Docker Swarm from basic operations to deploy

About Docker Swarm

Docker Swarm consists of two parts:

1. Docker clusters: one or more nodes organized Docker, users can be managed in a cluster;
2. Application choreography: a set of API used to deploy and manage the container;

Official Information: https: //docs.docker.com/swarm/

Network Diagram

The figure is a typical Docker Swarm cluster deployment diagram, from Docker's official website:

Next shining on plans to build a Docker Swarm cluster.

Ready to work

The combat uses a total of five machines, all of the same configuration information as follows:

1. Operating System: CentOS Linux release 7.6.1810
2. Docker Services Version: 1.13.1
3. Firewalls have been closed;

Machine information in the following table:
| IP address | hostname | identity |
| - | - | - |
| 192.168.121.142 | M0 | management node |
| 192.168.121.139 | M1 | management node |
| 192.168. 121.140 | m2 | management node |
| 192.168.121.141 | W0 | worker nodes |
| 192.168.121.138 | W1 | worker nodes |

Why three management nodes?

Official map seen from the internal management coordination between the management node cluster using the Raft consensus algorithm, thus ensuring the management node high availability (HA), will generally refer to the following two principles:

1. Deployment odd management node, which helps to reduce the split brain;
2. Do not deploy too many management node, because the more the management node means that it takes much time to reach a consensus with;

Introduction to deploy clusters steps

The next deployment of the entire process is divided into the following steps:

1. Initializing a first management node (M0);
2. Add a new management node (m1, m2);
3. Working added node (w0, w1);

Then it started;

Initialize the first management node (m0)

1. m0 node IP address is 192.168.121.142 , and therefore execute the following command in m0 nodes:

docker swarm init \
--advertise-addr 192.168.121.142:2377
--listen-addr 192.168.121.142:2377

About advertise-addr and listen-addr these two parameters, the former is used to specify the address of other nodes connected to m0, which swarm designated bearer traffic IP and port, they are more detailed and in-depth difference can refer to the article: https: / /boxboat.com/2016/08/17/whats-docker-swarm-advertise-addr/

1. Console return information as follows, indicating successful initialization Swarm cluster:

Swarm initialized: current node (7585zt09o2sat82maef0ocf42) is now a manager.

To add a worker to this swarm, run the following command:

    docker swarm join \
    --token SWMTKN-1-5huefb5501cv7p8i2op1am2oevasoqu4te8vpvapndkudvszb4-e8l6755jstd7urpdo5smyi8fv \
    192.168.121.142:2377

To add a manager to this swarm, run 'docker swarm join-token manager' and follow the instructions.

1. All cluster nodes are listed in the current Swarm, you can see the status and identity of the unique node m0:

[root@m0 ~]# docker node ls
ID                           HOSTNAME  STATUS  AVAILABILITY  MANAGER STATUS
7585zt09o2sat82maef0ocf42 *  m0        Ready   Active        Leader

Now the cluster has been established, then we need to add more management node and worker nodes;

How to add a new node?

1. Docker Swarm's strategy is to acquire new node joins a long list of commands from the management node, called the join token, anyone who wants to join the cluster of machines as long as they perform the join token to join the Swarm cluster;
2. If a new management node needs to be added, the m0 Run docker swarm join-token manager to obtain join token management node, as follows:

[root@m0 ~]# docker swarm join-token manager
To add a manager to this swarm, run the following command:

    docker swarm join \
    --token SWMTKN-1-5huefb5501cv7p8i2op1am2oevasoqu4te8vpvapndkudvszb4-5tz9d4w7nwzu8r4ozd0ff2aiu \
    192.168.121.142:2377

1. If there is need to add a new working nodes, in Run m0 docker swarm join-token worker to get the job nodes join token, as follows:

[root@m0 ~]# docker swarm join-token worker
To add a worker to this swarm, run the following command:

    docker swarm join \
    --token SWMTKN-1-5huefb5501cv7p8i2op1am2oevasoqu4te8vpvapndkudvszb4-e8l6755jstd7urpdo5smyi8fv \
    192.168.121.142:2377

Two kinds join token are ready, then start adding new nodes.

Added management node m1, m2

1. Front made on the implementation of the management node m1 join token:

[root@m1 ~]# docker swarm join \
>     --token SWMTKN-1-5huefb5501cv7p8i2op1am2oevasoqu4te8vpvapndkudvszb4-5tz9d4w7nwzu8r4ozd0ff2aiu \
>     192.168.121.142:2377
This node joined a swarm as a manager.

1. Do the same on the m2;
2. Executed on m0, m1, m2 which Renyiyitai command docker node ls view the status of Swarm cluster, as shown below, we can see three management nodes are normal state, ID Fields marked with an asterisk suffix indicates that the machine is currently executing command m1:

[root@m1 ~]# docker node ls
ID                           HOSTNAME  STATUS  AVAILABILITY  MANAGER STATUS
0isfyre69mdu1hm11esf1q3dk    m2        Ready   Active        Reachable
7585zt09o2sat82maef0ocf42    m0        Ready   Active        Leader
slc0hjbs7jh2hdi8ai3wohy23 *  m1        Ready   Active        Reachable

Join the working node w0, w1

1. Implementation of the node obtained previously in w0 join token:

[root@w0 ~]# docker swarm join \
>     --token SWMTKN-1-5huefb5501cv7p8i2op1am2oevasoqu4te8vpvapndkudvszb4-e8l6755jstd7urpdo5smyi8fv \
>     192.168.121.142:2377
This node joined a swarm as a worker.

1. Do the same operation on W1;
2. Execute commands on m0, m1, m2 which Renyiyitai docker node ls Status View Swarm cluster nodes have all ready seen work:

[root@m0 ~]# docker node ls
ID                           HOSTNAME  STATUS  AVAILABILITY  MANAGER STATUS
0isfyre69mdu1hm11esf1q3dk    m2        Ready   Active        Reachable
7585zt09o2sat82maef0ocf42 *  m0        Ready   Active        Leader
i71bcxt1auc804syybroajtan    w1        Ready   Active        
slc0hjbs7jh2hdi8ai3wohy23    m1        Ready   Active        Reachable
wqcwcccva3d3mxgi5p423d4fv    w0        Ready   Active

So far, Swarm cluster environment set up is completed, the next can be verified.

Verify Swarm cluster environment

1. Create a file named tomcat-net overlay network (Overlay Netowork), this is a Layer 2 network, in the docker container in the network, even if the host is not the same, they can visit each other:

docker network create -d overlay tomcat-net

1. Create a service called tomcat using the overlay network just created:

docker service create --name tomcat \
--network tomcat-net \
-p 8080:8080 \
--replicas 3 \
tomcat:7.0.96-jdk8-openjdk

1. Run docker service ls View all current services:

[root@m0 ~]# docker service ls
ID            NAME    MODE        REPLICAS  IMAGE
kguawc4b5th4  tomcat  replicated  3/3       tomcat:7.0.96-jdk8-openjdk

1. Run docker service ps tomcat view service called tomcat, showing three containers were deployed on m0, m2, w1 machine:

[root@m0 ~]# docker service ps tomcat
ID            NAME      IMAGE                       NODE  DESIRED STATE  CURRENT STATE           ERROR  PORTS
n1gs9f1plce2  tomcat.1  tomcat:7.0.96-jdk8-openjdk  w1    Running        Running 19 minutes ago         
q8jyg088ci21  tomcat.2  tomcat:7.0.96-jdk8-openjdk  m2    Running        Running 19 minutes ago         
h9ww33dpw56m  tomcat.3  tomcat:7.0.96-jdk8-openjdk  m0    Running        Running 19 minutes ago

1. Run docker service inspect --pretty tomcat view details tomcat named services (remove --pretty can see a more complete):

[root@m0 ~]# docker service inspect --pretty tomcat

ID:     kguawc4b5th4qlwlsv183qtai
Name:       tomcat
Service Mode:   Replicated
 Replicas:  3
Placement:
UpdateConfig:
 Parallelism:   1
 On failure:    pause
 Max failure ratio: 0
ContainerSpec:
 Image:     tomcat:7.0.96-jdk8-openjdk@sha256:91eadffb59d9a35ada2d39fcd616a749ac580aa5e834499b7128f27be2e46623
Resources:
Networks: tomcat-net 
Endpoint Mode:  vip
Ports:
 PublishedPort 8080
  Protocol = tcp
  TargetPort = 8080

1. Open your browser and try to access m0, m1, m2, w0, w1 the 8080 five machines, you can successfully access the tomcat home page:
   

   Service Model

2. There are two service models: Ingress and Host, if not specified, the default is Ingress;
3. Under Ingress mode, the port 8080 traffic to reach the Swarm any node, port 80 is mapped to any internal copy of the service, even if there is no copy of tomcat service on that node will be mapped;
4. The Host mode, only open ports on the operation of the machine with a copy of the container, using the Host Mode command as follows:

docker service create --name tomcat \
--network tomcat-net \
--publish published=8080,target=8080,mode=host \
--replicas 3 \
tomcat:7.0.96-jdk8-openjdk

Service scalable capacity

1. Run docker service scale tomcat = 5 will adjust the number of copies from 3 to 5:

[root@m0 ~]# docker service scale tomcat=5
tomcat scaled to 5

1. Run docker service ps tomcat view service called tomcat, showing the distribution of each machine a container:

[root@m0 ~]# docker service ps tomcat
ID            NAME      IMAGE                       NODE  DESIRED STATE  CURRENT STATE               ERROR  PORTS
w32tjahze2fk  tomcat.1  tomcat:7.0.96-jdk8-openjdk  m2    Running        Running 42 minutes ago             
yj5czwwhrrsh  tomcat.2  tomcat:7.0.96-jdk8-openjdk  m0    Running        Running 42 minutes ago             
pq40995nbd0k  tomcat.3  tomcat:7.0.96-jdk8-openjdk  w1    Running        Running 42 minutes ago             
y1y6z1jczel1  tomcat.4  tomcat:7.0.96-jdk8-openjdk  m1    Running        Running about a minute ago         
w0dcii8f79os  tomcat.5  tomcat:7.0.96-jdk8-openjdk  w0    Running        Running about a minute ago

Rolling upgrade

1. The current service tomcat, tomcat mirror tag is 7.0.96-jdk8-openjdk , let's try to upgrade to 9.0.24-jdk11-openjdk , execute the following command:

docker service update \
--image tomcat:9.0.24-jdk11-openjdk \
--update-parallelism 1 \
--update-delay 10s tomcat

The above command should be noted there are several:

. A update-parallelism: the number of containers each update, this is set to 1, indicates a container after each successful upgrade to upgrade to the next;

. B update-delay: After each batch upgrade is successful, waiting for the next batch of time before the upgrade, upgrade, etc. after 10 seconds represents a container where a next upgrade;

1. Execute commands during the upgrade process docker service ps tomcat view the service, you can see the process of starting a new version of the container one by one:

[root@m0 ~]# docker service ps tomcat
ID            NAME          IMAGE                        NODE  DESIRED STATE  CURRENT STATE                ERROR  PORTS
w32tjahze2fk  tomcat.1      tomcat:7.0.96-jdk8-openjdk   m2    Running        Running 56 minutes ago              
yj5czwwhrrsh  tomcat.2      tomcat:7.0.96-jdk8-openjdk   m0    Running        Running 56 minutes ago              
semuna9awsn7  tomcat.3      tomcat:9.0.24-jdk11-openjdk  w1    Running        Running 15 seconds ago              
pq40995nbd0k   \_ tomcat.3  tomcat:7.0.96-jdk8-openjdk   w1    Shutdown       Shutdown about a minute ago         
y1y6z1jczel1  tomcat.4      tomcat:7.0.96-jdk8-openjdk   m1    Running        Running 15 minutes ago              
oot3yex74v4t  tomcat.5      tomcat:9.0.24-jdk11-openjdk  w0    Running        Preparing 5 seconds ago             
w0dcii8f79os   \_ tomcat.5  tomcat:7.0.96-jdk8-openjdk   w0    Shutdown       Shutdown 3 seconds ago

1. After the upgrade is complete, use a browser to access the service, visible tomcat version has been upgraded:
   

   Delete Service

   Run docker service rm tomcat to remove the service:

[root@m0 ~]# docker service rm tomcat
tomcat
[root@m0 ~]# docker service ls
ID  NAME  MODE  REPLICAS  IMAGE

So far, Docker Swarm from the basic operations have been deployed to experience once, when you want to set up the environment, this article will give you some reference.