In this tutorial, we'll create the infrastructure on AWS. Ideally, for a production environment, you would setup three or five Swarm managers and some workers, and eventually add new worker nodes later depending on the load.
Here we'll setup a Swarm cluster with three Swarm managers, six Swarm workers and one Flocker control node with Machine, and won't add new workers.
Installing Flocker requires several manual steps, which can be automated (as we'll see). So, to make the example as less complex as possible, we'll run all these commands initially, in linear order, without repeating procedures to increase the system capacity.
If you don't like Ansible, you can easily adapt the flow to your favorite tool, be it Puppet, Salt, Chef or others.
For simplicity, we will install our lab using an SSH key generated ad hoc, and we'll install Docker Machines with this key copied to the host in authorized_keys
. The goal is to have a unique key to authenticate Ansible later, that we'll use to automate the many steps that we should otherwise perform manually.
So, we start by generating a flocker
key and we'll put it into the keys/
directory:
ssh-keygen -t rsa -f keys/flocker
To provision our Docker hosts, we'll go with Docker Machine. These are the system details for this tutorial:
AWS instances will be called from aws-101 to aws-110. This standardized naming will be important later when we'll need to generate and create node certificates for Flocker:
The instance type will be t2.medium
(2 vCPUs, 4G memory, EBS storage)
The flavor will be Ubuntu 14.04 Trusty (specified with the --amazonec2-ami
parameter)
The security group will be the standard docker-machine
(we'll summarize the requirements again in a few seconds)
The Flocker version will be 1.15.
The exact AMI ID to use can be searched on https://cloud-images.ubuntu.com/locator/ec2/.
The AWS calculator computes this setup's cost to roughly 380$ monthly, storage usage excluded.
So, we create the infrastructure:
for i in `seq 101 110`; do docker-machine create -d amazonec2 --amazonec2-ami ami-c9580bde --amazonec2-ssh-keypath keys/flocker --amazonec2-instance-type "t2.medium" aws-$i; done
and running.
After some time, we'll have it up and running.
Additionally, we'll need open three additional new ports in the security Group used for this project (docker-machine
) in the EC2 console. There are ports used by Flocker services:
4523/tcp
4524/tcp
Also, the following is a port used by Swarm:
2377/tcp
We use a standard configuration with an additional overlay network, called Spark. Traffic data will pass through the spark network, making it possible to extend the lab configuration with new hosts and workers running even on other providers, such as DigitalOcean or OpenStack. When new Swarm workers join this cluster, this network is propagated to them and made available for Swarm services.
As mentioned, we chose Flocker (https://clusterhq.com/flocker/introduction/), which is among the top Docker storage projects. ClusterHQ describes it as:
Flocker is an open-source container data volume manager for your Dockerized applications. By providing tools for data migrations, Flocker gives the ops teams the tools they need to run containerized stateful services such as databases in production. Unlike a Docker data volume that is tied to a single server, a Flocker data volume, called a dataset, is portable and can be used with any container in your cluster.
Flocker supports a very wide set of storage options, from AWS EBS to EMC, NetApp, Dell, Huawei solutions, to OpenStack Cinder and Ceph, just to mention some.
Its design is straightforward: Flocker has a control node, which exposes its service APIs to manage the Flocker cluster and Flocker volumes, and a Flocker Agent alongside with the Docker plugin runs on each node of the cluster.
To use Flocker, at the command line, you would need to run something like this with Docker to read or write stateful data on a Flocker myvolume
volume mounted as /data
inside the container:
docker run -v myvolume:/data --volume-driver flocker image command
Also, you can manage volume with the docker volume
command:
docker volume ls docker volume create -d flocker
In this tutorial architecture, we'll install the Flocker control node on aws-104, that will be hence dedicated, and flocker agents on all nodes (node-104 included).
Also, we'll install the Flocker client that used to interact with the Flocker control node APIs in order to manage the cluster status and volumes. For our convenience, we'll also use it from aws-104.