Jex’s Note

Docker Swarm

Introduction

A distributed system tool,used to manage a cluster of Docker engines, allows you to deploy your services.

Features

  • Decentralised design: you can define its optimal state (number of replicas, network, ports, etc.)
  • Scaling (easy to scale or shrink your service)
  • Load Balancing (use overlay network)
  • Security (nodes communicate with each other over TLS)
  • Support roll-back
  • built in docker

Concepts

  • nodes & roles
    • manager leader: manager nodes elec a single leader to conduct orchestration tasks
    • manager
      • deploy your application by assigning tasks
      • maintain the desired state of the swarm
      • manager node is also a worker node by default, you can exclude it
    • worker
      • execute tasks
      • report current state of its assigned tasks to manager
    • one or more nodes can run on a server
    • a node can be both of a manger and a worker
  • services & tasks
    • a service: the definition of the tasks e.g. 1 service = 3 nginx replicas = 3 task
    • a task: a task is a running container on available node e.g. 1 task = 1 nginx
  • docker swarm use VXLAN (Virtual extensible LAN) to connect each workers just like in the LAN.
  • network
    • ingress: Exposes services to the external network.
    • overlay network manages communications among the Docker daemons.
    • docker_gwbridge: Created by docker, and it allows the containers to connect to the host.
    • IPVS: It is a load balancer implementation in the Linux kernel.

Networking

Routing Mesh

Request -> ingress network on published port -> any node (use IPVS to decide which service to go) -> ingress network (outer LB)-> overlay network (inner LB) -> node

Docker swarm command

Init

docker swarm init --advertise-addr {ip}    // local ip
  • This machine will be a manager (leader) by deafault.
  • This will generate a token command, you can execute this command at any machine you want to assign it as a worker node.

Show node list

docker node ls

Show network list

docker network ls

Create an overlay network

docker network create --opt encrypted --subnet 100.0.0.0/24 -d overlay {name}

Create service

docker service create --name nginx --network {network name} -p {ex_port:in_port} {image_name}
docker service create --name nginx --network {network name} -p 1080:80 nvbeta/swarm_nginx

Get started

  1. Use docker machine command to create 3 machines.
  2. SSH into one of machines and do swarm initialisation.
  3. SSH into the rest of machines and execute token command that is generated by step 2.
  4. Show node list to see if expected.

Setting

Open protocols and ports between the hosts

  • TCP port 2377 for cluster management communications (manager <-> worker)
  • TCP and UDP port 7946 for communication among nodes (worker <-> worker, any node participates in the swarm)
  • UDP port 4789 for overlay network traffic (worker <-> worker, nodes under the same overlay network)

Comments