Avoid Yacht for docker, it cannot reliably start and stop containers.

@c0p0n I am really interested in your feedback on this subject since you have worked with this quite a bit in production. What have you seen to be the failure point? Where do you see issues start to creep in at what layer with the Swarm cluster once you start scaling it up?

@@VirtualizationHowtoa few issues, all related with capacity. Adding extra leader nodes is somewhat unreliable; the networking model is brittle and can get overwhelmed relatively easily and at higher container counts (+200), leaders sometimes fail to fully reap containers, leaving running processes behind until nodes die. But at these smaller scales I don't expect any of that to ever become a problem. It's always been a function of scale as far as I can tell. I've done a few swarm->kubernetes migrations over the past 4 or 5 years

I like Nomad for smaller production projects.

I've had a Swarm Cluster (2 Master and 3 workers) Running for a couple of month in my homelab , I expirent a lot of instability with containers that suddenly stops, i tried to put in ressources limitations but it didnt make a big improvements. Saddly i did not succed to have a stabil culster as to it would be the perfect sweet spot for my homlap with refetances to the resources i can spent for the time beeing (time and money)

yes, please also show how you setup Portainer in this situation

Thank you @fakebizPrez !

@Glitch_860 ;thanks for the comment. I wouldn't think you should worry if you lose the Docker service. Is the game data stored on a persistent volume on your NFS share?

@@VirtualizationHowto yes I specify it as a volume in the docker compose file.

Well in doing come testing. Specifically with factorio. Seems that when I force a reboot of the host running the server. Docker swarm does move the container. But it spins up a new save file. so it is not keeping them persistent. So seems I am missing something.

@PaulLittlefield awesome! So glad it was helpful!

Remote Desktop Connection Manager and there is a free version as well. Very good product and I use it daily.

You can deploy it from any manager node. Once deployed, it runs on the nodes you have configured for it. Start thinking in terms of a cluster.

@@tenekevi did you change the volume in the docker-compose file for Portainer ? (/mnt/cephfs/portainer_data/)

I think the problem you will run into is that each firewall won’t have a record of the live sessions from the ‘now’ failed node, so you are going to most definitely see the outage. Both PF and OPNSense have their own failover engines that is more suitable for this.

@ thnx a lot for the reply. I will search if I can find something about it👍

@igorshubovych you are right! It is probably overkill for most in their home labs. However, like most things in the home lab, we all do things that are overkill to learn and just have fun. However, on a more serious note, I actually do benefit from what orchestration gives me in my lab. It actually now allows me to dran a node for updates, patches, or other maintenance without disrupting containerized services, like PiHole which runs DNS for my non-production LAN that my family will complain about if down, haha.

An you Put your storage on an external TRUENAS ZFS server , share it from there

SMB, NFS v3, v4... Yeah you'll run into file locks with those while they are in use or being viewed by a session.

Yes

Yes NFS is a viable shared storage as well.

@@VirtualizationHowto Careful with NFS... Things that rely on a database (like the *arr stack and Jellyfin) will get randomly corrupted network shares. Requires true block storage.

This is Remote Desktop Connection Manager from Devolutions

@@VirtualizationHowto Thank you so much for the info, I'm looking forward to to trying it out!

@JamesGreen-gv4yn I believe it to be the same. The reason I go this route is to show how to join with workers and then if you want and desire to have more managers this helps to show that progression.

Should be fine across a private wan, but you might need to edit some configurations that set the dead timers, depending on how much latency exists between the nodes.

@matthewfiles6913, I believe you sure can with CephFS. I have created CephFS on top of Ceph in Proxmox and presented to Windows, etc...So, for your Docker swarm nodes you would just present the manager IPs to the nodes just like I did in the vid, except it wouldn't be running local, which wouldn't matter.

@@VirtualizationHowto Thank you, I'll give it a try. Great video!!

I have my swarm node vms flagged for HA as well - and I move them around between Proxmox hosts as I need to. I will probably avoid putting the MicroCEPH storage on host storage that is being replicated with Proxmox CEPH - that just sounds like asking for issues ;)

@@pschulte What would be the value to have HA and swarm at the same time ? Secondly, what are the specs of your environment (cpu, mem and storage). Finally, how did you setup your HA environment in proxmox ? (I have the same ZFS storage name and amount in each of my nodes)

@@jenswymeersch9653 Using HA in Proxmox really covers availability of the VMs (Swarm nodes), the swarm cluster handles availbility/restarts of the container services running there. They run at different layers of the infrastructure. Note: By choice, I don't run any containers directly on Proxmox - I decided to use Swarm for Microservices, and have played with Kubernetes at times as well. I just find Swarm to be a very good fit for my homelab. When I want do update or perform maintenance on a Proxmox physical PC, I just "live migrate" all the VMs to another Proxmox node, and none of the VMs or container services are negatively affected. 3 Proxmox nodes: Intel i5-12500 cpu (6 p-cores, no E-cores), 64GB RAM Storage: each node has 2TB of NVME configured into a single CEPH-pool, but I also use NFS mounts for shared VM storage HA in Proxmox: Not completely sure what you are asking? I keep things pretty simple in the Proxmox cluster HA confiuguration area.? I set up one group for each host which I use to "soft pin" a vm to that node. If everything is running, the VMs go to where the node they are "pinned" to, but for failure or maintenance, they will restart or live migrate to either other node, until their preferred/pinned node comes back online. HA works great as long as storage and networks are all well defined and fully functional across all nodes. Hope this helps.

@joseph7jk, thank you for the comment, this is Remote Desktop Connection Manager...I love it...maybe a video coming soon on that front, stay tuned.

Thanks for the info, I'll catch around to see it! ​@@VirtualizationHowto

ip a from the console

I don't totally agree. The more you have services running in containers, the more it becomes critical. Although that I have setup HA on proxmox, I noticed that my docker environment went down without the full machine going down. Building a cluster on the docker side, should solve this problem.

@ You don’t agree that some discussion on use cases is in order? Because that’s all I was asking for. Why and when would you want to use clustering?

@@BrentLeVasseurfully agree with the point that you need to look at the use cases. But that is applicable for everything you do. In my case, I am running multiple docker containers for z2m. If these go down, some of the lights in the house don’t work anymore. In my view this is critical. I have currently a standalone docker running on a LXC in HA under pve. But I’ve seen that this is not fail proof. Hence clustering. That said as I am stuck with portainer for the moment and can’t move forward

I believe it is not really, but you would need a volume driver for docker that could mount the data otf. Like a csi driver in kubernetes. What's done here is that you do a "hostPath" mount. So that's why it needs the storage to be available on all nodes on the same path

@JamesGreen-gv4yn shared storage is a requirement if you have/need persistent data (stateful apps), think databases as an example. If one Swarm or Kubernetes node fails, you would want that data to be available to the other nodes to respin that service and still have access to your data. But, you are right. If you are running all stateless apps, there is no need for shared storage.

@LampJustin I really appreciate your feedback. Honestly, I think Swarm is alive and well. For me, it is about using the right tool for the right job. Is Swarm as good as Kubernetes at some use cases, no. But is Kubernetes always the answer for highly available containers? No, I don't think it is on that front either. I really like that Swarm is a middle ground between a standalone Docker host and full-blown Kubernetes.

Why ?

@ericneo2 yes that would be true as well. Keepalived is a tool for certain use cases and it is simple. For more robust configurations, you would want to stick a loadbalancer in front.

keepalived -> load balancer -> everything else :)