Building a Docker Swarm with Photon OS

I’ve decided to take a look at our new vFile docker volume plugin. If you haven’t heard, vFile volume plugin for Docker provides simultaneous persistent volume access between hosts in the same Docker Swarm cluster for the base volume plugin service such as VDVS [vSphere Docker Volume Service], with zero configuration effort, along with high availability, scalability, and load balancing support. As you can see, this has a requirement on Docker Swarm. Since I hadn’t set this up in a while, I decided to set it up on a recent release of Photon OS, but ran into a small issue.

I’m using the following builds of Photon OS using photon-custom-hw11-2.0-31bb961.ova. If I check the /etc/os-release file, I see the following:

root@photon-machine [ ~ ]# cat /etc/os-release
NAME="VMware Photon OS"
VERSION="2.0"
ID=photon
VERSION_ID=2.0
PRETTY_NAME="VMware Photon OS/Linux"
ANSI_COLOR="1;34"
HOME_URL="https://vmware.github.io/photon/"
BUG_REPORT_URL="https://github.com/vmware/photon/issues"

I am also using quite a recent version of docker:

root@photon-machine [ ~ ]# docker version
Client:
 Version: 17.06.0-ce
 API version: 1.30
 Go version: go1.8.1
 Git commit: 02c1d87
 Built: Fri Sep 29 05:57:21 2017
 OS/Arch: linux/amd64

Server:
 Version: 17.06.0-ce
 API version: 1.30 (minimum version 1.12)
 Go version: go1.8.1
 Git commit: 02c1d87
 Built: Fri Sep 29 05:58:18 2017
 OS/Arch: linux/amd64
 Experimental: false
root@photon-machine [ ~ ]#

To create a Docker Swarm, I need to first initialize one node as my master and join other nodes as workers. The command to create a master is as follows:

root@photon-machine [ ~ ]# docker swarm init
Swarm initialized: current node (1nmqf02m5mkv4yh3ecjqsjjs6) is now a manager.

To add a worker to this swarm, run the following command:

docker swarm join --token SWMTKN-1-1dg2jdht61fxtehb906xyhdh1rubl7n46ffbyh1b5uj8t24kfv-2veb1hbc5v8l097jbi3ufle4a 10.27.51.47:2377

To add a manager to this swarm, run 'docker swarm join-token manager' and follow the instructions.

root@photon-machine [ ~ ]#

That seems pretty straight forward. Now, if I login to my worker VM, I should be able to join it as a worker using the command above.

root@photon-worker [ ~ ]# docker swarm join --token SWMTKN-1-1dg2jdht61fxtehb906xyhdh1rubl7n46ffbyh1b5uj8t24kfv-2veb1hbc5v8l097jbi3ufle4a 10.27.51.47:2377
Error response from daemon: Timeout was reached before node was joined. The attempt to join the swarm will continue in the background. Use the "docker info" command to see the crrent swarm status of your node.

I eventually traced this to a firewall port issue. I simply needed to open port 2377 on the master to allow the slave to connect.

root@photon-machine [ ~ ]# iptables -A INPUT -p tcp --dport 2377 -j ACCEPT

Now I can successfully join the worker to the master:

root@photon-worker [ ~ ]# docker swarm join --token SWMTKN-1-4hyqxyt8z15lhdoyc51jqb2i4ctnv0u76m7sqw8msmgi04816b-7kurar4w68v7p4zym73ew8rp0 10.27.51.47:2377
This node joined a swarm as a worker.

We can run a docker info command to check the status of the swarm (this output from worker):

root@photon-worker [ ~ ]# docker info
Containers: 0
 Running: 0
 Paused: 0
 Stopped: 0
Images: 13
Server Version: 17.06.0-ce
Storage Driver: overlay2
 Backing Filesystem: extfs
 Supports d_type: true
 Native Overlay Diff: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
 Volume: local
 Network: bridge host macvlan null overlay
 Log: awslogs fluentd gcplogs gelf journald json-file logentries splunk syslog
Swarm: active
 NodeID: rikcngnbtuerovom8z13ghlk0
 Is Manager: false
 Node Address: 10.27.51.17
 Manager Addresses:
 10.27.51.47:2377
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: cfb82a876ecc11b5ca0977d1733adbe58599088a
runc version: 2d41c047c83e09a6d61d464906feb2a2f3c52aa4
init version: 949e6fa
Security Options:
 seccomp
 Profile: default
Kernel Version: 4.9.60-1.ph2-esx
Operating System: VMware Photon OS/Linux
OSType: linux
Architecture: x86_64
CPUs: 4
Total Memory: 7.792GiB
Name: photon-machine
ID: R7DL:MSZ4:MCAE:SKFS:2HN3:ZZOV:2TJC:T757:H5DM:DRWV:QC6P:YE2R
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
No Proxy: 10.27.51.47
Registry: https://index.docker.io/v1/
Experimental: false
Insecure Registries:
 127.0.0.0/8
Live Restore Enabled: false

To prove that Docker is working in Swarm mode, we can launch a service with just one replica instance.

root@photon-machine [ ~ ]# docker service create --replicas 1 --name helloworld alpine ping docker.com

To check on the service, use:

root@photon-machine [ ~ ]# docker service ls
 ID           NAME       MODE       REPLICAS IMAGE        PORTS
 pnmztlolpl2u helloworld replicated 1/1      alpine:latest
 root@photon-machine [ ~ ]#

The container that provides the service can appear on both the master and the worker. Check with docker ps:

root@photon-worker [ ~ ]# docker ps 
CONTAINER ID IMAGE         COMMAND           CREATED       STATUS                PORTS NAMES 
38b72a221125 alpine:latest "ping docker.com" 5 seconds ago Up Less than a second       helloworld.1.uoth5a14e4tacx7l8pxr6jaax 
root@photon-worker [ ~ ]#

Great – that is my Docker Swarm up and running. Now to take a closer look at vFile. Watch this space.