I would like to test some docker swarm features and for that I have a windows PC and a mac book pro, both in my private Network.
I installed Docker for Windows (Windows 10 pro, using linux containers) and also Docker for mac.
Then I started both of them and also configured my router to allow the ports they need for TCP and UDP:
Port 2377 TCP for node communication
Port 7946 TCP/UDP for container network discovery.
Port 4789 UDP for the container ingress network.
Also I deactivated the firewall both on my pc and on my mac.
Then I ran docker swarm init on my macbook, which gave me a join token.
On my windows PC I entered that join command in the console and....... it failed!
I got an error message that ends with "... connection refused".
So, can you give me some advise or links to how to properly connect to local machines via docker swarm? I would LOVE to test it and use it for local development and testing of my apps. thanks!
Docker Info from Mac
$ docker info
Containers: 2
Running: 2
Paused: 0
Stopped: 0
Images: 185
Server Version: 18.03.1-ce
Storage Driver: overlay2
Backing Filesystem: extfs
Supports d_type: true
Native Overlay Diff: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
Volume: local
Network: bridge host macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file logentries splunk syslog
Swarm: active
NodeID: v3fhiinezmdbbn98l0s6bgqzo
Is Manager: true
ClusterID: o9mcdlgtq37t5r86ganupstez
Managers: 1
Nodes: 1
Orchestration:
Task History Retention Limit: 5
Raft:
Snapshot Interval: 10000
Number of Old Snapshots to Retain: 0
Heartbeat Tick: 1
Election Tick: 10
Dispatcher:
Heartbeat Period: 5 seconds
CA Configuration:
Expiry Duration: 3 months
Force Rotate: 0
Autolock Managers: false
Root Rotation In Progress: false
Node Address: 192.168.65.3
Manager Addresses:
192.168.65.3:2377
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 773c489c9c1b21a6d78b5c538cd395416ec50f88
runc version: 4fc53a81fb7c994640722ac585fa9ca548971871
init version: 949e6fa
Security Options:
seccomp
Profile: default
Kernel Version: 4.9.87-linuxkit-aufs
Operating System: Docker for Mac
OSType: linux
Architecture: x86_64
CPUs: 4
Total Memory: 4.095GiB
Name: linuxkit-025000000001
ID: 2D57:Q3QP:6UZ2:S6JV:WXLG:JN4H:TR6G:V3C3:P6ZP:2ENA:L7ES:OIJD
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
HTTP Proxy: docker.for.mac.http.internal:3128
HTTPS Proxy: docker.for.mac.http.internal:3129
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: false
Docker Info from Windows
$ docker info
Containers: 0
Running: 0
Paused: 0
Stopped: 0
Images: 0
Server Version: 18.09.2
Storage Driver: overlay2
Backing Filesystem: extfs
Supports d_type: true
Native Overlay Diff: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
Volume: local
Network: bridge host macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 9754871865f7fe2f4e74d43e2fc7ccd237edcbce
runc version: 09c8266bf2fcf9519a651b04ae54c967b9ab86ec
init version: fec3683
Security Options:
seccomp
Profile: default
Kernel Version: 4.9.125-linuxkit
Operating System: Docker for Windows
OSType: linux
Architecture: x86_64
CPUs: 3
Total Memory: 7.768GiB
Name: linuxkit-00155d674805
ID: S7LD:PA6I:QGZR:YFQH:BR62:JS5C:DZLS:C6O3:RZUL:7ZXE:PRI6:HPRD
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): true
File Descriptors: 22
Goroutines: 46
System Time: 2019-04-11T13:28:11.3484452Z
EventsListeners: 1
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: false
Product License: Community Engine
Docker swarm join command output
$ docker swarm join --token SWMTKN-1-5rp7ownwv3ob27vl52ogo8z6d3mbxasdfasdfsadfkrf8hqjk1b5-bi2p5u7i7blk5wepw389sba0w 192.168.x.x:2377
Error response from daemon: rpc error: code = Unavailable desc = all
SubConns are in TransientFailure, latest connection error:
connection error:
desc = "transport: Error while dialing dial tcp 192.168.x.x:2377:
connect: connection refused"
The problem is that netiher docker Desktop for Mac nor for Windows with Linux containers are "true" dockers. Both are using virtual machines with Linux os where true docker engine works.
If I'm correct, 192.162.65.3 is not the IP of your Mac but the IP of vm within some virtual mac network.
Basing on this article https://docs.docker.com/docker-for-mac/docker-toolbox/ and this sentence "Also note that Docker Desktop for Mac can’t route traffic to containers, so you can’t directly access an exposed port on a running container from the hosting machine." Connecting Mac and Windows on Linux containers might not be easy.
I'd recommend for testing either get some cloud VMs or on Windows you can use docker-machine command to spawn multiple Linux VMs on which you can setup local swarm to test features you wish.
Related
My Setup: I have a single machine docker swarm "cluster".
Simply said, I have a stack deployment that is composed of two services A and B. Both services are connected (through an external overlay network) to another stack running a traefik proxy to expose those services to the public.
I can reach both services via their traefik routing from my browser.
What doesn't work though:
I can not reach service A from within service B using A's public domain (via its traefik routing). I always get a connection timeout when attempting a HTTP call.
I this some regular expected behavior that can be fixed with some option or is my setup somehow broken? I read that endpoint_mode: dnsrr might help in some situations of this kind but it really didn't make a difference for me. I tried it on both services as well as on the traefik service.
I don't want to overwhelm you with all the configuration details of my machine and swarm deployments right here as that might be overkill if I just made a configuration mistake that's obvious from my problem description.
For the ambitious reader, here are some further details:
$ docker info
Client:
Debug Mode: false
Server:
Containers: 125
Running: 59
Paused: 0
Stopped: 66
Images: 328
Server Version: 19.03.8
Storage Driver: overlay2
Backing Filesystem: <unknown>
Supports d_type: true
Native Overlay Diff: true
Logging Driver: loki
Cgroup Driver: cgroupfs
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: active
NodeID: juwtdqk60ufj3rityctog7ev0
Is Manager: true
ClusterID: 3mte2zcw4nfc1jq17dzwvtoi3
Managers: 1
Nodes: 1
Default Address Pool: 10.0.0.0/8
SubnetSize: 24
Data Path Port: 4789
Orchestration:
Task History Retention Limit: 5
Raft:
Snapshot Interval: 10000
Number of Old Snapshots to Retain: 0
Heartbeat Tick: 1
Election Tick: 10
Dispatcher:
Heartbeat Period: 5 seconds
CA Configuration:
Expiry Duration: 3 months
Force Rotate: 0
Autolock Managers: false
Root Rotation In Progress: false
Node Address: 178.254.21.80
Manager Addresses:
178.254.21.80:2377
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 7ad184331fa3e55e52b890ea95e65ba581ae3429
runc version: dc9208a3303feef5b3839f4323d9beb36df0a9dd
init version: fec3683
Security Options:
apparmor
seccomp
Profile: default
Kernel Version: 4.15.0-96-generic
Operating System: Ubuntu 18.04.4 LTS
OSType: linux
Architecture: x86_64
CPUs: 8
Total Memory: 31.41GiB
Name: rv1324
ID: L7JD:POVR:EPMY:JGMF:3BFX:DQJA:B5KK:O3PG:YH44:TNLJ:YD3I:GROZ
Docker Root Dir: /var/lib/docker
Debug Mode: false
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: false
The swarm stack I'm trying to deploy can be found here
https://github.com/skuzzle/cmp/blob/0f8004b41f1a486fee7b6705c4bcbc39a2414412/swarm-stack/feature.yml
The connectivity problem is between the cmpauthorization and the cpmfrontend service. In order to finish an OAuth2 authorization process, the latter service needs to send a POST request to the authorization service's public domain.
I'm learning docker and installing it in my VPS by this post. But it don't work
when I run
docker pull hello-world it causes errors like this.
Error response from daemon: Get https://registry-1.docker.io/v2/: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)
And this is result when i run docker info
Client:
Debug Mode: false
Server:
Containers: 0
Running: 0
Paused: 0
Stopped: 0
Images: 0
Server Version: 19.03.5
Storage Driver: overlay2
Backing Filesystem: extfs
Supports d_type: true
Native Overlay Diff: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: b34a5c8af56e510852c35414db4c1f4fa6172339
runc version: 3e425f80a8c931f88e6d94a8c831b9d5aa481657
init version: fec3683
Security Options:
seccomp
Profile: default
Kernel Version: 3.10.0-1062.4.3.el7.x86_64
Operating System: CentOS Linux 7 (Core)
OSType: linux
Architecture: x86_64
CPUs: 4
Total Memory: 3.7GiB
Name: vps24129.sdns.vn
ID: 3L4E:BKSU:F2PQ:BGCX:L77Z:TJJ7:CVJD:EZHQ:HCNW:SEL2:2IRR:ZHSF
Docker Root Dir: /var/lib/docker
Debug Mode: false
HTTP Proxy: http://:::443
HTTPS Proxy: http://10.0.0.0:3128
No Proxy: localhost,127.0.0.0/8,docker-registry.somecorporation.com
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: false
WARNING: API is accessible on http://127.0.0.1:2375 without encryption.
Access to the remote API is equivalent to root access on the host. Refer
to the 'Docker daemon attack surface' section in the documentation for
more information: https://docs.docker.com/engine/security/security/#docker-daemon-attack-surface
I tried some ways on google like disable firewall, setup proxy, reset vps, reinstall docker but it still didn't work. Hope everyone help me
I am trying to learn docker so i installed official docker application from it's site and after installing i installed kitematic.I am using windows 10:
Client:
Debug Mode: false
Server:
Containers: 0
Running: 0
Paused: 0
Stopped: 0
Images: 0
Server Version: 19.03.1
Storage Driver: overlay2
Backing Filesystem: extfs
Supports d_type: true
Native Overlay Diff: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 894b81a4b802e4eb2a91d1ce216b8817763c29fb
runc version: 425e105d5a03fabd737a126ad93d62a9eeede87f
init version: fec3683
Security Options:
seccomp
Profile: default
Kernel Version: 4.9.184-linuxkit
Operating System: Docker Desktop
OSType: linux
Architecture: x86_64
CPUs: 2
Total Memory: 1.952GiB
Name: docker-desktop
ID: VABX:P63L:ONMD:575Z:O4HT:WEZJ:RBNK:VB3G:4DC7:LI7T:YGX6:E4JL
Docker Root Dir: /var/lib/docker
Debug Mode: true
File Descriptors: 29
Goroutines: 44
System Time: 2019-08-21T11:22:46.4753036Z
EventsListeners: 2
Registry: https://index.docker.io/v1/
Labels:
Experimental: true
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: false
Product License: Community Engine
PS D:\Software\Windows\Docker\Kitematic-Windows>
After running kitamatic and search busybox and clicked on create after a few second i got this error:
(HTTP code 500) server error - Get https://registry-1.docker.io/v2/: dial tcp: lookup registry-1.docker.io on 192.168.65.1:53: read udp 192.168.65.3:57485->192.168.65.1:53: i/o timeout
to test i used terminal to create container :
PS D:\Software\Windows\Docker\Kitematic-Windows> docker run busybox
Unable to find image 'busybox:latest' locally
C:\Program Files\Docker\Docker\Resources\bin\docker.exe: Error response from daemon: Get https://registry-1.docker.io/v2/library/busybox/manifests/latest: Get https://auth.docker.io/token?account=731364&scope=repository%3Alibrary%2Fbusybox%3Apull&service=registry.docker.io: dial tcp: lookup auth.docker.io on 192.168.65.1:53: read udp 192.168.65.3:53973->192.168.65.1:53: i/o timeout.
See 'C:\Program Files\Docker\Docker\Resources\bin\docker.exe run --help'.
PS D:\Software\Windows\Docker\Kitematic-Windows>
What's happen ?
Your machine is using 192.168.65.1 as DNS server to resolve the IP for registry-1.docker.io.
In a lot of places, it's suggested to go in the settings and change the DNS from Automatic to Fixed: 8.8.8.8
I meet the problem when running the deploy sh of Shipyard. The error is
docker: Error response from daemon: driver failed programming external connectivity on endpoint shipyard-proxy (): Bind for 0.0.0.0:2375 failed: port is already allocated.
Then I use netstat -ntple command to find out who is listening port 2375.
The result is dockerd itself.
So I wonder how to overcome this problem in order to finish the installation of Shipyard.
And here is the docker ps
My docker info result is showed below
Containers: 8
Running: 4
Paused: 0
Stopped: 4
Images: 21
Server Version: 17.12.1-ce
Storage Driver: overlay2
Backing Filesystem: extfs
Supports d_type: true
Native Overlay Diff: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
Volume: local
Network: bridge host macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file logentries splunk syslog
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 9b55aab90508bd389d7654c4baf173a981477d55
runc version: 9f9c96235cc97674e935002fc3d78361b696a69e
init version: 949e6fa
Security Options:
apparmor
seccomp
Profile: default
Kernel Version: 4.13.0-37-generic
Operating System: Ubuntu 16.04.4 LTS
OSType: linux
Architecture: x86_64
CPUs: 1
Total Memory: 962.8MiB
Name: flora-virtual-machine
ID: J765:X2HP:UL4S:2SCV:7CZK:LG63:4H5V:QFDF:RUM5:2F2Y:XC6I:Y3AE
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
127.0.0.0/8
Registry Mirrors:
http://4d7846d0.m.daocloud.io/
Live Restore Enabled: false
I found an issue when using the same image on a different PC (same Linux version and same Docker version), causing different results when executing service -s in Docker.
I am using docker attach xx to execute this command.
Works fine on PC 1:
service -s
Checking for udevd: unused
Checking for Cron: unused
Checking for service D-Bus daemon unused
/etc/init.d/network is disabled,
can't find any another service enabled as the network.service.
Checking for mounted nfs shares (from /etc/fstab):gssd not running
idmapd not running
Warning: portmap/rpcbind not running - nfs may not work well
unused
Checking for UPS monitoring service unused
unused
unknown
Checking for service sshd unused
Fails on PC 2:
service -s
Failed to get D-Bus connection: No connection to service manager.
docker system info output in PC 1:
Containers: 6
Running: 3
Paused: 0
Stopped: 3
Images: 55
Server Version: 17.10.0-ce
Storage Driver: overlay2
Backing Filesystem: extfs
Supports d_type: true
Native Overlay Diff: false
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
Volume: local
Network: bridge host macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file logentries splunk syslog
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 06b9cb35161009dcb7123345749fef02f7cea8e0
runc version: 0351df1c5a66838d0c392b4ac4cf9450de844e2d
init version: 949e6fa
Security Options:
apparmor
Kernel Version: 4.2.0-27-generic
Operating System: Ubuntu 14.04.4 LTS
OSType: linux
Architecture: x86_64
CPUs: 16
Total Memory: 47.16GiB
Name: hadoop3
ID: 4WGL:SPWW:7IFX:ENVE:7742:VB37:A4VY:HUI4:S74E:RYIS:Q4DS:6BQO
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
Experimental: false
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: false
WARNING: No swap limit support
docker system info output on PC 2:
Containers: 1
Running: 1
Paused: 0
Stopped: 0
Images: 2
Server Version: 17.10.0-ce
Storage Driver: overlay2
Backing Filesystem: extfs
Supports d_type: true
Native Overlay Diff: false
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
Volume: local
Network: bridge host macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file logentries splunk syslog
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 06b9cb35161009dcb7123345749fef02f7cea8e0
runc version: 0351df1c5a66838d0c392b4ac4cf9450de844e2d
init version: 949e6fa
Security Options:
apparmor
Kernel Version: 4.2.0-27-generic
Operating System: Ubuntu 14.04.4 LTS
OSType: linux
Architecture: x86_64
CPUs: 16
Total Memory: 55.03GiB
Name: hadoop1
ID: ZAYC:DRNC:HJGM:MFKP:JBKS:SAMB:U4WZ:5E7L:RR2B:PJFN:EH4D:GGOA
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
File Descriptors: 22
Goroutines: 30
System Time: 2017-11-12T23:00:09.145808427+08:00
EventsListeners: 0
Registry: https://index.docker.io/v1/
Experimental: false
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: false
WARNING: No swap limit support
The following is my Dockerfile:
FROM opensuse:13.1
RUN zypper -n install net-tools tar python-xml python rsyslog sudo nfs-client
RUN zypper -n install wget vim less tcpdump aaa_base openssh
RUN zypper -n install syslinux
WORKDIR /root
ENTRYPOINT ["/bin/bash"]
I already try to reinstall Docker on PC 2 several times, but it isn't working out at all.
Please help me, thanks in advance!
The "service" command will actually forward all calls to "systemctl" which in turn will forward it to the SystemD daemon. It will reach the SystemD daemon by using the messagebus, aka kernel-dbus. The error "Failed to get D-Bus connection: No connection to service manager." simply says that the SystemD daemon is not running which is normal in a docker container.
I don't know why the first call had worked altogether. You may try if it helps in both cases to follow the steps of using https://github.com/gdraheim/docker-systemctl-replacement to avoid service/systemctl wanting to access the messagebus.