Docker-Swarm setup on IPV6 (centos)

Here’s is how to setup docker-swarm on IPV6 network

Docker swarm up and running on IPV6

Photo by Bernd Dittrich on Unsplash

Yet another article on docker..!!

Disclaimer: This article is just a knowledge sharing piece of information.

There are mainly two types of docker swarm setup:

1. Docker swarm with Docker CE (Community Edition)
2. Docker swarm with Docker EE (Enterprise Edition)

Docker CE consists of a basic feature called swarm mode

Docker EE consists of additional UI feature along with the following

• Universal Control Plane overview
• Docker Trusted Registry

As follows, this page explains docker swarm CE setup and micro-service (java-spring-boot) application deployment.

Before jumping into the steps, we should follow release notes to select docker CE version. The version 19.03.10 has the IPV6 forwarding feature, so we recommend to stick with the same, or you can try with new version and comment :).

Step1:

Your setup should have 3 masters as per high-availability standard. In this document, the setup describes with 3 masters and 2 worker-nodes.

Hostname IP

node-manager-01 240b::1 (Example IP) manager1 (master1)

node-manager-02 240b::2 (Example IP) manager2 (master2)

node-manager-03 240b::3 (Example IP) manager3 (master3)

node-worker-04 240b::4 (Example IP) worker1

node-worker-05 240b::5 (Example IP) worker2

OS: Centos 7

Docker Version: Docker CE 19.03.10

Login to node1 as a root (manager1)

Step2:

[root@node-manager-01 ~]# cat >> /etc/hosts << EOF
>240b::1 node-manager-01
>240b::2 node-manager-02
>240b::3 node-manager-03
>240b::4 node-worker-04
>240b::5 node-worker-05
> EOF
[root@node-manager-01 ~]# yum update -y

restart “node-manager-01”
[root@node-manager-01 ~]# yum install -y epel-release.noarch
[root@node-manager-01 ~]# yum-config-manager --add-repo=https://download.docker.com/linux/centos/docker-ce.repo
[root@node-manager-01 ~]# yum install docker-ce-19.03.10 docker-ce-cli-19.03.10 containerd.io
[root@node-manager-01 ~]# systemctl enable docker.service
[root@node-manager-01 ~]# systemctl start dockerStep3:

Docker required following service ports to function.

Port: 2376, 2377 | Protocol: TCP

Description: used for Docker daemon encrypted communication

Port: 7946 | Protocol: TCP, UDP

Description: used for container network discovery

Port: 4789 | Protocol: UDP

Description: used for container ingress network

Therefore, allow above service ports in Linux Firewall

Before entering firewall-cmd, check the status.

[root@node-manager-01 ~]# firewall-cmd --state
if its running then do the following.

[root@node-manager-01 ~]# firewall-cmd --permanent --add-port={2376,2377,7946}/tcp
[root@node-manager-01 ~]# firewall-cmd --permanent --add-port={7946,4789}/udp
[root@node-manager-01 ~]# firewall-cmd --reload
[root@node-manager-01 ~]# docker version

Step4:

IPV6-nat

Add following entries in /etc/sysctl.conf

net.ipv6.conf.eth0.accept_ra=2
net.ipv6.conf.all.forwarding=1
net.ipv6.conf.default.forwarding=1

[root@node-manager-01 ~]# docker network create \
 --ipv6 \
 --subnet 172.20.0.0/20 \
 --gateway 172.20.0.1 \
 --gateway fd00:3984:3989::1 \
 --subnet fd00:3984:3989::/64 \
 --opt com.docker.network.bridge.name=docker_gwbridge \
 --opt com.docker.network.bridge.enable_icc=true \
 --opt com.docker.network.bridge.enable_ip_forwarding=true \
 --opt com.docker.network.bridge.enable_ip_masquerade=true \
 docker_gwbridge
[root@node-manager-01 ~]# sysctl net.ipv6.conf.eth0.accept_ra=2
[root@node-manager-01 ~]# sysctl net.ipv6.conf.all.forwarding=1
[root@node-manager-01 ~]# sysctl net.ipv6.conf.default.forwarding=1

Repeat step2, step3 and step4 on all 5 boxes.

Hurray…!!!! you are halfway through.

Step5:

Now login as root to node-manager-01:

[root@node-manager-01 ~]# docker swarm init --advertise-addr=240b::1
Swarm initialized: current node (3b9wynaya1wu910nf01m5jeeq) is now a manager.
To add a worker to this swarm, run the following command:
docker swarm join --token SWMTKN-1-1njboiu24hpkjb3rlijb3ovt3iz89mse9u 240b::1:2377
To add a manager to this swarm, run 'docker swarm join-token manager' and follow the instructions.

Step6:

Login to manager-node02 as root user and run following command:

[root@node-manager-02 ~]# docker swarm join-token manager

Repeat step6 on “node-manager-03”

Step7:

Login to node-worker04 as root user and run following command:

[root@node-worker-04 ~]# docker swarm join --token SWMTKN-1-1njboiu24hpkjb3rlijb3ovt3iz89mse9u 240b::1:2377

Repeat step7 on “node-worker05”

Step8:

Verification:

Login to any of the manger-node’s let's do login to node-manager01 as root user:

[root@node-manager-01 ~]# docker node ls

The above command will show the output of all 3 manager nodes and worker nodes related to the swarm.

To be continued… (will discuss java-spring-boot micro-service deployment on swarm mode)