Building Your Docker Swarm Tech Stack

BRET FISHER
Docker Captain, DevOps Dude,
Author of Docker Mastery
Building Your Swarm Tech Stack
bretfisher.com/dockercon18
@bretfisher

People ask "Where's my LAMP for container clusters?"
Your solutions will be a "stack" of infrastructure tools
Cloud-native container tools are new
We need patterns and examples of full cluster stacks
Problem: No Server Tool Lives In Isolation

Build examples of full-ish stacks on different tools
Options for solo to medium-sized DevOps/Ops teams
Use Docker Swarm latest stable as orchestrator
Limit cloud vendor lock-in*
4 Goals for Today
* Lock-in: A service I can't swap out in my server stack

The Duality of Container Infrastructure
“It was the best of times,
it was the worst of times,
it was the age of wisdom,
it was the age of foolishness,
it was the epoch of belief,
it was the epoch of incredulity...”
Charles Dickens
A Tale of Two Cities, 1859

Clusters are Complex
Start small and simple, grow them as you grow

EE Platform Architecture
PhysicalVirtualizationPublic Cloud
Platform
Security
Developer
Services
Registry
Services
Access
Policies
App Lifecycle
Management
Automation &
Extensibility
Networking Orchestration Storage
Container Engine
ENTERPRISE EDITION PLATFORM

CE Platform Architecture
Public Cloud
Overlay Swarm
Container Engine
COMMUNITY EDITION PLATFORM
PhysicalVirtualization
Platform
Security

Epic Battle Royale, on Swarm
dogvs.cat

dogvs.cat
VS

dogvs.cat
Sci-Fi Sounds Edition

dogvs.cat App Services
www.dogvs.cat vote.dogvs.cat blog.dogvs.catresult.dogvs.cat

dogvs.cat App Services
(Stack Files)

dogvs.cat
Swarm CE,
(Han) Solo Sysadmin

Cloud agnostic, minimal infra
Apps auto-recover on node fail
Incoming TLS
Centralized logging
Centralized monitoring
Healthcheck all containers
Infra Requirements of dogvs.cat
Performance auto-scaling
Self-healing nodes
Support serverless functions
Services highly available
Han Solo Requirements Optional Requirements for Later

3+ Droplets (Ubuntu 18.04)
Block Storage (Volumes)
Load Balancer (incoming HTTP)
Digital Ocean dogvs.cat
Services Needed for High Availability

App Services

App Services + L7 Proxy

App Services + L7 Proxy + Overlay

App Services + L7 Proxy + Ops

Cluster + External Load Balancer

Open Source Stack
HW / OS Docker Machine + Digital Ocean
Runtime Docker CE
Orchestration Docker Swarm
Networking Docker Swarm Overlay
Storage REX-Ray + Digital Ocean Volumes
Layer 7 Proxy Traefik + Let's Encrypt
Central Logging Elastic ELK
Central Monitoring Prometheus + Grafana
Swarm GUI Portainer

Deploy Nodes: Docker Machine
./create-servers.sh
./enable-monitoring.sh
./create-swarm.sh

Deploy Storage: RexRay Plug-in
docker stack deploy -c stack-rexray.yml rexray

Deploy Proxy Stack: Traefik with Let's Encrypt
docker stack deploy -c stack-proxy.yml proxy
http://www.dogvs.cat:8080/dashboard/

Deploy Ops Stacks:
Prometheus + ELK + Portainer
docker stack deploy -c stack-swarmprom.yml prom
docker stack deploy -c stack-elk.yml elk
docker stack deploy -c stack-portainer.yml portainer

Our Apps: Voting + Ghost + Static Site
docker stack deploy -c stack-ghost.yml ghost
docker stack deploy -c stack-voting.yml vote
docker stack deploy -c stack-menu.yml menu

Deploy Stacks: Maintenance Tasks
docker stack deploy -c stack-prune.yml prune
backups (in stack file with app)

Day Two Operations: Updates
stack deploy ∞
micromanage update_config and healthcheck
tune your limits and reservations

Swarm CE,
Trek Tag-Team DevOps
dogvs.cat

Create Swarm with Terraform
Moving beyond docker-machine for multi-admin

Docker for AWS/Azure
*for CE only

Remote Management Bonus
18.09 has SSH endpoints for docker CLI !!
DOCKER_HOST=ssh://user@server docker ps

Windows Server 2019 Workers
Swarm and overlay network feature parity!

Our Apps using Docker App
docker-app deploy dogvscat/ghost:0.1.0
docker-app deploy dogvscat/voting:0.1.0
docker-app deploy dogvscat/menu:0.1.0
* Go check it out at github.com/docker/app

Security?
host setup scanning: Docker Bench
image scanning: Aqua Microscanner
behavior monitoring: Sysdig Falco
user namespaces

Swarm Enterprise,
Amazonian DevOps
dogvscat.biz
or

Complex Infrastructure, Harder Deployment
"How can I deploy many multi-tier
app on a many servers, with all the
b e l l s a n d w h i s t l e s o f H A
orchestration, have load balancing
at all levels, with failover and
auto recovery?"
Amazonian
Team

CE Platform Architecture
PhysicalVirtualizationPublic Cloud
Platform
Security
Networking Orchestration
Container Engine
COMMUNITY EDITION PLATFORM

No More One Size Fits All
Docker for
AWS
Docker for
Azure
for CE only

Reference
Architecture
Automation
Tools
Ecosystem
Integration
Docker Certified Infrastructure

Docker EE on AWS Stack
HW / OS Terraform + Ansible + AWS
Runtime Docker EE
Orchestration Docker Swarm
Networking Docker Swarm Overlay
Storage Docker Cloudstor EBS/EFS
Layer 7 Proxy HTTP Routing Mesh (Interlock+Nginx)
Registry Docker EE DTR
Central Logging AWS Cloudwatch Logs
Central Monitoring AWS Cloudwatch + Telegraph
Swarm GUI Docker EE UCP

Summary
Infrastructure as code, make everything repeatable
No "special" nodes, use remote management
Grow as you go, assume you'll resize
Look for compose files of popular tools to make stacks
Don't throw out the good in search of the perfect

Where to Go From Here
Automating Docker Enterprise 5:25 this room
Mission-Critical Migration to Multi-Cluster Kubernetes
Wed 2pm room 113
Swarm Intro Workshop
Today 4pm room 133
Wed 1:30pm room 133
Swarm Hallway Track Wed 4pm

I'd like to
thank the
internet

Support
the open source
you use

PLEASE USE SESSION
SURVEY IN EVENTSPACE APP
Thanks! !
bretfisher.com/dockercon18
"Building Your Swarm Tech Stack"

Building Your Docker Swarm Tech Stack

Recomendados

Recomendados

Mais conteúdo relacionado

Mais procurados

Mais procurados (20)

Semelhante a Building Your Docker Swarm Tech Stack

Semelhante a Building Your Docker Swarm Tech Stack (20)

Último

Último (20)

Building Your Docker Swarm Tech Stack