Here’s how to upgrade Docker in a Swarm mode cluster without cluster down time.
For this it is assumed you have a High-Available cluster with multiple workers and managers. If you don’t have one, check out Terraform Swarm mode cluster
First off; It’s best to try and stick to the same Docker version across all nodes in a cluster, including managers. You should aim to always keep your managers on the same Docker version and not perform any other actions during an update, such as deploying a new service or adding/removing nodes to the cluster to avoid potential issues and backwards compatability issues.
Note that when performing a Docker upgrade in your cluster, it’s recommended to first upgrade all managers, followed by the workers.
Here are the steps to walk through when upgrading any node in your cluster:
First drain the node from all tasks. This is important because Docker will need to be restarted as part of the upgrade process.. This is done through using the
node update command on a manager node. For example:
$ docker node update --availability drain mynodename
Verify that there are no more tasks running on this node. This can be done by running a
docker node ps for the node.
node ps accepts a node id or node name, which can be found by running a
docker node ls command.
$ docker node ps mynodename ID NAME IMAGE NODE DESIRED STATE CURRENT STATE ERROR PORTS hokodd8xxwoh wizardly_franklin.2 nginx:alpine linuxkit-00155d4b0183 Running Running about a minute ago 47zn60dn6aix wizardly_franklin.5 nginx:alpine linuxkit-00155d4b0183 Running Running about a minute ago mq43e2ru4loj wizardly_franklin.6 nginx:alpine linuxkit-00155d4b0183 Running Running about a minute ago
When there are no tasks running anymore, the output should be empty. In the above example, three tasks are still running.
Once this is the case you can perform your Docker update. For example with CentOS using
$ yum upgrade -y docker-ce
Verify that the update went correctly;
$ docker -v Docker version 17.12.0-ce, build c97c6d6
Or by for instance running
docker run --rm hello-world.
When complete you can set the availability of the node back to
$ docker node update --availability active mynodename