Need (basic?) Networking Help for Stack on Swarm

Docker Engine Swarm
1

Hi there, I am running Docker and Portainer on a Linux server that is my home NAS (using OpenMediaVault). I am comfortable with standalone containers, but wanted to try to make a stack that combines a few different containers that are all meant to work together (Grafana, Prometheus, and a couple of prometheus exporters).

So this is a single-host environment, with the host on my home 192.168.1.0/24 network.

I’ve been able to make a compose.yml that starts the containers fine. If I connect to the containers, I can ping between them on the docker_gwbridge (172.18.0.0/16) network and the overlay network (10.0.6.0/24), and they can get out to my 192.168.1.3 host. I can also ping into them from my host (192.168.1.3) on the bridge network, which seems (from my limited understanding) exactly how it should behave and the purpose for the bridge and overlay networks.

What I cannot figure out is how to access the application from another computer on my 192.168.1.0 network. I would like to be able to connect to the web URL using the host address. E.g., 192.168.1.3:3000 (.3 is the address of this single host; 3000 is the Grafana port). The goal being that from my local network (which uses an Asus wifi router), one of my devices can connect. I have done port mapping in the config from 3000:3000.

Pointers in the right direction would be great! TIA.

2

Swarm mode with a single node is pointless, unless you need features only provided by swarm deployments (and are willing to sacrifice all lower level functionalty that does not work with them).

Please share your exact docker-compose.yml declaration for your grafana service - please only anonymize passwords and public urls. If it includes a declaration to publish container port 3000 to the host port 3000, what you tried should’ve worked.

3

@meyay thanks for the response and I appreciate it is pointless with one host. The only reason I went down that route is that Portainer uses some library for Stacks that is deprecated and only supports Compose version 2.0. The recommendation was to enable Swarm. There was reference to some loss/difference in functionality, but I wasn’t clear what it was or mattered. Anyway, compose file content is below. I also added the “monitoring_default” network which was created for the swarm.

Compose File:

version: '3.7'`

services:
  prometheus:
    image: prom/prometheus:latest
    deploy:
      mode: global
      restart_policy:
        condition: on-failure
        delay: 5s
        max_attempts: 3
        window: 120s
    user: "995"
    working_dir: /prometheus
    command: "--storage.tsdb.retention.size=10GB --storage.tsdb.retention.time=90d --web.listen-address=0.0.0.0:9091 --config.file=/etc/prometheus/prometheus.yml --storage.tsdb.path=/prometheus --web.console.libraries=/usr/share/prometheus/console_libraries --web.console.templates=/usr/share/prometheus/consoles"
    ports:
      - "9091:9091"
    volumes:
      - /mnt/raid/config/Prometheus:/etc/prometheus
      - /mnt/raid/config/Prometheus/data:/prometheus
 
  grafana:
    image: grafana/grafana:latest
    deploy:
      mode: global
      restart_policy:
        condition: on-failure
        delay: 5s
        max_attempts: 3
        window: 120s
    user: grafana
    working_dir: /usr/share/grafana 
    ports:
      - "3000:3000"
    volumes:
      - /mnt/raid/config/grafana:/etc/grafana
      - /mnt/raid/config/grafana/data:/var/lib/grafana
    depends_on:
      - prometheus

  collectd:
    image: prom/collectd-exporter:latest
    command: "--collectd.listen-address=:25826"
    deploy:
      mode: global
      restart_policy:
        condition: on-failure
        delay: 5s
        max_attempts: 3
        window: 120s
    ports:
      - "9103:9103"
      - "25826:25826/udp"

Default overlay:

root@vault:~# docker network inspect monitoring_default
[
    {
        "Name": "monitoring_default",
        "Id": "fu67zur65p9hhuta85vl9qnfq",
        "Created": "2020-09-15T08:40:14.090421643-06:00",
        "Scope": "swarm",
        "Driver": "overlay",
        "EnableIPv6": false,
        "IPAM": {
            "Driver": "default",
            "Options": null,
            "Config": [
                {
                    "Subnet": "10.0.7.0/24",
                    "Gateway": "10.0.7.1"
                }
            ]
        },
        "Internal": false,
        "Attachable": false,
        "Ingress": false,
        "ConfigFrom": {
            "Network": ""
        },
        "ConfigOnly": false,
        "Containers": {
            "40e3ae14488e9907facab3401327e9f2be46fa583796e11773167faed403490e": {
                "Name": "monitoring_prometheus.e68a5cx1h0p2c7j2ty0astejq.jyuix2s5d3onlspo6mllxz0d7",
                "EndpointID": "0ca5f46521422c6ded5064c211e92e93ae8282b36396d4d5b67cd7cf491cf830",
                "MacAddress": "02:42:0a:00:07:06",
                "IPv4Address": "10.0.7.6/24",
                "IPv6Address": ""
            },
            "84df61c318a98a91b741d20bdb4d4172fe8d53b49f2d8f1c36a160307e2cbcda": {
                "Name": "monitoring_collectd.e68a5cx1h0p2c7j2ty0astejq.btmtjclt291u731mub8ghlus7",
                "EndpointID": "e6efe036007f32a8fbfa38d9acca8baa5ec90c8d9e38a5ba297264f2f1e5ff6c",
                "MacAddress": "02:42:0a:00:07:03",
                "IPv4Address": "10.0.7.3/24",
                "IPv6Address": ""
            },
            "cef3cbb9cd0be63aa76b60a5bf8893d2100b9801fcc6f77868aee20f8919f079": {
                "Name": "monitoring_grafana.e68a5cx1h0p2c7j2ty0astejq.fkfmps7qdhrlrfagvhnrj6clk",
                "EndpointID": "53c7908ad6276302d44168eed8d5cf9278ea14df3b874078165ebce6a295c03b",
                "MacAddress": "02:42:0a:00:07:08",
                "IPv4Address": "10.0.7.8/24",
                "IPv6Address": ""
            },
            "lb-monitoring_default": {
                "Name": "monitoring_default-endpoint",
                "EndpointID": "4df78130fe983eb52abc4dd026a12f957bf99492d8b1d272f8e57d0649bc9be7",
                "MacAddress": "02:42:0a:00:07:04",
                "IPv4Address": "10.0.7.4/24",
                "IPv6Address": ""
            }
        },
        "Options": {
            "com.docker.network.driver.overlay.vxlanid_list": "4103"
        },
        "Labels": {
            "com.docker.stack.namespace": "monitoring"
        },
        "Peers": [
            {
                "Name": "1f0567f4c100",
                "IP": "192.168.1.4"
            }
        ]
    }
]
4

From Docker’s configuration perpective you already publish container port 3000 to host port 3000. If Grafa realy works (and remains running), it should be accessible using the URL http://192.168.1.3:3000.

Remaining problems might be:
– The Grafana container dies and restarts all the time
– Overlay network is broken on OMV’s Docker
– Ingress is broken on OMV’s Docker.