Docker Swarm mode orchestration - cluster management, service deployment, scaling, node administration, and rolling updates
Manage Docker Swarm clusters, deploy and scale services, administer nodes, and perform rolling updates and rollbacks.
flowchart TD
A[Start] --> B{Swarm initialized?}
B -->|No| C[Initialize cluster]
C -->|docker_swarmInit| D[Add nodes]
D -->|docker_swarmJoin| E[Cluster ready]
B -->|Yes| E
E --> F[Deploy service]
F -->|docker_serviceCreate| G[Monitor tasks]
G -->|docker_servicePs| H{Healthy?}
H -->|No| I[Check logs]
I -->|docker_serviceLogs| J[Fix and update]
J -->|docker_serviceUpdate| G
H -->|Yes| K{Scale needed?}
K -->|Yes| L[Scale replicas]
L -->|docker_serviceScale| G
K -->|No| M{Update needed?}
M -->|Yes| N[Rolling update]
N -->|docker_serviceUpdate| O{Update OK?}
O -->|No| P[Rollback]
P -->|docker_serviceRollback| G
O -->|Yes| G
Activate when the user:
docker_nodeLs to check existing nodes and docker_serviceLs to list running services.docker_swarmInit to bootstrap a new cluster or docker_swarmJoin to add nodes.docker_serviceCreate with appropriate replicas, ports, networks, and resource limits.docker_servicePs to check task distribution, docker_serviceLogs for debugging, and docker_serviceScale to adjust replicas.docker_serviceUpdate for rolling updates and docker_serviceRollback to revert if issues arise.docker_nodeUpdate to drain nodes for maintenance, docker_nodePromote/docker_nodeDemote for role changes.docker swarm init, docker swarm join, docker service create, docker service update, docker service scale, docker node ls, docker node updatereplicated (specified number of tasks) vs global (one task per node)User: "Set up a 3-replica nginx service with a rolling update strategy"
Assistant: First checks if this node is a Swarm manager.
docker_nodeLs to verify cluster statedocker_swarmInit to initializedocker_serviceCreate with name, image, replicas=3, ports, and resource limitsdocker_servicePs to verify all 3 tasks are runningdocker_serviceUpdate --image nginx:new --update-parallelism 1 --update-delay 10s| Tool | When to Use |
|---|---|
docker_swarmInit | Initializing a new Swarm cluster |
docker_swarmJoin | Adding worker or manager nodes to the cluster |
docker_swarmLeave | Removing the current node from the Swarm |
docker_swarmJoinToken | Retrieving or rotating join tokens |
docker_swarmUpdate | Updating Swarm-wide settings (task history, cert expiry, autolock) |
docker_swarmUnlock | Unlocking a locked Swarm manager after restart |
docker_swarmUnlockKey | Retrieving or rotating the Swarm unlock key |
docker_swarmCa | Viewing or rotating the cluster root CA certificate |
docker_serviceCreate | Deploying a new replicated or global service |
docker_serviceUpdate | Rolling updates to image, replicas, env, or resources |
docker_serviceRm | Removing services from the Swarm |
docker_serviceLs | Listing all services and their status |
docker_serviceInspect | Viewing detailed service configuration |
docker_serviceLogs | Retrieving service or task logs for debugging |
docker_servicePs | Checking task distribution across nodes |
docker_serviceScale | Scaling services up or down |
docker_serviceRollback | Reverting a service to its previous version |
docker_nodeLs | Listing all nodes in the cluster |
docker_nodeInspect | Viewing detailed node information |
docker_nodePs | Listing tasks running on a specific node |
docker_nodeRm | Removing nodes from the cluster |
docker_nodeUpdate | Changing node availability (active/drain) or role |
docker_nodePromote | Promoting workers to managers for HA |
docker_nodeDemote | Demoting managers to workers |
ingress mode are cluster-wide. Two services cannot publish the same host port.--opt encrypted for sensitive traffic between nodes.docker_swarmJoinToken and never commit them to repos.docker_swarmUpdate.docker-security skill - for general container security hardeningdocker-networking skill - for overlay network configurationdocker-resource-management skill - for CPU/memory limits and monitoringswarm-security rule - automated checks for Swarm security issues