Docker Swarm On Debian and Hyper-V
The servers are based on Debian, have 2 processors each, with 8 gigs of ram, all 3 are running on a single Hyper-V server. I will use certificate authentication with SSH, install sudo, vim, configure networking and setup a swarm instance.
Today, I'm going to go over setting up a 3 node Docker Swarm cluster on Hyper-V.
The servers are based on Debian, have 2 processors each, with 8 gigs of ram, all 3 are running on a single Hyper-V server. I will use certificate authentication with SSH, install sudo and vim, configure networking and setup a swarm instance.
Table of contents
- Assumptions
- Install Debian in Hyper-V
- Install SUDO and VIM
- Configure Networking
- Configure Certificate Authentication
- Install Docker Community Edition
- Setup Swarm
Assumptions
- The Docker hosts will be named
Docker1
,Docker2
andDocker3
Docker1
will be my master node- The IP addresses for the Docker servers will be
10.0.0.11
forDocker1
,10.0.0.12
forDocker2
and10.0.0.13
forDocker3
- The default gateway is
10.0.0.1
- The DNS server is
10.0.0.2
- The Hyper-V server is named
Hyperv1
- The client is named
Desktop
- The client is running Windows 10 and has the OpenSSH client installed
- The domain name is
example.com
- All passwords are
P@ssword1
- All regular users are
user1
- The Time Zone is
Mountain
- You know how to add DNS entries into your DNS server, this is beyond the scope of this post.
The prerequisites for this are a system with Hyper-V with enough memory and disk space to accommodate the new virtual machines. These virtual machines will also need access to the internet to download the necessary packages for the configuration. I will be assuming that you are running a single Hyper-V server and not clustered and that the Debian install image will be accessible during the creation of the virtual machines. I am also assuming that your Hyper-V server is not on your local desktop, if it is, ignore the parts of the PowerShell commands that specify the computer name.
I recommend that you have a local DNS server that you can put host entries into so you can access the Docker servers by name instead of IP address, though this is not necessary. If you don't have one, you will need to modify some of the configuration examples and commands to specify the IP addresses instead of using host names.
Install Debian in Hyper-V
- Download the latest Debian install image from the official Debian site, https://www.debian.org. At the time of this writing, it is
9.9.0
- You only need the small CD image, we're not installing anything that is on the big image
- Once downloaded, put it in a place that the Hyper-V machine has access to.
- Create the 3 Hyper-V virtual machines
- Name them
Docker1
,Docker2
,Docker3
- Use Generate 2
- Assign 8 gig (8192 MB) of memory, I do not recommend dynamic memory for this
- Connect them to your network
- Setup the storage the way you need it for your environment, I leave them at defaults
- Attach the Debian cd image you just downloaded
- Name them
- On each of those 3 VM's increase the processor count to 2
- Open the
Settings
on the VM - Go to
Processor
- Change the
virtual processor
count to 2 - If you need to assign a VLAN Id to the NIC, do that now
- Click
OK
- Open the
- Disable Secure Boot on the VM's so that Debian will start, on
Desktop
- Open PowerShell
- Execute the following:
Set-VMFirmware -EnableSecureBoot $false -VMName Docker1 -ComputerName hyperv1 Set-VMFirmware -EnableSecureBoot $false -VMName Docker2 -ComputerName hyperv1 Set-VMFirmware -EnableSecureBoot $false -VMName Docker3 -ComputerName hyperv1
- Start each Docker VM and connect to them
- Install Debian, on each Docker VM
- Leave it at
Graphical Install
and pressEnter
- Setup localization
- Choose your language and click
Continue
, I'm assuming it'sEnglish
- Choose your country and click
Continue
, I'm assuming it'sUnited States
- Choose your keyboard and click
Continue
, I'm assuming it'sAmerican English
- Choose your language and click
- Setup the hostname
- Assign the hostname, use the name of the VM to make it easy,
Docker1
,Docker2
andDocker3
, and clickContinue
- Set the domain name,
example.com
, and clickContinue
- Assign the hostname, use the name of the VM to make it easy,
- Set the root password
- Type the password for the
root
user,P@ssword
, and clickContinue
- Type the password for the
- Setup the primary user
- Type the name of the user,
user1
, and clickContinue
- Type the user name,
user1
, and clickContinue
- Type the password,
P@ssword
, and clickContinue
- Type the name of the user,
- Set the time zone
- Choose your time zone,
Mountain
, and clickContinue
- Choose your time zone,
- Partition the disk
- Leave at
Guided - use entire disk
and clickContinue
- Leave at the first disk and click
Continue
- Leave at
All files in one partition
and clickContinue
- Leave at
Finish partitioning and write changes to disk
and clickContinue
- Change
Write changes to disk
toYes
and clickContinue
- Leave at
- Let the system install it's packages, this may take a few minutes
- Leave
Scan another CD or DVD
atNo
and clickContinue
- Configure the package manager
- Leave the
Debian archive mirror country
atUnited States
and clickContinue
- Leave the
Debian archive mirror
atftp.us.debian.org
and clickContinue
- Leave the proxy blank, unless you have one and need to set it.
- Leave the
- Leave the
Participate in the package usage survey
atNo
and clickContinue
- Set the
Software Selection
- Select only
SSH server
andstandard system utilities
. Uncheck everything else - Click
Continue
- Let it finish installing everything, this may take a few minutes
- Select only
- Click
Continue
, the machines will automatically unmount the installer image and reboot into the installed Debian OS
- Leave it at
Debian is now installed in 3 Hyper-V virtual machines with 8 gigs of RAM, 2 cores and up to 128 gigs of drive space.
Install sudo and vim
On each Docker server:
- Login, username is
user1
, password isP@ssword
- Get root access the password is
P@ssword
:su -
- Update apt
apt update
- Install applications, press
Y
when asks you to continueapt install sudo vim
- Add
user1
to thesudo
group:usermod -a -G sudo user1
Configure Networking
On each Docker server, still as root
:
- Execute
vi /etc/network/interfaces
- Replacing the Docker Host IP with the correct one for the host (up at the top), replace everything below the
# The primary network interface
with the following# The primary network interface auto eth0 iface eth0 inet static address 10.0.0.11 netmask 255.255.255.0 gateway 70.89.247.238 dns-nameservers 10.0.0.2
- Write and exit vi, press
escape
, type:wq
press enter - Reboot,
shutdown -r now
If you haven't already, now is a good time to set the host entries in your DNS server if you have one. In the commands
Configure Certificate Authentication
On your client
- Create the private/public keys
- In PowerShell execute the following:
cd ~ mkdir .ssh -ErrorAction SilentlyContinue ssh-keygen -t ed25519 -b 4096 -f .ssh/docker1.example.com_id ssh-keygen -t ed25519 -b 4096 -f .ssh/docker2.example.com_id ssh-keygen -t ed25519 -b 4096 -f .ssh/docker3.example.com_id notepad .ssh/config
- If notepad says it is a new file and asks if you want to create it, click
Yes
- In PowerShell execute the following:
- Add the following to the end of the config file
Host docker1.example.com Hostname docker1.example.com User user1 IdentityFile ~/.ssh/docker1.example.com_id Host docker2.example.com Hostname docker2.example.com User user1 IdentityFile ~/.ssh/docker1.example.com_id Host docker3.example.com Hostname docker3.example.com User user1 IdentityFile ~/.ssh/docker1.example.com_id
- Close notepad
For each Docker server, still on the client in PowerShell
- Get the public session key
Copy the result, should be something likeget-content ~/.ssh/docker1.example.com_id.pub
ssh-ed25519 LOTS OF STUFF
- Start a new ssh session
ssh docker1.example.com
- The
ssh
command will most likely ask if you want to trust the server, typeyes
pressenter
- The password is
P@ssword
- The
- Add the key to the
authorized_keys
file and set the correct permissions.mkdir .ssh echo "<<public session key, include the quotes>>" > ./ssh/authorized_keys chmod 0600 ./ssh/authorized_keys
- Exit the session
exit
If you created your private key without a password you can now get into your Docker servers without a password from your client., You can test this by doing remoting into the server again.
ssh docker1.example.com
Install Docker Community Edition
There's really no need to duplicate the detailed installation guide from Docker's site. Plus, the installation instructions for adding their apt repository may change. So here is a link if you haven't already seen it during your search for installing Docker. https://docs.docker.com/install/linux/docker-ce/debian/#install-using-the-repository
The previous steps get you to the point where the commands and instructions they give you will work the way they should. You will want to run through the installation on each of your Docker servers.
After you have finished, installing Docker CE on your servers, we'll go over installing Swarm in our environment in the next section.
I will assume from that you added user1
to the docker
group.
Setup Swarm
You should now have a simple, plain installation of Docker CE on each of your servers. You also have the networking configured, sudo and vim install, along with certificate authentication setup and working. Our user, user1, should also be added to the docker group. If you didn't, the command is:
sudo usermod -aG docker user1
We need to initialize the Swarm instance. On the master server Docker1
docker swarm init
This will output a few lines, the one we're interested in is the docker swarm join
line. It should look something like this:
docker swarm join --token SWMTKN-1-BUNCHOFSTUFF 10.0.0.11:2377
I don't like hard coded IP addresses and have a DNS server, so we can slightly modify the line to use the host name, docker1.example.com
. If you don't have a DNS server, don't modify the line. Copy that line, paste it into notepad, and replace the IP address at the end with docker1.example.com
. Copy the result and run it on docker2
and docker3
.
docker swarm join --token SWMTKN-1-BUNCHOFSTUFF docker1.example.com:2377
The result
This node joined a swarm as a worker.
Conclusion
That's all there is to getting a multi-node swarm instance going in Hyper-V running on Debian. It's not very complicated once you get Debian running in Hyper-V. The hardest part to figure out was disabling the Secure Boot feature for the VM in Hyper-V. You need to disable it otherwise the virtual machine will sit there during boot waiting for the network.