Book Image

Native Docker Clustering with Swarm

By : Fabrizio Soppelsa, Chanwit Kaewkasi
Book Image

Native Docker Clustering with Swarm

By: Fabrizio Soppelsa, Chanwit Kaewkasi

Overview of this book

Docker Swarm serves as one of the crucial components of the Docker ecosystem and offers a native solution for you to orchestrate containers. It’s turning out to be one of the preferred choices for Docker clustering thanks to its recent improvements. This book covers Swarm, Swarm Mode, and SwarmKit. It gives you a guided tour on how Swarm works and how to work with Swarm. It describes how to set up local test installations and then moves to huge distributed infrastructures. You will be shown how Swarm works internally, what’s new in Swarmkit, how to automate big Swarm deployments, and how to configure and operate a Swarm cluster on the public and private cloud. This book will teach you how to meet the challenge of deploying massive production-ready applications and a huge number of containers on Swarm. You'll also cover advanced topics that include volumes, scheduling, a Libnetwork deep dive, security, and platform scalability.

Related Content you might be interested in

Current Title:

Small book image
Native Docker Clustering with Swarm
Fabrizio Soppelsa | Chanwit Kaewkasi
Dec, 2016 | 280 pages
No titles found
Table of Contents (18 chapters)
Native Docker Clustering with Swarm
Native Docker Clustering with Swarm
Credits
Credits
About the Authors
About the Authors
About the Reviewer
About the Reviewer
www.PacktPub.com
www.PacktPub.com
Dedication
Dedication
Preface
Preface
Free Chapter
1
Welcome to Docker Swarm
Welcome to Docker Swarm
Clustering tools and container managers
Swarm goals
Why use Swarm
Real world use case examples
Swarm features
Similar projects
The Swarm v1 architecture
Getting started with Swarm
Swarm, yesterday
Test your Swarm cluster
Swarm, today
Summary
2
Discover the Discovery Services
Discover the Discovery Services
A discovery service
Token
Raft
Etcd
ZooKeeper
Consul
Towards a decentralized discovery service
Summary
3
Meeting Docker Swarm Mode
Meeting Docker Swarm Mode
Swarmkit
Swarm mode
Summary
4
Creating a Production-Grade Swarm
Creating a Production-Grade Swarm
Tools
An HA Topology for Swarm2k
Provisioning the infrastructure with belt
Securing Managers with Docker Machine
Understanding some Swarm internals
Monitoring Swarm2k
Swarm3k
Swarm2k and Swarm3k lessons learned
Summary
5
Administer a Swarm Cluster
Administer a Swarm Cluster
Docker Swarm standalone
Docker Swarm Mode
Cluster management
Swarm health
Backing up the cluster configuration
Disaster recovery
Graphical interfaces for Swarm
Summary
6
Deploy Real Applications on Swarm
Deploy Real Applications on Swarm
Microservices
Deploy a replicated nginx
Overlay networks
Connecting services: A WordPress example
Docker Compose and Swarm mode
Introducing Docker stacks
Another app: Apache Spark
Summary
7
Scaling Up Your Platform
Scaling Up Your Platform
The Spark example, again
Docker plugins
The lab
Installing Flocker
Installing and configuring Swarm
Deploying Spark, again
Scaling Spark
Monitoring Swarm hosting apps
Summary
8
Exploring Additional Features of Swarm
Exploring Additional Features of Swarm
Libnetwork
Encryption and routing mesh
MacVLAN
Network Control Plane
Libkv
Summary
9
Securing a Swarm Cluster and the Docker Software Supply Chain
Securing a Swarm Cluster and the Docker Software Supply Chain
Software Supply Chain
Securing Swarm cluster
Securing a Swarm: Best practices
Docker Notary
Introducing Docker secrets
Summary
10
Swarm and the Cloud
Swarm and the Cloud
Docker for AWS and Azure
Docker Datacenter
Swarm on OpenStack
Summary
11
What is next?
What is next?
The challenge of provisioning
Software defined infrastructure
Docker stacks and Compose
CaaS - Containers as a Service
Unikernels
Contribute to Docker
Summary

Docker Notary

The Docker Content Trust mechanism is implemented using Docker Notary (https://github.com/docker/notary), which is on The Update Framework (https://github.com/theupdateframework/tuf). TUF is a secure framework that allows us to delivery a collection of trusted content at a time. Notary allows a client and a server to form a trusted collection by making it easier to publish and verify contents. If we have a Docker image, we can sign it offline using a highly secure offline key. Then when we publish that image, we can push it to a Notary server that can be used to delivery trusted images. Notary is the way to enable Secured Software Supply Chain for the enterprise using Docker.

We demonstrate how to set up our own Notary server and use it to sign Docker image content before pushing to a Docker registry. The prerequisite is to have a recent version of Docker Compose installed.

The first step is to clone Notary (in this example we fix its version at 0.4.2):

git clone https://github...
Previous Section
End of Section 5
Next Section