Docker Community Forums

Share and learn in the Docker community.

Access to Swarm containers from Windows Swarm worker node

docker
swarm

(Xradx) #1

Hi everyone,
I have a Docker Swarm and a number of services within single overlay network 10.0.0.0/24.
I am investigating stability of Windows containers in a Swarm mode, so I have on Windows Server 2016 node attached to my Swarm as a worker.
The thing we should strictly have is a possibility to reach swarm containers by their internal overlay network IP’s from the nodes of swarm. On Linux nodes I was able to do it by adding static route for my overlay network over docker_gwbridge interface.
The problem is that I have no idea how to do the same from Windows node, since there is some Hyper-V magic in action. For starters I want to be able to ping one of the containers running on any linux node.
Will be very grateful for any help


(Agowa338) #2

Why not just add static routes on windows too?
If you’re running windows containers, that should be enough as long as you don’t run them with --isolate=hyperv. For linux containers on your windows host, I think you have to do this work around:

'1. Run a linux container with --privileged --net=host
'2. Configure the static route for the linux host vm from inside of that container.


(Xradx) #3

Hi agowa338,
I’ve already tried to add a route on windows machine to the ‘HNC Internal NIC’ interface,unfortunately it didn’t work.

>route ADD 10.0.0.0 netmask 255.255.255.0 172.24.48.1  `IF 9
OK!
>ping 10.0.0.98
Pinging 10.0.0.98 with 32 bytes of data:
Request timed out.

Ping statistics for 10.0.0.98:
    Packets: Sent = 1, Received = 0, Lost = 1 (100% loss)

My main goal is to ping linux container running on the one of the Linux Swarm nodes from the Windows node, where containers might not exist at all.


(Agowa338) #4

Can you set the route inside of the container? (Just for testing, I don’t have a testing setup handy right now)
If that works, windows may isolate the networking from the host, so that the routing on the host is ignored. You can test this also by deleting the default route on the host after the container is started.
Did you add the route before or after you launched the container? If windows is isolating the networking, it may copy the routes from the host into the container when it is launched.

Have you tried deploying the containers (one linux and one windows) by docker-compose? Is the network generated and working out of the box there?

Sidenote: You know that your route command is wrong? The IF 9 part specifies the interface where the gateway is and not the interface to apply the route to (whatever that even means).