I am setting up my first swarm installation and I am having trouble understanding how container to container communications works with overlay networks in swam mode.
I have created an overlay network as below
host$ docker network create -d overlay --attachable t2_proxy
And I have deployed with host$ docker stack deploy -c docker-compose.yaml test
the following compose file:
version: "3.8"
networks:
t2_proxy:
external:
name: t2_proxy
services:
whoami:
image: "traefik/whoami"
networks:
- t2_proxy
alpine:
image: alpine:latest
networks:
- t2_proxy
command: [ tail, '-f', '/dev/null' ]
And launched a shell into alpine host$ docker exec -it $(docker ps | grep test_alpine | awk '{print $1}') ash
I want to be able to curl http://whoami, but I am getting connection refused
/ container# curl -v http://whoami
* Trying 10.0.1.27:80...
* connect to 10.0.1.27 port 80 failed: Connection refused
* Failed to connect to whoami port 80 after 2 ms: Couldn't connect to server
* Closing connection 0
curl: (7) Failed to connect to whoami port 80 after 2 ms: Couldn't connect to serve
If I check the whoami
containers IP address, it is not 10.0.1.27
, but:
host$ docker inspect $(docker ps | grep test_whoami | awk '{print $1}') | jq -r '.[0].NetworkSettings.Networks.t2_proxy.IPAddress'
10.0.1.28
If I attempt to use the IP address it works fine
/ # curl http://10.0.1.28
Hostname: 200f1efe2677
IP: 127.0.0.1
IP: 10.0.1.28
IP: 172.18.0.3
RemoteAddr: 10.0.1.31:46892
GET / HTTP/1.1
Host: 10.0.1.28
User-Agent: curl/7.87.0
Accept: */*
So I assume this is something to do with the default --endpoint-mode
of vip
And I can confirm this if I add endpoint_mode
as described in bypass-the-routing-mesh
services:
whoami:
deploy:
endpoint_mode: dnsrr
While it works, it feels like I am working around a basic understanding of how this system works.
What am I missing?