Building Your Docker Swarm Tech Stack

BRET FISHER
Docker Captain, DevOps Dude,
Author of Docker Mastery
Building Your Swarm Tech Stack
bretfisher.com/dockercon18
@bretfisher

View Slide

People ask "Where's my LAMP for container clusters?"
Your solutions will be a "stack" of infrastructure tools
Cloud-native container tools are new
We need patterns and examples of full cluster stacks
Problem: No Server Tool Lives In Isolation

View Slide

Build examples of full-ish stacks on different tools
Options for solo to medium-sized DevOps/Ops teams
Use Docker Swarm latest stable as orchestrator
Limit cloud vendor lock-in*
4 Goals for Today
* Lock-in: A service I can't swap out in my server stack

View Slide

The Duality of Container Infrastructure
“It was the best of times,
it was the worst of times,
it was the age of wisdom,
it was the age of foolishness,
it was the epoch of belief,
it was the epoch of incredulity...”
Charles Dickens
A Tale of Two Cities, 1859

View Slide

Clusters are Complex
Start small and simple, grow them as you grow

View Slide

EE Platform Architecture
Physical
Virtualization
Public Cloud
Platform
Security
Developer
Services
Registry
Services
Access
Policies
App Lifecycle
Management
Automation &
Extensibility
Networking Orchestration Storage
Container Engine
ENTERPRISE EDITION PLATFORM

View Slide

CE Platform Architecture
Public Cloud
Overlay Swarm
Container Engine
COMMUNITY EDITION PLATFORM
Physical
Virtualization
Platform
Security

View Slide

View Slide

Sci-Fi!
Am I Right!

View Slide

Epic Battle Royale, on Swarm
dogvs.cat

View Slide

dogvs.cat
VS

View Slide

dogvs.cat
Sci-Fi Sounds Edition

View Slide

dogvs.cat App Services
www.dogvs.cat vote.dogvs.cat blog.dogvs.cat
result.dogvs.cat

View Slide

dogvs.cat App Services
result.dogvs.cat
(Stack Files)

View Slide

dogvs.cat
Swarm CE,
(Han) Solo Sysadmin

View Slide

Cloud agnostic, minimal infra
Apps auto-recover on node fail
Incoming TLS
Centralized logging
Centralized monitoring
Healthcheck all containers
Infra Requirements of dogvs.cat
Performance auto-scaling
Self-healing nodes
Support serverless functions
Services highly available
Han Solo Requirements Optional Requirements for Later

View Slide

3+ Droplets (Ubuntu 18.04)
Block Storage (Volumes)
Load Balancer (incoming HTTP)
Digital Ocean dogvs.cat
Services Needed for High Availability

View Slide

App Services
result.dogvs.cat

View Slide

App Services + L7 Proxy
result.dogvs.cat

View Slide

App Services + L7 Proxy + Overlay
result.dogvs.cat

View Slide

App Services + L7 Proxy + Ops
result.dogvs.cat

View Slide

Cluster + External Load Balancer
result.dogvs.cat

View Slide

Open Source Stack
HW / OS Docker Machine + Digital Ocean
Runtime Docker CE
Orchestration Docker Swarm
Networking Docker Swarm Overlay
Storage REX-Ray + Digital Ocean Volumes
Layer 7 Proxy Traefik + Let's Encrypt
Central Logging Elastic ELK
Central Monitoring Prometheus + Grafana
Swarm GUI Portainer

View Slide

Deploy Nodes: Docker Machine
./create-servers.sh
./enable-monitoring.sh
./create-swarm.sh

View Slide

Deploy Storage: RexRay Plug-in
docker stack deploy -c stack-rexray.yml rexray

View Slide

Deploy Proxy Stack: Traefik with Let's Encrypt
docker stack deploy -c stack-proxy.yml proxy
http://www.dogvs.cat:8080/dashboard/

View Slide

Deploy Ops Stacks:
Prometheus + ELK + Portainer
docker stack deploy -c stack-swarmprom.yml prom
docker stack deploy -c stack-elk.yml elk
docker stack deploy -c stack-portainer.yml portainer

View Slide

Our Apps: Voting + Ghost + Static Site
docker stack deploy -c stack-ghost.yml ghost
docker stack deploy -c stack-voting.yml vote
docker stack deploy -c stack-menu.yml menu

View Slide

Deploy Stacks: Maintenance Tasks
docker stack deploy -c stack-prune.yml prune
backups (in stack file with app)

View Slide

Day Two Operations: Updates
stack deploy ∞
micromanage update_config and healthcheck
tune your limits and reservations

View Slide

Swarm CE,
Trek Tag-Team DevOps
dogvs.cat

View Slide

Create Swarm with Terraform
Moving beyond docker-machine for multi-admin

View Slide

Docker for AWS/Azure
*for CE only

View Slide

Remote Management Bonus
18.09 has SSH endpoints for docker CLI !!
DOCKER_HOST=ssh://[email protected] docker ps

View Slide

Windows Server 2019 Workers
Swarm and overlay network feature parity!

View Slide

Our Apps using Docker App
docker-app deploy dogvscat/ghost:0.1.0
docker-app deploy dogvscat/voting:0.1.0
docker-app deploy dogvscat/menu:0.1.0
* Go check it out at github.com/docker/app

View Slide

Security?
host setup scanning: Docker Bench
image scanning: Aqua Microscanner
behavior monitoring: Sysdig Falco
user namespaces

View Slide

Swarm Enterprise,
Amazonian DevOps
dogvscat.biz
or

View Slide

Complex Infrastructure, Harder Deployment
"How can I deploy many multi-tier
app on a many servers, with all the
b e l l s a n d w h i s t l e s o f H A
orchestration, have load balancing
at all levels, with failover and
auto recovery?"
Amazonian
Team

View Slide

CE Platform Architecture
Physical
Virtualization
Public Cloud
Platform
Security
Networking Orchestration
Container Engine
COMMUNITY EDITION PLATFORM

View Slide

EE Platform Architecture
Physical
Virtualization
Public Cloud
Platform
Security
Developer
Services
Registry
Services
Access
Policies
App Lifecycle
Management
Automation &
Extensibility
Networking Orchestration Storage
Container Engine
ENTERPRISE EDITION PLATFORM

View Slide

No More One Size Fits All
Docker for
AWS
Docker for
Azure
for CE only

View Slide

Reference
Architecture
Automation
Tools
Ecosystem
Integration
Docker Certified Infrastructure

View Slide

DCI AWS

View Slide

Docker EE on AWS Stack
HW / OS Terraform + Ansible + AWS
Runtime Docker EE
Orchestration Docker Swarm
Networking Docker Swarm Overlay
Storage Docker Cloudstor EBS/EFS
Layer 7 Proxy HTTP Routing Mesh (Interlock+Nginx)
Registry Docker EE DTR
Central Logging AWS Cloudwatch Logs
Central Monitoring AWS Cloudwatch + Telegraph
Swarm GUI Docker EE UCP

View Slide

Summary
Infrastructure as code, make everything repeatable
No "special" nodes, use remote management
Grow as you go, assume you'll resize
Look for compose files of popular tools to make stacks
Don't throw out the good in search of the perfect

View Slide

Where to Go From Here
Automating Docker Enterprise 5:25 this room
Mission-Critical Migration to Multi-Cluster Kubernetes
Wed 2pm room 113
Swarm Intro Workshop
Today 4pm room 133
Wed 1:30pm room 133
Swarm Hallway Track Wed 4pm

View Slide

I'd like to
thank the
internet

View Slide

Support
the open source
you use

View Slide

PLEASE USE SESSION
SURVEY IN EVENTSPACE APP
Thanks! !
bretfisher.com/dockercon18
"Building Your Swarm Tech Stack"

View Slide

Building Your Docker Swarm Tech Stack

Building Your Docker Swarm Tech Stack

Bret Fisher

More Decks by Bret Fisher

Other Decks in Technology

Featured

Transcript