Upgrade to Pro — share decks privately, control downloads, hide ads and more …

docker service and Docker Orchestration

Mike Goelzer
October 04, 2016
1
30

docker service and Docker Orchestration

Mike Goelzer's ContainerCon Berlin 2016 talk

Mike Goelzer

October 04, 2016
Tweet

Featured

See All Featured
Designing Dashboards & Data Visualisations in Web Apps
destraynor
229
52k
VelocityConf: Rendering Performance Case Studies
addyosmani
325
24k
The Straight Up "How To Draw Better" Workshop
denniskardys
232
140k
Performance Is Good for Brains [We Love Speed 2024]
tammyeverts
6
410
Fight the Zombie Pattern Library - RWD Summit 2016
marcelosomers
232
17k
A Modern Web Designer's Workflow
chriscoyier
693
190k
A Tale of Four Properties
chriscoyier
156
23k
RailsConf 2023
tenderlove
29
900
Music & Morning Musume
bryan
46
6.2k
Faster Mobile Websites
deanohume
305
30k
10 Git Anti Patterns You Should be Aware of
lemiorhan
654
59k
"I'm Feeling Lucky" - Building Great Search Experiences for Today's Users (#IAC19)
danielanewman
226
22k

Transcript

  1. docker service and Docker Orchestration Getting Started with Docker Clustering

    Mike Goelzer / [email protected] / @mikegoelzer Docker Inc.

  2. The evolution of Docker orchestration docker run nginx Swarm mode

    clustering + Docker Services in Engine ON-TRACK 2013-14 2014-present 2016 (Backed by docker/swarmkit)

  3. Swarm mode & Docker Services

  4. Engine Swarm Mode $ docker swarm init

  5. Engine Swarm Mode $ docker swarm init $ docker swarm

    join <IP of manager>:2377 Engine

  6. Engine Engine Engine Engine Engine Engine Swarm Mode $ docker

    swarm init $ docker swarm join <IP of manager>:2377

  7. Engine Engine Engine Engine Engine Engine Services $ docker service

    create --replicas 3 --name frontend --network mynet -p 8080:80 frontend:latest mynet

  8. Engine Engine Engine Engine Engine Engine Services $ docker service

    create --replicas 3 --name frontend --network mynet -p 8080:80 frontend:latest $ docker service create --name redis --network mynet redis:latest mynet

  9. Engine Engine Engine Engine Engine Engine Node Failure & Reconciliation

    $ docker service create --replicas 3 --name frontend --network mynet -p 8080:80 frontend:latest $ docker service create --name redis --network mynet redis:latest mynet

  10. Engine Engine Engine Engine Engine Engine Node Failure & Reconciliation

    $ docker service create --replicas 3 --name frontend --network mynet -p 8080:80 frontend:latest $ docker service create --name redis --network mynet redis:latest mynet

  11. Engine Engine Engine Engine Engine Desired State ≠ Actual State

    $ docker service create --replicas 3 --name frontend --network mynet -p 8080:80 frontend:latest $ docker service create --name redis --network mynet redis:latest mynet

  12. Engine Engine Engine Engine Engine Converge Back to Desired State

    $ docker service create --replicas 3 --name frontend --network mynet -p 8080:80 frontend:latest $ docker service create --name redis --network mynet redis:latest mynet

  13. Engine Engine Engine Engine Engine Scaling $ docker service update

    --replicas 6 frontend mynet

  14. Engine Engine Engine Engine Engine Scaling $ docker service update

    --replicas 10 frontend mynet

  15. Engine Engine Engine Engine Engine Global Services $ docker service

    create --mode=global --name prometheus prom/prometheus mynet

  16. Engine Engine Engine Engine Engine Constraints Engine docker daemon --label

    com.example.storage="ssd" docker daemon --label com.example.storage="ssd"

  17. Engine Engine Engine Engine Engine Constraints $ docker service create

    --replicas 3 --name frontend --network mynet -p 8080:80 --constraint engine.labels.com.example.storage==ssd frontend:latest Engine docker daemon --label com.example.storage="ssd" docker daemon --label com.example.storage="ssd"

  18. Engine Engine Engine Engine Engine Constraints $ docker service create

    --replicas 3 --name frontend --network mynet -p 8080:80 --constraint engine.labels.com.example.storage==ssd frontend:latest $ docker service update --replicas 10 frontend Engine docker daemon --label com.example.storage="ssd" docker daemon --label com.example.storage="ssd"

  19. Routing Mesh :8080 :8080 :8080 frontend frontend $ docker service

    create --replicas 3 --name frontend --network mynet -p 8080:80 frontend:latest frontend External Load Balancer :8080 User browses to http://myapp.com Node 1 Node 2 Node 3 Node 4

  20. Routing Mesh :8080 User browses to http://myapp.com :8080 :8080 frontend

    frontend $ docker service create --replicas 3 --name frontend --network mynet -p 8080:80 frontend:latest frontend External Load Balancer :8080 Node 1 Node 2 Node 3 Node 4

  21. Secure by default • Out-of-the-box TLS encryption and mutual auth

    • Automatic cert rotation • External or self-signed root CA • Cryptographic node identity Certificate Authority TLS Certificate Authority TLS Certificate Authority TLS TLS TLS TLS

  22. Scale: 2,000 Nodes and Counting • For now: community testing,

    crowd-sourced nodes, not funded by Docker • Credit to: Chanwit Kaewkasi, Suranaree University of Technology (SUT), Thailand • Results: ◦ 2,384 nodes ◦ 96,287 containers ◦ Manager CPU/memory ≲15% ◦ Test stopped because 3rd-party monitoring failed • https://github.com/swarm2k/swarm2k @chanwit

  23. Deep Dive: Swarm Topology

  24. Node Node Node Node Node Node Topology Node Node Node

    Node Node Node

  25. Node Node Node Node Node Node Topology: roles Node Node

    Node Node Node Node Manager Worker

  26. Node Node Node Node Node Node Topology: roles Node Node

    Node Node Node Node Manager Worker • Each Node has a role • Roles are dynamic • Programmable Topology

  27. Flatten

  28. Flat Topology Manager Manager Manager Worker Worker Worker Worker Worker

    Worker

  29. Topology: Scaling model Manager Manager Manager Worker Worker Worker Worker

    Worker Worker

  30. Topology: High Availability Manager Manager Manager Worker Worker Worker Worker

    Worker Worker Leader Follower Follower Loss of Leader

  31. Topology: High Availability Manager Manager Manager Worker Worker Worker Worker

    Worker Worker Leader Follower Follower Loss of Leader

  32. Topology: High Availability Manager Manager Manager Worker Worker Worker Worker

    Worker Worker Follower Follower Leader

  33. Topology: High Availability Manager Manager Manager Worker Worker Worker Worker

    Worker Worker Follower Follower Leader

  34. DEMO

  35. Booth D38 @ LinuxCon + ContainerCon Tues Oct 4th •

    Build Distributed Systems without Docker, using Docker Plumbing Projects - Patrick Chanezon, David Chung and Captain Phil Estes • Getting Started with Docker Services - Mike Goelzer • Swarmkit: Docker’s Simplified Model for Complex Orchestration - Stephen Day • User Namespace and Seccomp Support in Docker Engine - Paul Novarese • Build Efficient Parallel Testing Systems with Docker - Docker Captain Laura Frank Wed Oct 5th • How Secure is your Container? A Docker Engine Security Update - Phil Estes • Docker Orchestration: Beyond the Basics - Aaron Lehmann • When the Going gets Tough, get TUF Going - Riyaz Faizullabhoy and Lily Guo Thurs Oct 6th • Orchestrating Linux Containers while Tolerating Failures - Drew Erny • Unikernels: When you Should and When you Shouldn’t - Amir Chaudhry • Berlin Docker Meetup Friday Oct 7th • Tutorial: Comparing Container Orchestration Tools - Neependra Khare • Tutorial: Orchestrate Containers in Production at Scale with Docker Swarm - Jerome Petazzoni

  36. Mike Goelzer [email protected] / @mikegoelzer

  37. HEALTHCHECK --interval=5m --timeout=3s --retries 3 CMD curl -f http://localhost/ ||

    exit 1 Check web server every 5 minutes, require < 3 sec latency. >= 3 consecutive failures sets unhealthy state Coming soon: health checks in official images Container Health Check in Dockerfile