More Related Content
What's hot
What's hot (20)
Viewers also liked
Viewers also liked (18)
Similar to Nats meetup oct 2016 docker 112
Similar to Nats meetup oct 2016 docker 112 (20)
Recently uploaded
Recently uploaded (20)
Nats meetup oct 2016 docker 112
- 1. Docker 1.12.3+ and Getting Started with Docker Clustering Nirmal Mehta / @normalfaults Adapted from presentation by Mike Goelzer / mgoelzer@docker.com / @mikegoelzer
- 2. The evolution of Docker orchestration docker run nginx Swarm mode clustering + Docker Services in Engine ON-TRACK 2013-14 2014-present 2016 (Backed by docker/swarmkit)
- 3. Docker 1.12 • Orchestration • Swarm Mode • Docker Services • Security • Routing Mesh • Docker for X • Mac/Windows • AWS • Azure • Container Healthcheck • Docker Application Bundle
- 4. Swarm mode & Docker Services
- 5. Engine Swarm Mode $ docker swarm init
- 6. Engine Swarm Mode $ docker swarm init $ docker swarm join <IP of manager>:2377 Engine
- 7. Engine Engine Engine Engine Engine Engine Swarm Mode $ docker swarm init $ docker swarm join <IP of manager>:2377
- 8. Engine Engine Engine Engine Engine Engine Services $ docker service create --replicas 3 --name frontend --network mynet -p 8080:80 frontend:latest mynet
- 9. Engine Engine Engine Engine Engine Engine Services $ docker service create --replicas 3 --name frontend --network mynet -p 8080:80 frontend:latest $ docker service create --name redis --network mynet redis:latest mynet
- 10. Engine Engine Engine Engine Engine Engine Node Failure & Reconciliation $ docker service create --replicas 3 --name frontend --network mynet -p 8080:80 frontend:latest $ docker service create --name redis --network mynet redis:latest mynet
- 11. Engine Engine Engine Engine Engine Engine Node Failure & Reconciliation $ docker service create --replicas 3 --name frontend --network mynet -p 8080:80 frontend:latest $ docker service create --name redis --network mynet redis:latest mynet
- 12. Engine Engine Engine Engine Engine Desired State ≠ Actual State $ docker service create --replicas 3 --name frontend --network mynet -p 8080:80 frontend:latest $ docker service create --name redis --network mynet redis:latest mynet
- 13. Engine Engine Engine Engine Engine Converge Back to Desired State $ docker service create --replicas 3 --name frontend --network mynet -p 8080:80 frontend:latest $ docker service create --name redis --network mynet redis:latest mynet
- 14. Engine Engine Engine Engine Engine Scaling $ docker service update --replicas 6 frontend mynet
- 15. Engine Engine Engine Engine Engine Scaling $ docker service update --replicas 10 frontend mynet
- 16. Engine Engine Engine Engine Engine Global Services $ docker service create --mode=global --name prometheus prom/prometheus mynet
- 17. Engine Engine Engine Engine Engine Constraints Engine docker daemon --label com.example.storage="ssd" docker daemon --label com.example.storage="ssd"
- 18. Engine Engine Engine Engine Engine Constraints $ docker service create --replicas 3 --name frontend --network mynet -p 8080:80 --constraint engine.labels.com.example.storage==ssd frontend:latest Engine docker daemon --label com.example.storage="ssd" docker daemon --label com.example.storage="ssd"
- 19. Engine Engine Engine Engine Engine Constraints $ docker service create --replicas 3 --name frontend --network mynet -p 8080:80 --constraint engine.labels.com.example.storage==ssd frontend:latest $ docker service update --replicas 10 frontend Engine docker daemon --label com.example.storage="ssd" docker daemon --label com.example.storage="ssd"
- 20. Routing Mesh :8080 :8080 :8080 frontend frontend $ docker service create --replicas 3 --name frontend --network mynet -p 8080:80 frontend:latest frontend External Load Balancer :8080 User browses to http://myapp.com Node 1 Node 2 Node 3 Node 4
- 21. Routing Mesh :8080 User browses to http://myapp.com :8080 :8080 frontend frontend $ docker service create --replicas 3 --name frontend --network mynet -p 8080:80 frontend:latest frontend External Load Balancer :8080 Node 1 Node 2 Node 3 Node 4
- 22. Secure by default • Out-of-the-box TLS encryption and mutual auth • Automatic cert rotation • External or self-signed root CA • Cryptographic node identity Certificate Authority TLS Certificate Authority TLS Certificate Authority TLS TLS TLSTLS
- 23. Scale: 2,000 Nodes and Counting ● For now: community testing, crowd-sourced nodes, not funded by Docker ● Credit to: Chanwit Kaewkasi, Suranaree University of Technology (SUT), Thailand ● Results: • 2,384 nodes • 96,287 containers • Manager CPU/memory ≲15% • Test stopped because 3rd-party monitoring failed ● https://github.com/swarm2k/swarm2k @chanwit
- 24. Deep Dive: Swarm Topology
- 27. Node Node Node Node Node Node Topology: roles Node Node Node Node Node Node Manager Worker ● Each Node has a role ● Roles are dynamic ● Programmable Topology
- 28. Flat Topology Manager Manager Manager Worker Worker Worker Worker Worker Worker
- 29. Topology: Scaling model Manager Manager Manager Worker Worker Worker Worker Worker Worker
- 30. Topology: High Availability Manager Manager Manager Worker Worker Worker Worker Worker Worker Leader FollowerFollower Loss of Leader
- 31. Topology: High Availability Manager Manager Manager Worker Worker Worker Worker Worker Worker Leader FollowerFollower Loss of Leader
- 32. Topology: High Availability Manager Manager Manager Worker Worker Worker Worker Worker Worker Follower FollowerLeader
- 33. Topology: High Availability Manager Manager Manager Worker Worker Worker Worker Worker Worker Follower FollowerLeader
- 35. HEALTHCHECK --interval=5m --timeout=3s --retries 3 CMD curl -f http://localhost/ || exit 1 Check web server every 5 minutes, require < 3 sec latency. >= 3 consecutive failures sets unhealthy state Coming soon: health checks in official images Container Health Check in Dockerfile
- 36. Docker Stack and Distributed Application Bundle (experimental) docker.com/dab • Docker Stacks and Distributed Application Bundles are experimental features introduced in Docker 1.12 and Docker Compose 1.8 • A Dockerfile can be built into an image, and containers can be created from that image. • Similarly, a docker-compose.yml can be built into a distributed application bundle, and stacks can be created from that bundle. In that sense, the bundle is a multi-services distributable image format.
- 37. Example Bundle File Format .DBS file
- 38. Docker 1.13 • Secrets Management • New “docker system” commands • Allows a new client to talk to an old engine • Improved new plugins system (Work from 1.12 experimental)
- 39. Thanks! Join Docker Raleigh Meetup Group Upcoming events: • Docker Mentor Week Nov 14-20, 2016 • Handson online Labs and Mentoring • Place and Date TBD but join group to get update • Docker Swarm 3k Event Tomorrow! • https://github.com/swarmzilla/swarm3k https://blog.docker.com/2016/10/docker-global-mentor-week-2016/ You can find me at: Nirmal Mehta @normalfaults (Twitter, Github)