ݺߣ

ݺߣShare a Scribd company logo

The state of the swarm

?
?
Mathieu Buffenoir
Mathieu Buffenoir

Docker swarm how close to production ready are we ? Create your cluster by following the instructions on the github repo and try it yourself!

1 of 25
Downloaded 51 times
THE STATE OF THE SWARM HOW CLOSE TO PRODUCTION READY ARE WE ? 7 / 1 /2016
HI ? Mathieu Buffenoir ? twitter://@MBuffenoir ? mail://mat.buff@gmail.com ? founder bity.com (running on docker on exoscale) ? VP swiss bitcoin association ? https://github.com/skippbox/docker-on-cluster-howtos
WHATS NEW IN DOCKER ECOSYSTEM ? ? Docker 1.9 ? Networking in the swarm ? Compose 1.5 ? environnement variable ? Docker-machine ? Added cloud providers support
WHAT DO WE NEED IN PRODUCTION ? ? Provisioning / orchestration (Swarm) ? Service discovery (consul / etc / zookeeper ) ? Logging (ELK, Loggly , syslog ) ? Monitoring (Promotheus, sensu, sysdig )
LETS CREATE A LITTLE DEMO INFRASTRUCTURE
DEMO INFRA
DOCKER MACHINE ? cloud provider drivers (12 as of today) or bare metal ? some handy features ? ssh / scp ? One command to control your node or cluster directly from your shell: ? eval $(docker-machine env --swarm swarm- master) ? docker ps
ONE COMMAND TO CREATE A CLUSTER NODE docker-machine create --driver exoscale --exoscale-api-key $CLOUDSTACK_KEY --exoscale-api-secret-key $CLOUDSTACK_SECRET_KEY --exoscale-instance-pro?le small --exoscale-disk-size 10 --exoscale-image ubuntu-14.04 --exoscale-security-group swarm --swarm --swarm-master --swarm-discovery="consul://$(docker-machine ip consul):8500" --engine-opt="cluster-store=consul://$(docker-machine ip consul):8500" --engine-opt="cluster-advertise=eth0:2376" --engine-label="apps" swarm-master
KV STORE (CONSUL) ? Consul ? services ? nodes ? key-value ? multi-datacenter ? health- check ? REST or DNS api
COMPOSE FEATURES ? control your cluster straight from your shell ? networking support ? environment variables ? support for docker log driver ? scaling ? ?lters The node filters are: constraint health The container configuration filters are: affinity dependency port
OUR DEMO INFRA COMPOSE FILE ghost: image: ghost restart: always ports: - 2368 volumes: - /home/ubuntu/conf-files/ config.js:/var/lib/ghost/config.js environment: - DB_URI=swarm_db_1 - NODE_ENV=production log_driver: "syslog" log_opt: syslog-address: "udp:// 185.19.29.213:5000" syslog-tag: "ghost" db: image: postgres:9.3 restart: always environment: DB_PASSWORD: postgres DB_USER: postgres DB_NAME: ghost ports: - 5432 lb: image: lalu/haproxy-consul restart: always volumes: - /home/ubuntu/conf-files/ haproxy.ctmpl:/tmp/haproxy.ctmpl - /home/ubuntu/conf-files/consule- template.conf:/tmp/consule- template.conf ports: - "80:80" - "8001:8001" command: -consul 185.19.29.213:8500
COMPOSE COMMANDS ? docker-compose up (-d) <container> ? docker-compose stop / start / restart <container> ? docker-compose ps ? docker-compose logs
OVERLAY NETWORK ? /etc/hosts ? dns with consul ? Kernel >3.16 ? - udp 4789 Data plane (VXLAN) ? - tcp/udp 7946 Control plane ? no more links support (use service discovery) ? need to run compose with x-networking argument
SERVICE DISCOVERY ? registrator informs consul when services come on/of?ine ? patch to support overlay network (now merged) ? currently support only one network
SCALING
COMPOSE ? As simple as: ? docker-compose x-networking scale app=5
CONSUL-TEMPLATE ?official haproxy image extended with consul- template #templating system snippet backend ghost option forwardfor # add the X-Forwarded-For header http-request set-header X-Forwarded-Port %[dst_port] balance roundrobin{{range service "ghost"}} server {{.ID}} {{.Address}}:{{.Port}}{{end}}
LOGGING
EASILY SET UP AN ELK WITH COMPOSE ? docker-compose up -d ? add this in your docker-compose.ml ?le service de?nition log_driver: "syslog" log_opt: syslog-address: "udp://185.19.29.213:5000" syslog-tag: "ghost"
MONITORING
CADVISOR ? Collect per host container metrics ? Some visualisations ? not centralised enough
PROMOTHEUS ? Graphing? ? ? Alerting ALERT HighMemoryAlert IF container_memory_usage_bytes{image="ubuntu:14.04"} > 1000000000 FOR 1m WITH {} SUMMARY "High Memory usage for Ubuntu container" DESCRIPTION "High Memory usage for Ubuntu container on {{$labels.instance}} for container {{$labels.name}} (current value: {{$value}})"
WHAT IS STILL MISSING ? ? secret handling ? ansible vault ? hashicorp vault ? Lots of discussion about this on github ? Discovery service with multiple overlay network support ? support for multiple networks in consul (not sure if it can be achieved with competitors either yet) ? Support in provisioning docker module (Ansible is really good with that)
THANKS TO ? Exoscale ? hashicorp ? gliderlabs ? sirile ? progrium ? Docker for all the tools
QUESTIONS ? @MBUFFENOIR https://github.com/skippbox/docker-on-cluster-howtos

More Related Content

The state of the swarm

  • 1. THE STATE OF THE SWARM HOW CLOSE TO PRODUCTION READY ARE WE ? 7 / 1 /2016
  • 2. HI ? Mathieu Buffenoir ? twitter://@MBuffenoir ? mail://mat.buff@gmail.com ? founder bity.com (running on docker on exoscale) ? VP swiss bitcoin association ? https://github.com/skippbox/docker-on-cluster-howtos
  • 3. WHATS NEW IN DOCKER ECOSYSTEM ? ? Docker 1.9 ? Networking in the swarm ? Compose 1.5 ? environnement variable ? Docker-machine ? Added cloud providers support
  • 4. WHAT DO WE NEED IN PRODUCTION ? ? Provisioning / orchestration (Swarm) ? Service discovery (consul / etc / zookeeper ) ? Logging (ELK, Loggly , syslog ) ? Monitoring (Promotheus, sensu, sysdig )
  • 5. LETS CREATE A LITTLE DEMO INFRASTRUCTURE
  • 7. DOCKER MACHINE ? cloud provider drivers (12 as of today) or bare metal ? some handy features ? ssh / scp ? One command to control your node or cluster directly from your shell: ? eval $(docker-machine env --swarm swarm- master) ? docker ps
  • 8. ONE COMMAND TO CREATE A CLUSTER NODE docker-machine create --driver exoscale --exoscale-api-key $CLOUDSTACK_KEY --exoscale-api-secret-key $CLOUDSTACK_SECRET_KEY --exoscale-instance-pro?le small --exoscale-disk-size 10 --exoscale-image ubuntu-14.04 --exoscale-security-group swarm --swarm --swarm-master --swarm-discovery="consul://$(docker-machine ip consul):8500" --engine-opt="cluster-store=consul://$(docker-machine ip consul):8500" --engine-opt="cluster-advertise=eth0:2376" --engine-label="apps" swarm-master
  • 9. KV STORE (CONSUL) ? Consul ? services ? nodes ? key-value ? multi-datacenter ? health- check ? REST or DNS api
  • 10. COMPOSE FEATURES ? control your cluster straight from your shell ? networking support ? environment variables ? support for docker log driver ? scaling ? ?lters The node filters are: constraint health The container configuration filters are: affinity dependency port
  • 11. OUR DEMO INFRA COMPOSE FILE ghost: image: ghost restart: always ports: - 2368 volumes: - /home/ubuntu/conf-files/ config.js:/var/lib/ghost/config.js environment: - DB_URI=swarm_db_1 - NODE_ENV=production log_driver: "syslog" log_opt: syslog-address: "udp:// 185.19.29.213:5000" syslog-tag: "ghost" db: image: postgres:9.3 restart: always environment: DB_PASSWORD: postgres DB_USER: postgres DB_NAME: ghost ports: - 5432 lb: image: lalu/haproxy-consul restart: always volumes: - /home/ubuntu/conf-files/ haproxy.ctmpl:/tmp/haproxy.ctmpl - /home/ubuntu/conf-files/consule- template.conf:/tmp/consule- template.conf ports: - "80:80" - "8001:8001" command: -consul 185.19.29.213:8500
  • 12. COMPOSE COMMANDS ? docker-compose up (-d) <container> ? docker-compose stop / start / restart <container> ? docker-compose ps ? docker-compose logs
  • 13. OVERLAY NETWORK ? /etc/hosts ? dns with consul ? Kernel >3.16 ? - udp 4789 Data plane (VXLAN) ? - tcp/udp 7946 Control plane ? no more links support (use service discovery) ? need to run compose with x-networking argument
  • 14. SERVICE DISCOVERY ? registrator informs consul when services come on/of?ine ? patch to support overlay network (now merged) ? currently support only one network
  • 16. COMPOSE ? As simple as: ? docker-compose x-networking scale app=5
  • 17. CONSUL-TEMPLATE ?official haproxy image extended with consul- template #templating system snippet backend ghost option forwardfor # add the X-Forwarded-For header http-request set-header X-Forwarded-Port %[dst_port] balance roundrobin{{range service "ghost"}} server {{.ID}} {{.Address}}:{{.Port}}{{end}}
  • 19. EASILY SET UP AN ELK WITH COMPOSE ? docker-compose up -d ? add this in your docker-compose.ml ?le service de?nition log_driver: "syslog" log_opt: syslog-address: "udp://185.19.29.213:5000" syslog-tag: "ghost"
  • 21. CADVISOR ? Collect per host container metrics ? Some visualisations ? not centralised enough
  • 22. PROMOTHEUS ? Graphing? ? ? Alerting ALERT HighMemoryAlert IF container_memory_usage_bytes{image="ubuntu:14.04"} > 1000000000 FOR 1m WITH {} SUMMARY "High Memory usage for Ubuntu container" DESCRIPTION "High Memory usage for Ubuntu container on {{$labels.instance}} for container {{$labels.name}} (current value: {{$value}})"
  • 23. WHAT IS STILL MISSING ? ? secret handling ? ansible vault ? hashicorp vault ? Lots of discussion about this on github ? Discovery service with multiple overlay network support ? support for multiple networks in consul (not sure if it can be achieved with competitors either yet) ? Support in provisioning docker module (Ansible is really good with that)
  • 24. THANKS TO ? Exoscale ? hashicorp ? gliderlabs ? sirile ? progrium ? Docker for all the tools