Book Image

Native Docker Clustering with Swarm

By : Fabrizio Soppelsa, Chanwit Kaewkasi
Book Image

Native Docker Clustering with Swarm

By: Fabrizio Soppelsa, Chanwit Kaewkasi

Overview of this book

Docker Swarm serves as one of the crucial components of the Docker ecosystem and offers a native solution for you to orchestrate containers. It’s turning out to be one of the preferred choices for Docker clustering thanks to its recent improvements. This book covers Swarm, Swarm Mode, and SwarmKit. It gives you a guided tour on how Swarm works and how to work with Swarm. It describes how to set up local test installations and then moves to huge distributed infrastructures. You will be shown how Swarm works internally, what’s new in Swarmkit, how to automate big Swarm deployments, and how to configure and operate a Swarm cluster on the public and private cloud. This book will teach you how to meet the challenge of deploying massive production-ready applications and a huge number of containers on Swarm. You'll also cover advanced topics that include volumes, scheduling, a Libnetwork deep dive, security, and platform scalability.
Table of Contents (18 chapters)
Native Docker Clustering with Swarm
Credits
About the Authors
About the Reviewer
www.PacktPub.com
Dedication
Preface

Securing Managers with Docker Machine


Docker Machine won't scale well for massive Docker Engine deployments, but it turns out to be very useful for automatically securing small number of nodes. In the following section, we'll use Docker Machine to secure our Swarm manager using the generic driver, a driver that allows us to control existing hosts.

In our case, we already did set up a Docker Swarm manager on mg0. Furthermore, we want to secure Docker Engine by enabling the TLS connection for its remote endpoint.

How can Docker Machine do the work for us? First, Docker Machine connects to the host via SSH; detects the operating system of mg0, in our case, Ubuntu; and the provisioner, in our case, systemd.

After that, it installs the Docker Engine; however, in case one is already in place, like here, it will skip this step.

Then, as the most important part, it generates a Root CA certificate, as well as all certificates, and stores them on the host. It also automatically configures Docker to use...