# Docker Swarm

## A critical walkthrough to make your life easier

    Jens Egholm Pedersen - jensegholm@protonmail.com

## Agenda

* Introduction
* The container paradigm
* Orchestration
* Use cases
  1. Buggy application with redundancy
  2. Monitoring and service discovery
* Recap

# Presentation formalia

* Who am I
* Who are you
* Presentation format and assumptions

## Who I am

    jensegholm@protonmail.com

### Education

* BSc. Political Science
* BSc. IT-University of Copenhagen
* MSc. IT & Cognition

### Professional experience

* Software engineer, CERN, Switzerland
* Assistant professor, Cphbusiness
* CTO Mobilized Construction

# Who you are

* Praqma

* Probably busy

![Moore's law](moore.png)

## Assumptions

* Our brains are bottlenecks
  * Computers are rapidly growing smarter
  * Humans are slowly growing smarter
  * Example: Assembly vs. NodeJS

* Technology should be human centric
  * Technology should adapt to us, not the other way around
* Tools should do one thing and do it well
* Text interfaces are superior 

## Context of this talk

* Copenhagen business academy (Cphbusiness)
* Course on large system development

* ~70 students
* 15 Hackernews clones
* 15 million messages $\approx$ 3 GB data
* Monitoring, logging, CD, scaling and security

* Clear goals driving relevant and intuitive teaching

# Presentation format

* Intuition
* Relevant
* Practical

* Theory
  * Listen, take notes, relate, ask
* Practice
  * Learn, internalise, criticise

* Metacognition
  * You learn better when you write down
  * Donning-Kruger effect

![Donning-Kruger effect](donningkruger.png)

# Docker

* Docker machine
* Containers
* Software synchronisation
* Synchronisation in containers

## Docker machine

* A tool to manage virtual machines
  * Locally or remotely
  * Drivers for Virtualbox, AWS, Digital Ocean etc.

## Creating a machine

Syntax: ``docker-machine create --driver [virtualbox|digitalocean|...] [options] name``

Example: ``docker-machine create --driver virtualbox box1``

In [None]:
!docker-machine create --driver digitalocean --digitalocean-access-token=`cat dockertoken.txt` --digitalocean-region ams3 box1

## Accessing a machine

    docker-machine ssh box1

## Accessing a machine from another computer

Copy environment from ``~/.docker``

    docker-machine env box1

## Deploying to a machine

    docker-machine ssh box1 docker run -p 80:80 -d nginx

## Listing machines

    docker-machine ls

# Docker containers

* Simplification and isolition
  * Old, but good, idea

* Typical use case: microservices
  * Self-contained

* The container idea is _not_ perfect
  * Persistence (databases)
  * Synchronisation

* Containerisation is a paradigm
  * With paradigms comes incommensurability

## Occam's razor

* Docker is a framework for isolated containers
* Docker is incommensurable with high coupling/integration
* It forces us to deal with complexity elsewhere
  * Linux philosopy: do one thing and do it well

* This is just what we want from a container system!

* ... And what you will want from orchestration 

# Orchestration

* What do we want from orchestration?
* What do we _not_ want from orchestration?
* Docker swarm tutorial

## Orchestration requirements

* Efficient management
  * Deploy, teardown, updates (CRUD)

* Scheduling
  * Resource-aware

* Security
  * DMZ and hidden networks

## Orchestration unenviables

* Diffuse nomenclature
  * "Oups! I just X instead of Y" 

* Complexity
  * "Oups! Our cluster is down. Let me RTFM"
  * "I need to learn this. Please pay 50.000$ for a course"

* Time consuming
  * "Go to File -> Settings -> Advanced -> Update tab -> click on ..."
  * "I need to do X. Let me write a configuration file first"

## Docker swarm

* Efficient management: Purely CLI based
  * Docker as the atom
* Scheduling: Resource-aware and RAFT consensus
  * Semi-automatic
* Security: Public/private encryption
  * Encryption by default

## Docker swarm: concepts

* Nodes (in the cluster)
  * Worker
  * Manager

* Tasks
  * One single running container

* Services
  * A service provided by one or more containers

* Networks
  * Connecting one or more services

## Starting a cluster

    docker swarm --init

## Joining a cluster

    docker swarm join --token ...

## Listing nodes

    docker node ls

* ``rm``, ``inspect`` etc.

* Note that the commands are following the linux philosophy

## Starting a service

    docker service create --name nginx nginx

## Scaling a service

    docker service scale nginx=4

## Listing services

    docker service ls

## Recap

* Docker-machine
* Docker swarm 
  * Initialise clusters
  * Join clusters
  * Create services
  * Scaling services

* Networks 
* Configuration management
* Upgrading services

## Networks in Docker swarm

  * Overlay network
    * Networks as we know them (VPN)
  * Ingress network
    * Load-balancing

    docker network ls
    
    docker network create -d [overlay|ingress] name

    docker service create --name nginx --network mynetwork nginx

## Configuration in Docker swarm

* Configuration is shared between managers
* ``docker config``
  * ``docker config create name file``
  * Example: ``docker config create nginx.conf nginx.conf``
  

* Mounting configurations
  * Configurations can be mounted to files inside services
  * ``docker service create --name nginx nginx``
  * ``docker service create --config source=nginx.conf,target=/etc/nginx/nginx.conf --name prometheus prom/prometheus``

## Docker swarm ``update``

* Rolling upgrade
  * Image versions as upgrade tags
  * ``docker service update [service]``
  * Example: ``docker service update --image nginx:latest nginx``

* Also feasible with configuration, networks, etc.
  * ``docker service update --config-add source=nginx.conf,target=/etc/nginx/nginx.conf nginx``
  * ``docker service update --network-add mynetwork nginx``
  * ...

## Recap

* Instrumenting machines
  * ``docker-machine create``
* Starting Docker swarm clusters
  * ``docker swarm init``
  * ``docker swarm join --token ...``
* Creating Docker swarm services
  * ``docker service create --name nginx nginx``
* Scaling the service
  * ``docker service scale nginx=10``
* Updating a service
  * ``docker service update --image nginx:latest nginx``

## Docker swarm use cases

1. Buggy application
2. Monitoring with service discovery

## Use case 1/2: Buggy webserver

* Small Go webserver
  * Crashes somewhere between now and in 20 seconds


* https://github.com/Jegp/docker-swarm-go-example

1. ``docker service create --name webserver -p 8080:8080 helgecph/swarmserver``
  1. Launches a service with the very buggy go application
2. ``docker service scale webserver=5``
  1. Scales the service to 5 instances
3. Go to the webservice ``/status`` endpoint and behold the cluster self-heal
  1. ``curl http://$(docker-machine ip box2):8080/status``
  
... or use the ``create_cluster.sh`` shell script

## Use case 2/2: Monitoring with service discovery

* Nodejs service with unknown number of running tasks
* Prometheus for monitoring


* https://github.com/Jegp/docker-swarm-go-example


1. ``docker network create -d overlay monitoring``
  1. Create a common network for services that should be monitored
2. ``docker service create --name nodejs -p 8080:8080 --network monitoring jegp/nodejs-prometheus``
  1. Creates a NodeJS service from [Dockerhub](https://hub.docker.com/r/jegp/nodejs-prometheus/) on the ``monitoring`` network
3. ``docker config create prometheus prometheus.yml``
  1. Creates a configuration file for Prometheus searching for the 'nodejs' tasks
4. ``docker service create --name prometheus --network monitoring --config source=prometheus,target=/etc/prometheus/prometheus.yml -p 9090:9090 prometheus``
  1. Starts the prometheus service on the ``monitoring`` network using the configuration from step 3
5. ``docker service scale nodejs=10``
  1. Watch the prometheus cluster get more monitoring input as the service scales!

# Recap

* Status on Docker swarm
* Docker swarm versus Kubernetes
* Wrap-up

## Are we getting what we want?

* Efficient management? 
  * 4 commands = one service replicated 10 times
* Scheduling?
  * Free load balancing!
  * No automated scaling
* Security?
  * Networking
  * Automated public/private key pairings

## Comparing Docker swarm with Kubernetes

| Item | Docker | Kubernetes |
| ---------------------- | ------------------------ | -------------------------- |
| Interface | CLI | CLI and configuration |
| Configuration | No | Yes | 
| Complexity | Simple | Hard |
| Time-to-market | Short | Medium | 
| Nomenclature | Easy | Hard |

## Wrap-up

* The technology bottleneck (you)
* Docker as a paradigm
* Docker swarm
* Use-cases
* Brief evaluation of Docker and Kubernetes



Thank you for your time!

### Contact

   Jens Egholm Pedersen - ``jensegholm@protonmail.com``