Load-balancing high-available web-app with Docker Swarm cluster. - Simone Soldateschi - Codemotion Rome 2018
3 likes2,247 views
The document details a presentation by Simone Soldateschi on Docker Swarm and container orchestration engines, covering topics such as cluster management, security, and service management. It outlines the features and advantages of Docker Swarm, including auto-scaling, service discovery, and fault tolerance, as well as providing a demo of setting up a development swarm cluster. Key lessons emphasize the benefits of Docker Swarm for new projects and the importance of prototyping before automation.
![Manager initialises cluster
docker swarm init
--advertise-addr $MANAGER_IP
Stand up basic cluster
[Manager|Worker]
docker swarm join
--token $TOKEN_[MANAGER|WORKER]
$MANAGER_IP:2377](https://image.slidesharecdn.com/soldateschi-20180413codemotionrome2018dockerswarm1-180709092326/85/Load-balancing-high-available-web-app-with-Docker-Swarm-cluster-Simone-Soldateschi-Codemotion-Rome-2018-13-320.jpg)
![$ docker service create --name web -p 80:80 nginx
overall progress: 1 out of 1 tasks
1/1: running [=================================>]
verify: Service converged
Docker service
$ docker service scale web=3
web scaled to 3
overall progress: 3 out of 3 tasks
1/3: running [=================================>]
2/3: running [=================================>]
3/3: running [=================================>]
verify: Service converged
$ docker service rm web](https://image.slidesharecdn.com/soldateschi-20180413codemotionrome2018dockerswarm1-180709092326/85/Load-balancing-high-available-web-app-with-Docker-Swarm-cluster-Simone-Soldateschi-Codemotion-Rome-2018-29-320.jpg)
![Docker Stacks
$ docker service scale webstack_web=6
webstack_web scaled to 6
overall progress: 6 out of 6 tasks
1/6: running [===================================>]
2/6: running [===================================>]
3/6: running [===================================>]
4/6: running [===================================>]
5/6: running [===================================>]
6/6: running [===================================>]
verify: Service converged](https://image.slidesharecdn.com/soldateschi-20180413codemotionrome2018dockerswarm1-180709092326/85/Load-balancing-high-available-web-app-with-Docker-Swarm-cluster-Simone-Soldateschi-Codemotion-Rome-2018-32-320.jpg)
Load-balancing high-available web-app with Docker Swarm cluster. - Simone Soldateschi - Codemotion Rome 2018
- 1. LB+HA webapp with Docker Swarm Simone Soldateschi ROME - APRIL 13/14 2018
- 2. “Let me tell you a story...”
- 3. Who I am ● Staff Engineer at Slack ● Previously at Microsoft, Rackspace ● 10+ years of experience as ○ Software Engineer ○ Systems Engineer ○ DevOps'in for the last 8 years Simone Soldateschi @soldasimo simone.soldateschi@gmail.com Friday: 5.50pm-6.30pm + during breaks
- 4. ● Container Orchestration Engines, COEs ● Docker Swarm Mode, why ● Cloud Infrastructure, abs ● Service Management, how Agenda
- 6. COEs - Lots of features (auto-scaling, secrets management, UI) - YAML deployment model - Pods - Large community - Google, Red Hat, Azure - Quite recent project - YAML deployment model - Multi-master - Auto-healing - TLS network security - Quick and Easy - No UI - No auto-scaling - No external load-balancing - Multi-master - Highly scalable - Multi OSes - Steep learning curve - Airbnb, ~Apple, eBay, Netflix, Twitter
- 8. The path to Docker Swarm Mode «If you are using a Docker version prior to 1.12.0, you can use standalone swarm, but we recommend updating.» https://docs.docker.com/engine/swarm/
- 9. Standalone Swarm != Swarm mode $ docker swarm init $ docker swarm join
- 10. Key Features ● Cluster management with Docker Engine ● Declarative service model ● Auto Scaling ● Multi-host networking ● Service Discovery ● Load balancing ● Secure by default (TLS) ● Rolling updates ● Developer oriented
- 13. Manager initialises cluster docker swarm init --advertise-addr $MANAGER_IP Stand up basic cluster [Manager|Worker] docker swarm join --token $TOKEN_[MANAGER|WORKER] $MANAGER_IP:2377
- 14. Infrastructure as Code template PRplan plan destroyapply DEV DEPLOY
- 15. Basic Cluster
- 16. Architecture Raft Internal Distributed Store Raft RaftLeader Follower Follower Workers Gossip network Raft consensus groupManagers
- 17. The Raft Consensus Algorithm The Secret Lives of Data
- 18. Raft consensus Given N managers: ● Raft tolerates up to (N-1)/2 failures. ● Raft requires a quorum of (N/2)+1 members to agree on values proposed to the cluster.
- 20. Multi AZ
- 21. Scale Cluster in/out manager ASG worker ASG
- 22. Docker Swarm cluster revised Manager docker swarm join --token $TOKEN_MANAGER $MANAGER_IP:2377 Worker docker swarm join --token $TOKEN_WORKER $MANAGER_IP:2377
- 24. Autojoin Swarm Nodes 1. Ask manager for a token, e.g. API, SSH 3. Join with token 2. Fetch token
- 25. Autojoin Swarm Nodes 1. Ask Vault for a token 2. Fetch token 3. Join with token
- 27. stack Container, Service and Stack service container
- 28. A day in the life of a Docker Service create scale rm ls logs rollback ps update ? ? inspect
- 29. $ docker service create --name web -p 80:80 nginx overall progress: 1 out of 1 tasks 1/1: running [=================================>] verify: Service converged Docker service $ docker service scale web=3 web scaled to 3 overall progress: 3 out of 3 tasks 1/3: running [=================================>] 2/3: running [=================================>] 3/3: running [=================================>] verify: Service converged $ docker service rm web
- 30. A day in the life of a Docker Stack deploy services rm ls ? ps
- 31. Docker Stacks version: "3" services: web: image: nginx deploy: replicas: 3 resources: limits: cpus: "0.1" memory: 50M restart_policy: condition: on-failure ports: - "80:80" networks: - webnet networks: webnet: $ docker stack deploy -c docker-compose.yml webstack Creating network webstack_webnet Creating service webstack_web $ docker stack ps --format "{{.Name}}: {{.Image}} {{.Node}} {{.DesiredState}}" webstack webstack_web.1: nginx:latest worker2 Running webstack_web.2: nginx:latest manager Running webstack_web.3: nginx:latest worker1 Running
- 32. Docker Stacks $ docker service scale webstack_web=6 webstack_web scaled to 6 overall progress: 6 out of 6 tasks 1/6: running [===================================>] 2/6: running [===================================>] 3/6: running [===================================>] 4/6: running [===================================>] 5/6: running [===================================>] 6/6: running [===================================>] verify: Service converged
- 33. Secrets Management ● It’s best not to have secrets. ● Don’t write secrets down. ● Protect secrets in one place.
- 34. Secrets Management manager TLS Internal distributed store manager TLS manager TLS Service Deploy worker TLS worker TLS worker TLS Raft Consensus Group
- 36. Multi-region
- 37. Pilot Light
- 38. Tie up all things // wait for it...
- 39. Demo Time ● Stand up development Swarm cluster ● Start services ● Start monitoring ● Scale and Load-test
- 40. Stand up Dev Swarm cluster $ git clone https://github.com/siso/vagrant-docker-swarm.git $ cd vagrant-docker-swarm $ AUTO_START_SWARM=true vagrant up
- 43. Q&A
- 44. simone soldateschi Friday: 5.50pm-6.30pm + during breaks @soldasimo simone.soldateschi@gmail.com github.com/siso/vagrant-docker-swarm
- 45. Recap
- 46. ● Services and Stacks Recap ● Swarm Mode ● Multi-region infrastructure ● Provision Infrastructure ● Demo
- 47. Lesson Learned ● Options are good. Many COEs to choose from. ● Docker Swarm Mode is great for greenfield project. ● Prototype, then automate. Don’t do both.
- 48. Thank You!
- 49. Extras
- 50. git clone https://github.com/siso/swarmprom.git cd /home/vagrant/swarmprom ADMIN_USER=admin ADMIN_PASSWORD=admin docker stack deploy -c docker-compose.yml mon echo "View Grafana Dashboard at http://$(docker node inspect self --format '{{ .Status.Addr }}'):3000" Start Monitoring Systems
- 51. References ● vagrant-docker-swarm github repo ● swarmprom Docker Swarm instrumentation with Prometheus, Grafana, cAdvisor, Node Exporter and Alert Manager ● ...
- 54. Docker Engine
- 56. TODO -- Container Network Model
- 57. TODO -- Service Discovery