Date post: | 15-Jan-2017 |
Category: |
Engineering |
Upload: | gianluca-arbezzano |
View: | 202 times |
Download: | 2 times |
Docker 1.12, SwarmKit andorchestration
I’m Gianluca
Software Engineer
Docker Captain
Open Source Developer
DevOps Evangelist
@gianarb
/begin{adv}
Drive your boat like a Captain
Docker in Productionhttp://scaledocker.com
/end{adv}
The evolution of Docker orchestration
docker run nginx
Swarm mode clustering + Docker Services in EngineON-TRACK
2013-14
2014-present
2016
(Backed by docker/swarmkit)
Engine
Swarm Mode
$ docker swarm init
Engine
Swarm Mode
$ docker swarm init
$ docker swarm join <IP of manager>:2377
Engine
Engine
Engine
Engine
Engine
Engine Engine
Swarm Mode
$ docker swarm init
$ docker swarm join <IP of manager>:2377
Engine
Engine
Engine
Engine
Engine Engine
Services
$ docker service create --replicas 3 --name frontend --network mynet
-p 8080:80 frontend:latest
mynet
Engine
Engine
Engine
Engine
Engine Engine
Services
$ docker service create --replicas 3 --name frontend --network mynet
-p 8080:80 frontend:latest
$ docker service create --name redis --network mynet redis:latest
mynet
Engine
Engine
Engine
Engine
Engine Engine
Node Failure & Reconciliation
$ docker service create --replicas 3 --name frontend --network mynet
-p 8080:80 frontend:latest
$ docker service create --name redis --network mynet redis:latest
mynet
Engine
Engine
Engine
Engine
Engine Engine
Node Failure & Reconciliation
$ docker service create --replicas 3 --name frontend --network mynet
-p 8080:80 frontend:latest
$ docker service create --name redis --network mynet redis:latest
mynet
Engine
Engine
Engine
Engine
Engine
Desired State ≠ Actual State
$ docker service create --replicas 3 --name frontend --network mynet
-p 8080:80 frontend:latest
$ docker service create --name redis --network mynet redis:latest
mynet
Engine
Engine
Engine
Engine
Engine
Converge Back to Desired State
$ docker service create --replicas 3 --name frontend --network mynet
-p 8080:80 frontend:latest
$ docker service create --name redis --network mynet redis:latest
mynet
Engine
Engine
Engine
Engine
Engine
Scaling
$ docker service update --replicas 6 frontend
mynet
Engine
Engine
Engine
Engine
Engine
Scaling
$ docker service update --replicas 10 frontend
mynet
Engine
Engine
Engine
Engine
Engine
Global Services
$ docker service create --mode=global --name prometheus prom/prometheus
mynet
Engine
Engine
Engine
Engine
Engine
Constraints
Engine
docker daemon --label com.example.storage="ssd"
docker daemon --label com.example.storage="ssd"
Engine
Engine
Engine
Engine
Engine
Constraints
$ docker service create --replicas 3 --name frontend --network mynet -p 8080:80 --constraint engine.labels.com.example.storage==ssd frontend:latest
Engine
docker daemon --label com.example.storage="ssd"
docker daemon --label com.example.storage="ssd"
Engine
Engine
Engine
Engine
Engine
Constraints
$ docker service create --replicas 3 --name frontend --network mynet -p 8080:80 --constraint engine.labels.com.example.storage==ssd frontend:latest
$ docker service update --replicas 10 frontend
Engine
docker daemon --label com.example.storage="ssd"
docker daemon --label com.example.storage="ssd"
Routing Mesh
:8080 :8080 :8080
frontend frontend
$ docker service create --replicas 3 --name frontend --network mynet
-p 8080:80 frontend:latest
frontend
Load Balancer
:8080
User browses to http://myapp.com
Node 1 Node 2 Node 3 Node 4
Routing Mesh
:8080
User browses to http://myapp.com
:8080 :8080
frontend frontend
$ docker service create --replicas 3 --name frontend --network mynet
-p 8080:80 frontend:latest
frontend
External Load Balancer
:8080
Node 1 Node 2 Node 3 Node 4
Secure by default• Out-of-the-box TLS
encryption and mutual auth
• Automatic cert rotation• External or self-signed
root CA• Cryptographic node
identity
CertificateAuthority
TLS
CertificateAuthority
TLS
CertificateAuthority
TLS
TLS TLSTLS
Topology: High Availability
Manager Manager Manager
Worker Worker Worker Worker Worker Worker
Leader FollowerFollower
Loss of Leader
Topology: High Availability
Manager Manager Manager
Worker Worker Worker Worker Worker Worker
Leader FollowerFollower
Loss of Leader
Topology: High Availability
Manager Manager Manager
Worker Worker Worker Worker Worker Worker
Follower FollowerLeader
Topology: High Availability
Manager Manager Manager
Worker Worker Worker Worker Worker Worker
Follower FollowerLeader
Demo
It’s time to think about Docker 1.13
• Secret Manager built-in (#27794)• Docker system command (#26108)• Allows a new client to talk to an old
engine• Improved new plugins system• Docker Stats and Promethus (#25820)
Credits
• Thanks Docker Inc. part of the slides are provided directly by them.• http://gianarb.it/planet/docker.html• https://scaledocker.com• https://github.com/docker/swarmkit• https://www.youtube.com/watch?v=h7a7vhzjElo• http://argh.gianarb.it/
Thanks!