docker-swarmkit

Transcript

1. 1 / 28 © 2016 <[email protected]>, @PRossbach, DevOpsCon Berlin 2016

   Walk-through Docker Swarmkit Peter Rossbach [email protected]

2. 2 / 28 © 2016 <[email protected]>, @PRossbach, DevOpsCon Berlin 2016

   Orchestration of Docker Container Replication of Services Make one service available on every cluster node Cluster controlled by manager and worker nodes Use RAFT Algo! Save the cluster state Migrate service instances after a failure or control shutdown of a node Migrate services if the constraints are changed Real secure communication as build-in feature https://github.com/docker/swarmkit

3. 3 / 28 © 2016 <[email protected]>, @PRossbach, DevOpsCon Berlin 2016

4. 4 / 28 © 2016 <[email protected]>, @PRossbach, DevOpsCon Berlin 2016

5. 5 / 28 © 2016 <[email protected]>, @PRossbach, DevOpsCon Berlin 2016

6. 6 / 28 © 2016 <[email protected]>, @PRossbach, DevOpsCon Berlin 2016

   Desired State Reconciliation Service Types Replicated Services Global Services Configurable Updates Parallelism Delay Restart Policies

7. 7 / 28 © 2016 <[email protected]>, @PRossbach, DevOpsCon Berlin 2016

   Resource Awareness Constraints IDs names labels (e.g. node.labels.foo!=bar1) Strategies spread strategy least loaded nodes respect the constraints respect the resource requirements

8. 8 / 28 © 2016 <[email protected]>, @PRossbach, DevOpsCon Berlin 2016

   State Store replicated (Raft based) extremely fast (in-memory reads) save snapshots Topology Management managers workers Node Management Pause/unpause drain/activate failure detection

9. 9 / 28 © 2016 <[email protected]>, @PRossbach, DevOpsCon Berlin 2016

   Mutual TLS CA Manage certs to all nodes Acceptance Policy auto accept manually accept require a secret to join the cluster Certificate Rotation rotated and reloaded transparently on every node default is 3 months, the minimum is 30 minutes

10. 10 / 28 © 2016 <[email protected]>, @PRossbach, DevOpsCon Berlin 2016

11. 11 / 28 © 2016 <[email protected]>, @PRossbach, DevOpsCon Berlin 2016

    $ docker-machine create --driver virtualbox swarm-01 $ docker-machine create --driver virtualbox swarm-02

12. 12 / 28 © 2016 <[email protected]>, @PRossbach, DevOpsCon Berlin 2016

    $ git clone https://github.com/docker/swarmkit.git $ eval $(docker-machine env swarm-01) $ docker run -it --name swarmkitbuilder -v `pwd`/swarmkit:/go/src/github.com > cd /go/src/github.com/docker/swarmkit > make binaries > exit $ docker-machine scp bin/swarmd swarm-01:/tmp $ docker-machine scp bin/swarmctl swarm-01:/tmp $ docker-machine ssh swarm-01 sudo cp /tmp/swarmd /tmp/swarmctl /usr/local $ docker-machine scp bin/swarmd swarm-02:/tmp $ docker-machine scp bin/swarmctl swarm-02:/tmp $ docker-machine ssh swarm-02 sudo cp /tmp/swarmd /tmp/swarmctl /usr/local

13. 13 / 28 © 2016 <[email protected]>, @PRossbach, DevOpsCon Berlin 2016

    $ docker-machine ssh swarm-01 > /usr/local/bin/swarmd \ -d /tmp/swarm-01 \ --listen-control-api /tmp/swarm-01/swarm.sock \ --listen-remote-api 192.168.99.102:4242 \ --hostname swarm-01 & > exit > docker-machine ip swarm-01 $ docker-machine ssh swarm-02 > /usr/local/bin/swarmd \ -d /tmp/swarm-02 \ --hostname swarm-02 \ --listen-remote-api 192.168.99.103:4242 \ --join-addr 192.168.99.102:4242 &

14. 14 / 28 © 2016 <[email protected]>, @PRossbach, DevOpsCon Berlin 2016

    $ docker-machine ssh swarm-01 $ export SWARM_SOCKET=/tmp/swarm-01/swarm.sock $ swarmctl node ls ID Name Membership Status Availability Manager status -- ---- ---------- ------ ------------ ---------- 10pwfb4a2utpc swarm-01 ACCEPTED READY ACTIVE REACHABLE 1q254vehjylbi swarm-02 ACCEPTED READY ACTIVE $ swarmctl service create --name whoami --image emilevauge/whoami --env

15. 15 / 28 © 2016 <[email protected]>, @PRossbach, DevOpsCon Berlin 2016

    $ swarmctl service update whoami --replicas 2 $ swarmctl service inspect whoami ID : cb3oev2qat97z1vpqmeyhglqw Name : whoami Replicas : 2 Template Container Image : emilevauge/whoami Env : [PROJECT_NAME=whoami] Task ID Service Instance Image ------- ------- -------- ----- 909v0mge0a9k3xd3uj8xmb3x7 whoami 1 emilevauge/whoami ci2vdirnucujkbcwmosv3wbmy whoami 2 emilevauge/whoami

16. 16 / 28 © 2016 <[email protected]>, @PRossbach, DevOpsCon Berlin 2016

    $ swarmctl node drain swarm-01 $ swarmctl service inspect whoami ID : cb3oev2qat97z1vpqmeyhglqw Name : whoami Replicas : 2 Template Container Image : emilevauge/whoami Env : [PROJECT_NAME=whoami] Constraints : node.name=swarm-01 Task ID Service Instance Image ------- ------- -------- ----- a9xn5f72nj4a82gqmscdkzzan whoami 1 emilevauge/whoami 3fcpivucbvnf5w50hj68kgvdb whoami 2 emilevauge/whoami

17. 17 / 28 © 2016 <[email protected]>, @PRossbach, DevOpsCon Berlin 2016

    $ swarmctl service activate swarm-01 $ swarmctl service update whoami --constraint node.name!=swarm-02 $ swarmctl service inspect whoami ID : cb3oev2qat97z1vpqmeyhglqw Name : whoami Replicas : 2 Template Container Image : emilevauge/whoami Env : [PROJECT_NAME=whoami] Constraints : node.name!=swarm-02 Task ID Service Instance Image ------- ------- -------- ----- 0p4j5ics5hznsanbpepawkpdw whoami 1 emilevauge/whoami d9cjgnc91d99viqota977o2e3 whoami 2 emilevauge/whoami

18. 18 / 28 © 2016 <[email protected]>, @PRossbach, DevOpsCon Berlin 2016

    $ swarmctl task ls ID Service Desired State Last State -- ------- ------------- ---------- 0p4j5ics5hznsanbpepawkpdw whoami.1 RUNNING RUNNING 4 minutes d9cjgnc91d99viqota977o2e3 whoami.2 RUNNING RUNNING 4 minutes

19. 19 / 28 © 2016 <[email protected]>, @PRossbach, DevOpsCon Berlin 2016

    $ swarmctl task inspect 0p4j5ics5hznsanbpepawkpdw ID : 0p4j5ics5hznsanbpepawkpdw Instance : 1 Service : whoami Status Desired State : RUNNING Last State : RUNNING Timestamp : 2016-06-14T07:20:28.592256276Z Message : started ContainerID: : 36c39f921ba802618a2708d2d024ee68237eb740f6515430fb Pid : 11435 Node : swarm-01 Spec Image : emilevauge/whoami Env : [PROJECT_NAME=whoami] ...

20. 20 / 28 © 2016 <[email protected]>, @PRossbach, DevOpsCon Berlin 2016

    ... ===> Instance History Task ID Service Instance Image ------- ------- -------- ----- 0p4j5ics5hznsanbpepawkpdw whoami 1 emilevauge/whoami 9jks0npi7bzuhsornxov2lxud whoami 1 emilevauge/whoami 2oew5o657sbd3t3sq8057h2ub whoami 1 emilevauge/whoami b9iic4xdb48wssabbgfp8t5m4 whoami 1 emilevauge/whoami 11u25s79qco36qjd94aujtqob whoami 1 emilevauge/whoami ai7tsd2hxx740r0hil0gwtj5l whoami 1 emilevauge/whoami a9xn5f72nj4a82gqmscdkzzan whoami 1 emilevauge/whoami bkf9vr5ahhhublskylbzjfk0q whoami 1 emilevauge/whoami 9j7onw32jx6l5f9a85zun1kdq whoami 1 emilevauge/whoami 5fcdyjh6a8d845vmbz1yd9i4s whoami 1 emilevauge/whoami

21. 21 / 28 © 2016 <[email protected]>, @PRossbach, DevOpsCon Berlin 2016

    https://traefik.io/

22. 22 / 28 © 2016 <[email protected]>, @PRossbach, DevOpsCon Berlin 2016

23. 23 / 28 © 2016 <[email protected]>, @PRossbach, DevOpsCon Berlin 2016

    Important step to easy orchestrate docker container First releases are very useful and stable (Thank you) Please, starts play around and give feedback Todo Define a runtime spec like docker-compose Make it plugable

24. 24 / 28 © 2016 <[email protected]>, @PRossbach, DevOpsCon Berlin 2016

    Start this presentation with docker run -d -ti -p 4209:80 infrabricks/docker-swarmkit open http://<dockerhost>:4209/docker-swarmkit Peter Rossbach follow the blog www.infrabricks.de @PRossbach More Training: http://www.bee42.com/training/

25. 25 / 28 © 2016 <[email protected]>, @PRossbach, DevOpsCon Berlin 2016

    Termin 21/22.6 in Cologne 7-9.9 in Berlin http://devops-training.de/

26. 26 / 28 © 2016 <[email protected]>, @PRossbach, DevOpsCon Berlin 2016

    We offer devops jobs... Administrator Experiences with Maintain a cluster of linux machines Setup Docker infrastructure Config management with ansible Release java applications Linux and mysql skills Developer Experiences with Create java based microservices Spring Boot and Netflix Stack Docker knowledge send to [email protected]

27. 27 / 28 © 2016 <[email protected]>, @PRossbach, DevOpsCon Berlin 2016

28. 28 / 28 © 2016 <[email protected]>, @PRossbach, DevOpsCon Berlin 2016

    https://github.com/docker/swarmkit https://blog.replicated.com/2016/06/08/first-look-at- swarmkit/