Hi.

I have spent several hours trying to understand how swarm mode works and how the routing mesh does his magic. However, and perhaps is a missing/ongoing feature, I still haven’t found what I’m looking for.

IIUC, once the message is delivered to any swarm node, it’s smartly delivered to a container running on a node, so no matter which node receives the request, it will work. That’s fantastic.

However, according to https://docs.docker.com/engine/swarm/ingress/#configure-an-external-load-balancer you still need something like HAproxy to forward requests to swarm nodes in order to ensure HA.

At this point I’m a bit confused: why doesn’t docker daemon create a virtual IP interface, shared among hosts, in order to ensure HA without needing HAproxy? Seems other people is also confused: Docker 1.12 swarm still needs http (reverse) proxy?

In this scenario:

• DNS is configured to resolve foo.com to 1.2.3.4
• node1(manager) creates the swarm using 1.2.3.4 as “cluster IP”. VIP 1.2.3.4 is assigned to node1
• node2 and node3 join the swarm
• node1 goes does
• node2 becomes the new manager, and gets 1.2.3.4

Am I missing something?

AFAIK, the logic is that there can be several managers. So the services are HA, not the nodes. The DNS service ensures that any request to any node is directed to the right service, no matter which node that service actually lives on.

That’s exactly what I am talking about.
Is there any way to HA swarm nodes (providing services)?

…the idea is to schedule service’s replicas to different nodes (odd or even count of nodes depending on how your service implement HA)