The Orchestration Wars 2016: Kubernetes 1.4 vs. Docker Swarm Mode
If I have to SSH into one more server to manually restart a crashed Docker container, I might just pull the rack cables out myself. We have all been there. You started with a simple docker-compose up on a single development box. It felt like magic. But now you are running production workloads, traffic is spiking, and you have realized the hard truth of 2016: containers are easy; managing clusters of them is a nightmare.
We are currently witnessing a brutal war for dominance in the orchestration space. On one side, we have Google's offspring, Kubernetes, which just dropped version 1.4 a few weeks ago. On the other, Docker Inc. has fired back by baking Swarm directly into the engine with version 1.12. And somewhere in the background, Apache Mesos is laughing at us while running Twitter.
For Norwegian businesses trying to keep data local to satisfy the looming GDPR requirements, picking the right tool—and the right infrastructure—is critical. I have spent the last month deploying these orchestrators on bare metal and virtual instances. Here is the unvarnished truth about what works, what breaks, and why your underlying I/O throughput matters more than your scheduler.
The Contenders
1. Kubernetes 1.4 (The Steep Learning Curve)
Kubernetes (K8s) is the 800-pound gorilla. It is powerful, fault-tolerant, and backed by Google's decade of experience with Borg. However, setting it up has historically been an exercise in masochism. Until very recently, you needed a PhD in bash scripting to decipher kube-up.sh.
With the release of version 1.4 just last month, we got kubeadm, which supposedly simplifies the bootstrap process. It is better, but do not be fooled—it is still complex. Kubernetes introduces concepts that will confuse your legacy sysadmins: Pods, ReplicaSets, Services, and Ingress controllers.
Here is what a basic Nginx deployment looks like in Kubernetes. Notice the verbosity compared to a simple Docker run command:
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: nginx-deployment
spec:
replicas: 3
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx:1.10
ports:
- containerPort: 80The Verdict: Use Kubernetes if you have a dedicated DevOps team of at least three people. It is overkill for a simple WordPress shop, but essential for microservices at scale.
2. Docker Swarm Mode (The Native Choice)
Docker 1.12 changed the game in July. Before this, "Swarm" was a separate, clunky tool. Now, it is native. You don't need to install external key-value stores like Consul or etcd manually; Docker handles the raft consensus internally.
The simplicity is seductive. To create a cluster, you run one command:
$ docker swarm init --advertise-addr 192.168.1.10
Swarm initialized: current node (dxn1zf6l61qsb1josjja83ngz) is now a manager.Then, on your worker nodes, you just paste the token it generates. I set up a 5-node cluster on CoolVDS instances in less than 3 minutes. The routing mesh is particularly clever—it accepts traffic on a published port on any node and routes it to an active container, even if that container is on a different host.
$ docker service create \
--name my-web \
--publish 80:80 \
--replicas 3 \
nginx:alpineThe Verdict: Swarm is the pragmatic choice for 90% of small to medium businesses in Europe right now. It lacks the advanced scheduling policies of K8s, but it works out of the box.
The Infrastructure Bottleneck: Why Your VPS Lies to You
Here is the problem nobody talks about in orchestration tutorials: Noisy Neighbors. Container schedulers like Kubernetes rely heavily on health checks. If the underlying host CPU spikes due to "steal time" (because your hosting provider oversold the physical core), the scheduler might think your node is dead and start killing pods unnecessarily. This causes a cascade of rescheduling that brings the whole cluster down.
I recently debugged a Swarm cluster for a client in Oslo. Their database containers kept crashing during heavy writes. The logs showed InnoDB timeouts:
2016-10-02 14:22:11 7f8b8c0a7700 InnoDB: Warning: difficult to find free blocks in
InnoDB: the buffer pool (20 search iterations)! 20 failed attempts to
InnoDB: flush a page!The issue wasn't Docker. It was their budget VPS provider throttling disk I/O. When we migrated the cluster to CoolVDS, which uses strict KVM virtualization and NVMe storage, the stability issues vanished instantly. Containers share the kernel, so the kernel must have dedicated resources.
Pro Tip: Always check your steal time before deploying a cluster. Runtopand look at the%stvalue. If it's above 0.0 on a consistent basis, your provider is overselling. Move to CoolVDS or bare metal immediately.
Networking and Persistence: The Real Pain
In 2016, persistent storage for containers is still the Wild West. If a container dies and moves to another host, your data doesn't automatically follow it unless you have a networked file system.
For a robust setup, I recommend using GlusterFS or NFS for shared volumes, though performance can be tricky. Here is how you might mount a volume in a Docker compose v2 file (yes, v3 is coming, but v2 is stable right now):
version: '2'
services:
db:
image: postgres:9.5
volumes:
- /mnt/shared_storage/postgres_data:/var/lib/postgresql/data
environment:
POSTGRES_PASSWORD: secure_password_hereKeep in mind that mounting host paths ties you to specific nodes, defeating the purpose of orchestration. We are seeing interesting developments with Flocker, but it is complex.
Data Sovereignty and NIX Latency
With the General Data Protection Regulation (GDPR) looming on the horizon (enforcement starts in 2018, but we need to prepare now), where you host your cluster matters. US-based clouds rely on the Privacy Shield framework, but legal experts in the EU are already questioning its durability.
Hosting your Kubernetes or Swarm cluster on Norwegian soil offers two massive advantages:
- Legal Compliance: Data stays within the jurisdiction of the Datatilsynet.
- Latency: If your customers are in Oslo or Bergen, routing traffic through Frankfurt or London adds unnecessary milliseconds. CoolVDS peers directly at NIX (Norwegian Internet Exchange), ensuring your API responses remain snappy.
Conclusion: Start Simple, Scale Later
If you are greenfielding a project today, October 13, 2016, here is my advice:
- Start with Docker Swarm Mode. It is integrated, secure by default, and requires zero external tooling.
- Ensure your underlying infrastructure supports KVM virtualization to prevent resource contention.
- Monitor your I/O wait times aggressively.
Do not let infrastructure bottlenecks kill your orchestration dreams. Deploy a high-performance, KVM-backed instance on CoolVDS today and see what dedicated NVMe resources do for your cluster stability.