Our dev env consists of two swarms: rli and rls. It all works ok using Docker Desktop 3.3.2 and prior, but any version after that (3.4.0 onwards) the networking seems to fail. Our webapp container (in the rls swarm) isn’t able to see the redis container (located in the rli swarm). Furthermore, if I configure our webapp container to use a different redis store, it starts up ok, but it’s not possible to resolve http requests to it. There’s an nginx container in the rli swarm that handles traffic, but that seems to be working (judging from the logs). There didn’t seem to be anything in the release notes for either Docker Desktop 3.4.0 or Docker Engine 20.10.7 that would cause this sort of failure.
We use docker-compose yaml; the following is for rls:
version: '3.8'
services:
webapp:
image: webapp:${TAG:-latest}
ports:
- 3000:3000
env_file:
- ./env/.webapp.env
- ./env/.webapp.secrets.env
deploy:
mode: replicated
replicas: 1
restart_policy:
condition: on-failure
and this for rli:
version: '3.7'
redis:
image: redis:alpine
ports:
- '6379:6379'
volumes:
- ./volumes/redis:/data
deploy:
restart_policy:
condition: on-failure
nginx:
image: nginx:alpine
environment:
- WEBAPP_LISTEN=3043
- WEBAPP_UPSTREAM_PORT=3000
volumes:
- ./resources/infrastructure/nginx/templates:/etc/nginx/templates
- ./resources/infrastructure/nginx/ssl:/etc/nginx/ssl
ports:
- '3043:3043'
- '3143:3143'
deploy:
restart_policy:
condition: on-failure
Our nginx config:
# WEBSALES
server {
listen ${WEBAPP_LISTEN} ssl;
ssl_certificate /etc/nginx/ssl/localhost.crt;
ssl_certificate_key /etc/nginx/ssl/localhost.key;
proxy_ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
proxy_ssl_ciphers HIGH:!aNULL:!MD5;
server_name localhost;
location / {
proxy_pass http://host.docker.internal:${WEBAPP_UPSTREAM_PORT};
proxy_ssl_session_reuse on;
proxy_set_header Host $host:${WEBAPP_LISTEN};
proxy_set_header X-Forwarded-Proto https;
}
}
Doing curl https://localhost:3043
results in:
curl: (35) LibreSSL SSL_connect: SSL_ERROR_SYSCALL in connection to localhost:3043
Using Docker Desktop 3.3.2 (Docker Engine 20.10.6), this setup works fine and hitting localhost:3043 results in a normal http response with html payload.