2

I have setup a 3 node cluster (with no Internet access) with 1 manager and 2 worker-nodes using the standard swarm documentation.

How does the swarm manager in swarm mode know about the images present in worker nodes?

Lets say I have image A in worker-node-1 and image B in worker-node-2 and no images in the manager-node.

Now how do I start container for image A using the manager? Will it start in manager or node-1?

When I query manager for the list of images will it give the whole list with A and B in it?

Does anyone know how this works? I couldn’t get the details from the documentation.

Daggerfella
  • 52
  • 1
  • 9
syk_coder
  • 31
  • 2
  • 9

3 Answers3

0

Docker Swarm manager node may to be a worker one by the second role but not strictly necessary.

Image deployment policy is mapped via docker-compose.yml which has an information like target nodes, networks, hostnames, volumes, etc. in relation of particular service. So, it will start either in specified node or in emptiest default one.

Swarm manager communicates with the worker nodes via Docker networks:

When you initialize a swarm or join a Docker host to an existing swarm, two new networks are created on that Docker host:

  • an overlay network called ingress, which handles control and data traffic related to swarm services. When you create a swarm service and do not connect it to a user-defined overlay network, it connects to the ingress network by default

  • a bridge network called docker_gwbridge, which connects the individual Docker daemon to the other daemons participating in the swarm.

Reference

During Swarm deployment, the images of it's services are being propagated to worker nodes according to their deployment policy.

The manager node will contain images once the node is the worker one too (correct me, if it won't).

WildDev
  • 2,250
  • 5
  • 35
  • 67
  • Hey for my use case I don't have a docker file to create a docker image on the fly using compose. I have a list of already created images and I want to use them to start ephemeral jenkins slaves during the build process. The manager node is not able to start the container for the image on the worker node. It just errors out saying that the manager node doesn't have image locally and tries to connect to internet rather than delegating the job to the worker node which has the image. Configured swarm manager role to be just manager but still no use. – syk_coder Oct 19 '18 at 06:37
  • In the swarm, images deployment process should be handled via the manager but not manually. They're associated with a service. Once you're deploying a service, an image will be picked up by a swarm worker and run there, as soon it setup correctly. The image should be present in the registry you're working with – WildDev Oct 20 '18 at 14:11
0

The default configuration with swarm mode is to pull images from a registry server and use pinning to reference a unique hash for those images. This can be adjusted, but there is no internal mechanism to distribute images within a cluster.

For an offline environment, I'd recommend a stand alone registry server accessible to the cluster. You can even run it on the cluster. Push your image there, and point your server l services to the registry for their images to pull. See this doc for details on running a stand alone registry, or any of the many 3rd party options (e.g. Harbor): https://docs.docker.com/registry/

The other option is to disable the image pinning, and manually copy images to each of your swarm nodes. You need to do this in advance of deploying any service changes. You'll also lose the benefit of reused image layers when you manually copy them. Because of all this issues it creates, overhead to manage, and risk of mistakes, I'd recommend against this option.

BMitch
  • 231,797
  • 42
  • 475
  • 450
  • Thank you. Will explore the internal registry. I have tried copying the images to all the worker nodes but my swarm manager was not able to identify the images present in nodes. I had to copy all the images to manager node to start a service using swarm. – syk_coder Oct 19 '18 at 05:02
0

Run the docker stack deploy command with --with-registry-auth that will give the Workers access to pull the needed image

By default Docker Swarm will pull the latest image from registry when deploying

D. Vinson
  • 1,090
  • 6
  • 8