Good day.

I’m configuring a cluster with Docker Swarm and at the same time I’m finishing a Swarm online bootcamp. Right now the professor is explaining network generalities and stuff, and one thing got my attention. He says default ingress network is a special purpose network only meant for incomming traffic, it’s not meant for traffic between containers. And according to a GitHub issue:

This network exists to serve one purpose only, to facilitate routing such requests. Even though it shows up in network listings it should not be used as a normal network to discover services which are attached to them or facilitate internal load balancing between these services.

At the same time he suggest creating an overlay network with a specific subnet. He says I don’t have to specify a subnet per se. One thing he caution to avoid is using a subnet that is on an existing network within my organization in order to avoid conflicts with routing and communication.

So, having all that in mind, how do I know which subnet to configure? Is it a good practice to not specify it and let Docker Swarm to put it for me? Also, my host provider gives me a private network automatically, so I have to create my overlay network with a subnet inside that range?

Huge thanks in advance.

Warm regards.

Well that is up to you to decide, fx. if you know your company uses 192.168.0.1/24, then you should avoid creating an overlay subnet of that range, because then your host will route all requets to that subnet to docker.
Meaning that if you make requets from the container, to your company network, it will route it right back again.

By default, docker uses 172.17.0.0/16