Docker Engine 1.12 can be rightly called ” A Next Generation Docker Clustering & Distributed System”. Though Docker Engine 1.12 Final Release is around corner but the recent RC3 brings lots of improvements and exciting features. One of the major highlight of this release is Docker Swarm Mode which provides powerful yet optional ability to create coordinated groups of decentralized Docker Engines. Swarm Mode combines your engine in swarms of any scale. It’s self-organizing and self-healing. It enables infrastructure-agnostic topology.The newer version democratizes orchestration with out-of-box capabilities for multi-container on multi-host app deployments.
Report
Share
Report
Share
1 of 32
Download to read offline
More Related Content
What's New in Docker 1.12?
1. WHAT’S NEW IN DOCKER
ENGINE 1.12?
Presenter Name - Ajeet Singh Raina
Presentation Date – July-9 2016
Presented at - Docker Meetup #21
2. ABOUT ME
#Contribution:
- Frequent Blogger – http://www.collabnix.com
- Article Writing @ OSFY India
- Dell Community ( Containerizing Dell Legacy Application)
#Inside Dell:
- Project Lead Engineer(Global Solution Engineering)
- Worked in VMware, CGI , Dell R&D
- Solaris Lead Engineer ( Wiki Moderator)
• (t) - ajeetsraina
• (f) - Docker Public Group Moderator
#Reviewed Publications:
• Puppet for Containerization
• PowerCLI Cookbook
#Technology : System Integration, Linux, Docker, Hadoop, Puppet in Dell HPC
3. • What’s New in Docker 1.12 Engine? (API objects)
• Introducing SwarmKit Vs Swarm Mode (Overview)
• Swarm Mode Deep-Dive(Orchestration, Self-healing, Self-Organizing, in-built failover)
• Playing around Services (Desired State/Rolling Updates/Scaling)
• Understanding Routing Mesh (Container Native Load-Balancing)
• Demo
AGENDA
6. MAJOR FEATURE ENABLEMENTS
Features Engine 1.11(and prior) Engine 1.12
Multi-host Networking & KV Store External KV store No External KV Store required (Swarm
Mode)
MACVLAN Experimental Out-of Experimental
Secure Control Plane Insecure (Plain-text) Secure
Secure Data Plane VXLAN was not encrypted by
default(can be secured by --opt-
secure)
Encrypted VXLAN traffic( makes use
of swarm certificates and key
exchange)
Load Balancing Load Balancing was featured under
1.10, based on only DNS RR
Virtual IP Load-Balancing & DNS RR
both supported(LB using IPVS)
Service Discovery Available under 1.10 but based on
external service discovery backend
Service discovery now integrated into
Docker Engine, Virtual IP for VIP
Load-Balancing support.
Swarm Mode Not Available Newly Introduced ( Optional Feature)
Routing Mess Not Available Newly Introduced
7. WHAT’S NEW IN SWARM?
Swarm
Reboot in
Docker
1.12
New Swarm APIs –
$docker swarm --help
$docker node --help
$docker service --help
Easy Swarm Management
$docker swarm init
$docker swarm join master:port
New Docker Plumbing for
Swarm Mode
~ Swarmkit
Docker Swarm embedded into
Docker Engine
Service ~ First class citizen
~ Replication, Load Balancing & updates of Images
New Service CLIs –
$docker service # --help
[create, inspect, remove, update]
$docker service tasks --help
New Node CLIs –
$docker service # --help
[accept, promote, demote, inspect,
update, tasks, ls and rm ]
New Stack & Deploy CLIs –
[ Experimental]
8. SWARMKIT – AN OVERVIEW
An open source toolkit(plumbing) to build multinode systems
Builds the cluster management and orchestration features embedded in the
Docker Engine
Employs the decentralized architecture rather than centralized(key-value
store)
Machines running SwarmKit can be grouped together in order to form
a Swarm
Once a machine joins, it becomes a Swarm Node.
10. Swarm mode is an optional feature.
Swarm mode is enabled for the Engine by either initializing
a swarm or joining an existing swarm.
When you run Engine in swarm Mode, you orchestrate services .
When you run Docker Engine outside the swarm mode, you basically
execute container commands.
Swarm Mode is NOT going to break the existing Swarm production
environment.
No external KV store needed
Self Healing, Self-Organizing, No Single Point of Failure
Swarm
Mode
11. A BASIC SWARM ARCHITECTURE
$ docker -H=tcp://192.168.33.10:2375 run -d -p 8500:8500 -
h consul progrium/consul -server -bootstrap
$ docker -H=tcp://192.168.33.11:2375 run -d -p 3375:2375
swarm manage consul://192.168.33.10:8500/
$docker -H=tcp://192.168.33.12:2375 run -d swarm join --
advertise=192.168.33.12:2375 consul://192.168.33.10:8500/
$ docker -H=tcp://192.168.33.13:2375 run -d
swarm join --advertise=192.168.33.13:2375
consul://192.168.33.10:8500/
12. SWARM MODE – A GLIMPSE
Swarm
Manager
Swarm
Agent
Swarm
Agent
c0-master
c0-n1
c0-n2
TCP port 2377 for cluster management communications
TCP and UDP port 7946 for communication in between nodes
TCP and UDP port 4789 for overlay network traffic
14. @master1
SWARM MODE: ADDING THE FIRST WORKER NODE
$docker swarm init
@node1
$docker swarm join <IP address of
Master>:2377
15. @master1
SWARM MODE: BUILDING THE CLUSTER
$docker swarm init
@node1
$docker swarm join <IP address of
Master>:2377
@node2
@node3
@node4@node5
$docker swarm join <IP address of
Master>:2377
$docker swarm join <IP address of
Master>:2377
…
…
16. SWARM MODE: UNDER THE HOOD
Secure by default with End to End Encryption
1. $docker swarm init
2. A TLS root CA is created.
3. A keypair is issued for the first
node, and signed by the root CA.
4. All the joining nodes also receive
the root CA public key and
certificate
5. The node keys and certificates
are automatically renewed on
regular intervals (by default, 90
days)
6. Tunable with docker swarm
update).
7. External CA Integration
Supported