Chapter
Docker and Containers
Docker and Kernel Features
Docker is an open-source project
that automates the deployment of applications inside software containers.
Allow independent container
run within a single Linux instance.
Docker uses the resource isolation features of the Linux
kernel such as cgroups and kernel namespaces, and a union-capable file system
such as OverlayFS.
Kernel Cgroups:
Control Groups provide a mechanism for
aggregating/partitioning sets of tasks, and all their future children, into
hierarchical groups with specialized behaviour.
Limits how much you can use.
e.g: resource metering and limiting : CPU, Memory, block
I/O, network.
Kernel Namespace:
Global Resources like Network and Disk wrapped in namespace
(e.g: X & Y).
Processes in X can’t see anything in Y and vice versa.
Kernel knows the namespace assigned to a process, so don’t
allow it to use resources in other namespace.
Limits how much you can see.
AuFS:
Two parts – read only and write
Read Only – Common part with Host Operating System.
Write – Give containers their own mount for writing.
Limitations:
Can’t run completely different OS in containers like in VMs.
Total isolation is not possible.
Installation
#yum update
#reboot
# curl -fsSL https://get.docker.com/
| sh
After
installation start the docker
#systemctl start docker
#systemctl status docker
#docker version
Client:
Version:
17.03.1-ce
API version:
1.27
Go version:
go1.7.5
Git commit:
c6d412e
Built:
Fri Mar 24 00:36:45 2017
OS/Arch:
linux/amd64
Server:
Version:
17.03.1-ce
API version:
1.27 (minimum version 1.12)
Go version:
go1.7.5
Git commit:
c6d412e
Built:
Fri Mar 24 00:36:45 2017
OS/Arch:
linux/amd64
Experimental: false
#docker info
Containers: 0
Running: 0
Paused: 0
Stopped: 0
Images: 0
……
……
To
check whether you can access and download images from Docker Hub, type:
# docker run hello-world
Unable
to find image 'hello-world:latest' locally
latest:
Pulling from library/hello-world
78445dd45222:
Pull complete
Digest:
sha256:c5515758d4c5e1e838e9cd307f6c6a0d620b5e07e6f927b07d05f6d12a1ac8d7
Status:
Downloaded newer image for hello-world:latest
Hello
from Docker!
This
message shows that your installation appears to be working correctly.
…..
…….
Check
if any container is running
# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
No
container is running.
With
below command we can see one container was running but it exited.
# docker ps -a
CONTAINER
ID IMAGE COMMAND CREATED STATUS PORTS NAMES
157130d8510e hello-world "/hello" 9 minutes ago Exited
(0) 9 minutes ago
admiring_beaver
# docker info
Containers: 1
Running: 0
Paused: 0
Stopped: 1
Images: 1
# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
hello-world latest 48b5124b2768 2 months ago 1.84 kB
So
we have a image stored locally.
Theory of Pulling and Running containers:
Container and Images:
To pull a image. It will always pull the latest unless
version is specified.
# docker pull alpine
Using
default tag: latest
latest:
Pulling from library/alpine
627beaf3eaaf:
Pull complete
Digest:
sha256:58e1a1bb75db1b5a24a462dd5e2915277ea06438c3f105138f97eb53149673c4
Status: Downloaded
newer image for alpine:latest
# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
alpine latest 4a415e366388 3 weeks ago 3.98 MB
hello-world latest 48b5124b2768 2 months ago 1.84 kB
Note:
Login on docker website with the id and can check the images and their
vulnerabilities.
To
remove image from local repo.
# docker rmi alpine
Untagged: alpine:latest
Untagged: alpine@sha256:58e1a1bb75db1b5a24a462dd5e2915277ea06438c3f105138f97eb53149673c4
Deleted:
sha256:4a415e3663882fbc554ee830889c68a33b3585503892cc718a4698e91ef2a526
Deleted:
sha256:23b9c7b43573dd164619ad59e9d51eda4095926729f59d5f22803bcbe9ab24c2
Container Lifecycle:
Once
we create container by docker run command. We can stop it and start it, n number of times. We can also remove it.
Will
not loose data until container is topped and then removed.
#docker
start <container>
#docker
stop <container>
#docker
rm <container>
Download
ubuntu image:
# docker pull ubuntu
#docker images
ubuntu latest 0ef2e08ed3fa 4 weeks ago 130 MB
Even if we have not run the above step, below command will
download the image.
# docker run -it
ubuntu /bin/bash
# uname -a
Linux
df40e984506e 3.10.0-514.16.1.el7.x86_64 #1 SMP Wed Apr 12 15:04:24 UTC 2017
x86_64 x86_64 x86_64 GNU/Linux
Above means it is using underlying OS kernel.
# grep -i PRETTY_NAME
/etc/os-release
PRETTY_NAME="Ubuntu
16.04.2 LTS"
# apt-get update
Hit:1
http://archive.ubuntu.com/ubuntu xenial InRelease
Hit:2
http://security.ubuntu.com/ubuntu xenial-security InRelease
Hit:3
http://archive.ubuntu.com/ubuntu xenial-updates InRelease
Hit:4
http://archive.ubuntu.com/ubuntu xenial-backports InRelease
Reading
package lists... Done
# yum check update
bash: yum: command not found
To
Stop all the running containers:
# docker stop $(docker ps
-aq)
31b5e12715ed
83c872994610
157130d8510e
Delete all the containers
# docker rm $(docker ps -aq)
31b5e12715ed
83c872994610
157130d8510e
Delete all the images:
# docker rmi $(docker images -q)
Chapter
Components of Docker
Docker Engine
Standardised runtime environment. Like standardized shipping
yard.
Application portability.
Docker Image
#docker run -it ubuntu /bin/bash
#docker pull ubuntu
#docker ps -a
Containers
- Running bare bone linux machine
#docker run -it
ubuntu /bin/bash
i= interactive
t= sudo tty
ubuntu= image
/bin/bash=process or application to launch
To start a container:
# docker ps -a
CONTAINER
ID IMAGE COMMAND CREATED STATUS PORTS NAMES
f40e984506e ubuntu "/bin/bash" 9 minutes ago Exited (127) 5 seconds ago sharp_dubinsky
# docker start
df40e984506e
df40e984506e
# docker attach
df40e984506e
root@df40e984506e:/#
to come out of container without stopping it. Press
Ctrl + P+Q
# docker ps
CONTAINER
ID IMAGE COMMAND CREATED STATUS PORTS NAMES
df40e984506e ubuntu "/bin/bash" 11 minutes ago Up About a minute sharp_dubinsky
# docker stop df40e984506e
df40e984506e
Registries and Repos
Docker Hub is registry.
Trusted repos.e.g: ubuntu, centos, etc.
IMAGE
User Repos:
#docker run
random/web
Chapter
Deep Dive Images and Containers
Image Layer
IMAGE
Union Mounts
Ability to mount multiple file systems on top of each other.
If we are having same file with different data in multiple
layers, then top layer data overwrites all.
When we run a container, whatever we write it forms the
uppermost layer.
IMAGE Union mounts 2
Image Layer and OverlayFS
#docker pull ubuntu
Using
default tag: latest
latest:
Pulling from library/ubuntu
d54efb8db41d:
Pull complete
f8b845f45a87:
Pull complete
e8db7bf7c39f:
Pull complete
9654c40e9079:
Pull complete
6d9ef359eaaa:
Pull complete
Digest:
sha256:dd7808d8792c9841d0b460122f1acf0a2dd1f56404f8d1e56298048885e45535
Status:
Downloaded newer image for ubuntu:latest
Each image layer has its own directory
under /var/lib/docker/overlay/. This is where the contents of each image
layer are stored.
The output of the command below shows the five
directories that store the contents of each image layer just pulled. However,
as can be seen, the image layer IDs do not match the directory names in .
[root@docker overlay]# ls -ltr
total 0
drwx------.
3 root root 18 Apr 1 07:44
0e2c57fb6e308cbef7250967f66fd14c8d49f4422e758ce9cd0b2d3f05b3e771
drwx------.
3 root root 18 Apr 1 07:44 2d0d4233891dd532127336c470ec8cb41d0b95d140ee946a73b336530a742d5f
drwx------.
3 root root 18 Apr 1 07:44
0179b7a9394b83d47f88fe23abe0e9fa529c245506434fc32f1ea39179898737
drwx------.
3 root root 18 Apr 1 07:44
43696dfe7b0b4d5d77e94a3747435498a3819fecec846e91c2f48c34bd1c2428
drwx------.
3 root root 18 Apr 1 07:44
90c0ed5454b33d404b5600ef02c5efa78dc5b470cf03b2005a34ca489883f772
Now make a change in a container and find it on the
overlayFS.
#docker run -it 0ef2e08ed3fa
0ef2e08ed3fa #apt-get update
0ef2e08ed3fa #apt-get install vim
0ef2e08ed3fa #vi /tmp/testfile
This is
a test file.
Now
press “Ctrl P Q”
# mount | grep overlay
/dev/mapper/cl-root
on /var/lib/docker/overlay type xfs
(rw,relatime,seclabel,attr2,inode64,noquota)
overlay
on /var/lib/docker/overlay/0cab383e563082ef352c77e2eb186f136fdd484b6a98a0c4edb8e7caac231f07/merged type overlay
(rw,relatime,seclabel,lowerdir=/var/lib/docker/overlay/90c0ed5454b33d404b5600ef02c5efa78dc5b470cf03b2005a34ca489883f772/root,upperdir=/var/lib/docker/overlay/0cab383e563082ef352c77e2eb186f136fdd484b6a98a0c4edb8e7caac231f07/upper,workdir=/var/lib/docker/overlay/0cab383e563082ef352c77e2eb186f136fdd484b6a98a0c4edb8e7caac231f07/work)
The “lower-id”
file contains the ID of the top layer of the image the container is based on.
This is used by OverlayFS as the “lowerdir”.
The “upper”
directory is the containers read-write layer. Any changes made to the container
are written to this directory.
The “merged”
directory is effectively the containers mount point. This is where the unified
view of the image (“lowerdir”) and container (“upperdir”) is exposed. Any
changes written to the container are immediately reflected in this directory.
The “work” directory is required for OverlayFS to function. It
is used for things such as copy_up operations.
# cat
/var/lib/docker/overlay/0cab383e563082ef352c77e2eb186f136fdd484b6a98a0c4edb8e7caac231f07/merged/tmp/testfile
this is
a testfile
Copying Image to other hosts
Now stop the above container
# docker ps
CONTAINER ID
IMAGE COMMAND CREATED STATUS PORTS NAMES
d956f56f2ac5 0ef2e08ed3fa "/bin/bash" 19 minutes ago Up 19 minutes angry_wilson
Take the container id from above and stop it
# docker stop
d956f56f2ac5
d956f56f2ac5
After stopping commit it and give it a name.
# docker commit
d956f56f2ac5 testfile
sha256:fa914368ee56dae3b5b0c843ac407dc6ed2481b6116aad665df092b1348cf668
# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
testfile latest fa914368ee56 8 seconds ago 228 MB
centos latest 98d35105a391 2 weeks ago 192 MB
ubuntu latest 0ef2e08ed3fa 4 weeks ago 130 MB
So, the size of testfile is increased by 36MB, as we have
updated the server.
Run the history command to check it.
# docker history
testfile
IMAGE CREATED CREATED BY SIZE COMMENT
fa914368ee56 10 minutes ago /bin/bash 97.9 MB
0ef2e08ed3fa 4 weeks ago /bin/sh -c #(nop) CMD ["/bin/bash"] 0 B
<missing> 4 weeks ago /bin/sh -c mkdir -p /run/systemd
&& echo '... 7 B
<missing> 4 weeks ago /bin/sh -c sed -i
's/^#\s*\(deb.*universe\... 1.9 kB
<missing> 4 weeks ago /bin/sh -c rm -rf
/var/lib/apt/lists/* 0 B
<missing> 4 weeks ago /bin/sh -c set -xe && echo '#!/bin/sh' >... 745 B
<missing> 4 weeks ago /bin/sh -c #(nop) ADD
file:efb254bc677d66d... 130 MB
So, we started the container by /bin/bash which is
getting reflected here. And what was the size of the change.
Now save the image as tar ball. Here, even if we don’t
mention file name.tar, docker will create tar ball by default.
# docker save -o
/tmp/tesfile.tar testfile
# ls -ltr
/tmp/tesfile.tar
-rw-------.
1 root root 235798528 Apr 1 09:56
/tmp/tesfile.tar
#du -sh
/tmp/tesfile.tar
225M /tmp/tesfile.tar
Transfer the file to other Ubuntu server
# scp
/tmp/tesfile.tar 192.168.56.226:/tmp/
To check all the file inside the tar
# tar -tf
/tmp/tesfile.tar
# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
Load the image
# docker load -i
/tmp/tesfile.tar
9d3227c1793b:
Loading layer 121.3MB/121.3MB
a1a54d352248:
Loading layer 15.87kB/15.87kB
511ddc11cf68:
Loading layer 11.78kB/11.78kB
08f405d988e4:
Loading layer 5.632kB/5.632kB
73e5d2de6e3e:
Loading layer 3.072kB/3.072kB
7738492b326d:
Loading layer 97.87MB/97.87MB
Loaded
image: testfile:latest
# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
testfile latest 00a5cfa72dbd 10 minutes ago 213MB
# docker run -it
testfile /bin/bash
root@4880f241a8f1:/#
cat /tmp/testfile
this is
a testfile
More about Containers
Image: Build time
construct
Container: Run
time construct
- Rootfs is read only
- Kernel is shared by all the containers
- Thin writable layer
One process per Container
We can check all the top processes running on a container
# docker run -it
ubuntu /bin/bash
# docker ps
CONTAINER
ID IMAGE COMMAND CREATED STATUS PORTS NAMES
72f512e7e091 ubuntu "/bin/bash" 9 seconds ago Up 9 seconds dazzling_hypatia
# docker top
72f512e7e091
UID PID PPID C STIME TTY TIME CMD
root 10816 10805 0 10:44 pts/1 00:00:00 /bin/bash
#docker inspect
72f512e7e091
Chapter
Container Management
Stopping and Starting Containers
#docker run -it ubuntu /bin/bash
#docker stop <container id>
#docker start <container id>
#docker attach <container id>
Ctlr P Q – To detach from container
#docker ps
#docker ps -a
#docker images
#docker kill <container id>
Note: Docker attach
attaches himself to PID 1, so if shell
is not running we will not get the prompt.
PID 1 on Containers
- Its not the same as Init process
- Init is the mother of all process on a linux server
- If init dies, so do all the process
- But here PID 1 is not aware of if any other process is running
- Its preferred to run one process per container
- However we can run multiple processes as well
Deleting a Container
Container should be stopped before deleting it.
#docker stop <container id>
#docker rm <container id>
#alias dps=”docker ps”
Low Level Container & Image Info
# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
testfile latest fa914368ee56 16 hours ago 228 MB
centos latest 98d35105a391 2 weeks ago 192 MB
ubuntu latest 0ef2e08ed3fa 4 weeks ago 130 MB
# docker inspect
fa914368ee56
Above command shows many details like:
ID, Repotags, Created date and time, containerconfig,
various layer info, etc
Getting a Shell in a Container
Docker Attach:
- Attaches to PID 1 inside the container
- On a linux server or container PID 1 can’t be necessarily shell
- Its different from init 0
nsenter:
- Allow us to enter Namespace
- Requires the containers ID ( get from docker inspect)
# docker ps -a
CONTAINER
ID IMAGE COMMAND CREATED STATUS PORTS NAMES
72f512e7e091 ubuntu "/bin/bash" 15 hours ago Exited (0) 15 hours ago dazzling_hypatia
# docker inspect
72f512e7e091 | grep -i pid
"Pid": 0,
"PidMode": "",
"PidsLimit": 0,
Since, container is not running so PID is showing 0. Now
start the container and check again.
# docker start
72f512e7e091
72f512e7e091
# docker inspect
72f512e7e091 | grep -i pid
"Pid": 2735,
"PidMode": "",
"PidsLimit": 0,
# nsenter -m -u -n -p
-i -t 2735
M = enter mount ns
U= enter uts ns
N= network ns
P= process ns
I= IP c ns
T= target
Now it is different from attach, if we exit attach container
stops. Also, we get attach to PID 1. Here its not the same case. We don’t get
attach to PID 1. When we exit container continue to run.
Chapter
Building from a Dockerfile
Basics of Dockerfile
- Dockerfile dockerfile DOCKERFILE
- Simple text file
- Contains instructions for how to build image
- Place is important as other files, directories and sub-directories get includes in the container. So, choosing place is very important.
Creating a Dockerfile
It starts from instruction FROM
Every RUN instruction creates a new layer to our image.
Means every Run command launch a new container, run the
command, stop the container and commits the new layer. Next Run command will
use this image and follow the same process as above.
#mkdir /devops
# cat
/devops/Dockerfile
#Ubuntu
- base image
FROM
ubuntu
MAINTAINER
rishibansal02@gmail.com
RUN
apt-get update
CMD
["echo","Hello World"]
Building an Image from the Dockerfile
Go inside the same directory containing Dockerfile.
Here, helloworld, all letters should be in small.
-t = To apply text to the image, not mandatory but
recommended.
#docker build -t
helloworld:1.0 .
Sending build context to Docker
daemon 2.048 kB
Step 1/4
: FROM ubuntu
---> 0ef2e08ed3fa
Step 2/4
: MAINTAINER rishibansal02@gmail.com
---> Running in 410174fdb081
---> 1ec72a6fe42e
Removing
intermediate container 410174fdb081
Step 3/4
: RUN apt-get update
---> Running in 6ee40780f286
……..
……..
Reading
package lists...
---> b2d2ff39eeb7
Removing
intermediate container 6ee40780f286
Step 4/4
: CMD echo Hello World
---> Running in 94078dc48a9d
---> 4f2bd08a0ca9
Removing
intermediate container 94078dc48a9d
Successfully
built 4f2bd08a0ca9
Sending Build context: if there are files and directories in
the same directory it is passwd to docker daemon.
# docker run
helloworld:1.0
Hello World
Chapter
Working with Registries
Creating a Public Repo on Docker Hub
Create a public repo on docker hub.
Only 1 free private repo is allowed.
Create below repo.
rishibansal/helloworld
Pushing image to Docker Hub
# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
helloworld 1.0 4f2bd08a0ca9 2 hours ago 170 MB
First we need to tag the image before pushing to
rishibansal/helloworld repo. The first column tells the repo name. So, we need
to tag new image to our new repo.
#docker tag
4f2bd08a0ca9 rishibansal/helloworld
# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
helloworld 1.0 4f2bd08a0ca9 2 hours ago 170 MB
rishibansal/helloworld 2.0 4f2bd08a0ca9 2 hours ago 170 MB
Before pushing, make sure to login on dokcer hub
# docker login
Login with
your Docker ID to push and pull images from Docker Hub. If you don't have a
Docker ID, head over to https://hub.docker.com to create one.
Username: username
Password:
Login
Succeeded
# docker push rishibansal/helloworld:2.0
The push
refers to a repository [docker.io/rishibansal/helloworld]
23d58913fb58:
Pushed
73e5d2de6e3e:
Pushed
08f405d988e4:
Pushed
511ddc11cf68:
Pushed
a1a54d352248:
Pushed
9d3227c1793b:
Pushed
latest:
digest: sha256:3b7485343c49a41a123415e2ebd6beec2c3bd5f5351076ea85a7ecf52d55a517
size: 1569
# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
rishibansal/helloworld 2.0 4f2bd08a0ca9 4 hours ago 170 MB
We can see only one layer is pushed. Its because other
layers docker hub took from ubuntu image. So, it’s very intelligent and very
efficient too.
To delete any image, all the containers associated with that
image need to be deleted first.
# docker rm <container id>
#docker rmi <image id>
Chapter
Swarm Mode and Microservices
Swarm Mode Theory
Docker 1.12 or Later
True Native Clustering
A collection of Docker Engine joined into a cluster is
called Swarm.
Engine in a Swarm run is Swarm Mode.
A swarm itself consists of one or more manager nodes, and
then one or more worker nodes.
The manager nodes look after the state of the cluster and
dispatch tasks and the likes to the worker nodes.
Even one manager keep the swarm going.
H/A – recommend 3 or 5.
Only one leader.
If a manager that's not the leader receives a command,
it's going to proxy that command over to the leader, and then the leader's
going to action it against the swarm.
Can spread managers across availability zones, regions,
data centers depending on high availability requirement.
Services:
Declarative and Scalable
Tasks:
Atomic unit of work assigned to workers.
=Container
Building a Swarm
3 Managers
3 Workers
Initialize Swarm on mgr1:
# docker swarm init
--advertise-addr 192.168.56.221:2377 --listen-addr 192.168.56.221:2377
Swarm initialized: current node
(w07rcd47dhb06ev8sch40507b) is now a manager.
To add a worker to this swarm, run the following command:
docker swarm join \
--token
SWMTKN-1-1hw3eet5k1oyq0289rw2n8qovbqk3wit4019fynv1yziu4c6v3-bw3unae540j54lkclx9dayyj9
\
192.168.56.221:2377
To add a manager to this swarm, run 'docker swarm
join-token manager' and follow the instructions.
Command to be run on manager to join:
# docker swarm
join-token manager
To add a manager to this swarm, run the following
command:
docker swarm
join \
--token
SWMTKN-1-1hw3eet5k1oyq0289rw2n8qovbqk3wit4019fynv1yziu4c6v3-byvw5ed776e3tcwuphsyp46f8 \
192.168.56.221:2377
Command to be run on workers to join Swarm:
# docker swarm
join-token worker
To add a worker to this swarm, run the following command:
docker swarm
join \
--token
SWMTKN-1-1hw3eet5k1oyq0289rw2n8qovbqk3wit4019fynv1yziu4c6v3-bw3unae540j54lkclx9dayyj9 \
192.168.56.221:2377
Highlighted part differ for Manager and Worker.
# docker info
……….
Swarm: active
NodeID:
w07rcd47dhb06ev8sch40507b
Is Manager: true
ClusterID:
jbavqjdfodmfepweu2jqxqqu3
Managers: 1
Nodes: 1
……..
……...
See the output of above command, we have one manager and
one worker. As manager node is also a worker. It performs dual task.
To check the swarm status
# docker node ls
ID HOSTNAME STATUS
AVAILABILITY MANAGER STATUS
w07rcd47dhb06ev8sch40507b * docker Ready
Active Leader
*shows current machine.
To promote a worker to manager
#docker node promote <ID>
Joining a worker:
# docker swarm join \
> --token
SWMTKN-1-1hw3eet5k1oyq0289rw2n8qovbqk3wit4019fynv1yziu4c6v3-bw3unae540j54lkclx9dayyj9
\
> 192.168.56.221:2377 \
> --advertise-addr 192.168.56.211:2377 \
> --listen-addr 192.168.56.211:2377
This node joined a swarm as a
worker.
# docker node ls
ID HOSTNAME STATUS
AVAILABILITY MANAGER STATUS
c2fi26qkbbstv65tlcnk49xpc chefserver
Ready Active
w07rcd47dhb06ev8sch40507b * docker
Ready Active Leader
To promote a worker to manager
#docker node promote
docker2
To Demote
#docker node demote
docker2
Services
# docker service create --name training -p 8080:8080
--replicas 2 rishibansal/docker-ci
j42xwdo9tl26h80gk4plu282o
#docker service ls
ID NAME MODE REPLICAS IMAGE
5voejj0boc1s training replicated 0/2 rishibansal/docker-ci:latest
#docker service ps
training
ID NAME IMAGE
NODE DESIRED
STATE CURRENT STATE ERROR PORTS
76xb6joya5rc training.1 rishibansal/docker-ci:latest docker Running Preparing 50 seconds ago
6capxpsl83wr training.2 rishibansal/docker-ci:latest docker1 Running Preparing 50 seconds ago
To check details about the service training
#docker service inspect training
Scaling Service:
# docker service ls
ID
NAME MODE REPLICAS IMAGE
dfdnm3gcvxi8
training replicated 2/2
rishibansal/docker-ci:latest
#docker service scale
training=4
or
#docker service
update –replicas 4 training (same as above)
Suppose we shutdown one node, than the services will come up
on other nodes automaticall. However, once we bring up the node it will not
balance the services already running.
Removing Node from Swarm
On Worker node: docker1
# docker swarm leave
Node left
the swarm
# docker node ls
ID HOSTNAME STATUS
AVAILABILITY MANAGER STATUS
l3io8newei4mmy0uac55ove8r docker1
Down Active
z33z5cvutal8fqty2fjptiv7g
* docker Ready
Active Leader
The node will still appear in the node list, and marked as
down. It no
longer affects swarm operation, but a long list of down nodes can clutter the node list. To
remove an inactive node from the list, use below command on manager
# docker
node rm docker1
docker1
# docker
node ls
ID
HOSTNAME STATUS AVAILABILITY
MANAGER STATUS
z33z5cvutal8fqty2fjptiv7g *
docker Ready Active
Leader
To Stop Swarm on Manager
# docker
swarm leave --force
Node left the swarm
Rolling Updates
#docker service update –image
nigelpoulton/tu-demo:v2 --update-parallelism 2 –update-delay 10s
No comments:
Post a Comment