Scribd
Upload
60 views9 pages

Containers Everywhere New Problems

The document discusses problems with container orchestration and introduces Docker Swarm Mode as a built-in clustering and orchestration solution for Docker containers. Key points covered include how Swarm Mode addresses issues like automated container lifecycles, scaling, replacement without downtime, and secure networking and secrets management. It provides graphics illustrating the Swarm architecture and explains what occurs when initializing a Swarm, including the creation of a root signing certificate and join tokens to enable replication and security across manager nodes. Finally, it lists options for creating a test 3-node Swarm cluster for learning purposes.

Uploaded by

Adnan Farkhand
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
60 views9 pages

Containers Everywhere New Problems

The document discusses problems with container orchestration and introduces Docker Swarm Mode as a built-in clustering and orchestration solution for Docker containers. Key points covered include how Swarm Mode addresses issues like automated container lifecycles, scaling, replacement without downtime, and secure networking and secrets management. It provides graphics illustrating the Swarm architecture and explains what occurs when initializing a Swarm, including the creation of a root signing certificate and join tokens to enable replication and security across manager nodes. Finally, it lists options for creating a test 3-node Swarm cluster for learning purposes.

Uploaded by

Adnan Farkhand
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 9

Containers Everywhere = New Problems

• How do we automate container lifecycle?


• How can we easily scale out/in/up/down?
• How can we ensure our containers are re-created if they fail?
• How can we replace containers without downtime (blue/green
deploy)?
• How can we control/track where containers get started?
• How can we create cross-node virtual networks?
• How can we ensure only trusted servers run our containers?
• How can we store secrets, keys, passwords and get them to the right
container (and only that container)?
Swarm Mode: Built-In Orchestration
• Swarm Mode is a clustering solution built inside Docker
• Not related to Swarm "classic" for pre-1.12 versions
• Added in 1.12 (Summer 2016) via SwarmKit toolkit
• Enhanced in 1.13 (January 2017) via Stacks and Secrets
• Not enabled by default, new commands once enabled
• docker swarm
• docker node
• docker service
• docker stack
• docker secret
Swarm Graphic 1
Swarm Graphic 2
Swarm Graphic 3
Swarm Graphic 4
Swarm Logo
docker swarm init: What Just Happened?
• Lots of PKI and security automation
• Root Signing Certificate created for our Swarm
• Certificate is issued for first Manager node
• Join tokens are created
• Raft database created to store root CA, configs and secrets
• Encrypted by default on disk (1.13+)
• No need for another key/value system to hold orchestration/secrets
• Replicates logs amongst Managers via mutual TLS in "control plane"
Creating 3-Node Swarm: Host Options
• A. play-with-docker.com
• Only needs a browser, but resets after 4 hours
• B. docker-machine + VirtualBox
• Free and runs locally, but requires a machine with 8GB memory
• C. Digital Ocean + Docker install
• Most like a production setup, but costs $5-10/node/month while learning
• Use my referral code in section resources to get $10 free
• D. Roll your own
• docker-machine can provision machines for Amazon, Azure, DO, Google,
etc.
• Install docker anywhere with get.docker.com

You might also like