I’m testing docker 1.12 and as you guys already know : it’s awesome !

The internal DNS to resolve services IP (with round robin, which is fine for simple LB)

But for this to work (e.g. access service app1 from a nginx reverse proxy), a service have to publish a port otherwise the service name can’t be resolved by other services.

I have a nginx reverse proxy with a published port obviously. But I also have to create my services (app1, app2) with published ports so the reverse proxy can work … I don’t know if I miss something, but if, let’s say, app1 exposes port 80, but it’s not publish, when nginx try to proxy the request internally why can’t is resolve app1 IP (with an overlay network private IP for example …) why should I publish service port even when they will never be accessed from outside (only from nginx) …

Thanks

Hi revollat,

you don’t have to expose the ports, you just have to assign the same network to both the proxy and the apps.

For example:

create a network “proxy_network”
docker network create -d overlay proxy_network

create your proxy service with published port
docker service create --name proxy -p 80:80 --network proxy_network nginx

create your apps
docker service create --name app1 --replicas=2 --network proxy_network app1
docker service create --name app2 --replicas=2 --network proxy_network app2

Now you can access app1 and app2 from proxy with the internal DNS/LB using the service names as hostnames without any internal ports being published.