Deploying Docker Swarm

Leave your reply

Introduction

Learn how to deploy Docker's native clustering tool, Docker Swarm. Swarm turns a pool of Docker hosts (including remote servers) into one single virtual host. You can then run an application on the entire distributed cluster.

Requirements

  • One or more servers running CentOS 7 or Ubuntu 14.04.
  • Docker installed and running on your machine.
  • Basic knowledge of Docker usage and commands.

Firewall Rules

To begin, you will need to allow firewall access for the ports used by Swarm. Go to your Cloud Panel and click on Network -> Firewall Policies on the menu on the left.

Docker Swarm

If you have previously created a firewall policy, click to select that policy and scroll down to edit it. Otherwise, click Create to create your new firewall policy.

Click Create

Give your policy a name, then fill in your firewall rules.

Add firewall policy

After adding each rule, click the green + button to add it and get a new line.

Click the green +

Add the following rules:

  • TCP/UDP, from port 4000 to port 4000, ALL
  • TCP/UDP, from port 7946 to port 7946, ALL
  • TCP/UDP, from port 8500 to port 8500, ALL
  • TCP, from port 22 to port 22, ALL
  • TCP, from port 80 to port 80, ALL
  • TCP, from port 2375 to port 2375, ALL
  • TCP, from port 2376 to port 2376, ALL
  • TCP, from port 3375 to port 3375, ALL
  • TCP, from port 3376 to port 3376, ALL
  • TCP, from port 8300 to port 8300, ALL
  • TCP, from port 8301 to port 8301, ALL
  • TCP, from port 8302 to port 8302, ALL
  • TCP, from port 8400 to port 8400, ALL
  • UDP, from port 4789 to port 4789, ALL

IMPORTANT: If this is a new firewall policy, you will also want to add any firewall rules which apply to your existing services.

Click the Add Predefined Values button and click to select any services which apply.

Add predefined values

When you have finished adding your new firewall rules, click the Create button.

Click Create

Next, you need to assign your servers to this firewall rule. Scroll down and click the Assign button.

Click Assign

Click to select the server(s) you want to assign to this firewall rule, then click Save changes.

Assign server

Swarm Concepts

Swarm groups a pool of Docker containers into a cluster, so that they act as one large container. You can run a Swarm cluster with a pool of containers on the same host. You can also connect pools of containers from external hosts to the Swarm.

Each Swarm needs at least one host to act as the Swarm manager. Setting multiple hosts as managers provides redundancy so that your Swarm cluster doesn't go down if the manager becomes unavailable.

The Swarm will also need discovery services. A discovery service allows containers to find and connect to their designated Swarm. For this example we will be using Consul. Other discovery services include Etcd and Zookeeper.

For this example we will be using only two servers: a manager which will also run Consul, and a node.

A note on installing Docker Swarm: Docker Swarm is built into the Docker Engine. There is no need to install it separately.

Running a Swarm

To create a Docker Swarm cluster we will:

  • Start Docker in -H mode on the host which will serve as manager.

  • Run a Consul container on the manager.

  • Run a Swarm container on the manager.

  • Start Docker in -H mode on a second host which will serve as a node.

  • Run a Swarm container on the node and join it to the Swarm.

  • Test the Swarm and run a "Hello World" application.

Run Docker in Host Mode on the Manager

If Docker is already running on the machine you will use as the manager, stop it with the command:

CentOS 7:

systemctl stop docker

Ubuntu 14.04:

service docker stop

Once Docker is stopped, start it with the -H flag to run it in Host mode:

sudo nohup docker daemon -H tcp://0.0.0.0:2375 -H unix://var/run/docker.sock &

Adjust Startup Options

By default, if the server is rebooted, Docker will restart without the -H flag. To add this flag to Docker's startup rules, you will need to edit the startup options.

CentOS 7

Edit the /etc/sysconfig/docker file:

sudo nano /etc/sysconfig/docker

Find the OPTIONS line and add the -H flag so that it reads:

OPTIONS='--selinux-enabled -H tcp://0.0.0.0:2375 -H unix://var/run/docker.sock'

Save and exit the file.

Ubuntu 14.04

Edit the /etc/default/docker file:

sudo nano /etc/default/docker

Find the DOCKER_OPTS line and add the -H flag so that it reads:

DOCKER_OPTS="-H tcp://0.0.0.0:2375 -H unix://var/run/docker.sock"

Save and exit the file.

Run a Consul Container

On the manager, install and run a Consul container with the command:

sudo docker run --restart=always -d -p 8500:8500 --name=consul progrium/consul -server -bootstrap

Note: In a large production cluster, it is a good practice to run the Consul service on a separate host. For this example, we will be doubling up and running Consul on the manager host.

Run a Swarm Container on the Manager

Start the Swarm container on the manager with the following command, replacing the relevant IP addresses:

sudo docker run --restart=always -d -p [manager IP address]:4000:4000 swarm manage -H :4000 --replication --advertise [manager IP address]:4000 consul://[Consul IP address]:8500

For this example we will be running Consul on the same server as the manager, IP address 192.168.0.1:

sudo docker run --restart=always -d -p 192.168.0.1:4000:4000 swarm manage -H :4000 --replication --advertise 192.168.0.1:4000 consul://192.168.0.1:8500

Start Docker in Host Mode on the Node

If Docker is already running on the server you will use as the node, stop it with the command:

CentOS 7:

sudo systemctl stop docker

Ubuntu 14.04:

sudo service docker stop

Once Docker is stopped, start it with the -H flag to run it in Host mode:

sudo nohup docker daemon -H tcp://0.0.0.0:2375 -H unix://var/run/docker.sock &

Run a Swarm Container on the Node

Start the Swarm container on each host you want to serve as a node with the following command, replacing the relevant IP addresses:

sudo docker run --restart=always -d swarm join --advertise=[Node IP address]:2375 consul://[Consul IP address]:8500

For this example we will be on a node server with IP address 192.168.0.255, connecting to the Consul service on the manager server, IP address 192.168.0.1:

sudo docker run --restart=always -d swarm join --advertise=192.168.0.255:2375 consul://192.168.0.1:8500

Repeat steps 4 and 5 for any other servers you want to add as Swarm nodes.

Test the Swarm

You can get information about the Swarm from any host connected to it, using the command:

sudo docker -H [manager IP address]:4000 info

This will return information about the health of the Swarm, including the number of containers connected to it.

The official Docker Swarm image includes a test "Hello World" application which you can run on your Swarm. Test your Swarm by running this program with the command:

sudo docker -H [manager IP address]:4000 run hello-world

You should see output that begins with:

Hello from Docker.
This message shows that your installation appears to be working correctly.

And finally, check to see which Swarm node ran the application with the command:

sudo docker -H [manager IP address]:4000 ps -a