Tweet
Tweet

Slide 1

Slide 1 text

BRET FISHER Docker Captain, DevOps Dude, Author of Docker Mastery Building Your Swarm Tech Stack bretfisher.com/dockercon18 @bretfisher

Slide 2

Slide 2 text

People ask "Where's my LAMP for container clusters?" Your solutions will be a "stack" of infrastructure tools Cloud-native container tools are new We need patterns and examples of full cluster stacks Problem: No Server Tool Lives In Isolation

Slide 3

Slide 3 text

Build examples of full-ish stacks on different tools Options for solo to medium-sized DevOps/Ops teams Use Docker Swarm latest stable as orchestrator Limit cloud vendor lock-in* 4 Goals for Today * Lock-in: A service I can't swap out in my server stack

Slide 4

Slide 4 text

The Duality of Container Infrastructure β€œIt was the best of times, it was the worst of times, it was the age of wisdom, it was the age of foolishness, it was the epoch of belief, it was the epoch of incredulity...” Charles Dickens A Tale of Two Cities, 1859

Slide 5

Slide 5 text

Clusters are Complex Start small and simple, grow them as you grow

Slide 6

Slide 6 text

EE Platform Architecture Physical Virtualization Public Cloud Platform Security Developer Services Registry Services Access Policies App Lifecycle Management Automation & Extensibility Networking Orchestration Storage Container Engine ENTERPRISE EDITION PLATFORM

Slide 7

Slide 7 text

CE Platform Architecture Public Cloud Overlay Swarm Container Engine COMMUNITY EDITION PLATFORM Physical Virtualization Platform Security

Slide 8

Slide 8 text

No content

Slide 9

Slide 9 text

Sci-Fi! Am I Right!

Slide 10

Slide 10 text

Sci-Fi! Am I Right!

Slide 11

Slide 11 text

Epic Battle Royale, on Swarm dogvs.cat

Slide 12

Slide 12 text

Epic Battle Royale, on Swarm dogvs.cat VS

Slide 13

Slide 13 text

Epic Battle Royale, on Swarm dogvs.cat Sci-Fi Sounds Edition

Slide 14

Slide 14 text

dogvs.cat App Services www.dogvs.cat vote.dogvs.cat blog.dogvs.cat result.dogvs.cat

Slide 15

Slide 15 text

dogvs.cat App Services www.dogvs.cat vote.dogvs.cat blog.dogvs.cat result.dogvs.cat (Stack Files)

Slide 16

Slide 16 text

dogvs.cat Swarm CE, (Han) Solo Sysadmin

Slide 17

Slide 17 text

Cloud agnostic, minimal infra Apps auto-recover on node fail Incoming TLS Centralized logging Centralized monitoring Healthcheck all containers Infra Requirements of dogvs.cat Performance auto-scaling Self-healing nodes Support serverless functions Services highly available Han Solo Requirements Optional Requirements for Later

Slide 18

Slide 18 text

3+ Droplets (Ubuntu 18.04) Block Storage (Volumes) Load Balancer (incoming HTTP) Digital Ocean dogvs.cat Services Needed for High Availability

Slide 19

Slide 19 text

App Services www.dogvs.cat vote.dogvs.cat blog.dogvs.cat result.dogvs.cat

Slide 20

Slide 20 text

App Services + L7 Proxy www.dogvs.cat vote.dogvs.cat blog.dogvs.cat result.dogvs.cat

Slide 21

Slide 21 text

App Services + L7 Proxy + Overlay www.dogvs.cat vote.dogvs.cat blog.dogvs.cat result.dogvs.cat

Slide 22

Slide 22 text

App Services + L7 Proxy + Ops www.dogvs.cat vote.dogvs.cat blog.dogvs.cat result.dogvs.cat

Slide 23

Slide 23 text

App Services + L7 Proxy + Ops www.dogvs.cat vote.dogvs.cat blog.dogvs.cat result.dogvs.cat

Slide 24

Slide 24 text

Cluster + External Load Balancer www.dogvs.cat vote.dogvs.cat blog.dogvs.cat result.dogvs.cat

Slide 25

Slide 25 text

Open Source Stack HW / OS Docker Machine + Digital Ocean Runtime Docker CE Orchestration Docker Swarm Networking Docker Swarm Overlay Storage REX-Ray + Digital Ocean Volumes Layer 7 Proxy Traefik + Let's Encrypt Central Logging Elastic ELK Central Monitoring Prometheus + Grafana Swarm GUI Portainer

Slide 26

Slide 26 text

Deploy Nodes: Docker Machine ./create-servers.sh ./enable-monitoring.sh ./create-swarm.sh

Slide 27

Slide 27 text

Deploy Storage: RexRay Plug-in docker stack deploy -c stack-rexray.yml rexray

Slide 28

Slide 28 text

Deploy Proxy Stack: Traefik with Let's Encrypt docker stack deploy -c stack-proxy.yml proxy http://www.dogvs.cat:8080/dashboard/

Slide 29

Slide 29 text

Deploy Ops Stacks: Prometheus + ELK + Portainer docker stack deploy -c stack-swarmprom.yml prom docker stack deploy -c stack-elk.yml elk docker stack deploy -c stack-portainer.yml portainer

Slide 30

Slide 30 text

Our Apps: Voting + Ghost + Static Site docker stack deploy -c stack-ghost.yml ghost docker stack deploy -c stack-voting.yml vote docker stack deploy -c stack-menu.yml menu

Slide 31

Slide 31 text

Deploy Stacks: Maintenance Tasks docker stack deploy -c stack-prune.yml prune backups (in stack file with app)

Slide 32

Slide 32 text

Day Two Operations: Updates stack deploy ∞ micromanage update_config and healthcheck tune your limits and reservations

Slide 33

Slide 33 text

Swarm CE, Trek Tag-Team DevOps dogvs.cat

Slide 34

Slide 34 text

Create Swarm with Terraform Moving beyond docker-machine for multi-admin

Slide 35

Slide 35 text

Docker for AWS/Azure *for CE only

Slide 36

Slide 36 text

Remote Management Bonus 18.09 has SSH endpoints for docker CLI !! DOCKER_HOST=ssh://user@server docker ps

Slide 37

Slide 37 text

Windows Server 2019 Workers Swarm and overlay network feature parity!

Slide 38

Slide 38 text

Windows Server 2019 Workers Swarm and overlay network feature parity!

Slide 39

Slide 39 text

Our Apps using Docker App docker-app deploy dogvscat/ghost:0.1.0 docker-app deploy dogvscat/voting:0.1.0 docker-app deploy dogvscat/menu:0.1.0 * Go check it out at github.com/docker/app

Slide 40

Slide 40 text

Security? host setup scanning: Docker Bench image scanning: Aqua Microscanner behavior monitoring: Sysdig Falco user namespaces

Slide 41

Slide 41 text

Swarm Enterprise, Amazonian DevOps dogvscat.biz or

Slide 42

Slide 42 text

Complex Infrastructure, Harder Deployment "How can I deploy many multi-tier app on a many servers, with all the b e l l s a n d w h i s t l e s o f H A orchestration, have load balancing at all levels, with failover and auto recovery?" Amazonian Team

Slide 43

Slide 43 text

CE Platform Architecture Physical Virtualization Public Cloud Platform Security Networking Orchestration Container Engine COMMUNITY EDITION PLATFORM

Slide 44

Slide 44 text

EE Platform Architecture Physical Virtualization Public Cloud Platform Security Developer Services Registry Services Access Policies App Lifecycle Management Automation & Extensibility Networking Orchestration Storage Container Engine ENTERPRISE EDITION PLATFORM

Slide 45

Slide 45 text

No More One Size Fits All Docker for AWS Docker for Azure for CE only

Slide 46

Slide 46 text

Reference Architecture Automation Tools Ecosystem Integration Docker Certified Infrastructure

Slide 47

Slide 47 text

DCI AWS

Slide 48

Slide 48 text

DCI AWS

Slide 49

Slide 49 text

Docker EE on AWS Stack HW / OS Terraform + Ansible + AWS Runtime Docker EE Orchestration Docker Swarm Networking Docker Swarm Overlay Storage Docker Cloudstor EBS/EFS Layer 7 Proxy HTTP Routing Mesh (Interlock+Nginx) Registry Docker EE DTR Central Logging AWS Cloudwatch Logs Central Monitoring AWS Cloudwatch + Telegraph Swarm GUI Docker EE UCP

Slide 50

Slide 50 text

Summary Infrastructure as code, make everything repeatable No "special" nodes, use remote management Grow as you go, assume you'll resize Look for compose files of popular tools to make stacks Don't throw out the good in search of the perfect

Slide 51

Slide 51 text

Where to Go From Here Automating Docker Enterprise 5:25 this room Mission-Critical Migration to Multi-Cluster Kubernetes Wed 2pm room 113 Swarm Intro Workshop Today 4pm room 133 Wed 1:30pm room 133 Swarm Hallway Track Wed 4pm

Slide 52

Slide 52 text

I'd like to thank the internet

Slide 53

Slide 53 text

Support the open source you use

Slide 54

Slide 54 text

PLEASE USE SESSION SURVEY IN EVENTSPACE APP Thanks! ! bretfisher.com/dockercon18 "Building Your Swarm Tech Stack"