The Problem: I have a docker swarm environment consisting of 4 nodes, between the 4 nodes I run about 12 services (containers) and I use Jenkins to deploy the services. UFW is not running in this instance. A few times in the last year I have experienced deploying a service through Jenkins for the container to then loose its entry in the IP table. Not only this but I have seen it affect other containers entries too even though they aren’t the ones being deployed. The result is many bouncing containers and services that do not run.
I have seen online that you can tell docker to never make changes to your system iptables rules, and have to set --iptables=false when the daemon start. However is manually managing IP tables really the way forward?
Does anyone know why this might be? If anyone could shed some light on the docker networking side of things, it would be much appreciated as my docker networking knowledge leaves a lot to be desired.
Thanks in advance.