Docker - Swarm

2023-04-01 (Last Modified: 2023-04-02)

Page content

Setup

Let’s assume we have 3 Nodes in a Docker Swarm Setup.

Tick
Trick
Track

Track is the Leader/Manager. All Machines runs Debian 12.0 (RC, as it is not yet released)

Show Nodes

docker node ls

root@track:~# docker node ls
ID                            HOSTNAME    STATUS    AVAILABILITY   MANAGER STATUS   ENGINE VERSION
b2zvkc374v08q2rpocljhkg5n     tick        Ready     Active                          23.0.2
khom3cx05bxqxktjq1k5j16gk *   track       Ready     Active         Leader           23.0.2
lq53s6mhuzvqrehks0j68sr3e     trick       Ready     Active                          23.0.2

Create Simple Service

Run a simple Docker service that uses an alpine-based filesystem, and isolates a ping to 8.8.8.8

docker service create --name demo alpine:latest ping 192.168.100.1

and we can see a icmp request every second

target # tcpdump -i vlan100 icmp 
tcpdump: listening on vlan100, link-type EN10MB
06:50:34.727030 192.168.100.150 > 192.168.100.1: icmp: echo request (DF)
06:50:34.727128 192.168.100.1 > 192.168.100.150: icmp: echo reply
06:50:35.727462 192.168.100.150 > 192.168.100.1: icmp: echo request (DF)
06:50:35.727543 192.168.100.1 > 192.168.100.150: icmp: echo reply
06:50:36.727935 192.168.100.150 > 192.168.100.1: icmp: echo request (DF)
06:50:36.727989 192.168.100.1 > 192.168.100.150: icmp: echo reply

List Services

List all running Services

docker service ls

we’ve got a single Service called “demo” replicted one time

root@track:~# docker service ls
ID             NAME      MODE         REPLICAS   IMAGE           PORTS
x7jhhrt3nxlt   demo      replicated   1/1        alpine:latest

Check Output

let’s see the output of our service

docker service logs demo

and we can see the icmp replies

root@track:~# docker service logs demo
demo.1.vhdib7g7asd6@tick    | PING 192.168.100.1 (192.168.100.1): 56 data bytes
demo.1.vhdib7g7asd6@tick    | 64 bytes from 192.168.100.1: seq=0 ttl=254 time=0.604 ms
demo.1.vhdib7g7asd6@tick    | 64 bytes from 192.168.100.1: seq=1 ttl=254 time=0.503 ms
demo.1.vhdib7g7asd6@tick    | 64 bytes from 192.168.100.1: seq=2 ttl=254 time=0.472 ms
...

Scale the Service

we have 4 Nodes in our Docker Swarm. let’s give all of them some jobs

docker service scale demo=4

and our service scales up to 4

root@track:~# docker service scale demo=4
demo scaled to 4
overall progress: 4 out of 4 tasks 
1/4: running   [==================================================>] 
2/4: running   [==================================================>] 
3/4: running   [==================================================>] 
4/4: running   [==================================================>] 
verify: Waiting 1 seconds to verify that tasks are stable...

Check the Service Distribution

where are our containers running ?

docker service ps demo

and we get a list. trick got two containers, the other nodes runs one

root@track:~# docker service ps demo
ID             NAME      IMAGE           NODE      DESIRED STATE   CURRENT STATE            ERROR     PORTS
vhdib7g7asd6   demo.1    alpine:latest   tick      Running         Running 10 minutes ago             
l2glvlnbw0f3   demo.2    alpine:latest   track     Running         Running 4 minutes ago              
rtmxuglu81sw   demo.3    alpine:latest   trick     Running         Running 4 minutes ago              
4szti0l3vzjx   demo.4    alpine:latest   trick     Running         Running 4 minutes ago

checking Traffic on the Target

target # tcpdump -i vlan100 icmp 
tcpdump: listening on vlan100, link-type EN10MB
07:05:54.121805 192.168.100.152 > 192.168.100.1: icmp: echo request (DF)
07:05:54.121852 192.168.100.1 > 192.168.100.152: icmp: echo reply
07:05:54.137174 192.168.100.151 > 192.168.100.1: icmp: echo request (DF)
07:05:54.137218 192.168.100.151 > 192.168.100.1: icmp: echo request (DF)
07:05:54.137315 192.168.100.1 > 192.168.100.151: icmp: echo reply
07:05:54.137332 192.168.100.1 > 192.168.100.151: icmp: echo reply
07:05:54.280606 192.168.100.150 > 192.168.100.1: icmp: echo request (DF)
07:05:54.280646 192.168.100.1 > 192.168.100.150: icmp: echo reply

and we have 4 requests/reply every second.

scaling bigger

let’s increase to 100 Containers

docker service scale demo=100

and a few seconds later, the containers got running and creating a bit more traffic as we can see here

target # vnstat -l -i vlan100      
Monitoring vlan100...    (press CTRL-C to stop)

   rx:    78.66 kbit/s   100 p/s          tx:    78.76 kbit/s   100 p/s

the distribution is also working fine

root@track:~# docker service ps demo
ID             NAME       IMAGE           NODE      DESIRED STATE   CURRENT STATE            ERROR     PORTS
vhdib7g7asd6   demo.1     alpine:latest   tick      Running         Running 16 minutes ago             
l2glvlnbw0f3   demo.2     alpine:latest   track     Running         Running 11 minutes ago             
rtmxuglu81sw   demo.3     alpine:latest   trick     Running         Running 11 minutes ago             

---> snipp <---

flyrsj5s9trs   demo.98    alpine:latest   tick      Running         Running 2 minutes ago              
tv1pxpj3ik74   demo.99    alpine:latest   tick      Running         Running 2 minutes ago              
cuv1svvrb1tb   demo.100   alpine:latest   trick     Running         Running 2 minutes ago

we can also check the container distribution over the node …

docker service ps demo |awk '/demo/ {print $4}' |sort |uniq -c

and surprise, surpise, all of them are evenly distributed

root@track:~# docker service ps demo |awk '/demo/ {print $4}' |sort |uniq -c
     34 tick
     33 track
     33 trick

cleanup

# list all services
docker service ls

# kill all docker swarm
docker service rm $(docker service ls -q)

that enough for the moment

Any Comments ?

sha256: 59ee746e61ae48af514e934d303b29b1a61950899eb7734206a4ece1b9403d77