update: this apparrently happens because of the related Linux kernel details (going to be fixed/improved in kernel v 5.3 https://github.com/lxc/lxd/issues/5193 ) please confirm in comment/answer if I grasped it correctly.
I am running docker swarm in lxd container, when trying to communicate between services in a docker swarm, I get the following error (deployed with docker stack up -c docker-compose.yml test):
$ docker exec -it <test_one_container_id> curl test_two"
curl: (7) Failed to connect to test_two port 80: Host is unreachable
same for ping. Services' virtual ip's are unpingable and curl don't work on them too.
But when I do the same when deploying this with docker-compose up, or curl <container_id>, then everything works as expected. Only services virtual ip's are unreachable. What is wrong in this setup?
I use the following simple docker-compose.yml:
version: "3"
services:
one:
image: nginx:alpine
deploy:
replicas: 1
networks:
- test
two:
image: nginx:alpine
deploy:
replicas: 1
networks:
- test
networks:
test:
The test_test network inspect:
[
{
"Name": "test_test",
"Id": "q4jhj4lbmkae6salev8zyluf6",
"Created": "2019-08-15T23:50:22.221701229+03:00",
"Scope": "swarm",
"Driver": "overlay",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": null,
"Config": [
{
"Subnet": "10.0.5.0/24",
"Gateway": "10.0.5.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"2522e89c33b1220de9609d4502624696cf9fdbd7f98328f833d89ee999bc3953": {
"Name": "test_one.1.bylmzvlkpcn4ud3eb4hmrn89y",
"EndpointID": "37d35d8db8ba8f6227e7e11070d06c0ec87b4a0bb9acba7627e3e652e6972660",
"MacAddress": "02:42:0a:00:05:06",
"IPv4Address": "10.0.5.6/24",
"IPv6Address": ""
},
"eecf6231cc889124ed8758c425020b782e1267ccfcccfe5af6843d832e3513b1": {
"Name": "test_two.1.tngcq88ew9sff5lkrlorlmpxg",
"EndpointID": "7f3036d0df48713e00f996ba8fbd4590b0aa7c33fc93fcdbb6aab8e0b28a1240",
"MacAddress": "02:42:0a:00:05:03",
"IPv4Address": "10.0.5.3/24",
"IPv6Address": ""
},
"lb-test_test": {
"Name": "test_test-endpoint",
"EndpointID": "5c1e62ac350eaa10cbbe167ba27f974cba57b5bec1e1f2a72e7b22ad98efb2a3",
"MacAddress": "02:42:0a:00:05:04",
"IPv4Address": "10.0.5.4/24",
"IPv6Address": ""
}
},
"Options": {
"com.docker.network.driver.overlay.vxlanid_list": "4102"
},
"Labels": {
"com.docker.stack.namespace": "test"
},
"Peers": [
{
"Name": "b3f74b1318c9",
"IP": "10.229.170.28"
}
]
}
]
Services inspects:
[
{
"ID": "wc0xjhib0wk9dwmr9sn18jy2e",
"Version": {
"Index": 319
},
"CreatedAt": "2019-08-15T20:50:24.266058906Z",
"UpdatedAt": "2019-08-15T20:50:24.271626665Z",
"Spec": {
"Name": "test_one",
"Labels": {
"com.docker.stack.image": "nginx:alpine",
"com.docker.stack.namespace": "test"
},
"TaskTemplate": {
"ContainerSpec": {
"Image": "nginx:alpine@sha256:482ead44b2203fa32b3390abdaf97cbdc8ad15c07fb03a3e68d7c35a19ad7595",
"Labels": {
"com.docker.stack.namespace": "test"
},
"Privileges": {
"CredentialSpec": null,
"SELinuxContext": null
},
"StopGracePeriod": 10000000000,
"DNSConfig": {},
"Isolation": "default"
},
"Resources": {},
"RestartPolicy": {
"Condition": "any",
"Delay": 5000000000,
"MaxAttempts": 0
},
"Placement": {
"Platforms": [
{
"Architecture": "amd64",
"OS": "linux"
},
{
"OS": "linux"
},
{
"Architecture": "arm64",
"OS": "linux"
},
{
"Architecture": "386",
"OS": "linux"
},
{
"Architecture": "ppc64le",
"OS": "linux"
},
{
"Architecture": "s390x",
"OS": "linux"
}
]
},
"Networks": [
{
"Target": "q4jhj4lbmkae6salev8zyluf6",
"Aliases": [
"one"
]
}
],
"ForceUpdate": 0,
"Runtime": "container"
},
"Mode": {
"Replicated": {
"Replicas": 1
}
},
"UpdateConfig": {
"Parallelism": 1,
"FailureAction": "pause",
"Monitor": 5000000000,
"MaxFailureRatio": 0,
"Order": "stop-first"
},
"RollbackConfig": {
"Parallelism": 1,
"FailureAction": "pause",
"Monitor": 5000000000,
"MaxFailureRatio": 0,
"Order": "stop-first"
},
"EndpointSpec": {
"Mode": "vip"
}
},
"Endpoint": {
"Spec": {
"Mode": "vip"
},
"VirtualIPs": [
{
"NetworkID": "q4jhj4lbmkae6salev8zyluf6",
"Addr": "10.0.5.5/24"
}
]
}
}
]
[
{
"ID": "s40chkaulxblg4tb0rb1nhvc3",
"Version": {
"Index": 310
},
"CreatedAt": "2019-08-15T20:50:22.043647463Z",
"UpdatedAt": "2019-08-15T20:50:22.047243817Z",
"Spec": {
"Name": "test_two",
"Labels": {
"com.docker.stack.image": "nginx:alpine",
"com.docker.stack.namespace": "test"
},
"TaskTemplate": {
"ContainerSpec": {
"Image": "nginx:alpine@sha256:482ead44b2203fa32b3390abdaf97cbdc8ad15c07fb03a3e68d7c35a19ad7595",
"Labels": {
"com.docker.stack.namespace": "test"
},
"Privileges": {
"CredentialSpec": null,
"SELinuxContext": null
},
"StopGracePeriod": 10000000000,
"DNSConfig": {},
"Isolation": "default"
},
"Resources": {},
"RestartPolicy": {
"Condition": "any",
"Delay": 5000000000,
"MaxAttempts": 0
},
"Placement": {
"Platforms": [
{
"Architecture": "amd64",
"OS": "linux"
},
{
"OS": "linux"
},
{
"Architecture": "arm64",
"OS": "linux"
},
{
"Architecture": "386",
"OS": "linux"
},
{
"Architecture": "ppc64le",
"OS": "linux"
},
{
"Architecture": "s390x",
"OS": "linux"
}
]
},
"Networks": [
{
"Target": "q4jhj4lbmkae6salev8zyluf6",
"Aliases": [
"two"
]
}
],
"ForceUpdate": 0,
"Runtime": "container"
},
"Mode": {
"Replicated": {
"Replicas": 1
}
},
"UpdateConfig": {
"Parallelism": 1,
"FailureAction": "pause",
"Monitor": 5000000000,
"MaxFailureRatio": 0,
"Order": "stop-first"
},
"RollbackConfig": {
"Parallelism": 1,
"FailureAction": "pause",
"Monitor": 5000000000,
"MaxFailureRatio": 0,
"Order": "stop-first"
},
"EndpointSpec": {
"Mode": "vip"
}
},
"Endpoint": {
"Spec": {
"Mode": "vip"
},
"VirtualIPs": [
{
"NetworkID": "q4jhj4lbmkae6salev8zyluf6",
"Addr": "10.0.5.2/24"
}
]
}
}
]