Configure Docker Swarm
November 15, 2019
You can also read more about Docker Swarm on the official documentation page
-What is a Docker Swarm ?
“Docker Engine 1.12 introduces swarm mode that enables you to create a cluster of one or more Docker Engines called a swarm.
Docker swarm is a management and orchestration features embedded in the Docker Engine are built using swarmkit. Swarmkit is a separate project which implements Docker’s orchestration layer and is used directly within Docker.”
Swarm consists of a multiple Docker hosts which are running in swarm mode and act as managers and workers. Manager is managing delegations and memberships. Workers are running the swarm services.
-Before
For example i have 3 separate servers that i would like to run in Docker Swarm mode.
1.1.1.1
2.2.2.2
3.3.3.3And all of them are connected to the private network 10.0.0.1/16
-Network Configuration
This part was only important in my use case. So you can skip networking configuration if it’s not relevant to you.
All my servers were connected to the private subnet 10.0.0.1/16. And this was really important that they would stay connected to each other over that network. In this case i needed to change docker ingress network subnet due to the fact that the default ingress subnet has the same subnet.
When you initialize a swarm or join a Docker host to an existing swarm, two new networks are created on that Docker host:
- an overlay network called ingress, which handles control and data traffic related to swarm services. When you create a swarm service and do not connect it to a user-defined overlay network, it connects to the ingress network by default.
- a bridge network called docker_gwbridge, which connects the individual Docker daemon to the other daemons participating in the swarm.
Inspect networks:
docker network inspect ingressRemove ingress network:
docker network rm ingressCreate a new ingress network with the subnet 20.11.0.0/16:
docker network create \
--driver overlay \
--ingress \
--subnet=20.11.0.0/16 \
--gateway=20.11.0.2 \
--opt com.docker.network.driver.mtu=1200 \
my-ingress-Configure the Manager Node
We have decided that 1.1.1.1 will be the manager in our case. On the 1.1.1.1 we will need to initialize swarm mode by running command below:
docker swarm init --advertise-addr 1.1.1.1The output will be the command with the worker token that we will need to run on the other servers in order for them to join to the cluster manager 1.1.1.1
docker swarm join --token SWMTKN-1-19a9q3z51lr1qjakg2wfsdhweweasdsjik323zxgmg23-qwe3qfggwe67a22kdl-Configure the Worker Nodes
Run this command on each server that should be connected to the Cluster Manager as a Worker
docker swarm join --token SWMTKN-1-19a9q3z51lr1qjakg2wfsdhweweasdsjik323zxgmg23-qwe3qfggwe67a22kdl-Verify the Swarm Cluster
On the manager node run
docker node lsThe output example:
In case you will loose join tokens you can run the following commands on the manager node:
To retrieve the manager token run:
docker swarm join-token manager -qTo retrieve the worker token run:
docker swarm join-token worker -q-Deploy Application
We can use docker service or docker stack:
- The
docker stackcan be used to manage a multi-service application. - The
docker serviceis used when you need to manage an individual service on a docker swarm cluster.
We will use docker stack. Lets create docker-compose-app1.yml file with the following content:
version: "3"
services:
app:
image: 15734342727.dkr.ecr.us-east-1.amazonaws.com/hello-world:latest
restart: always
ports:
- 8010:80
networks:
- defaultYou’ve probably noticed that i’m usng AWS ECR (private registry) and in order for the workers to pull the image from that registry we need to deploy the app with the option --with-registry-auth to send registry authentication details to Swarm agents.
If you are using private registry as well then before deploying the application we need to login to the registry in my case it is AWS ECR.
Run the following command on the manager node:
aws ecr get-login --no-include-emailThe output will be a docker login ... command. You need to execute this command on the cluster manager in order to login to the AWS ECR registry.
After we can run the following command on the manager node:
docker stack deploy -c docker-compose-app1.yml --with-registry-auth Hello_World_AppTo validate services, run the following command on the manager node:
docker service lsThe example output with the 2 applications:
To scale the app run the following command on the manager node:
docker service scale <SERVICE-ID>=<NUMBER-OF-TASKS>For example:
docker service scale sjcrh8ra88yf=5