I’m currently testing docker 1.12 rc3 in AWS EC2 instances and I can’t seem to get the Routing Mesh to work. I need help.
I tried creating an Nginx service using:
docker service create --name nginx -p 80:80 nginx
After creating a 1 replica, I can only access the Nginx service from the Node where the container was deployed.
I have successfully followed the instruction to create a swarm cluster and have this:
All has public IP…
ID HOSTNAME MEMBERSHIP STATUS AVAILABILITY MANAGER STATUS
2x5htiwk15oe5yxlv57bzmnqw ip-10-10-1-81 Accepted Ready Active
es3mo4ewooa8j389dqq2plwcv ip-10-10-1-224 Accepted Ready Active
esyryf8ebj5eu9urm77udyy0g * ip-10-10-1-82 Accepted Ready Active Leader
I have the following ports opened to public:
Edit: Okay, I’ve managed to make it work by allowing all ports opened to public. I wonder what are the important ports to consider opening ;D
Hi ! My Mesh routing doesn’t work too and I all my ports are allowed.
When I deployed a Nginx service on one node of the cluster, the container is reacheable only from the node he run on.
Have you an idea ?
I run into this issue to today on a CentOS 7. Docker was logging something like:
Apr 14 20:39:40 <hostname> docker: time="2017-04-14T20:39:40Z" level=error msg="Failed to write to /proc/sys/net/ipv4/vs/conntrack: open /proc/sys/net/ipv4/vs/conntrack: nno such file or directory"
Apr 14 20:39:40 <hostname> docker: time="2017-04-14T20:39:40.154260407Z" level=error msg="Failed to add firewall mark rule in sbox ingress (ingress): reexec failed: exit status 8"
Apr 14 20:41:17 <hostname> docker: time="2017-04-14T20:41:17.432619182Z" level=error msg="Failed to delete real server 10.255.0.3 for vip 10.255.0.2 fwmark 259 in sbox ingress (ingress): no such process"
Apr 14 20:41:17 <hostname> docker: time="2017-04-14T20:41:17.432762944Z" level=error msg="Failed to delete service for vip 10.255.0.2 fwmark 259 in sbox ingress (ingress): no such process"
Problem came from a bad kernel config, my hosting service (scaleway) had the IP_VS_NFCT not enabled (see this issue).
I just updated their boot script to the latest mainline version which set this flag and it works now.