Docker Swarm Mode
Multi Host using Docker Swarm Mode#
This an example of running Gluu Server Docker Edition (DE) on multiple VMs using Docker Swarm Mode.
Here are the instructions to deploy clustered instances of Gluu Server Docker containers.This example consists of several shell scripts and config files (including docker-compose files).
What follows is an explanation of the process we used to deploy clustered Gluu Server Docker containers.
As this example uses Docker Swarm Mode, the node refers to a Docker Swarm node (either
worker), which is basically a host/server. For simplicity, the clustered Gluu Server is distributed into 3 nodes (called
worker-2), with each node having a full stack of containers (Consul, Registrator, Redis, Twemproxy, OpenDJ, oxAuth, oxTrust, oxPassport, oxShibboleth, and NGINX).
Given this topology, the Gluu Server is still able to serve the request even when one of the nodes is down.
Another interesting case is by using 3 nodes, the possibility of having an issue with Consul is minimized.
The cluster operates over native Docker Swarm networking called
To allow a container that is running using the plain
docker run command to connect to the network, a custom network called
gluu is created (based on
By having this custom network, we can address the following concerns:
- any container that doesn't execute long-running processes (e.g.
config-init) is able to access the Consul container inside the network
- deploy container that requires fixed IP address/hostname (for example: LDAP replication), but can be reached by other containers inside the network
Shared Volume Between Nodes#
oxTrust and oxShibboleth rely on a mounted volume to share oxShibboleth configuration files. Given there are three nodes that need to share the same copy of oxShibboleth files, csync2 is used. Note,
csync2 is installed as node's OS package, not a container version. The
csync2 setup is executed when running
nodes.sh script (see section below).
nodes.sh: provision Swarm nodes and setup
config.sh: generate, dump, or load configuration required by the cluster
cache.sh: deploy Redis and Twemproxy as cache storage
ldap-manager.sh: deploy OpenDJ, including creating initial data
ldap-worker-1.sh: deploy OpenDJ that replicates the data from another OpenDJ container
ldap-worker-2.sh: deploy OpenDJ that replicates the data from another OpenDJ container
Docker Compose Files#
cache.yml: contains the Docker Swarm service definition for Twemproxy container
registrator.yml: contains the Docker Swarm service definition for Registrator container
consul.yml: contains the Docker Swarm service definition for Consul container
web.yml: contains the Docker Swarm service definition for oxAuth, oxTrust, oxShibboleth, oxPassport, and NGINX container
With three nodes that run a clustered Gluu Server, it's recommended to deploy an external loadbalancer, for example: NGINX or DigitalOcean loadbalancer.
The process of deploying an external loadbalancer is out of the scope of this document.