UbuntuUbuntu Based

How To Install Docker Swarm on Ubuntu 24.04 LTS

Install Docker Swarm on Ubuntu 24.04

In this tutorial, we will show you how to install Docker Swarm on Ubuntu 24.04 LTS. Docker Swarm offers a powerful yet straightforward approach to container orchestration, allowing system administrators and developers to create resilient, scalable application infrastructures. With Ubuntu 24.04 LTS providing a stable foundation, deploying Docker Swarm becomes an efficient solution for managing containerized applications across multiple nodes. This comprehensive guide walks you through the complete process of installing and configuring Docker Swarm on Ubuntu’s latest LTS release, ensuring you can leverage its full capabilities for your production environment.

Table of Contents

Prerequisites and Environment Setup

Before diving into the Docker Swarm installation process, certain prerequisites must be met to ensure a smooth deployment. A proper environment setup lays the foundation for a stable and reliable container orchestration system.

For this guide, you’ll need:

  • At least two Ubuntu 24.04 LTS servers (one manager node and one or more worker nodes)
  • Each server should have at least 2GB RAM and 2 CPU cores for optimal performance
  • Sufficient storage space (minimum 20GB recommended)
  • All nodes must have static IP addresses and unrestricted network connectivity
  • SSH access configured on all machines
  • A non-root user with sudo privileges on each server

Network prerequisites are particularly important for Swarm functionality. Docker Swarm requires the following ports to be open between nodes:

  • TCP port 2377 for cluster management communications
  • TCP and UDP port 7946 for node-to-node communication
  • UDP port 4789 for overlay network traffic

Ensuring these prerequisites are met beforehand will prevent common issues during the installation and configuration process.

Updating Ubuntu 24.04 System

Before installing Docker and setting up Swarm, it’s essential to update your Ubuntu 24.04 system to the latest package versions. This ensures compatibility and provides security patches that may be critical for a production environment.

To update your system, execute these commands:

sudo apt update
sudo apt upgrade -y

Next, install essential dependencies that Docker requires:

sudo apt install curl apt-transport-https ca-certificates software-properties-common -y

These packages enable secure communication with external repositories and provide necessary tools for the Docker installation process.

After updating the system, verify that everything is functioning correctly by checking the system status:

sudo systemctl status systemd-resolved

This command ensures that your system’s DNS resolver is operational, which is crucial for Docker’s networking capabilities.

Installing Docker on Ubuntu 24.04

Installing Docker on Ubuntu 24.04 is a straightforward process that requires adding the official Docker repository and installing the necessary packages. Follow these steps to ensure a clean installation:

Remove any existing Docker installations

If you have an older version of Docker installed, remove it first:

sudo apt remove docker docker-engine docker.io containerd runc -y

Add Docker’s official GPG key

Import Docker’s GPG key to verify package integrity:

curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg

Set up the Docker repository

Add the official Docker repository to your system:

echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null

Update package index and install Docker

Update the package index with the new repository and install Docker:

sudo apt update
sudo apt install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin -y

Verify the installation

After installation, verify that Docker is running properly:

sudo systemctl status docker

You should see output indicating that the Docker service is active and running. To test the installation, run the hello-world container:

sudo docker run hello-world

If Docker is installed correctly, you’ll see a success message indicating that your installation is working properly.

Post-Installation Configuration

After installing Docker, several post-installation steps are necessary to optimize your experience and prepare the environment for Docker Swarm.

Adding your user to the Docker group

By default, Docker commands require sudo privileges. To avoid this, add your user to the Docker group:

sudo usermod -aG docker $USER

Log out and log back in for the changes to take effect. Verify that you can run Docker commands without sudo:

docker version

Configuring Docker to start on boot

Ensure Docker starts automatically when your system boots:

sudo systemctl enable docker

Setting up Docker daemon options

Create or modify the daemon.json file to customize Docker’s behavior:

sudo mkdir -p /etc/docker
sudo nano /etc/docker/daemon.json

Add configurations such as the default logging driver and storage options:

{
  "log-driver": "json-file",
  "log-opts": {
    "max-size": "10m",
    "max-file": "3"
  },
  "storage-driver": "overlay2"
}

After saving the file, restart Docker to apply the changes:

sudo systemctl restart docker

These configurations help manage log file size and optimize Docker’s storage performance.

Docker Swarm Architecture

Understanding Docker Swarm’s architecture is crucial before deploying it. Docker Swarm follows a manager-worker architecture with distinct components that work together to provide container orchestration.

Manager Nodes: These nodes handle the cluster management tasks and store the cluster state. They implement the Raft consensus algorithm to maintain consistency across the swarm. It’s recommended to have an odd number of manager nodes (3, 5, or 7) for fault tolerance.

Worker Nodes: These execute the containers assigned by manager nodes. They don’t participate in the Raft consensus algorithm but focus on running workloads.

Services: The primary unit of work in Swarm. A service defines a container image, number of replicas, network configurations, and other deployment parameters.

Tasks: Each container instance of a service is called a task. If a service is configured with three replicas, Swarm creates three tasks, each running one container.

Control Plane vs. Data Plane: The control plane consists of manager nodes that maintain cluster state, while the data plane comprises worker nodes running actual workloads.

Docker Swarm offers several advantages, including:

  • Built-in load balancing capabilities
  • TLS mutual authentication and encryption
  • Incremental service updates
  • DNS-based service discovery
  • Declarative service model

This architecture provides a robust foundation for container orchestration with built-in redundancy and high availability.

Initializing Docker Swarm

Initializing Docker Swarm transforms a standalone Docker host into a Swarm manager node. This process creates the initial swarm configuration and generates tokens for adding additional nodes.

Initializing the first manager node

To initialize Docker Swarm on your first node, use the following command:

docker swarm init --advertise-addr <MANAGER-IP>

Replace <MANAGER-IP> with the IP address of the node that other nodes will use to communicate with this manager.

For example:

docker swarm init --advertise-addr 192.168.1.10

Upon successful initialization, you’ll see output similar to:

Swarm initialized: current node (dxn1zf6l61qsb1josjja83ngz) is now a manager.

To add a worker to this swarm, run the following command:

    docker swarm join --token SWMTKN-1-49nj1cmql0jkz5s954yi3oex3nedyz0fb0xx14ie39trti4wxv-8vxv8rssmk743ojnwacrr2e7c 192.168.1.10:2377

To add a manager to this swarm, run 'docker swarm join-token manager' and follow the instructions.

The output provides the command needed to add worker nodes to your swarm.

Configuring default address pools

You can customize the IP address ranges used by Swarm overlay networks during initialization:

docker swarm init --advertise-addr <MANAGER-IP> --default-addr-pool 10.10.0.0/16 --default-addr-pool 10.11.0.0/16

This specifies custom CIDR ranges for overlay networks instead of using the default range.

Verifying Swarm initialization

After initialization, verify that your swarm is properly configured:

docker info

Look for the “Swarm” section in the output, which should show that swarm mode is active and this node is a manager.

To see detailed information about the swarm:

docker node ls

This command displays all nodes in the swarm, with the current node marked as “Leader”.

Adding Worker Nodes to the Swarm

Expanding your Docker Swarm by adding worker nodes increases the cluster’s capacity and resilience. This section guides you through the process of adding worker nodes to your swarm.

Generating join tokens

Docker Swarm uses tokens to authenticate nodes joining the cluster. To retrieve the worker join token from a manager node, run:

docker swarm join-token worker

This command displays the full join command with the token that worker nodes should use.

To generate a manager join token (for adding additional manager nodes):

docker swarm join-token manager

Joining a worker node to the swarm

On each worker node, run the join command provided by the manager:

docker swarm join --token SWMTKN-1-49nj1cmql0jkz5s954yi3oex3nedyz0fb0xx14ie39trti4wxv-8vxv8rssmk743ojnwacrr2e7c 192.168.1.10:2377

Upon successful execution, you’ll see:

This node joined a swarm as a worker.

Verifying node addition

Return to the manager node and verify that the new worker has joined the swarm:

docker node ls

The output should show all nodes in your swarm with their respective roles and status.

Troubleshooting join issues

If a node fails to join the swarm, check the following:

  1. Network connectivity between nodes (test with ping)
  2. Firewall settings (ensure required ports are open)
  3. Correct token usage (worker vs. manager tokens)
  4. Time synchronization between nodes

To diagnose networking issues, use:

docker network inspect ingress

This provides information about the swarm’s ingress network, which is essential for inter-node communication.

Managing Docker Swarm Nodes

Effective node management is crucial for maintaining a healthy Docker Swarm cluster. This section covers essential node management tasks and best practices.

Listing and inspecting swarm nodes

To list all nodes in your swarm:

docker node ls

To view detailed information about a specific node:

docker node inspect <NODE-ID>

For a more readable format:

docker node inspect <NODE-ID> --pretty

Managing node availability

Docker Swarm nodes can be in one of three availability states:

  1. Active: Normal state where nodes accept tasks
  2. Pause: The node doesn’t receive new tasks but keeps existing ones
  3. Drain: The node doesn’t accept new tasks and redistributes existing ones

To change a node’s availability:

docker node update --availability drain <NODE-ID>

This is particularly useful when performing maintenance on a node.

Promoting workers to managers

To increase the number of manager nodes for better fault tolerance:

docker node promote <NODE-ID>

Best practice suggests maintaining an odd number of managers (3, 5, or 7) to ensure quorum during network partitions.

Demoting managers to workers

If you need to reduce the number of manager nodes:

docker node demote <NODE-ID>

Always ensure you maintain enough managers for quorum (N/2+1).

Removing nodes from the swarm

To remove a node from the swarm, first drain it:

docker node update --availability drain <NODE-ID>

Then, on the node being removed, run:

docker swarm leave

For a manager node, add the --force flag:

docker swarm leave --force

Finally, remove the node from the swarm’s node list:

docker node rm <NODE-ID>

Node labeling for task placement

Labels can be added to nodes to influence service deployment:

docker node update --label-add zone=east <NODE-ID>

These labels can later be used in service constraints to control where containers run.

Creating and Deploying Services

Services are the core workload units in Docker Swarm. They define what containers run and how they should be deployed across the cluster.

Creating a basic service

To create a simple service running Nginx:

docker service create --name web-server --publish 80:80 nginx

This command creates a service named “web-server” that publishes port 80 and runs the Nginx image.

Service deployment strategies

Docker Swarm supports two deployment modes:

  1. Replicated: The service runs a specified number of replicas across the swarm
  2. Global: The service runs one instance on each node in the swarm

For a replicated service with 3 instances:

docker service create --name redis --replicas 3 redis

For a global service:

docker service create --name monitoring --mode global prometheus/node-exporter

Declarative service deployment

While the commands above use the imperative approach, Docker Swarm also supports declarative deployments using Docker Compose:

version: '3.8'
services:
  web:
    image: nginx
    ports:
      - "80:80"
    deploy:
      replicas: 3
      placement:
        constraints:
          - node.role == worker

Save this to docker-compose.yml and deploy it with:

docker stack deploy -c docker-compose.yml web-stack

Service constraints and preferences

To control where services run, use placement constraints:

docker service create --name db --constraint node.labels.zone==east mysql

Implementing health checks

Health checks ensure services are functioning correctly:

docker service create --name web --health-cmd "curl -f http://localhost || exit 1" --health-interval 5s --health-retries 3 nginx

This configuration checks service health every 5 seconds using the specified command.

Scaling and Load Balancing

One of Docker Swarm’s key strengths is its ability to scale services and distribute traffic automatically. This section covers scaling operations and load balancing features.

Manual scaling of services

To scale a service to a specific number of replicas:

docker service scale web-server=5

This increases or decreases the number of containers running for the service.

To scale multiple services simultaneously:

docker service scale web-server=3 redis=2

Implementing rolling updates

Docker Swarm supports rolling updates to minimize downtime:

docker service update --image nginx:alpine --update-parallelism 2 --update-delay 20s web-server

This updates the web-server service to use the nginx:alpine image, updating 2 containers at a time with a 20-second delay between updates.

Built-in load balancing

Docker Swarm provides automatic load balancing for services. When you publish a port with a service, Swarm creates a virtual IP (VIP) that distributes incoming requests across all service replicas.

To check the VIP for a service:

docker service inspect --format '{{.Endpoint.VirtualIPs}}' web-server

External load balancer integration

For production deployments, you might want to integrate with external load balancers:

docker service create --name web --publish published=8080,target=80,mode=host nginx

Using mode=host bypasses the routing mesh, allowing direct integration with external load balancers.

Docker Swarm Networking

Docker Swarm provides sophisticated networking capabilities that allow containers to communicate securely across nodes. Understanding these features is essential for building robust applications.

Overlay networking configuration

Overlay networks enable container-to-container communication across nodes:

docker network create --driver overlay --attachable frontend

To create an encrypted overlay network:

docker network create --driver overlay --opt encrypted frontend-secure

Network segmentation and isolation

Create separate networks for different application tiers:

docker network create --driver overlay frontend
docker network create --driver overlay backend

Then deploy services to specific networks:

docker service create --name web --network frontend nginx
docker service create --name db --network backend postgres

Service discovery mechanisms

Docker Swarm provides automatic DNS-based service discovery. Containers can communicate with each other using service names:

docker service create --name web --network frontend nginx
docker service create --name api --network frontend api-service

From inside the web container, you can now connect to the API service using its name (“api”).

Volumes and Persistent Storage

Persistent storage is crucial for stateful applications. Docker Swarm provides several options for managing data that needs to persist beyond the lifetime of containers.

Volume drivers for Docker Swarm

Docker Swarm supports various volume drivers:

docker plugin install rexray/ebs

Setting up persistent storage

Create a named volume:

docker volume create --driver local --opt type=nfs --opt o=addr=192.168.1.100,rw --opt device=:/path/to/share data-volume

Use the volume with a service:

docker service create --name db --mount type=volume,source=data-volume,target=/var/lib/mysql mysql

Backup strategies for volumes

For backing up volume data:

docker run --rm -v data-volume:/source -v backup:/destination alpine sh -c "cp -a /source/. /destination/"

This command copies data from a source volume to a backup volume using an Alpine Linux container.

Security Best Practices

Security is paramount when deploying Docker Swarm in production environments. Following best practices helps protect your infrastructure from potential threats.

Securing the Swarm with TLS

Docker Swarm automatically configures TLS for control plane communication. To rotate the certificates:

docker swarm ca --rotate

Secret management in Docker Swarm

Docker Swarm provides a native secrets management system:

echo "supersecret" | docker secret create db_password -

Use the secret in a service:

docker service create --name db --secret db_password mysql

The secret is mounted at /run/secrets/db_password inside the container.

Role-Based Access Control (RBAC)

Implement RBAC for Docker API access using external solutions like Kubernetes RBAC or Docker Enterprise Edition.

Network security and encryption

Enable encryption for application data:

docker network create --driver overlay --opt encrypted app-network

This encrypts all overlay network traffic between containers.

Troubleshooting Docker Swarm

Even with careful planning, issues can arise in Docker Swarm deployments. This section provides guidance on identifying and resolving common problems.

Common initialization failures

If swarm initialization fails, check:

  1. Network connectivity
  2. Firewall settings
  3. Port availability (especially port 2377)

Run diagnostics with:

docker info

Network connectivity issues

For network troubleshooting:

docker network inspect ingress

Test container-to-container communication with:

docker run --rm --network <network-name> alpine ping <service-name>

Service deployment problems

If services won’t start:

docker service ps --no-trunc <service-name>

This shows detailed information about service tasks, including error messages.

Log collection and analysis

To view service logs:

docker service logs <service-name>

For container-specific logs:

docker logs <container-id>

These tools help identify the root causes of issues in your swarm deployment.

Maintenance and Updates

Regular maintenance ensures your Docker Swarm cluster remains healthy and secure. This section covers essential maintenance tasks and update procedures.

Updating Swarm services without downtime

To update a service with zero downtime:

docker service update --image nginx:latest --update-parallelism 1 --update-delay 30s web-server

This gradually updates containers one at a time with a 30-second delay between updates.

Backing up Swarm state

To back up Swarm’s internal state:

sudo tar -czf swarm-backup.tar.gz /var/lib/docker/swarm

This creates a compressed archive of Swarm’s state data.

Manager node maintenance

When performing maintenance on manager nodes, first drain the node:

docker node update --availability drain <NODE-ID>

After maintenance, restore it to active status:

docker node update --availability active <NODE-ID>

Always maintain quorum by keeping at least (N/2+1) manager nodes operational during maintenance.

Congratulations! You have successfully installed Docker Swarm. Thanks for using this tutorial to install the latest version of the Docker Swarm on Ubuntu 24.04 LTS. For additional help or useful information, we recommend you check the official Docker website.

VPS Manage Service Offer
If you don’t have time to do all of this stuff, or if this is not your area of expertise, we offer a service to do “VPS Manage Service Offer”, starting from $10 (Paypal payment). Please contact us to get the best deal!

r00t

r00t is an experienced Linux enthusiast and technical writer with a passion for open-source software. With years of hands-on experience in various Linux distributions, r00t has developed a deep understanding of the Linux ecosystem and its powerful tools. He holds certifications in SCE and has contributed to several open-source projects. r00t is dedicated to sharing her knowledge and expertise through well-researched and informative articles, helping others navigate the world of Linux with confidence.
Back to top button