Docker Swarm

Scaling containers using Docker Compose api has flaws – all containers are created on single machine, which makes using them too vulnerable for issues with this machine. Container Orchestration concept is a way of managing resources in an automated infrastructure. Docker Swarm is a container orchestration tool presented by Docker. Docker Swarm supports only images created using Docker. Orchestration tool works in a cluster. Cluster is a set of machines (so called Nodes) working together. Cluster must consist of at least three machines. Cluster follows Master Worker model. Whatever tasks are to be executed, are delivered to Master, and Master distributes tasks to Workers. Hence, Cluster consists of at least one Master and two Workers. If one of Workers goes down by any reason, then all Containers will be started on one of remaining Cluster Nodes (Other Workers or Master). There should be one Master in the Cluster. But so called Backup Manager can be customized, to take over in case if Master fails.

Docker Swarm does not come as part of default Docker installation. The first prerequisite for Docker Swarm : Docker should be installed and running as a Service. The following ports must be opened on all nodes in the Cluster for successful Docker Swarm connection : 2376, 2377 and 7946.

docker swarm init – command to be executed only on Master machine in the Cluster for initializing Docker Swarm

See example of docker swarm init command below :

For adding Workers to a Cluster – see picture above.

docker node ls – command that displays all nodes in the Cluster regardless of their role – Master or Worker. Master node is explicitly labeled as Leader. This command is to be executed on Master machine

docker node command can be used only if Docker Swarm was previously initialized

docker info – command that shows detailed information about Cluster

docker run … – command that creates one container on the host where it is executed

docker-compose … – command that can create multiple containers on the host where it is executed (on single machine)

docker service … – command that can create multiple containers on multiple machines

Technically there can be any number of nodes in the cluster, and any number of them can be Master nodes. But there can’t be more Worker nodes than Master nodes.

docker service create –name <service name> –replicas <number of replicas> -p <what port to bind on>:<port exposed by image> <image name> – command creating multiple containers in the Cluster

docker service ls – command that displays all services created in the Cluster

docker service ps <service name> – command that displays all containers created by the given service

docker service scale <service name>=<new number of containers> – command that updates the number of containers created by the given service

docker service inspect <service name> – command that is used to view a given service’s detailed description

Service level port number concept ?

docker service create –name <service name> –mode global -p <what port to bind on>:<port exposed by image> <image name> – command creating exactly one container on each node in the Cluster (including Master). It is helpful, for example, for logging services and monitoring

docker swarm leave – command to exclude current node from the Cluster

docker swarm leave –force – command confirming that last manager in the Cluster leaves the Cluster

If the Node must be attached to a Cluster, the following command must be executed on a Master :

docker swarm join-token worker – command for generating token for adding worker nodes to a Cluster

If the same Node is added to a Cluster again, it will be assigned another id, not matching previous one.

docker swarm join-token manager – command for generating token for adding master nodes to a Cluster (there can be more than one Master nodes in the Cluster, but only one Master at any particular moment; other nodes joined as Master nodes will have Reachable manager status)

docker node demote <node id> – command that changes given node status from Master to Worker (one of Reachable nodes becomes Master)

docker node promote <node id> – command that changes given node status from Worker to Master (node gains Reachable status)

docker node update –availability drain <node id> – command that restricts creating containers on the given node

docker node update –availability active <node id> – command that allows creating containers on the given node

Labels to nodes must be assigned prior to containers deployment.

docker node update –label add <label name>=<label value> <node id> – command to assign label to given node. docker inspect <node id> command has “Spec” section in its output, which contains information of the labels assigned to a Node.

docker service create –name <service name> –replicas <number of replicas> –constraint node.labels.<label name>=<label value> -p <what port to bind on>:<port exposed by image> <image name> – command imposing constraints to newly created containers – only on node(s) having given labels

docker service update –image <new image name> <service name> – command changing an image used for existing containers (and newly created containers) under given service. It is so called rollup concept, new image is applied to containers sequentially, one after another.

Sometimes Docker Swarm Cluster state must be secured.

docker swarm update –autolock=true – command that locks executing docker swarm commands on the given Master node without providing security key. See output example below :

docker swarm unlock – command that unlocks the Node for executing Docker Swarm commands

Docker Stack

Docker Swarm Service creates same type of container on multiple machines. How to create multiple types of containers on multiple machines? It is done by using Docker Stack mechanism. Docker Stack is managed by Docker Swarm. Docker Stack operates with yaml, such as Docker Compose. For example, this scenario is applicable for both Docker Stack and Docker Compose.

docker stack deploy -c <path to yaml file> <application name> – command to create multiple types of containers on multiple machines

docker stack ls – command that shows applications and number of services for each application

docker stack services <application name> – command that shows information of the services for given application

docker stack rm <application name> – command that removes application along with all its services from Docker Stack

More about Docker Stack – here. More about deployment Docker Stack to Docker Swarm – here.