Swarm
Cookbook - https://github.com/gkoerk/docker-swarm-cookbook
docker swarm init --advertise-addr <SERVER IP> # docker swarm join --token TOKEN # --- show join token for worker docker swarm join-token worker # --- networks docker network create -d overlay traefik_public docker network create -d overlay other_private # --- login private registry docker login gitlab.example.com:5050 -u <gitlab_username> -p <gitlab_personal_token> # --- test service docker service create --replicas 1 --name helloworld alpine ping docker.com docker service ls # --- inspect docker service inspect --pretty helloworld docker service ps helloworld # --- inspec resources docker service inspect service_name | jq .[0].Spec.TaskTemplate.Resources # --- scale docker service scale helloworld=5 docker service ps helloworld # --- update docker service update --limit-cpu=2 --limit-memory=3.5G SERVICE_NAME # --- remove docker service rm helloworld
Run stack
# --- run stack docker stack deploy -c traefik.yaml ms # --- restart stack services docker stack deploy -c ms_back.yaml --with-registry-auth --prune ms_back # --- services docker service ls # --- service logs docker service logs ms_whoami # --- restart service docker service update --force ms_traefik # --- remove stack docker stack rm ms
Run 2 stacks
docker network create -d overlay traefik_public # --- docker stack deploy -c traefik.yaml traefik docker service ps --no-trunc traefik_traefik # --- docker stack deploy -c whoami.yaml whoami # --- remove stacks docker stack rm traefik whoami
Nodes
# --- show nodes with labels docker node ls -q | xargs docker node inspect -f '{{ .ID }} [{{ .Description.Hostname }}]: {{ .Spec.Labels }}' # --- add label docker node update --label-add app-role=infra sw2.example.com # docker node update --label-rm app-role=infra sw2.example.com docker stack deploy -c whoami.yaml whoami
Python
import docker import os DOCKER_BASE_URL = os.environ.get('DOCKER_BASE_URL', 'unix://tmp/docker.sock') docker_client = docker.DockerClient(base_url=DOCKER_BASE_URL) docker_client.services.list() docker_client.services.list()[3].tasks() # --- labels docker_client.containers.list()[0].attrs['Config']['Labels'] #=> {'com.docker.stack.namespace': 'gateup', 'com.docker.swarm.node.id': 'gs3o1n7x3hvy8x7p5txmm47ku', 'com.docker.swarm.service.id': 'qiz29rucogrkxflplfq1pnrd9', 'com.docker.swarm.service.name': 'gateup_nodeexporter', 'com.docker.swarm.task': '', 'com.docker.swarm.task.id': 'z1t9idp194v6kcopk0zaggt6l', 'com.docker.swarm.task.name': 'gateup_nodeexporter.3.z1t9idp194v6kcopk0zaggt6l', 'com.github.nmix.gate-up.scrape': '', 'maintainer': 'The Prometheus Authors <prometheus-developers@googlegroups.com>'} # --- env docker_client.containers.list()[0].attrs['Config']['Env'] #=> ['SCRAPE_PORT=9100', 'PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin'] # --- swarm labels docker_client.services.list()[3].attrs['Spec']['TaskTemplate']['ContainerSpec']['Labels'] #=> {'com.docker.stack.namespace': 'gateup', 'com.github.nmix.gate-up.scrape': ''} # --- swarm env docker_client.services.list()[3].attrs['Spec']['TaskTemplate']['ContainerSpec']['Env'] #=> ['SCRAPE_PORT=9100']
Visualizer
docker service create \ --name=viz \ --publish=18080:8080 \ --constraint=node.role==manager \ --mount=type=bind,src=/var/run/docker.sock,dst=/var/run/docker.sock \ dockersamples/visualizer
Image spec
docker service inspect ms_back_back -f '{{ .Spec.TaskTemplate.ContainerSpec.Image }}'
Create internal network for fgis services
docker network create -d overlay fgis_private
Nodes
# --- labels docker node update --label-add app-role=infra spb.example.com docker node update --label-add app-role=vpn kursk.example.com # --- drain node docker node update --availability drain orel.example.com docker node inspect --pretty orel.example.com # ... # Availability: Drain # --- activate node docker node update --availability active worker1 # --- remove node from swarm docker node rm orel.example.com # if service offline docker node rm --force orel.example.com # if server online
Scale nodes
# --- выполняется на воркере для выхода из кластера docker swarm leave # --- отображает команду подключения к кластеру docker swarm join-token worker