Docker Community Forums

Share and learn in the Docker community.

Update order, start-first. What's happening with ports exposed?


I have done some test with the start-first strategy of an nginx image exposing ports 80:80 and 443:443. It’s working properly but I am wondering why.

Since images are sandboxed I understand that nginx can listen to port 80 on multiple replicas but I do not get how swarm is managing the Expose on the same port.

I have search the documentation and Google but do not get what is the mechanism.

Here is the update scenario:
1- Container listening on port 443 exposed as 443 on one node
2- Update the container with start-first order strategy
3- A new container is spawn and started, listening on 443 and exposing 443 as well (how can this work without any issue?)
4- If all goes well, the rollback strategy is not activated and the initial container is destroyed.

Can you point me in the right direction, because I would like to understand when I can use the start-first strategy and when I should avoid it!

Thank you,