About Docker Swarm
Docker Swarm consists of two parts:
- Docker clusters: one or more nodes organized Docker, users can be managed in a cluster;
- Application choreography: a set of API used to deploy and manage the container;
Official Information: https: //docs.docker.com/swarm/
Network Diagram
The figure is a typical Docker Swarm cluster deployment diagram, from Docker's official website:
Next shining on plans to build a Docker Swarm cluster.
Ready to work
The combat uses a total of five machines, all of the same configuration information as follows:
- Operating System: CentOS Linux release 7.6.1810
- Docker Services Version: 1.13.1
- Firewalls have been closed;
Machine information in the following table:
| IP address | hostname | identity |
| - | - | - |
| 192.168.121.142 | M0 | management node |
| 192.168.121.139 | M1 | management node |
| 192.168. 121.140 | m2 | management node |
| 192.168.121.141 | W0 | worker nodes |
| 192.168.121.138 | W1 | worker nodes |
Why three management nodes?
Official map seen from the internal management coordination between the management node cluster using the Raft consensus algorithm, thus ensuring the management node high availability (HA), will generally refer to the following two principles:
- Deployment odd management node, which helps to reduce the split brain;
- Do not deploy too many management node, because the more the management node means that it takes much time to reach a consensus with;
Introduction to deploy clusters steps
The next deployment of the entire process is divided into the following steps:
- Initializing a first management node (M0);
- Add a new management node (m1, m2);
- Working added node (w0, w1);
Then it started;
Initialize the first management node (m0)
- m0 node IP address is 192.168.121.142 , and therefore execute the following command in m0 nodes:
docker swarm init \
--advertise-addr 192.168.121.142:2377
--listen-addr 192.168.121.142:2377
About advertise-addr and listen-addr these two parameters, the former is used to specify the address of other nodes connected to m0, which swarm designated bearer traffic IP and port, they are more detailed and in-depth difference can refer to the article: https: / /boxboat.com/2016/08/17/whats-docker-swarm-advertise-addr/
- Console return information as follows, indicating successful initialization Swarm cluster:
Swarm initialized: current node (7585zt09o2sat82maef0ocf42) is now a manager.
To add a worker to this swarm, run the following command:
docker swarm join \
--token SWMTKN-1-5huefb5501cv7p8i2op1am2oevasoqu4te8vpvapndkudvszb4-e8l6755jstd7urpdo5smyi8fv \
192.168.121.142:2377
To add a manager to this swarm, run 'docker swarm join-token manager' and follow the instructions.
- All cluster nodes are listed in the current Swarm, you can see the status and identity of the unique node m0:
[root@m0 ~]# docker node ls
ID HOSTNAME STATUS AVAILABILITY MANAGER STATUS
7585zt09o2sat82maef0ocf42 * m0 Ready Active Leader
Now the cluster has been established, then we need to add more management node and worker nodes;
How to add a new node?
- Docker Swarm's strategy is to acquire new node joins a long list of commands from the management node, called the join token, anyone who wants to join the cluster of machines as long as they perform the join token to join the Swarm cluster;
- If a new management node needs to be added, the m0 Run docker swarm join-token manager to obtain join token management node, as follows:
[root@m0 ~]# docker swarm join-token manager
To add a manager to this swarm, run the following command:
docker swarm join \
--token SWMTKN-1-5huefb5501cv7p8i2op1am2oevasoqu4te8vpvapndkudvszb4-5tz9d4w7nwzu8r4ozd0ff2aiu \
192.168.121.142:2377
- If there is need to add a new working nodes, in Run m0 docker swarm join-token worker to get the job nodes join token, as follows:
[root@m0 ~]# docker swarm join-token worker
To add a worker to this swarm, run the following command:
docker swarm join \
--token SWMTKN-1-5huefb5501cv7p8i2op1am2oevasoqu4te8vpvapndkudvszb4-e8l6755jstd7urpdo5smyi8fv \
192.168.121.142:2377
Two kinds join token are ready, then start adding new nodes.
Added management node m1, m2
- Front made on the implementation of the management node m1 join token:
[root@m1 ~]# docker swarm join \
> --token SWMTKN-1-5huefb5501cv7p8i2op1am2oevasoqu4te8vpvapndkudvszb4-5tz9d4w7nwzu8r4ozd0ff2aiu \
> 192.168.121.142:2377
This node joined a swarm as a manager.
- Do the same on the m2;
- Executed on m0, m1, m2 which Renyiyitai command docker node ls view the status of Swarm cluster, as shown below, we can see three management nodes are normal state, ID Fields marked with an asterisk suffix indicates that the machine is currently executing command m1:
[root@m1 ~]# docker node ls
ID HOSTNAME STATUS AVAILABILITY MANAGER STATUS
0isfyre69mdu1hm11esf1q3dk m2 Ready Active Reachable
7585zt09o2sat82maef0ocf42 m0 Ready Active Leader
slc0hjbs7jh2hdi8ai3wohy23 * m1 Ready Active Reachable
Join the working node w0, w1
- Implementation of the node obtained previously in w0 join token:
[root@w0 ~]# docker swarm join \
> --token SWMTKN-1-5huefb5501cv7p8i2op1am2oevasoqu4te8vpvapndkudvszb4-e8l6755jstd7urpdo5smyi8fv \
> 192.168.121.142:2377
This node joined a swarm as a worker.
- Do the same operation on W1;
- Execute commands on m0, m1, m2 which Renyiyitai docker node ls Status View Swarm cluster nodes have all ready seen work:
[root@m0 ~]# docker node ls
ID HOSTNAME STATUS AVAILABILITY MANAGER STATUS
0isfyre69mdu1hm11esf1q3dk m2 Ready Active Reachable
7585zt09o2sat82maef0ocf42 * m0 Ready Active Leader
i71bcxt1auc804syybroajtan w1 Ready Active
slc0hjbs7jh2hdi8ai3wohy23 m1 Ready Active Reachable
wqcwcccva3d3mxgi5p423d4fv w0 Ready Active
So far, Swarm cluster environment set up is completed, the next can be verified.
Verify Swarm cluster environment
- Create a file named tomcat-net overlay network (Overlay Netowork), this is a Layer 2 network, in the docker container in the network, even if the host is not the same, they can visit each other:
docker network create -d overlay tomcat-net
- Create a service called tomcat using the overlay network just created:
docker service create --name tomcat \
--network tomcat-net \
-p 8080:8080 \
--replicas 3 \
tomcat:7.0.96-jdk8-openjdk
- Run docker service ls View all current services:
[root@m0 ~]# docker service ls
ID NAME MODE REPLICAS IMAGE
kguawc4b5th4 tomcat replicated 3/3 tomcat:7.0.96-jdk8-openjdk
- Run docker service ps tomcat view service called tomcat, showing three containers were deployed on m0, m2, w1 machine:
[root@m0 ~]# docker service ps tomcat
ID NAME IMAGE NODE DESIRED STATE CURRENT STATE ERROR PORTS
n1gs9f1plce2 tomcat.1 tomcat:7.0.96-jdk8-openjdk w1 Running Running 19 minutes ago
q8jyg088ci21 tomcat.2 tomcat:7.0.96-jdk8-openjdk m2 Running Running 19 minutes ago
h9ww33dpw56m tomcat.3 tomcat:7.0.96-jdk8-openjdk m0 Running Running 19 minutes ago
- Run docker service inspect --pretty tomcat view details tomcat named services (remove --pretty can see a more complete):
[root@m0 ~]# docker service inspect --pretty tomcat
ID: kguawc4b5th4qlwlsv183qtai
Name: tomcat
Service Mode: Replicated
Replicas: 3
Placement:
UpdateConfig:
Parallelism: 1
On failure: pause
Max failure ratio: 0
ContainerSpec:
Image: tomcat:7.0.96-jdk8-openjdk@sha256:91eadffb59d9a35ada2d39fcd616a749ac580aa5e834499b7128f27be2e46623
Resources:
Networks: tomcat-net
Endpoint Mode: vip
Ports:
PublishedPort 8080
Protocol = tcp
TargetPort = 8080
Open your browser and try to access m0, m1, m2, w0, w1 the 8080 five machines, you can successfully access the tomcat home page:
Service Model
- There are two service models: Ingress and Host, if not specified, the default is Ingress;
- Under Ingress mode, the port 8080 traffic to reach the Swarm any node, port 80 is mapped to any internal copy of the service, even if there is no copy of tomcat service on that node will be mapped;
- The Host mode, only open ports on the operation of the machine with a copy of the container, using the Host Mode command as follows:
docker service create --name tomcat \
--network tomcat-net \
--publish published=8080,target=8080,mode=host \
--replicas 3 \
tomcat:7.0.96-jdk8-openjdk
Service scalable capacity
- Run docker service scale tomcat = 5 will adjust the number of copies from 3 to 5:
[root@m0 ~]# docker service scale tomcat=5
tomcat scaled to 5
- Run docker service ps tomcat view service called tomcat, showing the distribution of each machine a container:
[root@m0 ~]# docker service ps tomcat
ID NAME IMAGE NODE DESIRED STATE CURRENT STATE ERROR PORTS
w32tjahze2fk tomcat.1 tomcat:7.0.96-jdk8-openjdk m2 Running Running 42 minutes ago
yj5czwwhrrsh tomcat.2 tomcat:7.0.96-jdk8-openjdk m0 Running Running 42 minutes ago
pq40995nbd0k tomcat.3 tomcat:7.0.96-jdk8-openjdk w1 Running Running 42 minutes ago
y1y6z1jczel1 tomcat.4 tomcat:7.0.96-jdk8-openjdk m1 Running Running about a minute ago
w0dcii8f79os tomcat.5 tomcat:7.0.96-jdk8-openjdk w0 Running Running about a minute ago
Rolling upgrade
- The current service tomcat, tomcat mirror tag is 7.0.96-jdk8-openjdk , let's try to upgrade to 9.0.24-jdk11-openjdk , execute the following command:
docker service update \
--image tomcat:9.0.24-jdk11-openjdk \
--update-parallelism 1 \
--update-delay 10s tomcat
The above command should be noted there are several:
. A update-parallelism: the number of containers each update, this is set to 1, indicates a container after each successful upgrade to upgrade to the next;
. B update-delay: After each batch upgrade is successful, waiting for the next batch of time before the upgrade, upgrade, etc. after 10 seconds represents a container where a next upgrade;
- Execute commands during the upgrade process docker service ps tomcat view the service, you can see the process of starting a new version of the container one by one:
[root@m0 ~]# docker service ps tomcat
ID NAME IMAGE NODE DESIRED STATE CURRENT STATE ERROR PORTS
w32tjahze2fk tomcat.1 tomcat:7.0.96-jdk8-openjdk m2 Running Running 56 minutes ago
yj5czwwhrrsh tomcat.2 tomcat:7.0.96-jdk8-openjdk m0 Running Running 56 minutes ago
semuna9awsn7 tomcat.3 tomcat:9.0.24-jdk11-openjdk w1 Running Running 15 seconds ago
pq40995nbd0k \_ tomcat.3 tomcat:7.0.96-jdk8-openjdk w1 Shutdown Shutdown about a minute ago
y1y6z1jczel1 tomcat.4 tomcat:7.0.96-jdk8-openjdk m1 Running Running 15 minutes ago
oot3yex74v4t tomcat.5 tomcat:9.0.24-jdk11-openjdk w0 Running Preparing 5 seconds ago
w0dcii8f79os \_ tomcat.5 tomcat:7.0.96-jdk8-openjdk w0 Shutdown Shutdown 3 seconds ago
After the upgrade is complete, use a browser to access the service, visible tomcat version has been upgraded:
Delete Service
Run docker service rm tomcat to remove the service:
[root@m0 ~]# docker service rm tomcat
tomcat
[root@m0 ~]# docker service ls
ID NAME MODE REPLICAS IMAGE
So far, Docker Swarm from the basic operations have been deployed to experience once, when you want to set up the environment, this article will give you some reference.