Intro
The Raspberry Pi from it’s first iteration has been a great hit. Adopted by many as the computer of choice for projects, and for very good reason. The Pi is a fully fledged computer that fits in your pocket and the most recent edition has blown fans away with the flagship model boasting an ARM64 CPU and 8GB of RAM.
Now one Raspberry Pi 4 8GB is more than powerful enough for most workloads and in some cases totally unnecessary, so you may even get away with a single 4GB model. However taking into consideration their relatively low price and power consumption why not go all out and build a cluster.
You can never have too many Raspberry Pis, just not enough Ideas
My excuse to build a Pi cluster is, I would like to migrate the services currently running on a bare metal server that sucks a lot of power to a low power solution. What better way to do that than a Pi cluster.
My Setup
- 4 x Raspberry Pi 4 8GB
- 4 x 32GB SD cards
- 4 x PoE hats
- 1 x 5 port PoE Switch
Point of this post
Hopefully after following this post you will have setup Docker swarm on a cluster of Pis - stay even if you currently only have one - and understand how to bend it to your will ๐ฆพ.
Why Docker Swarm ๐ง
While we can manage each docker node - Raspberry Pi - individually , Docker swarm enables us to manage all the devices from a single main node making managing the cluster a lot easier.
Think of Docker swarm as a set of ๐ค hands which will run tasks on each individual node for us. These tasks can consist of:
- Cluster Management
- Deployment and Scaling across the cluster
- Multi-host networking
- load balancing
- etc…
Well why not Kubernetes
Although Kubernetes is awesome, it adds a bunch of complexity that
is simply not needed in a home lab environment where we only have
a small cluster. As well as that, from my experience creating
docker-compose
files is a lot easier than writing manifests.
Docker swarm can do everything I want it to and requires less
effort which is great if you’re like me ๐ฅฑ ๐
Required Stuff
The links below are reccomendations/stuff I used
- Raspberry Pi 4B (Reccomend 4-8 @ 8GB)
- Raspberry Pi PoE Hats (If you can find the PoE+ version get them)
- Cluster Case (Get any case you want)
- PoE switch (Get one that has enough ports for the nuber of pis you want)
- RJ45 Ethernet Cable (Reccomend short cables as it will look neater)
- Micro SD cards (Get enough cards for the number of Pis, Get the biggest cards you can afford)
This is without a doubt an expensive project, however in my eyes it’s the cost of another server ๐ and the best part about this project is you can add to the cluster over time spreding the cost which is how I managed to purchase all the hardware. A suggestion would be to buy equipment that allows you room to grow so an 8 port PoE switch instead of a 4 port if you know you will scale to 8 nodes
If you build this then you can safely say another server is not needed. This cluster should be more than capable to serve all your home needs even if you only have 2 nodes. Put it this way, if you have 4 8GB nodes then you have a combined total of:
- 32GB of RAM
- 16 physical CPU cores @ 1.5GHz
Money Saving Tips
- Just get 1-2 nodes to start
- cut PoE and use normal power cables
- Use Raspberry Pis with less memmory eg 4GB
- Grab a really cheap case or make one using these
- Use smaller SD Cards try not to go below 32GB (Reccomended 64GB If money saved elsewhere)
BUILD TIME !!
Pull yourself up by your bootstraps were jumping into this one runnig ๐จ
Image the SD Cards
So interesting fact the CPUs used in the raspberry pi 4 use an ARM64 archetecture. When looking for images of Raspbian you will only find 32bit variants which will work however will not make use of all the hardware which is just a waste. 64bit images exist however are well hidden, Dont fear ๐จ you can download the latest images from the raspberrypi.org index
To write the cards I use the Raspberry Pi imager
.
once you have rpi-imager installed and you have the 64bit raspbian
image, open sudo rpi-imager
and on the “CHOOSE OS” section go to
the bottom and select use custom image.
We dont need to unzip the file as the tool is clever enough to handle that for us
Before removing the SD card, mount the boot partition - usually the
first partition, look for a file called cmdline.txt - and create an
empty file called ssh sudo touch ssh
this basically enables
SSH on the Pis first boot allowing us to access the Pis in a totally
headless manner.
Assemble the cluster
So assembly is very dependant on the kit you bought, and more often than not the stuff needed here comes with instructions or is self explanitory. So go ahead and assemble the cluster ๐
There is an order of operations that I reccomend:
- Install PoE hats onto the Pis
- Install the SD Cards into the Pis
- Assemble the case and install Pis
- plug in ethernet cables
**Now allow the Pis to boot for a few minutes so it can resize the
Sort out the Network bits
This is the easy part, there are two methods you can use to set a static IP address, one is on your DHCP server and the other is on the device itself. Personally I prefer to set static IPs on the device itself so I will cover that here.
To find the current ip of your Pis you can go to your DHCP server and look for the DHCP leases for the Pis.
there are naming conventions for naming primary and secondary things but this is your cluster so be creative with it, I have my primary node named
Goob
and the secondary nodes namedDoris1
Doris2
andDoris3
reference
SSH to the Pi then open and edit the following files
- /etc/hosts
- edit this line with your hostname:
127.0.1.1 goob
- edit this line with your hostname:
- /etc/hostname
- edit this file with your hostname:
goob
- edit this file with your hostname:
- /etc/dhcpcd.conf
- knowing we will be using only static IPs here I delete everything in the file add the following
interface eth0 static ip_address=10.10.10.20/24 static routers=10.10.10.1 static domain_name_servers=10.10.10.1
Now reboot the pi sudo shutdown -r now
Once the Pis are back up log into each one and change the default passwords you may also want to create a new user for yourself but thats totally optional.
Provision with Ansible
you want to create an Ansible control node and that is as simple as
installing a package onto your machine. Ansible is built using python
which makes it easy to install as we can use the python pip package
manger. To check you have it installed do pip --version
if
it’s not installed do the following
curl https://bootstrap.pypa.io/get-pip.py -o get-pip.py
python get-pip.py --user
once you have pip installed proceed to installing Ansible
pip install ansible
Now that Ansible is installed we can create a runbok that defines the steps Ansible needs to take on the remote machine to correctly provision it. This playbook is written in yaml so get ready to make sure your indents are correct ๐ฌ
Creating the playbook now you can copy what I have and it should work - after changing a thing or two - which is fine however I encourage you to copy what I have, read the Docs and make any changes you feel are necessary.
Check the git repo for the most up to date yaml file im using.
This script assumes you are using SSH keys, which you should but if not you can skip the whole “Configure SSH” block, I RECCOMEND YOU USE SSH KEYS - read this
Create the deploy.yml
---
- hosts: piCluster
become: yes
tasks:
- name: Configure SSH
block:
- name: Auth local SSH Keys
ansible.posix.authorized_key:
user: <pi_user>
state: present
key: "{{ item }}"
with_file:
- /home/<local_user>/.ssh/id_rsa.pub
- ./pi_rsa.pub
- name: Copy SSH Pi Intercoms Private Key
copy:
src: ./pi_rsa
dest: /home/<pi_user>/.ssh/id_rsa
mode: '0600'
owner: <pi_user>
group: <pi_user>
- name: Copy SSH Pi Intercoms Public Key
copy:
src: ./pi_rsa.pub
dest: /home/<pi_user>/.ssh/id_rsa.pub
mode: '0644'
owner: <pi_user>
group: <pi_user>
- name: Check for any updates and install them
apt:
update_cache: true
upgrade: dist
- name: Install Required build dependencies
apt:
update_cache: true
pkg:
- python3
- python3-pip
- vim
- curl
- name: Check Docker is installed
shell: "docker --version"
register: docker_version
- name: Install Docker
block:
- name: Download Docker script
command: curl -fsSL https://get.docker.com -o get-docker.sh
- name: Run Docker install script
command: sudo sh get-docker.sh
- name: Enable docker service
service:
name: "{{ item }}"
enabled: true
state: started
loop:
- docker
- containerd
- name: Add user to docker group
user:
name: <pi_user>
groups: docker
append: yes
when: docker_version.stdout.find('Docker version')
- name: check Docker compose is installed
shell: "docker-compose --version"
register: dc_version
- name: Install docker compose
command: sudo pip3 -v install docker-compose
when: dc_version.stdout.find('docker-compose version')
- name: wait for network on boot
command: raspi-config nonint do_boot_wait 0
- name: Reboot
reboot:
The steps this playbook takes are as follows:
- Copy your SSH keys to the pi authorized_keys
- Copy same Pi ssh key between the Pis for intercommunication
- Check for and Install updates
- Install any build dependancies
- Check if Docker is Installed
- Download the Docker Script
- Install Docker from script
- Enable the Docker service
- Add user to Docker group
- Check if docker-compose is installed
- Install docker-compose (This will take a while on each pi so be patient, grab a coffee)
- Change raspi config to wait for network before boot
- Reboot
take some time to read through the playbook, read the docs and try to understand whats going on. Change the usernames to your username.
Make the hosts file in the same directory as the deploy.yml
[piCluster]
10.10.10.20
10.10.10.21
10.10.10.22
[piCluster]
- specifies a group of hosts10.10.10.xx
- specifies the Pis IP
create the Pi Intercommunication keys
ssh-keygen
Enter file in which to save the key (/home/ahmza/.ssh/id_rsa): .pi_rsa
- save the keys in the same directory the deploy.yml file is
heres the command to run the playbook.
ansible-playbook -i hosts -kK deploy.yml -c paramiko
ansible-playbook
- the command to run the playbook-i hosts
- specifies the host/inventory file-kK
- asks you for password for the SSH connection(-k) and the sudo password(-K)deploy.yml
- the Ansible playbook-c paramiko
- Use the paramiko connection method, I found this works best with ssh keys
You can do so much with Ansible, for example mount network shares etc, if you can do it in the cli you can do it in Ansible !!
Now that the Ansible script is done we can go ahead and actually configure all the Pis into the cluster.
Creating/Joining the swarm
Creating and joining the cluster is easy - It is manual and tedious so this is something you could impliment into the ansible playbook using multiple host groups.
Follow these steps to create the swarm:
- ssh to the main Pi, this will be the manager node.
- run
docker swarm init
- This will return a command and token. Make sure to copy them
- exit the main Pi
- ssh to one of the worker nodes
- paste and run the copied command
- do the same on the remaining worker nodes
You should now have a correctly configured cluster !!
Optional Step - Portainer
Portainer is a webgui that will allow us to manage the cluster, it will make deploying and destroying containers across the cluster a breeze. I do understand that all of what portainer does can simply be accomplished in the command line, however portainer just makes it less hastle to manage.
Install Portainer
Firstly we want to download the yaml file that will be used to deploy the portainer contiainer on our cluster.
curl -L https://downloads.portainer.io/portainer-agent-stack.yml -o portainer-agent-stack.yml
Now we can actually deploy portainer to the cluster using the following command:
docker stack deploy -c portainer-agent-stack.yml portainer
Once the stack is up and running navigate to:
https://raspberry-ip:9443
where raspberry-ip is the IP address of the manager node in the swarm.
Optional Step - Private Registry
If you intend to build any of your own docker images then it may be useful to create a private repository to host any images that you need to run across the cluster.
to create this private repository create a file called docker-compose.yml in a folder called repository or whatever and enter the following.
version: '3.9'
services:
registry:
image: registry:2
ports:
- 5000:5000
volumes:
- /home/<pi-user>/docker/registry/data:/var/lib/registry
Be sure to change pi-user to your pi user
create a file /etc/docker/daemon.json and eter the following
{
"insecure-registries": ["localhost:5000", "<pi-address>:5000"]
}
where pi-address
is the ip address of the main swarm node.
restart the docker service with sudo systemctl restart docker
now we need to deploy the registry to the stack like we did with portainer
docker stack deploy -c docker-compose.yml registry
and we should have a private registry setup that we can use to push our custom docker images to.
Conclusion
Well done, you have successfully setup a docker swarm cluster on a bunch of Pis and along the way you managed to learn a bit about SSH, Ansible, docker-compose, yaml and networking on Pis. The next step would be to setup a few containers but I’ll leave that to you, dont be affraid to play around and even ruin the cluster, you can always rebuild it so have fun ๐