Scribd
Upload
270 views

Native Docker Clustering Swarm

The document discusses deploying and running Docker Swarm clusters. It covers configuring and running Swarm clusters with Docker containers across multiple nodes or machines. It also discusses other container orchestration tools like Kubernetes, Mesos, and Fleet.

Uploaded by

juan
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
270 views

Native Docker Clustering Swarm

The document discusses deploying and running Docker Swarm clusters. It covers configuring and running Swarm clusters with Docker containers across multiple nodes or machines. It also discusses other container orchestration tools like Kubernetes, Mesos, and Fleet.

Uploaded by

juan
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 269

Deploy, configure, and run clusters of Docker containers

with Swarm
Published by Packt Publishing Ltd.
Livery Place
35 Livery Street
Birmingham
B3 2PB, UK.

www.packtpub.com
https://yeasy.github.com
www.PacktPub.com

www.PacktPub.com

[email protected]

www.PacktPub.com

https://www.packtpub.com/mapt
Chapter 1

Chapter 2

Chapter 1

Chapter 3

Chapter 4
Chapter 5

Chapter 6

Chapter 7

Chapter 8

Chapter 9

Chapter 10

Chapter 11
Chapter 1

docker swarm init

digitalocean:
image: “docker-1.12-rc4”
region: nyc3
ssh_key_fingerprint: “your SSH ID”
ssh_user: root
[email protected]

www.packtpub.com/authors

http://www.packtpub.com/submit-errata
https://www.packtpub.com/books/conten
t/support

[email protected]

Chapter 1

[email protected]

libswarm Swarmd

“ ”

“ ”

swarm.v2

“ ” “ ”

“ ”
“ ”
“ ”
Chapter
2
http://kubernetes.io
kubelet.service

kubectl cluster-info kubectl get pods kubectl get nodes

kubectl create -f cassandra.yaml

kubectl scale rc cassandra --replicas=2


kubectl label pods cassandra env=prod
https://github.com/coreos/fleet

fleetctl

https://github.com/coreos/fleet/blob/master/Documentation/fleet-scali
ng.md)

https://mesos.apache.org/
https://mesosphere.github.io/marathon/docs/native-docker.html

Chapter 3
docker
info
docker info

Chapter 2
Chapter 3
docker daemon

docker run

https://github.com/docker/libnetwork
“ ”
Chapter 11

https://www.docker.com/products/overvie
w#/install_the_platform
https://docs.docker.com/machine/install-machine/

“ ”

nodes://
3376
3376

DOCKER_HOST IP:3376
node0

*
tcp/2376
node1 node2 node3

2375

2377

swarm manage

tcp/2376
tls/2375
boot2docker /var/lib/boot2docker/profile

tcp/2375 DOCKER_TLS no

tcp/2375

DOCKER_TLS_VERIFY
DOCKER_HOST tcp/2375
swarm

docker-machine env node0


env node1

nodes:// nodes://
token://

manage
docker run swarm manage --help

daemon -d
tcp/3376
tcp/2375
nodes:// –
IP:port tcp/2375

nodes://

//192.168.99.101:2375,192.168.99.102:2375,192.168.99
.103:2375
//192.168.99.[101:103]:2375

tcp/3376 tcp/2375
node0

DOCKER_HOST tcp/3376
tcp/2375
DOCKER_TLS_VERIFY
DOCKER_CERT_PATH
3376
tcp/80

node1
tcp/80

tcp/80
node
service stack deploy swarm

Chapter 3

doctl
belt
http://github.com/chanwit/belt

go get github.com/chanwit/belt

.belt.yaml
18153887

ssh_key_fingerprint

DIGITALOCEAN_ACCESS_TOKEN

export DOCKER_TLS_VERIFY="1"
export DOCKER_HOST="tcp://<IP ADDRESS>:2376"
export
DOCKER_CERT_PATH="/Users/user/.docker/machine/machines/machine"
export DOCKER_MACHINE_NAME="machine"
“ ” “ ”

node1

belt docker
belt

belt --host node2 docker swarm


join <node1's IP>:2377

nginx
belt ip

Chapter 2

Chapter 1
nodes://

nodes://
Chapter 1

tcp/3336
libkv

https://github.com/docker/docker/tree/master/pkg/discovery

Chapter 1
3376
2376 2375

node0

swarm create

token://3b905f46fef903800d51513d51acbbbe
swarm

/var/lib/boot2docker

node0

/var/lib/boot2docker /certs
3376
swarm
0.0.0.0:3376

node1 join
node0
192.168.99.101

docker
-d
node0
3376 2376
docker info

swarm list

create manage join list


vendor/

https://r
amcloud.stanford.edu/raft.pdf

https://github.com/coreos/etcd/tree/master/raft
raft.go

node.go type node


struct

Tick()

Campaign()
Propose()

Step()

ProposeConfChange()

ApplyConfChange()

Ready()

Advance() Ready()
Advance()

raftexample
raftexample1 raftexample2
raftexample3 --port
--cluster

https://github.com/coreos/etcd/tree/master/contrib/raftexample
etcd-m
etcd-1
etcd-2
etcd-3

etcd-m:3376

etcd-m quay.io/coreos/etcd
https://github.com/coreo
s/etcd/blob/master/Documentation/op-guide/clustering.md

etcd-m
-d 2379
2380 4001

name

initial-advertise-peer-urls

listen-peer-urls
listen-client-urls
advertise-client-urls
initial-cluster-token
initial-cluster
initial-cluster-state

etcdctl cluster-
health
etcd-m

3376
etcd://

etcd-1 etcd-2 etcd-3

-advertise
etcd-m

etcd-m
memberlist

--driver digitalocean --driver


virtualbox
-server -
bootstrap

-botstrap-
expect 3

curl
swarm list


Chapter 4



Chapter 2

“ ”
“ ”

Chapter 2
“ ” “ ”
swarmd

swarmctl
swarmd
4242/tcp swarmd
swarmctl

fsoppelsa/swarmkit

--listen-remote-api address:port swarmd --


join-addr
swarmctl

fsoppelsa/swarmkit swarmctl
awsctl

us-west-1
~/.aws/config ~/.aws/credentials

pip install
docker-py

4242/tcp
https://github.com/fsoppelsa/ansible-swarmkit

- name: Run the Swarmkit Master


docker:
name: swarmkit-master
image: "fsoppelsa/swarmkit"
command: swarmd --listen-remote-api 0.0.0.0:4242
expose:
- "4242"
ports:
- "0.0.0.0:4242:4242/tcp"
volumes:
- "/var/run/docker.sock:/var/run/docker.sock"
detach: yes
docker_url: "{{ dhost }}"
use_tls: encrypt
tls_ca_cert: "{{ dcert }}/ca.pem"
tls_client_cert: "{{ dcert }}/cert.pem"
tls_client_key: "{{ dcert }}/key.pem"

swarmkit-master fsoppelsa/swarmkit
swarmd 0.0.0.0:4242 swarmd

4242 4242 swarmd


4242

-d -v
4242 -p
swarmd 4242

swarmkit-master
swarmkit-RANDOM
fsoppelsa/swarmkit

- name: Join the slave to the Swarmkit cluster


docker:
name: "{{machine_uuid}}"
image: "fsoppelsa/swarmkit"
command: swarmd --join-addr "{{ masterip }}":4242
volumes:
- "/var/run/docker.sock:/var/run/docker.sock"
detach: yes
docker_url: "{{ shost }}"

4242/tcp

loop

swarmctl swarmkit-master
swarmctl
web nginx
5

swarmctl task ls
Chapter 5

swarm nodes service task

docker swarm init


docker node ls
docker service tasks
Chapter 1
swarmd
swarmctl – –
docker swarm command

init

join

join-token join-tokens join-tokens


update

leave
--force

docker node
demote promote

demote promote

inspect

ls
rm

ps
update

docker service
create inspect ps ls rm update
scale

Docker Stack

stack

Chapter 6

--name myservice
dig myservice
nginx-service
ping nginx-service

publish
30000
32767
--publish-
add

nginx-service

30000
nginx 30000
10.255.0.7/16

nginx-service

Chapter 5
Chapter 8

docker node

Chapter 5
Chapter 6

docker service scale


docker service scale

scale

scale Chapter 7
Chapter 4

Chapter 1
https://github.com/chanwit/belt
doctl

Chapter 5
/var/lib/docker/swarm
/var/lib/docker/swarm/raft
Chapter 5

“ ”
Chapter 5
swarm2k

.belt/swarm2k/config.yml

swarm2k

swarm2k

sgp1

config.yml

image
region
ssh_key_fingerprint

ssh_user
access_token
access_token
DIGITALOCEAN_ACCESS_TOKEN
DIGITALOCEAN_ACCESS_TOKEN
docker node ls

Chapter 9

1-5t4znibozx
fe3714ca42d0
https://github.com/jpetazzo/nsenter

docker service rm nginx

docker-machine ssh sudo docker swarm join

Chapter 5
Reachable mg1
Telegraf Swarm plugin

http://github.com/chanwit/telegraf

swarm_node cpu_shares memory


node_id node_hostname
swarm n_services
n_tasks
swarm_task_status

telegraf.conf

“ ”

https://objects-us-west-1.dream.io/swarm2k/swarm2k_final_grafana_dashboard.j
son
8086
$INFLUX_DB_IP
“ ”

mydb

entrypoint.sh

$ docker build -t chanwit/etcd.


mysql

https://github.com/docker/docker/issues/24637

mydb.

docker service create


“ ”

gc_thresh1 gc_thresh2
gc_thresh3

“ ”
advertise-addr
@FlorianHeigl @jmaitrehenry
@everett_toews @squeaky_pl
@neverlock @tomwillfixit @sujaypillai
@pilgrimstack @ajeetsraina @AorJoa @PNgoenthai
@GroupSprint3r @toughIQ @mrnonaki @zinuzoid
@_EthanHunt_ @packethost @ContainerizeT-
ContainerizeThis @_pascalandy
@voodootikigod
@AlexPostID @gianarb @Rucknar
@lherrerabenitez @abhisak @djalal


swarm
c Chapter 1

j
m

Chapter 6

--engine-
install-url
Chapter 4
docker swarm init

ssh
join
warm-
worker- ssh
172.31.10.250

https://github.com/swarm2k/swarm2k/tree/master/amazonec2

go

config.yml

mg0 mg1 mg2


status

https://github.com/fsoppelsa/a
nsible-swarm

go ansible-
playbook -M

---
docker_swarm

join
worker
tcp://104.236.78.154:2377

tcp://104.236.78.154:2377 104.236.18.183:2377
tcp://104.236.87.10:2377
(secret)

dockerurl tlspath
docker_swarm.go
docker node
ls
docker node
create
node

promote worker0 worker1


docker node update

active pause drain

active
pause
drain

--label-add --label-
rm
dockerd [...] --label "staging" --label "dev"
[...]

node.type
docker node rm --force
--force

--filter
1044140032

/var/lib/docker/swarm

certificates/
raft/
worker/

/var/lib/docker/swarm/raft

docker node remove


nodeID --force
/var/lib/docker/swarm/raft/wal /var/lib/docker/swarm/raft/snap

https://shipyard-project.com/

https://shipyar
d-project.com/docs/deploy/automated/

compose
8080 8080
https://github.com/portainer/portainer/)
-
s

node-1
node-1
eval

docker info
docker service

.
docker service
create

80 80

--replicas 1
fsoppelsa/swarm-nginx
richarvey/nginx-php-fpm
nginx nginx
nginx

80
node-2
mysql 3306
dockerswarm

mysql node-1
10.255.0.2
node-1

--constraint

--constraintnode.KEY == VALUE --
constraintnode.KEY != VALUE
Chapter 5

docker node update --label-add

node.id node.id == 3tqtddj8wfyd1dl92o1l1bniq


node.role node.role != manager

node.hostname node.hostname == node-1


node.labels node.labels.type == database
wordpress
node.role != manager node.role == worker
wordpress, 3 80,
80
mysql wordpress

mysql + wordpress
docker-compose up

wordpress.dab

wordpress.dab
wordpress.dab

wordpress1_wordpress wordpress1_db

docker pull
google_container

8080

spark://spark-master:7077
-d
gcr.io/google_containers/spark-master --name
-h

8080,
worker-1
Chapter 7

node-1


8080
7077

8081
docker stats a7a2b5bb3024

Chapter 7

Chapter 6

ht
tps://docs.docker.com/engine/extend/plugins/
Chapter 6

https://docs.docker.com/engine/extend
/
https://docs.docker.com/engine/reference/commandline/plugin_install/
https://flocker-docs.clu
sterhq.com/en/latest/docker-integration/cloudformation.html

authorized_keys

flocker keys/
t2.medium

--amazonec2-ami

docker-machine

https://cloud-images.ubuntu.com/locator/ec2/
docker-machine

4523/tcp
4524/tcp

2377/tcp

https://clusterhq.com/flocker/introduction/
myvolume /data
docker volume

flocker-ca

agent.yml

https://github.com/fsoppelsa/ansible-flocker

https://github.com/ClusterHQ/ansible-role-flocker
flocker-ca

https://docs.clusterhq.com/en/latest/flocker-standalone/install-client.html

pip

certs/

cluster.crt .key
control-service.crt .key
plugin.crt .key
client.crt .key
node-aws-101.crt .key node-aws-110.crt .key

flocker-ca initialize cluster

flocker-ca create-control-certificate
aws-101
flocker-ca create-api-certificate
plugin
flocker-ca create-api-certificate
client
flocker-ca create-node-
certificate node-aws-X
utility/generate_certs.sh
ansible-flocker

certs/
clusterhq-python-flocker
clusterhq-flocker-node
clusterhq-flocker-docker-plugin

/etc/flocker
agent.yml /etc/flocker
/etc/flocker
2376 2377 4523
4524

inventory .ini
certs/
files/

files/agent.yml
hostname access_key_id
secret_access_key

/etc/flocker

agent.yml files/

flocker_control_install.yml

flocker-control
flocker-dataset-agent
flocker-container-agent
flocker-docker-plugin
docker

flocker_nodes_install.yml

flocker-control
.sock flockerctl

https://docs.clusterhq.com/en/latest/flocker-features/flockerctl.html
curl

flockerctl:
aws-108

aws-104
flockerctl
spark

75G
profile

https://docs.clusterhq.com/en/latest/flocker-features/aws-configuration.html#aw
s-dataset-backend

flockerctl list

aws-105

aws-105

--env
--network

--mount

type=volume
/data target=/data
spark source=spark
volume-driver

/data
aws-105 8080

fsoppelsa/spark-worker
run-example
aws-105

/data

http://www.loremipsum.net /data/file.txt
file.txt

/data/output
busybox spark
http://developer.swisscom.com/)

– scale
spark-worker
3

30
https://www.reddit.com/r/docker/comments/4zous1/monitoring_containers_under_11
2_swarm/
https://prometheus.io/docs/introduction/overview
/

ingress spark
monitoring
global

basi/prometheus-swarm

node-exporter global
3000

Prometheus

“ ”
--
aux-address


10.9.0.0/24
libkv libkv

www.github.com/docker/libkv
libkv
libkv, libkv
Store

Put Get Delete Watch

Consul
Get Delete

libkv

Chapter 4
SWMTKN-1-11lo1xx5bau6nmv5jox26rc5mr7l1mj5wi7b84w27v774frtko-
e82x3ti068m9eec9w7q2zp9fe
https://gith
ub.com/docker/notary
https://github.com/theupdateframework/tuf)

docker-compose.yml

chanwit/server:v042 hanwit/signer:v042
https://127.0.0.1:4443

127.0.0.4443

https://127.0.0.1:4443

chanwit/busybox:signed
secret create

1234 1234\n

/run/secrets/
/run/secrets/password 1234

entrypoint.sh

MYSQL_ROOT_PASSWORD

/run/secrets/mysql-root-password
MYSQL_ROOT_PASSWORD
docker-
entrypoint.sh

/run/secrets/mysql-root-password
/run/secrets
source=password target=mysql-root-password
mysql

-e PMA_HOST=mysql
myadmin

http://127.0.0.1:8080 PHPMyAdmin
1234

Chapter 11
https://docs.docker.com/ucp/overview

https://docs.docker.com/docker-trusted-registry
http://docs.aws.amazon.com/Route53/latest/DeveloperGuide/Welcome.html
nova boot ...

Here is your token: gAAAAABX78ldEiY2


“ ”
nova-compute

“ ”

-d openstack
nova boot ... --max-count 10 machine-

docker-machine

The (deprecated) nova-docker driver


heat stack-create -f configuration.hot
dockerhosts
https://blueprints.launchpad.net/magnum/+spec/swarm-mode-support

magnum-api

magnum-conductor magnum-api
nova-conductor
nova-compute

http://docs.openstack.org/developer/magnum/
apt-get
install

10.21.22.2
10.21.22.4, 5 6
apt-get

magnum.conf

tcp/9511
10.21.22.2
tcp/9511

116 openvswitch db

180-magnum.cfg
/etc/haproxy/conf.d

10.21.22.2:9511
ps
aux
m1.medium

http://blog.rackspace.com/carina-by-rackspace-simplifies-containers-with-easy-t
o-use-instant-on-native-container-environment






https://theupdateframework.github.io/

Chapter
9
Chapter 6
www.github.com/docker/docker
www.github.com/docker/machine
www.github.com/docker/swarmkit
www.github.com/docker/compose
www.github.com/docker/infrakit

https://github.com/docker/docker/blob/master/CONTRIBUTING.md
www.github.com/swarmzilla

fsoppelsa/etcd fsoppelsa/swarmkit
166 167 168

99

226
118 119
39
164
28

119

119 121 185

15 16 11 12
15 163
16 163
17
16 128

152 153 122


158 159 160 124 125
153 123 124
157 126
157 125 126
157 124 125
157
154 156 122
28 29 30 31
59 173
122
55 122

163 163
164 165 163
166 9
166 232
163 146
167 168
59
59 60 61 95 96
217 244 97
9 209
78 79
194 195
194 211 212
194 211
194
230 161 162
213 214 215
167 138 139 140 141 142
173 79 80
232 83
80
13 15 244
15 150
16 151
17 152
16 77 78

95 96 97
82 124 125
166 39 40 41 42 43 74 114
45 46 119 121
61 118 119
80 150 151 82
13 80 81 82
80 81 82 77
244 80
149 76
80 81 82
16 115 116
114 115
225 226 82
225 83
225 83
116 117 118
21 83
21 22 75 76
23 24 25 75 76
116
31 32 112 113
164 165 113
26 113
209 210 113
114 12 13
9 10
26 27 28 129
17 18 127 128
33 34 35 36 37 97 98
28 13 14
28 16
29 30 31 16
34 26
19 99
19 99
19 10
19 13
31 32 11 12
19 131 132
19 11
19 11
19 129 130 131
26 10 11
34 17
19 17
34 14 17
34 98 99
20 11
20
19 225
20
19 247
20 247
20 246
20 247
19 20 218 219 220 221 222
75 76 218 222 223 224 225
75 76 246
246
11 246
15 16
20
15 221
128 129
21 22 77
23 24 25
26 100 80
101
11 56
56 57 58
56

209
167
102
169

168 13
14
161 230
169 170 13 14
173 13
172 173 16
168 16
166 168 14 17
171 172
181 183 184
174 175
46
200 201
13 200
202
185 187
188 190 106

161 192 193 194


194 195
193
87
193
226
193
194
19

101 26
101 102 103 80 81 82
240 143
241 242 243
242 181
246
217

93 94 95
246
19
196 123 124
196 197 198
231 127
126 127
231 232
232 114 115
232 126
232 125 126
231 232
235 236 98
237 238

232 233 234 235 229


232 166
238 239 229
90 226
115 116 226
229
87 226
88 230 231
226
196 226 228
196 228
226 227 228
134 135 142 196 197 198
135 143
135
136
135
136
11 12
136 137 138
245
233
131 132
246
131
186 187
85 86
161
185 186
198 199 200 186
194 188 189 190
186
136 82 124 125
138 139 140 141 142 163
136 137
138
146

185
239
88 89 246

52 87
54 101
52 110 111
52 53 54 101
83 247

104
163 110 111
83 107 108 109
247
116 117 118 104 105 106
166 104 105 106
134
83 208
143 144 145 208
146 207
147 148 149 205 207
37 38
129 176
207
129 130 131 185
129 176
207
240 209
241 242 243 207
205 207
207
166 186 187
177 178 179 208
162 206
181 183 184 226 227 228
184 185 186
179 180 188 189 190
176 177 240
163 207
176 177
167 168 206
167 168 209
149 64 67
64 65 66 243
243
69
46
62 63 46 47 48 49 50
63 64 51
67 68 69 71 51
72
65
72 73 74 244 245 246
63
67 225
65 66
63
75 76
163
75 76
13
62

83
116
89 91 92

101 244

You might also like