--- page_title: Docker Swarm page_description: Swarm: a Docker-native clustering system page_keywords: docker, swarm, clustering --- # Docker Swarm: a Docker-native clustering system Docker `swarm` helps you control a cluster of Docker hosts (known as nodes) and expose them as a single "virtual" host. The Docker `swarm` manager can be interacted with using the Docker API, which means any tool which can communicate with a Docker Daemon using that API, can control a Docker swarm transparently: dokku, fig, krane, flynn, deis, docker-ui, shipyard, drone.io, Jenkins... and of course the Docker client itself. Like the other Docker projects, `swarm` follows the "batteries included but removable" principle. It ships with a simple scheduling backend out of the box, and as initial development settles, an API will develop to enable pluggable backends. The goal is to provide a smooth out-of-box experience for simple use cases, and allow swapping in more powerful backends, like `Mesos`, for large scale production deployments. ## Installation > **Note**: The only requirement for Swarm nodes is they all run the _same_ release > Docker daemon (version `1.4.0` and later), configured to listen to a `tcp` > port that the Swarm manager can access. Docker `swarm` is currently only available as a single go binary on Linux. Download it from [the latest release](https://github.com/docker/swarm/releases/latest) page on GitHub. For example: ``` $ wget -O swarm https://github.com/docker/swarm/releases/download/v0.1.0-rc1/swarm-Linux-x86_64 # OR $ curl -SsL https://github.com/docker/swarm/releases/download/v0.1.0-rc1/swarm-Linux-x86_64 > swarm $ chmod 755 swarm $ sudo cp swarm /usr/local/bin ``` ## Nodes setup Each swarm node will run a swarm node agent which will register the referenced Docker daemon, and will then monitor it, updating the discovery backend to its status. The following example uses the Docker Hub based `token` discovery service: ```bash # create a cluster $ swarm create 6856663cdefdec325839a4b7e1de38e8 # <- this is your unique # For each of your nodes, start a swarm agent # the Docker daemon doesn't have to be public (eg. 192.168.0.X), # as long as the swarm manager can access it. $ swarm join --addr= token:// # start the manager on any machine or your laptop $ swarm manage -H tcp:// token:// # use the regular docker cli $ docker -H tcp:// info $ docker -H tcp:// run ... $ docker -H tcp:// ps $ docker -H tcp:// logs ... ... # list nodes in your cluster $ swarm list token:// ``` > **Note**: In order for the Swarm manager to be able to communicate with the node agent on each node, they must listen to a common network interface. This can be achieved by starting with the `-H` flag (e.g. `-H tcp://0.0.0.0:2375`). ## TLS Swarm supports TLS authentication between the CLI and Swarm but also between Swarm and the Docker nodes. _However_, all the Docker daemon certificates and client certificates **must** be signed using the same CA-certificate. In order to enable TLS for both client and server, the same command line options as Docker can be specified: `swarm manage --tlsverify --tlscacert= --tlscert= --tlskey= [...]` Please refer to the [Docker documentation](https://docs.docker.com/articles/https/) for more information on how to set up TLS authentication on Docker and generating the certificates. > **Note**: Swarm certificates must be generated with`extendedKeyUsage = clientAuth,serverAuth`. ## Discovery services See the [Discovery service](../discovery) document for more information. ## Advanced Scheduling See [filters](../scheduler/filter) and [strategies](../scheduler/strategy) to learn more about advanced scheduling.