2区域

AWS_DEFAULT_REGION

美国 - 东 -  1

--amazonec2-VPC-ID

AWS_VPC_ID

-

--amazonec2区

AWS_ZONE

一个

--amazonec2子网的ID

AWS_SUBNET_ID

-

--amazonec2安全组

AWS_SECURITY_GROUP

docker-machine

--amazonec2标签

AWS_TAGS

-

--amazonec2实例型

AWS_INSTANCE_TYPE

t2.micro

--amazonec2-设备名称

AWS_DEVICE_NAME

/ dev / sda1

--amazonec2根尺寸

AWS_ROOT_SIZE

16

--amazonec2容量式

AWS_VOLUME_TYPE

GP2

--amazonec2-IAM实例瞩目

AWS_INSTANCE_PROFILE

-

--amazonec2-SSH用户

AWS_SSH_USER

Ubuntu

--amazonec2请求现场实例

-

--amazonec2-现货价格

-

0.50

--amazonec2  - 使用 - 私人地址

-

--amazonec2-私人地址,只

-

--amazonec2监控

-

--amazonec2使用-EBS优化实例

-

--amazonec2-SSH-的keyPath

AWS_SSH_KEYPATH

-

--amazonec2重试次数

-

5

默认AMI

默认情况下,AmazonEC 2驱动程序将使用Ubuntu 16.04 lts的每日映像。

地区

AMI ID

ap-northeast-1

ami-b36d4edd

ap-southeast-1

ami-1069af73

ap-southeast-2

ami-1d336a7e

ca-central-1

ami-ca6ddfae

cn-north-1

ami-79eb2214

eu-west-1

ami-8aa67cf9

eu-central-1

ami-fe408091

sa-east-1

ami-185de774

us-east-1

ami-26d5af4c

us-west-1

ami-9cbcd2fc

us-west-2

ami-16b1a077

us-gov-west-1

ami-b0bad893

安全小组

注意,将创建一个安全组并将其与主机相关联。此安全组将打开以下入站端口:

  • ssh (22/tcp)

  • docker (2376/tcp)

  • swarm(3376 / tcp),只有当该节点是swarm主节点时

如果使用--amazonec2-security-group标志,将检查和打开上述端口,并修改安全组。如果您希望打开更多端口,比如特定于应用程序的端口,请使用AWS控制台并手动修改配置。

VPC ID

我们在命令开始时确定默认的VPC ID。在某些情况下,由于您的帐户没有默认的vpc,或者您不想使用默认的vpc,您可以使用--amazonec2-vpc-id旗子。

若要查找VPC ID,请执行以下操作:

  1. 登录到AWS控制台

  1. 转到服务 - > VPC  - >您的VPC

  1. VPC列中找到您想要的VPC ID 。

  1. 服务->vpc->子网.检查可用区列来验证该区域。a存在并匹配您的VPC ID。

例如,us-east1-aa可用性区域。如果a区域不存在,您可以在该区域中创建一个新的子网,或者在创建计算机时指定一个不同的区域。

若要创建具有非默认vpc-ID的计算机:

$ docker-machine create --driver amazonec2 --amazonec2-access-key AKI
******* --amazonec2-secret-key 8T93C
********* --amazonec2-vpc-id vpc-
****** aws02

此示例假定VPC ID位于a可用性区域。使用--amazonec2-zone属性以外的区域。a区域。例如,--amazonec2-zone c意指us-east1-c...

VPC连通性

机器使用SSH来完成EC2中实例的设置,并要求能够直接访问实例。

如果您使用该标志--amazonec2-private-address-only,则需要确保您有一些方法可以从VPC的内部网络中访问新实例(例如,公司VPN到VPC,VPC内的VPN实例或使用Docker-machine您的VPC中的一个实例)。

vpc的配置超出了本指南的范围,但是故障排除的第一步是确保如果您使用的是私有子网,那么您将遵循AWS VPC用户指南并有某种形式的NAT可用,使设置进程可以访问互联网完成设置。

自定义AMI和SSH用户名

默认AMI的默认SSH用户名是ubuntu

只有当您使用的自定义AMI具有不同的SSH用户名时,才需要更改SSH用户名。

您可以--amazonec2-ssh-user根据您选择的AMI 更改SSH用户名--amazonec2-ami

上一篇:下一篇: