#Docker: Create and manage a Docker Swarm with Docker CE and register it to Docker Cloud

By | March 10, 2017

The new Docker CE makes it easy to deploy and work with Docker Swarm.
I will describe how to setup a test 4 node Docker Swarm that will be further used to host a test enterprise application (a post is going to follow with that).

STEP 1: First some practical considerations

A Docker Swarm is as the definition is stating: “a clustering and scheduling tool for Docker containers”.
This means that if we start a container as a service on the Docker Swarm, that container will freely float (free in the bound of the administrator defined constraints) on the nodes that constitute the Docker Swarm. This offers us out of the box high availability, automatic disaster recovery and optimized resource usage. Everything you want in case of mission critical enterprise systems.

Docker CE Engine introduced a new swarm mode for natively managing a Docker Swarm.
The new Docker swarm mode implements Raft Consensus Algorithm and does not require using external key value store any-more, such as ZooKeeper, doozerd, and etcd. This is a big thing as eliminates the need to configure and support yet another service just to be able to manage the cluster (swarm).

Important for the consensus engine. You should always have an odd number of manager nodes (so voting works) and more than one. So looks like in a truly fault tolerant enterprise system setup we need at least 3 manager nodes.

STEP 2: Initialize the swarm
Make sure all the nodes that will be added to the swarm have Docker CE in experimental mode deployed on them. See post #Docker: Install the new Docker CE in experimental mode on Fedora Linux

We have to appoint first a machine where the leader docker manager node is going to run and use it to initialize the swarm. Note that a manager node will use some extra resources (CPU and memory) compared to a worker node, so be careful when designating it.

I choose my nas2.voina.org server as a leader docker manager node.

You must use a real IP of the server not the server name as the advertised address.
The swarm is created and a random ID is assigned to our leader docker manager node.
The swarm will create a random swarm join-token that will be used as a key by new nodes to be able to connect to the swarm.

STEP 3: Open ports
The following ports must be opened between the nodes of the swarm,

– 2377/TCP for cluster management communications
– 7946/TCP and 7946/UDP for communication among nodes
– 4789/UDP for overlay network traffic
– 50/ESP in case overlay network with encryption (–opt encrypted) is used

So on RedHat/CentOS/Fedora that uses firewalld do the following.

Find the active zones.

Then open the ports and esp protocol in the active zone.

Find all the configurations associated with the active zone.

STEP 4: Add worker nodes
Let’s add now 3 worker nodes (nas1, nas3, nas4) to the swarm.
Execute on each of designated worker nodes:

Just to see how easy is to setup a swarm across diverse servers note that nas1,nas2 and nas4 are at my primary location and nas3 is at my secondary location at 100km from first site. The sites are connected by a site-to-site openVPN. See EdgeRouter: OpenVPN site-to-site VPN

After the above command was executed on all nodes we can check the status of the swarm.
Execute on the leader manager node the following:

STEP 5: Adding extra manager nodes
To add a manager to this swarm, run :

STEP 6: Register a free Docker Cloud account

Go to Docker Cloud and register a new account. You will see the new Docker Cloud GUI that looks much more simple than several months ago.

You can create a free docker repository , organizations and you can create swarms (using a cloud provider) or import existing swarms.

STEP 7: Register the new created swarm to Docker Cloud

To register an existing swarm go to “Swarms” menu. Click on “Bring your own swarm”.

As instructed more ports must be opened in the firewall of the manager node.

You need to open incoming port 2376 in your firewall for Docker Cloud to communicate with the Docker daemon running in your manager node.

On the manager node (nas2) run the Docker Cloud registration container. Follow the instructions and login with your Docker Cloud credentials then assign a name to the swarm (voina/swarm).

After this you can go back in the Docker Cloud GUI and at the menu “Swarms” the new attached swarm will appear with status DEPLOYED.

At this point you cannot do a lot (Swarms menu is in beta) but we have a promise that more operations and monitoring on the registered swarms will be possible in later updates.

STEP 8: Connect to the docker swarm

To connect to the swarm execute.

STEP 9: Managing nodes of the swarm
Take a node out of the swarm.

On the swarm node execute:

On the manager execute:

where w3eq0hhcf7plx6hr3uhuxymcx is the ID of the node to be removed.

The order is very important if you try to remove a node on the manager before the node itself left the swarm the following error occurs:

STEP 10: Test the swarm
To test the swarm I deployed on the swarm a nice and simple application: Docker Swarm Visualizer.
On the manager node execute the following to create a Docker Swarm Visualizer on the swarm:

This will deploy the swarm visualizer that can be access on the manager node at http://192.168.2.22:8080.

In the next post I will use the features of the new docker compose to deploy directly from an yml file a full environment on the swarm.

Advertisements

2 thoughts on “#Docker: Create and manage a Docker Swarm with Docker CE and register it to Docker Cloud

  1. Pingback: Letsencrypt Secured Private Registry for #Docker Swarm – blog.voina.org

  2. Pingback: Monitor #Docker #swarm nodes with #WeaveScope – blog.voina.org