Keepalived/Haproxy docker-compose connection refused

Docker Version: Version 17.03.0-ce-mac2 (15654)
OS: macOS Sierra

I am trying to setup an HA environment using docker-compose. A quick overview of the what the topology might look like is that I will have at least two instances of keepalived and haproxy running, the haproxy will be in front of multiple servers. However, in this posting I make reference to only one instance of keepalived, haproxy, and server for simplification.

The problem that I have right now is that I am unable to direct traffic to the virtual IP address that I assign to keepalived. For testing purposes in my docker compose file I have a client that tries to communicate using the VIP, and it results in a connection refused error.

dial tcp 192.168.99.120:80: getsockopt: connection refused

However, if I reach out directly to haproxy there is not a connection issue. Furthermore, I can communicate directly to the haproxy from host but not to keepalived.

I feel like this has something to do with how networks work in docker but I am pretty new to using docker and have not been able to track down the issue. Any help would be much appreciated.

My configuration files are all included below.


docker-compose.yml:

version: '2'

services:
keepalived1:
  image: neoassist/docker-keepalived:latest
  container_name: keepalived1
  volumes:
    - "./keepalived.conf:/etc/keepalived/keepalived.conf"
  environment:
    - VIRTUAL_IP=192.168.99.120
    - VIRTUAL_MASK=24
    - VRID=1
    - CHECK_IP=any
    - CHECK_PORT=80
    - INTERFACE=eth0
  entrypoint: sh -c 'sleep 4;/usr/bin/keepalived.sh'
  network_mode: "host"
  cap_drop:
    - NET_ADMIN
  privileged: true

haproxy1:
  image: haproxy:latest
  container_name: haproxy1
  ports:
    - 7054:7054
  volumes:
    - "./haproxy1.cfg:/usr/local/etc/haproxy/haproxy.cfg"
  environment:
    - EXPOSE=80
  links:
    - fabric-ca-server1:fabric-ca-server1

fabric-ca-server1:
  image: hyperledger/fabric-ca
  container_name: fabric-ca-server1
  ports:
    - 7051:7054
  environment:
    - FABRIC_CA_HOME=/etc/hyperledger/fabric-ca-server
  volumes:
    - "./fabric-ca-server:/etc/hyperledger/fabric-ca-server"
  command: sh -c "fabric-ca-server start -d -b admin:adminpw"

admin-client:
  image: hyperledger/fabric-ca
  container_name: admin-client
  network_mode: "host"
  command: sh -c "sleep 14;fabric-ca-client enroll -d -u http://admin:adminpw@192.168.99.120"

haproxy.cfg

global
  maxconn 4096

defaults
  mode http
  maxconn 2000
  timeout connect 5000
  timeout client 50000
  timeout server 50000

frontend server
  bind *:80
  mode tcp
  default_backend server_cluster

backend server_cluster
  balance source
  mode tcp
  option tcpka
  server server1 fabric-ca-server1:7054

keepalived.conf

vrrp_script haproxy {
 script "pidof haproxy"
 interval 2
 weight 2
}

vrrp_instance haproxy_1 {
 virtual_router_id 1
 advert_int 1
 interface eth0
 nopreempt
 state BACKUP
 virtual_ipaddress {
  192.168.99.120/24 dev eth0
 }

 track_script {
  haproxy
 }
}

ifconfig from my mac has:

vboxnet0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
ether 0a:00:27:00:00:00 
inet 192.168.99.1 netmask 0xffffff00 broadcast 192.168.99.255