Address conflict using Macvlan network driver in Swarm

I’m trying to configure a swarm using a Macvlan network driver. I have 2 CentOS nodes running Docker 17.10.0-ce, and 3 containers deployed on them.

On each node I run this command:
docker network create --config-only --subnet 192.168.211.0/24 --gateway 192.168.211.2 -o parent=ens33 --ip-range 192.168.211.128/25 pubnet

then on the manager node I run
docker node network create -d macvlan --scope swarm --config-from pubnet swarm-macvlan

I then deploy a stack using
docker stack deploy --compose-file my-stack.yml my-stack

All 3 containers deploy successfully, but when I run
docker network inspect swarm-macvlan
on node 1, I see 2 containers with unique MAC addresses and IP addresses (192.168.211.128 and 129, as expected), but on node 2 I see the 3rd container with the same MAC and IP address as one of the containers on node 1.

In short, it seems that the Macvlan driver is assigning unique MAC & IP addresses for individual nodes, but not across the entire swarm.

This doesn’t appear to be expected behaviour. Has anyone had any success in using a setup similar to this?

After spending a few weeks battling this problem, it appears that it actually is expected behaviour. I’ve yet to encounter non-unique MAC-adresses after using the solution below, but the IP-addressing problem is apparent. It seems that the only solution is to have unique IP-pools for each host (see the --ip-range parameter).
I haven’t looked into the code but I believe the MAC is tied to what IP the container is using.

Along with the fact that you’re unable to set a static IP-address through the compose file (v3), we’re unable to use the MacVLAN driver the way we like.

yeh, one of the problems with multi-host deployments… do docker host B doesn’t know what docker host A consumed from the private network…

HI. that’s how I solved the issue (Docker-CE 18.06). I have 3 manager nodes: host1, host2, host3

I created a config-only network per node

host1: $ docker network create --opt parent=ens18 --subnet=10.19.10.0/23 --gateway=10.19.11.1 --ip-range=19.19.10.0/29 --config-only macvlan_conf

host2: $ docker network create --opt parent=ens18 --subnet=10.19.10.0/23 --gateway=10.19.11.1 --ip-range=19.19.10.8/29 --config-only macvlan_conf

host3: $ docker network create --opt parent=ens18 --subnet=10.19.10.0/23 --gateway=10.19.11.1 --ip-range=19.19.10.16/29 --config-only macvlan_conf

Then I created a swarm-scope network at host1: $ docker network create --config-from=macvlan_conf --driver=macvlan --scope=swarm macvlan_net

So now docker IPAM driver isn’t confused by the same ip-range on three nodes:

host2 | SUCCESS | rc=0 >>
d78f4fba4fcc
                    "IPAddress": "10.19.10.8",

host3 | SUCCESS | rc=0 >>
9ee40555f1c8
                    "IPAddress": "10.19.10.16",

host1 | SUCCESS | rc=0 >>
be76266d7180
                    "IPAddress": "10.19.10.2",
1052f0a8de1e
                    "IPAddress": "10.19.10.1",

Cool, but in my environment, I need clients from across the world to access the containers. And they cannot route to those networks thru the company dns/routers.

So much fun. Nice work tho. U can use it other places.