what is docker swarm

swarm is a cluster management tool officially provided by Docker. Its main function is to abstract several Docker hosts into a whole and uniformly manage various Docker resources on these Docker hosts through one entrance.

The operating environment of this tutorial: linux5.9.8 system, docker-1.13.1 version, Dell G3 computer.

Swarm is a platform launched by Docker to manage docker clusters. It is almost entirely developed using the GO language. The code is open source at https://github.com/docker/swarm. It is a group of The Docker host becomes a single virtual host, and Swarm uses the standard Docker API interface as its front-end access entry. In other words, various forms of DockerClient (compose, docker-py, etc.) can directly communicate with Swarm, and even Docker itself All can be easily integrated with Swarm, which greatly facilitates users to transplant systems originally based on single nodes to Swarm. At the same time, Swarm has built-in support for Docker network plug-ins, and users can easily deploy cross-host container cluster services.

Swarm is similar to Kubernetes, but is lighter and has fewer features than kubernetes.

Docker Swarm consists of two aspects: an enterprise-level Docker security cluster, and a microservice application orchestration engine.

In terms of clustering, Swarm organizes one or more Docker nodes so that users can manage them in a cluster.

Swarm has built-in encrypted distributed cluster store, encrypted network, public TLS (Mutual TLS), secure cluster access token (Secure Cluster Join Token) and a A set of PKI (Public Key Infrastructure) that simplifies digital certificate management. We can add or delete nodes freely.

In terms of orchestration, Swarm provides a rich set of APIs that make it easy to deploy and manage complex microservice applications. By defining your application in a declarative configuration file, you can deploy it using native Docker commands.

In addition, you can even perform rolling upgrades, rollbacks, and expansion and contraction operations, which can also be completed based on simple commands.

In the past, Docker Swarm was an independent product based on the Docker engine. Since Docker version 1.12, it has been fully integrated into the Docker engine and can be enabled by executing a single command. By 2018, it will be able to deploy and manage Kubernetes applications in addition to native Swarm applications.

Preliminary introduction to Docker Swarm

From a cluster perspective, a Swarm consists of one or more Docker nodes. These nodes can be physical servers, virtual machines, Raspberry Pis, or cloud instances. The only prerequisite is that all nodes are connected through a reliable network.

The node will be configured as a management node (Manager) or a worker node (Worker). The management node is responsible for the cluster control plane (Control Plane), performing operations such as monitoring cluster status and distributing tasks to working nodes. Worker nodes receive tasks from management nodes and execute them.

Swarm's configuration and status information is stored in a distributed etcd database located on all management nodes. The database runs in memory and keeps data up to date. The best thing about this database is that it requires almost no configuration, it is installed as part of Swarm and requires no administration.

Regarding cluster management, the biggest challenge is ensuring its security. When setting up a Swarm cluster you will inevitably use TLS as it is tightly integrated with Swarm.

In today's era of increasing security awareness, such a tool deserves to be vigorously promoted. Swarm uses TLS for communication encryption, node authentication, and role authorization. Automatic Key Rotation is the icing on the cake! It works silently in the background, and users don’t even notice the existence of this feature.

Regarding application orchestration, the smallest scheduling unit in Swarm is a service. It was introduced with Swarm and is a new object element in the API. It encapsulates some advanced features based on containers and is a higher-level concept. When a container is encapsulated in a service, we call it a task or a copy. Features such as expansion and contraction, rolling upgrade, and simple rollback are added to the service.

To sum up, look at Swarm from a general perspective, as shown in the figure below.

Recommended learning: "docker video tutorial"

The above is the detailed content of what is docker swarm. For more information, please follow other related articles on the PHP Chinese website!