Swarm is a multi-host scheduler for application container workloads.
Docker Swarm is native clustering for Docker. It turns a pool of Docker hosts
into a single, virtual Docker host. Because Docker Swarm serves the standard
Docker API, any tool that already communicates with a Docker daemon can use
Swarm to transparently scale to multiple hosts. Supported tools include, but
are not limited to, the following:
And of course, the Docker client itself is also supported.
In order to properly scale and coordinate a swarm cluster, you will need 2
charms. A keyvalue store like Consul or Etcd, and the Swarm host(s). To evaluate
the charm as cheaply as possible you can deploy a single node of each:
juju deploy cs:trusty/etcd
juju deploy cs:trusty/swarm
juju expose swarm
This will deploy a single unit etcd application, and a single swarm host,
configured as both a swarm manager, and a participating member in the cluster.
By default, the swarm cluter is TLS terminated with self signed PKI, under
coordination from the swarm leader. (This is visible in juju status output)
juju scp swarm/0:swarm_credentials.tar .
tar xvf swarm_credentials.tar
The enable.sh script will load your shell environment with the following
environment variables, allowing you to connect to the swarm service:
This is an ongoing effort. There is a bug in the upstream
docker-machine project we are tracking to resolution, at which time this will
The final line of the usage commands will display information about the status
of your Swarm cluster.
Server Version: swarm/1.1.3
Filters: health, port, dependency, affinity, constraint
└ Status: Healthy
└ Containers: 2
└ Reserved CPUs: 0 / 1
└ Reserved Memory: 0 B / 513.4 MiB
└ Error: (none)
└ UpdatedAt: 2016-04-30T18:57:59Z
The output will give you an idea of how loaded your cluster is and how well it
is performing. This output can be handy when debugging cluster behavior, such
as after scaling swarm.
Once you've established your credentials and verified you can communicate with
the swarm cluster over TLS. You're now ready to launch workloads on your
This can be done via the docker cli, docker-compose, or with
Juju Charms that are written using layer-docker.
docker run hello-world
cat <<'EOF' > docker-compose.yml
After executing the above commands, you should see output similiar to the following:
Creating network "tmp_default" with the default driver
Attaching to tmp_hello_1
hello_1 | Hello from Docker.
hello_1 | This message shows that your installation appears to be working correctly.
hello_1 | To generate this message, Docker took the following steps:
hello_1 | 1. The Docker client contacted the Docker daemon.
hello_1 | 2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
hello_1 | 3. The Docker daemon created a new container from that image which runs the
hello_1 | executable that produces the output you are currently reading.
hello_1 | 4. The Docker daemon streamed that output to the Docker client, which sent it
hello_1 | to your terminal.
hello_1 | To try something more ambitious, you can run an Ubuntu container with:
hello_1 | $ docker run -it ubuntu bash
hello_1 | Share images, automate workflows, and more with a free Docker Hub account:
hello_1 | https://hub.docker.com
hello_1 | For more examples and ideas, visit:
hello_1 | https://docs.docker.com/engine/userguide/
tmp_hello_1 exited with code 0
When running workloads that bind to the host port, at present you will need
to follow up with opening the public port if you wish to enable traffic from
the internet to access the service. For example, to expose port 8000 for
a workload running on swarm/0
juju run swarm/0 open-port 8000
Cluster PKI is managed via the leader. If you juju destroy-machine on the
swarm leader unit, you will effectively remove any generated PKI. the
newly elected leader will still be able to issue new certificates for the
cluster, however existing certificates / CSR's may need to be regenerated.
ZFS Storage support has only been verified on Xenial hosts