Swarm Primer

Swarm nodes

On the clustering front, a swarm consists of one or more Docker nodes. These can be physical servers, VMs, Raspberry Pi’s, or cloud instances. The only requirement is that all nodes have Docker installed and can communicate over reliable networks.

Terminology: When referring to the Docker Swarm technology, we’ll write Swarm with an uppercase “S”. When referring to a swarm as a cluster of nodes, we’ll use a lowercase “s”.

Managers and workers

Every node in a swarm is either a manager or a worker:

• Managers run the control plane services that maintain the state of the cluster and schedule user applications to workers
• Workers run user applications

Swarm runs user applications on managers and workers in a default installation. However, you can force user applications to run on worker nodes on important clusters, allowing your managers to focus on cluster management operations.

The swarm stores its state and configuration in an in-memory distributed database that replicates across all manager nodes. Fortunately, it’s automatically configured when you create the swarm and takes care of itself.

Swarm security

Swarm uses TLS to encrypt communications, authenticate nodes, and authorize roles (managers and workers). It also configures and performs automatic key rotation. And as with the cluster store, it’s automatically configured when you create the swarm and takes care of itself.

The figure below shows a high-level view of a swarm with three managers, three workers, and a distributed cluster store replicated across all three managers.