As per the Docker documentation, overlay network is automatically getting created when we initialise docker swarm. But we can not use that network for individual docker container which not part of swarm resource. So, we need to create overlay network with "--attachable" flag.
I tried to create attachable overlay network but I am getting following error :
docker network create -d overlay --attachable my-attachable-overlay
Error response from daemon: This node is not a swarm manager. Use "docker swarm init" or "docker swarm join" to connect this node to swarm and try again.
Do we need to run this command on swarm manager ? Can't we use it directly on low weight container like boot2docker without initialising docker swarm ?
The swarm scoped overlay network driver does indeed require swarm. If you have a single node, you only need to do docker swarm init and then you can create a swarm scoped network. If you are getting this error on a swarm worker node, then you just need to create the network on a manager in the swarm and then it can be used on the worker nodes in that swarm.
The whole purpose of the overlay network driver is to enable container-to-container communication between multiple nodes in a swarm. It is not necessary to use the overlay network driver in a single node where you do not intend to use any other swarm features nor communicate with containers on other nodes. Use a local scoped network driver instead like bridge.
Related
I can not clearly understand what --ingress flag means when creating docker network in swarm mode.
Official documentation says:
--ingress | Create swarm routing-mesh network
But isn't it enough to create a network with overlay driver like this:
docker network create -d overlay my-multihost-network
Documentation says about overlay network:
an overlay network called ingress, which handles control and data traffic related to swarm services. When you create a swarm service and do not connect it to a user-defined overlay network, it connects to the ingress network by default.
Docker network is created in a docker swarm, which contains several nodes, with this command:
docker network create --attachable --driver overlay [network-name]
And containers are attached to the network with "docker service create" command.
There is extra container with the name "lb-[network-name]" appeared after in the network.
What is that container and how to configure docker network not to have that?
From docker swarm documentation (https://docs.docker.com/engine/swarm/key-concepts/):
Swarm mode has an internal DNS component that automatically assigns
each service in the swarm a DNS entry. The swarm manager uses internal
load balancing to distribute requests among services within the
cluster based upon the DNS name of the service.
It's a part of swarm architecture, you can't deactivate it.
Take a look also to this detailed answer regarding networking of docker swarm:
https://stackoverflow.com/a/44649746/3730077
I have been trying to understand docker and the swarm mode.I also read about the docker network tutorials.
I have tried the docker swarm mode.If a docker swarm mode is initialised and if we execute docker network ls it shows a network with the name ingress.
My question is do I need to exclusively create an overlay network?Or should the swam mode work fine without exclusively creating a network?
My question is do I need to exclusively create an overlay network?Or should the swam mode work fine without exclusively creating a network?
No, you don't need to, however it is recommended that you create a custom overlay network for your applications that you deploy to the swarm. The ingress overlay network handles control and data traffic related to swarm services. From the official documentation:
Use the default overlay network demonstrates how to use the default
overlay network that Docker sets up for you automatically when you
initialize or join a swarm. This network is not the best choice for
production systems.
If you need communication between containers on different Docker Swarm Nodes, you need an overlay network.
If you just use "docker run" it will use the ingress network on the host you are running the command.
I currently have three hosts (docker1, docker2 and docker3) which I have not set up using Docker Machine, each one running the v1.12-rc4 Docker daemon.
I run docker swarm init on docker1, which in turn prints a docker swarm join command which I run on both docker2 and docker3. At that point, running docker info on each host contains the Swarm: active line.
It is at this point that the behavior seems to differ from what I used to get with the standalone Swarm container. Especially, running docker network ls will only show me the networks on the local host, and when trying to create an overlay network, it does not seem like worker nodes are aware of it (i.e. it does not show up on their docker network ls.)
I feel like I have missed out on some important information relating to the workings of the Swarm Mode as opposed to the Swarm container.
What is the correct way of setting up such a cluster without Docker Machine on Docker 1.12 while getting the overlay network feature?
I too thought this was an issue when I first started using it.
This works a little differently in 1.12rc4 - when you deploy a container to your swarm with that network attached to it, it should then create the network on the other nodes as well.
Hope this helps!
Issue
You are using the docker command (used to communicate with your localhost Docker daemon) and not the "swarm" command (used to communicate with the Swarm master).
Solution
It depends on the command you used to start Swarm.
A full step-by-step tutorial (including details on how to deploy an overlay network) is detailled on this answer. I'm sure that reading this will help you ;)
With a network scope of swarm, the network is only propagated to worker nodes on an as-needed basis. If you create a service using that network, and it gets scheduled on that worker node, the network will show up in the docker network ls.
With the now-upcoming 1.13 release, you can get a network that has similar behavior to the non-swarm networks by doing docker network create --attachable .... That network will be valid for both services and normal containers, and will be available to all members of the cluster. As of 1.13.0-rc2, those don't seem to show up in the output of docker network ls.
I don't quite understand why the official documents are using so many machines to create a swarm cluster. Is it possible to hv consul and swarm manager in the same machine ? Also, is swarm manager part of the cluster ? If, say, I create an overlay network, is swarm manager host part of that network?
The answer is no. The Swarm Manager is not part of the network overlay. More generally Swarm is just a container running on a Docker daemon. If you add this Docker daemon into the cluster, then the Swarm Manager hosting the Swarm container will also be a Swarm Agent and then receive containers.
If you ever need, you can find a whole step-by-step tutorial on how to deploy a Swarm cluster.