I have not written a blog post for a while! Many things went by and I had many projects and even a new job. For quite a while I’ve started to become interested in Docker since my new job requires a daily usage.
Personally I use Docker Swarm. It is simple to use, the compose files are easy to read and it’s simple to manage a small cluster for personal projects and applications. I want to go into my setup in another blog post at another date but for now, let’s discuss the latest release of Portainer, a web interface to manage your swarm cluster!
The new Portainer Agents
With it’s latest release, Portainer introduced the agents. The issue until now was that you were not able to get any information from the docker swarm nodes that didn’t have Portainer running – which of you only run one instance. You were restricted to what basically docker service ps <serivce> told you.
The developers describe the Agent as follow:
The Portainer Agent is a workaround for a Docker API limitation when using the Docker API to manage a Docker environment. The user interactions with specific resources (containers, networks, volumes and images) are limited to those available on the node targeted by the Docker API request.
Docker Swarm mode introduces a concept which is the clustering of Docker nodes. It also adds services, tasks, configs and secrets which are cluster-aware resources. Cluster-aware means that you can query for a list of services or inspect a task inside any node on the cluster, as long as you’re executing the Docker API request on a manager node.
Containers, networks, volumes and images are node specific resources, not cluster-aware. When you, for example, want to list all the volumes available on a node inside your cluster, you will need to send a query to that specific node.
The purpose of the agent aims to allows previously node specific resources to be cluster-aware, all while keeping the Docker API request format. As aforementioned, this means that you only need to execute one Docker API request to retrieve all these resources from every node inside the cluster. In all bringing a better Docker user experience when managing Swarm clusters.
Deploying the Portainer Stack
If you want a nicely secured (with HTTPS) control panel you should use a reverse proxy, especially if you deploy on a docker swarm cluster. Here is the docker-compose.yml for the full stack:
version: "3" services: frontend: image: portainer/portainer volumes: - /var/data/portainer:/data networks: - traefik_public - internal deploy: labels: - traefik.docker.network=traefik_public - traefik.frontend.rule=Host:console.example.com - traefik.port=9000 placement: constraints: [node.role == manager] command: -H tcp://tasks.agent:9001 --tlsskipverify agent: image: portainer/agent networks: - internal environment: AGENT_CLUSTER_ADDR: tasks.agent volumes: - /var/run/docker.sock:/var/run/docker.sock deploy: mode: global networks: traefik_public: external: true internal: driver: overlay
You can see that I am using a bind mount here. I use a gluster in docker setup to have persistent storage between all cluster nodes. Other than that, I hope this file is pretty self explanatory!
Let me know if you have any question!