I have multiple Raspberry Pi's at home and would like to make a Docker Swarm cluster out of it.
Each have it own private ip on my home network.
That part is working fine.
But to make it more reliable I would like to add a VPS to the cluster. The issue is with the networks, the raspberry are on a private network and the VPS on public one.
I'd like to avoid using VPN or other services.
Is it possible to add it to the cluster ?
What is the process to do so ?
I tried with the following steps :
Forward ports 7946, 4789 and 2377 to the master of my cluster
Init the swarm on Pi4 with public IP specifying --listen-addr HOME_IP
Pi3 joins the cluster using private IP
VPS joins the cluster using public IP specifying --advertise-addr VPS_IP
But the overlay network is not working properly, when a service is on the VPS, the published port is not responding on any of the raspberry and vice-versa
Related
My friend and I are trying to connect our Docker daemon using Docker Swarm. We both are using Windows OS and we are NOT on the same network. According to Docker docs each docker host must have the following ports open;
TCP port 2377 for cluster management communications
TCP and UDP port 7946 for communication among nodes
UDP port 4789 for overlay network traffic
We both have added new rules for the given ports in inbound and outbound rules in the firewall. Though we keep getting the same two errors while trying to join using token created by the manager node using docker swarm join --token command;
1. error response from daemon: rpc error: code = Unavailable desc = connection error: desc = "transport: Error while dialing dial tcp 192.168.65.3:2377: connect: connection refused"
2. Timeout error
Also, if either of us runs docker swarm init it shows 192.168.65.3 IP address that isn't part of any network we're connected to. What does it mean?
Docker overlay tutorial also states that in order to connect to the manager node, the worker node should add the IP address of the manager.
docker swarm join --token \ --advertise-addr IP-ADDRESS-OF-WORKER-1
IP-ADDRESS-OF-MANAGER:2377
Does it mean that in our case we have to use public IP address of the manager node after enabling port forwarding?
Potential network issues aside, here is your problem:
We both are using Windows OS
I have seen this issue in other threads when attempting to use Windows nodes in a multi-node swarm. Here are some important pieces of information from the Docker overlay networks documentation:
Before you can create an overlay network, you need to either initialize your Docker daemon as a swarm manager using docker swarm init or join it to an existing swarm using docker swarm join. Either of these creates the default ingress overlay network which is used by swarm services by default.
Overlay network encryption is not supported on Windows. If a Windows node attempts to connect to an encrypted overlay network, no error is detected but the node cannot communicate.
By default, Docker encrypts all swarm service management traffic. As far as I know, disabling this encryption is not possible. Do not confuse this with the --opt encrypted option, as that involves encrypting application data, not swarm management traffic.
For a single-node swarm, using Windows is just fine. For a multi-node swarm, which would be deployed using Docker stack, I highly recommend using Linux for all worker and manager nodes.
A while ago I was using Linux as a manager node and Windows as a worker node. I noticed that joining the swarm would only work if the Linux machine was the swarm manager; If the Windows machine was the manager, joining the swarm would not work. After the Windows machine joined the swarm, container-to-container communication over a user-defined overlay network would not work no matter what. Replacing the Windows machine with a Linux machine fixed all issues.
Currently, I'm trying to create a docker swarm network over hosts. We have two different network sites, and one is a closed and private network. In this closed site, there is only one public IP assigned to us and hosts in this site have private IP addresses. Hosts in another network site have own public IP address to each host so there is no problem.
What I want to do is connecting hosts in the closed network site (called internal hosts) and hosts that have their own public IP addresses (called external hosts).
Because the only one public IP assigned to us for the closed network site, I set this public IP designated one internal host in the closed network site and this host became the docker swarm manager. Then, internal hosts joined to the swarm network using the internal IP address of the swarm manager host and external hosts joined using the public IP address.
For example, in the internal hosts:
docker swarm join --token ... 172.0.12.12:2377
and in the external hosts:
docker swarm join --token ... 123.123.123.123:2377
Joining was successfully done and I could recognize all nodes correctly in the swarm manager using docker node ls command. However, when I create an overlay network, this network is recognized in external hosts, but not in internal hosts. So, when I created a container in an external host and tried to ping from an internal host, it failed.
Is this a wrong way? Or is there anything that I should check? Any kind of ideas will be very helpful. Thanks!
I have a docker SWARM (conected with docker overylay network) with 5 host (4 worker and 1 master). I will be deploying my application along with load balancer/gateway on this swarm. So far so good, but how can I access the gateway from the internet.
1) I don't want to use port-forwading.
2) I don't want to use Docker Enterprise Edition / Http Routing mesh.
3) I don't want to use Weave Net etc third party Net Plugins.
With these restrictions is it possible to access the gateway from net.
If you create a Swarm Cluster With Overlay network driver,
you will be getting a gateway for Docker which will be having a private IP Address attached to a Interface which is created by Docker Daemon.
Attach a Public IP to this Interface (as we do in AWS, we will be having a Private IP Address attached to a Interface and will be attaching a Public Ip Address).
I'm new in docker and I have a simple question.
I have 3 hosts running a docker swarm with the following ip's:
192.168.0.52
192.168.0.53
192.168.0.54
Also, I've created a http service with a published port:8080. As expected, service it's available at all hosts ip's (ex: 192.168.0.52:8080).
Is it possible to assign a static IP Address to the service(for example 192.168.0.254) and be able to reach it from any computer from my local network ? (192.168.0.0/24).
This way I should have high availability for my service; if the host with the service goes down, it should be started on another host, but keep the same IP.
Thanks,
Alex
Is there theoretically anyway to connect nodes to a Docker swarm if they are on a private network and don't have a public IP? The swarm host has a public IP, and the nodes can access it as well as a discovery service just fine, but they themselves are on private networks over which I have no control. So is this possible?
I this situation you ether tunnel the requests or use weave for creating the Virtual Private network.