Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Swarm Orchestration with Docker 1.12

6ebe854441b4860e1df99176012c8fea?s=47 Peter Rossbach
September 27, 2016

Swarm Orchestration with Docker 1.12

**Docker orchestration talk**

Here you can find my docker slide container decks from my docker orchestration talks:

- [Docker Meetup Dortmund Zalando 2016 - THE DOCKER Orchestration at my daily work][16].
- open slidefire presentation container with `docker run -d -p 8000:80 rossbachp/docker-orchestration:docker-meetup-dortmund-2016-09`
- [Continuous Lifecycle Mannheim 2015 - THE DOCKER ECOSYSTEM][14].
- open slidefire presentation container with `docker run -d -p 8000:80 rossbachp/docker-orchestration:cl-2015`
- pdf [Docker THE DOCKER ECOSYSTEM][15] is now avaiable!
- [WJAX Munich 2015 - CONTAINER ORCHESTRATION WITH THE DOCKER ECOSYSTEM][12].
- open slidefire presentation container with `docker run -d -p 8000:80 rossbachp/docker-orchestration:wjax-2015`
- pdf [Docker Orchestration][13] is now avaiable!
- [EnterJS Darmstadt 2015 - Docker ORCHESTRATION for JavaScript ][10].
- open slidefire presentation container with `docker run -d -p 8000:80 rossbachp/docker-orchestration:enterjs-2015`
- pdf [Docker Orchestration][11] is now avaiable!
- [DevOpsCon Berlin 2015 - CONTAINER ORCHESTRATION WITH THE DOCKER ECOSYSTEM ][8].
- open slidefire presentation container with `docker run -d -p 8000:80 rossbachp/docker-orchestration:devopscon-2015`
- pdf [Docker Orchestration][9] is now avaiable!
- [JAX Finance London - CONTAINER ORCHESTRATION WITH THE DOCKER ECOSYSTEM ][6].
- open slidefire presentation container with `docker run -d -p 8000:80 rossbachp/docker-orchestration:jaxfinance-2015`
- pdf [Docker Orchestration][7] is now avaiable!
- [Microservice Meetup Berlin - Docker Orchestration ][3].
- open slidefire presentation container with `docker run -d -p 8000:80 rossbachp/docker-orchestration:mberlin201502`
- pdf [Docker Orchestration][4] is now avaiable!
- [Docker Meetup Frankfurt - Docker Orchestration ][1].
- open slidefire presentation container with `docker run -d -p 8000:80 rossbachp/docker-orchestration:mfrankfurt-2015`
- pdf [Docker Orchestration][2] is now avaiable!

Open slidefire presentation container with your browser `http :8000/docker-orchestration`

Feedback welcome

[Peter Rossbach][5]

[1]: http://www.meetup.com/Docker-Frankfurt/events/219160756/
[2]: https://speakerdeck.com/rossbachp/docker-meetup-frankfurt-2015-docker-orchestration
[3]: http://www.meetup.com/Microservices-Meetup-Berlin/events/219979690/
[4]: https://speakerdeck.com/rossbachp/microservice-meetup-berlin-2015-docker-orchestration
[5]: http://twitter.com/PRossbach
[6]: http://jax-finance.com/2015/session/container-orchestration-docker-ecosystem/
[7]: https://speakerdeck.com/rossbachp/container-orchestration-with-the-docker-ecosystem
[8]: http://devopsconference.de/2015/de/sessions/docker-container-orchestrierung-leicht-gemacht
[9]: https://speakerdeck.com/rossbachp/docker-container-orchestration-devopscon-2015
[10]: http://www.enterjs.de/abstracts#docker
[11]: https://speakerdeck.com/rossbachp/docker-orchestration-for-javascript
[12]: https://jax.de/wjax2015/sessions/infrastruktur-fuer-mircoservices-docker-orchestration
[13]: https://speakerdeck.com/rossbachp/container-orchestration-with-the-docker-ecosystem-1
[14]: http://www.continuouslifecycle.de/veranstaltung-4866-das-docker-%C3%96kosystem.html?id=4866
[15]: https://speakerdeck.com/rossbachp/the-docker-ecosystem-orchestration
[16]: http://www.meetup.com/de-DE/Docker-Dortmund/events/233397949/
[17]: https://speakerdeck.com/rossbachp/swarm-orchestration-with-docker-1-dot-12

6ebe854441b4860e1df99176012c8fea?s=128

Peter Rossbach

September 27, 2016
Tweet

Transcript

  1. 1 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016 peter.rossbach@bee42.com bee42 solutions gmbh be(e) not perfect...
  2. 2 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016 From monolith to real services
  3. 3 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016 Make software faster available Produce higher quality Make your services globally available Improve your service with customer feedback Reduce your cost Automate all Cooperate with a purpose - Create API's
  4. 4 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016 ask a lot of them...
  5. 5 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016
  6. 6 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016 Build, Ship and Run Any App, Anywhere
  7. 7 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016 deliver prepackage and ready to run software
  8. 8 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016
  9. 9 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016 Docker works locally, at the cloud and your IOT Devices with the same binary(?) with the same functionality with the same version with the same filesystem layout with the same dependencies but currently with different Linux kernels! This dream is now reality... => The system is the asset => Code is a liability Chad Fowler
  10. 10 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016 Use Linux at bare metal or a virtual machine provider
  11. 11 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016 but there exists a lot of competitors CoreOS Rocket | pure LXC | Ubuntu joyent | SmartOS | Open Container runc...
  12. 12 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016 Docker Engine 1.12.1 Docker native orchestration Official Docker on ARM support started Docker for Mac/Windows and Azure/AWS Docker Machine/ Swarm / Compose Docker Store started Kubernetes and Mesos projects grow also fast
  13. 13 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016 Management of multiple Docker Hosts Native Windows Docker Client available Fast Image Loading ( Registry 2.2) Signed Images Remove Images Better Auth Manage Resources (CPU, MEMORY, IO-Net, IO-Block) Manage Linux security features Access Container metrics and logging Volume- und MultiHost Network-Management Native Mac and Windows and better cloud support Native Windows and ARM support Clustering and Orchestration support
  14. 14 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016 $ docker run -ti --rm debian:8 $ cat >Dockerfile <<EOF FROM ubuntu:14.04 RUN apt-get update && apt-get install -y apache2 \ && rm -rf /var/lib/apt/lists EXPOSE 80 CMD [ "apache2ctl", "-D", "FOREGROUND", "-k", "start" ] EOF $ docker build -t infrabricks/myapache:0.1 . $ docker login $ docker push infrabricks/myapache:0.1 # run anywhere $ docker run -d -p 80:80 infrabricks/myapache:0.1
  15. 15 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016 Which real purpose has my image? Is it a hack or more? Exits a simpler or better software for the same purpose? Why I need a complete base linux distribution? Which Meta-Information the customer needed? Which configuration the service needed? How my customer can monitoring the service? Which things can break my service? How important is it that my customer trust me?
  16. 16 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016
  17. 17 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016 Store public and private Repositories Automatic Build Pipeline Web-Notification Usage (Aug 2016) '>' 200 Trusted Repositories '>' 500.000 free Repositories '>' 500.000 Users '>' 5 Billion Pulls https://hub.docker.com Free registry project available On Premise Installation (Docker Trusted Registry, Artifactory) Other Registry Cloud Service (Goggle, AWS, Quay, Softlayer, Orcale, ...) Docker Store https://store.docker.com
  18. 18 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016
  19. 19 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016
  20. 20 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016 Provision and setup a Docker-Host Create and manage machines Use libmachine framework for easier driver integration Docker swarm support Regenerate Certs after IP-address is changed Use current Docker 1.12.1 engine release Docker engine upgrade support Add generic driver Add engine and swarm options Add experimental Mesos Scheduler support Plugable Driver A lot of them are available https://github.com/docker/machine
  21. 21 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016
  22. 22 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016 Scheduling docker containers at multiple machines Maintain docker machine cluster Support multiple discovery services Support filtering, affinity and constraints Open API and first batteries included Master/Slave Cluster Support Current Release Aug 2016 : 1.2.5 https://github.com/docker/swarm
  23. 23 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016
  24. 24 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016
  25. 25 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016 $ docker pull swarm:1.2.5 $ docker run --rm swarm:1.2.5 create <SWARM_TOKEN> # Master $ docker run -d -p 3376:2376 swarm:1.2.5 manage \ <TLS CONFIG> token://<SWARM_TOKEN> # Agent $ docker run -d swarm:1.2.5 join \ --addr=<node_ip:2376> token://<cluster_id>
  26. 26 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016 docker run docker build docker create docker inspect docker kill docker logs docker start docker info docker ps ... Newest Volume and Network Commands are supported! Docker API 1.25
  27. 27 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016 docker hub swarm discovery simple file or cmd line nodes agent based consul etcd zookeeper http://discovery-stage.hub.docker.com https://github.com/docker/swarm/tree/master/discovery
  28. 28 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016 Spread Bin Packing Random Rescheduling container is planned! Multi Master Setup http://en.wikipedia.org/wiki/Bin_packing_problem
  29. 29 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016 Memory based docker run -m 1g ... CPU CORE based docker run -c 1 ... Port based docker run -p 80:80 ...
  30. 30 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016 $ docker run -c 1 -p 9082:8080 -d tomcat:8.0 35d50a29ed0fde780c0826ef16ff24d2582609f877ee092c780d9aeb6f27fc75 $ docker ps CONTAINER ID IMAGE COMMAND CREATED \ STATUS PORTS NAMES 35d50a29ed0f tomcat:8.0 "catalina.sh run" 16 minutes ago\ Up Less than a second 192.168.33.89:9082->8080/tcp \ dockerhost1/insane_brattain 9c79ad1c4958 nginx:latest "nginx -g daemon of" 5 hours ago\ Up 5 hours 443/tcp, 192.168.33.90:8080->80/tcp \ dockerhost2/multiple-machine_nginx_1421067200 $ docker run -c 1 -p 9083:8080 -d tomcat:8.0 f5bc6a274e82426df98eaca5e88fb01f43e03455dfebdb9ee4a3b00a7eab202e $ docker ps CONTAINER ID IMAGE COMMAND CREATED\ STATUS PORTS NAMES f5bc6a274e82 tomcat:8.0 "catalina.sh run" 16 minutes ago\ Up Less than a second 192.168.33.90:9083->8080/tcp \ dockerhost2/stupefied_albattani 35d50a29ed0f tomcat:8.0 "catalina.sh run" 17 minutes ago\ Up Less than a second 192.168.33.89:9082->8080/tcp \ dockerhost1/insane_brattain 9c79ad1c4958 nginx:latest "nginx -g daemon of" 5 hours ago\ Up 5 hours 443/tcp, 192.168.33.90:8080->80/tcp \ dockerhost2/multiple-machine_nginx_1421067200 ...
  31. 31 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016 $ lsb_release -a $ DOCKER_OPTS="--label region=de-berlin" $ DOCKER_OPTS="$DOCKER_OPTS --label disk=ssd" $ DOCKER_OPTS="$DOCKER_OPTS --label role=loadbalancer" $ docker -d ${DOCKER_OPTS} --label stage=prod Usage of the label with constraints docker run -e "constraint:operatingsystem==fedora" ... docker run -e "constraint:storagedriver==aufs" ... docker run -e "constraint:region==de-berlin" ... docker run -e "constraint:node!=dev2" ... Expression (Go Regexp) constraint:node==/swarm-node-00[12]/ constraint:node!=app* constraint:node==/(?i)node1/
  32. 32 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016 Provision to loaded image or named container docker run -d -p 80:80 --name front nginx docker run -e "affinity:container==front" logger docker run -e "affinity:image==redis" redis Container Label docker run -d -p 80:80 --label com.example.type=frontend nginx docker run -d -e affinity:com.example.type==frontend logger Soft docker run -d --name redis1 -e affinity:image==~redis redis docker run -d --name redis2 -e constraint:region==~us* redis docker run -d --name redis5 -e affinity:container!=~redis* redis
  33. 33 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016 Shared volumes: --volumes-from=dependency Links: --link=dependency:alias Shared network stack: --net=container:dependency
  34. 34 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016 DOT=XYZ docker pull swarm:1.2.5 SWARM_TOKEN=$(docker run --rm swarm:1.2.5 create) echo $SWARM_TOKEN >token.txt docker-machine create \ --driver digitalocean \ --digitalocean-region fra1 \ --digitalocean-size 1gb \ --digitalocean-access-token $DOT \ --digitalocean-private-networking \ --swarm \ --swarm-image swarm:1.2.5 \ --swarm-master \ --swarm-discovery token://$SWARM_TOKEN \ --engine-label zone=prod \ --engine-label swarm=master \ swarm-master
  35. 35 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016 docker-machine create \ --driver digitalocean \ --digitalocean-region fra1 \ --digitalocean-size 1gb \ --digitalocean-access-token $DOT \ --digitalocean-private-networking \ --swarm \ --swarm-image swarm:1.2.5 \ --swarm-discovery token://$SWARM_TOKEN \ --engine-label zone=prod \ --engine-label swarm=node \ swarm-node-001
  36. 36 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016 Container Scheduler Docker Proxy Supports TLS Up and Running Nice docker-machine swarm support exists Experimental rescheduling after node failure! Like the proxy idea behind it!
  37. 37 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016
  38. 38 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016
  39. 39 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016
  40. 40 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016 Desired State Reconciliation Service Types Replicated Services Global Services Configurable Updates Parallelism Delay Restart Policies
  41. 41 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016
  42. 42 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016 Resource Awareness Constraints IDs names labels (e.g. node.labels.foo!=bar1) Strategies spread strategy least loaded nodes respect the constraints respect the resource requirements
  43. 43 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016 State Store replicated (Raft based) extremely fast (in-memory reads) save snapshots Topology Management managers workers Node Management Pause/unpause drain/activate failure detection
  44. 44 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016 Mutual TLS CA Manage certs to all nodes Acceptance Policy auto accept manually accept require a secret to join the cluster Certificate Rotation rotated and reloaded transparently on every node default is 3 months, the minimum is 30 minutes
  45. 45 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016 Create new machines with digitalocean Setup network (overlay) Manage a swarm on it :) use Docker > 1.12.x
  46. 46 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016 https://docs.docker.com/machine/install-machine/ $ sudo -i $ apt-get update && apt-get install -y curl $ URL=https://github.com/docker/machine/releases/download/v0.8.1 $ curl -L $URL/docker-machine-`uname -s`-`uname -m` \ > /usr/local/bin/docker-machine $ chmod +x /usr/local/bin/docker-machine $ URL_C=https://raw.githubusercontent.com/docker/machine/master/contrib $ curl -L $URL_C/completion/bash/docker-machine.bash \ > /etc/bash_completion.d/docker-machine.bash $ exit $ docker-machine --version is installed
  47. 47 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016 create your docker-machine login to this machine create a cluster manager and worker
  48. 48 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016 $ REGION=ams2 $ SIZE=1gb $ DOT= $ docker-machine create \ --driver digitalocean \ --digitalocean-region $REGION \ --digitalocean-size $SIZE\ --digitalocean-access-token $DOT \ --digitalocean-private-networking \ --engine-label "cluster=moby2016" \ --engine-label "role=master" \ --engine-label "region=$REGION" \ swarm-master Create a DigitalOcean account with this promo link Test Release: --engine-install-url "https://test.docker.com" https://m.do.co/c/1b93d52f958f
  49. 49 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016 $ docker $(docker-machine config swarm-master) swarm init \ --advertise-addr $(docker-machine ip swarm-master):2377 $ SWARM_TOKEN=`docker $(docker-machine config swarm-master) \ swarm join-token worker -q`
  50. 50 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016 $ REGION=ams2 $ SIZE=1gb $ MACHINE=swarm-01 $ DOT= $ docker-machine create \ --driver digitalocean \ --digitalocean-region $REGION \ --digitalocean-size $SIZE\ --digitalocean-access-token $DOT \ --digitalocean-private-networking \ --engine-label "cluster=moby2016" \ --engine-label "role=swarm" \ --engine-label "region=$REGION" \ $MACHINE $ docker $(docker-machine config $MACHINE) swarm join \ --token $SWARM_TOKEN \ $(docker-machine ip swarm-master):2377
  51. 51 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016 ... : ${NODE_FIRST:=20} : ${NODE_LAST:=25} # -f "%03g" for num in $(seq ${NODE_FIRST} 1 ${NODE_LAST}) ; do \ MACHINE=mobydock-0$num && \ docker-machine create xxx... $MACHINE && \ docker $(docker-machine config $MACHINE) swarm join \ --token $SWARM_TOKEN \ $(docker-machine ip swarm-master):2377 done Challenge: Send me a better solution! - Ends 27.9.2016 23:59 GMT. The best solution take a free german docker book... Digitalocean Coupon: https://m.do.co/c/1b93d52f958f
  52. 52 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016 $ docker swarm join-token worker # $ docker swarm join-token manager # create othermanager nodes $ docker $(docker-machine config swarm-master) \ node promote othermanager2 othermanager3 $ docker-machine stop swarm-master
  53. 53 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016 https://github.com/emilevauge/whoamI $ docker run -d -P --name iamfoo emilevauge/whoami $ docker inspect --format '{{ .NetworkSettings.Ports }}' iamfoo map[80/tcp:[{0.0.0.0 32769}]] $ curl "http://0.0.0.0:32769" Hostname : 6e0030e67d6a IP : 127.0.0.1 IP : ::1 IP : 172.17.0.27 IP : fe80::42:acff:fe11:1b GET / HTTP/1.1 Host: 0.0.0.0:32769 User-Agent: curl/7.35.0 Accept: */*
  54. 54 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016 $ MACHINE=xxx $ SWARM_TOKEN=`docker $(docker-machine config swarm-master) \ swarm join-token worker -q` $ docker $(docker-machine config $MACHINE) swarm join \ --token $SWARM_TOKEN \ $(docker-machine ip swarm-master):2377 Second terminal $ docker-machine ssh swarm-master $ docker node ls
  55. 55 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016 $ docker service create --name whoami emilevauge/whoami $ docker service update --replicas 2 whoami $ docker service inspect whoami [ { "ID": "ch1cizq1k61qigbswzdd0sryj", "Version": { "Index": 717 }, "CreatedAt": "2016-06-19T11:01:39.630354919Z", "UpdatedAt": "2016-06-19T11:02:20.137102719Z", "Spec": { "Name": "whoami", ... ] $ docker service inspect whoami |jq "{ name: .[].Spec.Name , replicas: .[].Spec.Mode.Replica { "name": "whoami", "replicas": 2 }
  56. 56 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016 Usage: docker service create [OPTIONS] IMAGE [COMMAND] [ARG...] Create a new service Options: --constraint value Placement constraints (default []) --endpoint-mode string Endpoint mode(Valid values: VIP, DNSRR) -e, --env value Set environment variables (default []) --help Print usage -l, --label value Service labels (default []) --limit-cpu value Limit CPUs (default 0.000) --limit-memory value Limit Memory (default 0 B) --mode string Service mode (replicated or global) (default "replicated") -m, --mount value Attach a mount to the service --name string Service name --network value Network attachments (default []) -p, --publish value Publish a port as a node port (default []) --replicas value Number of tasks (default none) --reserve-cpu value Reserve CPUs (default 0.000) --reserve-memory value Reserve Memory (default 0 B) --restart-condition string Restart when condition is met (none, on_failure, or any) --restart-delay value Delay between restart attempts (default none) --restart-max-attempts value Maximum number of restarts before giving up (default none) --restart-window value Window used to evalulate the restart policy (default none) --stop-grace-period value Time to wait before force killing a container (default none) --update-delay duration Delay between updates --update-parallelism uint Maximum number of tasks updated simultaneously -u, --user string Username or UID -w, --workdir string Working directory inside the container
  57. 57 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016 $ eval $(docker-machine env swarm_master) $ docker service create --name cadvisor --mode global \ --mount type=bind,source=/,target=/rootfs/,writable=false \ --mount type=bind,source=/var/run/,target=/var/run/ \ --mount type=bind,source=/sys/,target=/sys/,writable=false \ --mount type=bind,source=/var/lib/docker/,target=/var/lib/docker/,writable= --publish 8080:8080 \ google/cadvisor:latest Add a new node, and service is started...
  58. 58 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016 Ingres loadbalancer https://traefik.io/
  59. 59 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016 traefik: image: traefik command: --web --docker --docker.domain=docker.localhost --logLevel=DEBUG ports: - "80:80" - "8080:8080" volumes: - /var/run/docker.sock:/var/run/docker.sock - /dev/null:/traefik.toml whoami: image: emilevauge/whoami labels: - "traefik.backend=whoami" - "traefik.frontend.rule=Host:whoami.docker.localhost"
  60. 60 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016
  61. 61 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016 use old docker swarm use consul, etcd with registrator New docker swarm 1.12 provider needed! HELP! https://github.com/containous/traefik/pull/602
  62. 62 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016
  63. 63 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016 Integration with Swarm - multi host support Applications spanning multiple teams/hubs An even better tool for development environments Extend configs Better DAB Support ( ) https://blog.docker.com/2016/06/docker-app-bundle/
  64. 64 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016 command description build Build or rebuild services help Get help on a command kill Kill containers logs View output from containers port Print the public port for a port binding ps List containers pull Pulls service images rm Remove stopped containers run Run a one-off command scale Set number of containers for a service start Start services stop Stop services restart Restart services up Create and start containers pause Pause services unpause Unpause services migrate-to-labels Recreate containers to add labels version Show the Docker-Compose version information
  65. 65 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016 common.yml tomcat: image: infrabricks/tomcat:8 ports: - "8080" environment: - constraint:stage==dev - constraint:swarm==frontend SERVICE_8080_NAME: status-http SERVICE_REGION: bee42.1 SERVICE_8080_CHECK_HTTP: /status/ping.jsp SERVICE_8080_CHECK_INTERVAL: 30s
  66. 66 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016 status: image: infrabricks/status:green tomcatgreen: extends: file: common.yml service: tomcat volumes_from: - status environment: SERVICE_TAGS: tomcat,green
  67. 67 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016 status: image: infrabricks/status:blue tomcatblue: extends: file: common.yml service: tomcat volumes_from: - status environment: SERVICE_TAGS: tomcat,blue
  68. 68 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016 crane maestro-ng rancher-os CoreOS fleet Kubernetes Marathon vagrant shipyard dockerui decking saltstack ansible puppet chef
  69. 69 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016 Volume, Network, Service Discovery, Scheduler (swarm)
  70. 70 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016
  71. 71 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016
  72. 72 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016 Start Service Discovery infrastructure (consul, etcd, zookeeper) docker-machine create \ -d virtualbox \ --engine-label "cluster=moby" \ moby-consul docker $(docker-machine config moby-consul) run -d \ -e "GOMAXPROCS=2" \ -p "8500:8500" \ -h "consul" \ progrium/consul -server \ -advertise $(docker-machine ip moby-consul) \ -ui-dir=/ui -data-dir=/data -bootstrap
  73. 73 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016 docker-machine create \ -d virtualbox \ --engine-opt="cluster-store=consul://$(docker-machine ip moby-consul):8500" \ --engine-opt="cluster-advertise=eth1:2376" \ --engine-label="cluster=moby" \ --swarm \ --swarm-master \ --swarm-discovery consul://$(docker-machine ip moby-consul):8500/moby \ moby-net-001 docker-machine create \ -d virtualbox \ --engine-opt="cluster-store=consul://$(docker-machine ip moby-consul):8500" \ --engine-opt="cluster-advertise=eth1:2376" \ --engine-label="cluster=moby" \ --swarm \ --swarm-discovery consul://$(docker-machine ip moby-consul):8500/moby \ moby-net-002
  74. 74 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016 Host 1 $ docker network create -d overlay prod $ docker network ls $ docker network inspect prod $ docker run -d -ti --name demo1 --net prod alpine /bin/sh Host 2 $ docker network ls $ docker network inspect prod $ docker run -d -ti --name demo2 --net prod alpine /bin/sh $ docker attach demo2 > ping demo1 > ip addr show $ docker network inspect prod ...
  75. 75 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016 docker bridge and overlay (libnetwork) openVSwitch weave de-wire flannel pipework Beta 1.12.1: Support of Macvlan und Ipvlan https://speakerdeck.com/aschmidt75/docker-networking https://github.com/aschmidt75/docker-network-playground http://blog.weave.works/2015/06/22/weave-as-a-docker-network- plugin/ http://www.infrabricks.de https://github.com/docker/docker/blob/master/experimental/vlan- networks.md
  76. 76 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016
  77. 77 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016
  78. 78 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016 Distributed key value store Service Registry Multi-Datacenter Support ACL HTTP and DNS Discovery support Simple: curl'able user facing API (HTTP+JSON) Secure: optional SSL client cert authentication Reliable: properly distributed using Raft Written in go Use the Find more info at website RAFT Protocol Consul
  79. 79 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016 Registrator automatically registers/deregisters services for Docker containers published ports published metadata from the container environment Consul (Tags, Healthcheck) Blog explain registrator Github registrator Consul ETCD
  80. 80 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016
  81. 81 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016
  82. 82 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016
  83. 83 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016 http://kubernetes.io
  84. 84 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016
  85. 85 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016
  86. 86 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016
  87. 87 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016
  88. 88 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016
  89. 89 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016
  90. 90 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016
  91. 91 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016
  92. 92 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016
  93. 93 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016 reduce you coupling design API first design for failure setup machines and network automatically safe your persistence data the system is the real asset build your system for friends
  94. 94 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016 View the slides as a docker container $ docker run -d -p 8000:80 rossbachp/docker-orchestration:docker-meetup-dort $ open http://<docker host>:8000/docker-orchestration Slides available at container and PDF :-) peter.rossbach@bee42.com @PRossbach Infrabricks Blog bee42
  95. 95 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016 Service benefit Lab: use my IT-brick knowledge to be faster informed Consulting: use my expertise to start smarter Training: let me help you to get a docker-brick expert Products: use my knowledge of the docker ecosystem peter.rossbach@bee42.com
  96. 96 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016 Niclas Mietz Peter Roßbach Docker Meetup 25.10 2016 - 18 Uhr Bochum - Jahrhunderthaus
  97. 97 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016 Docker Meetup 25.10 2016 - Bochum Docker on ARM - Hackergarden W-JAX 5-9.11 2016 - Munich Container Camp 16/17.11 - Darmstadt DevOpsCon 5-8.12 2016 - Munich Docker Basics Docker Advanced OpenSpace DockerCamp 12-14.12 2016 - Berlin Find my training offerings at http://www.bee42.com/training/ http://devops-training.de
  98. 98 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016
  99. 99 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016 Update Q1/2017 Docker Sonderheft
  100. 100 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016 Help to translate the book of Adrian Mouat (09/2016) Tobias Gesellchen and Co:) https://www.dpunkt.de/docker https://www.amazon.de/Docker-professionell-einsetzen- Entwickler-Admins/dp/3836239760
  101. 101 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016 Work with the beekeeper!
  102. 102 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016
  103. 103 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016 bee42 solutions gmbh starts the implementation of an Infrabricks line! Peter Rossbach DevOps and Container-enthusiast Infra-coder with passion System architect Java Developer Apache Tomcat Committer Member of the Apache Software Foundation Founder of the bee42 solutions gmbh CTO of the Setlog GmbH
  104. 104 / 104 © 2016 <peter.rossbach@bee42.com>, @PRossbach, Docker Meetup Dortmund

    2016 https://github.com/docker/docker https://github.com/docker/machine https://github.com/docker/swarm https://github.com/docker/compose https://github.com/docker/swarmkit http://de.slideshare.net/Docker/docker-swarm-by-victor- vieux https://medium.com/@Jesse_White/docker-kata-001- 1aae05545e3d#.tj2dm7nvu https://kubernetes.io https://lostechies.com/gabrielschenker/2016/09/05/docker- and-swarm-mode-part-1/