A Place to document my setup of a Docker Swarm
Requirements:
1. Install Docker
2. Add user to docker group (so you dont run as root)
3. Add persistent shared storage
4. Prepare Nodes for Swarm-mode - we need to add the following firewall rules.
5. Initialize Swarm
On the primary manager
To add a secondary manager we first need to run the following on the primary manager
You will receive output similar to the below example
Now our setup looks like this
6. Install Portainer with a persistent container
Requirements:
- 2-Node HA (needs to be resilient to network isolation and power failures of host)
- Turns out you need an odd # of managers, I have added a 1cpu, 1GB CentOS VM to act as a third manager
- Persistent Data Storage for Containers
- Inbound DNS resolution for services (e.g. If I have to know what host my service is on that defeats the point)
- Minimal Install of CentOS7.3
- SELinux = Enforcing
- Firewalld = Enabled
1. Install Docker
Code:
su
yum makecache fast && yum upgrade
yum install -y yum-utils
yum-config-manager \
--add-repo \
https://download.docker.com/linux/centos/docker-ce.repo
yum -y install docker-ce
systemctl enable docker
Code:
sudo usermod -aG docker $(whoami)
reboot
Code:
yum install nfs-utils -y
mkdir -p /mnt/docker/
nano /etc/fstab
192.168.10.2:/mnt/Single_845/docker /mnt/docker nfs user,intr,sync 0 0
reboot
- TCP port 2377 for cluster management communications
- TCP and UDP port 7946 for communication among nodes
- UDP port 4789 for overlay network traffic
Code:
sudo firewall-cmd --permanent --add-port=2377/tcp
sudo firewall-cmd --permanent --add-port=7946/tcp
sudo firewall-cmd --permanent --add-port=7946/udp
sudo firewall-cmd --permanent --add-port=4789/udp
sudo firewall-cmd --reload
On the primary manager
Code:
docker swarm init --advertise-addr 192.168.10.221
Code:
docker swarm join-token manager
On the secondary manager[stephen@CentOS-Docker1 ~]$ docker swarm join-token manager
To add a manager to this swarm, run the following command:
docker swarm join \
--token SWMTKN-1-2t26wk80ahqmxqd08rlp7ap04ri3s8czljo2h1yi768brcxk9w-2sgsx7hsiuh2n7xozfow32s59 \
192.168.10.221:2377
Code:
docker swarm join \
--token SWMTKN-1-2t26wk80ahqmxqd08rlp7ap04ri3s8czljo2h1yi768brcxk9w-2sgsx7hsiuh2n7xozfow32s59 \
192.168.10.221:2377
[stephen@CentOS-Docker1 ~]$ docker node ls
ID HOSTNAME STATUS AVAILABILITY MANAGER STATUS
5za096psxgnldirifven3uwd7 CentOS-Docker2 Ready Active Reachable
e80d2ifs6ay2ohpsmi7eln4ds * CentOS-Docker1 Ready Active Leader
6. Install Portainer with a persistent container
Code:
mkdir -p /mnt/docker/portainer/data
docker service create \
--name portainer \
--publish 9000:9000 \
--constraint 'node.role == manager' \
--mount type=bind,src=/mnt/docker/portainer,dst=/data \
--mount type=bind,src=/var/run/docker.sock,dst=/var/run/docker.sock \
portainer/portainer \
-H unix:///var/run/docker.sock
Last edited: