overlay network

[pennywisdom]

Hi @StefanScherer was wondering whether you might perhaps have any recent updates on support for swarm mode and the overlay driver on windows 10 and server 2016? I have Creators Update 1703 installed on my local machine and am able to create the overlay driver and the services seemingly ok. My server also has the latest windows updates and I believe this is what is required to use the latest network features.

At the moment I only need to test on a single machine so swarm mode is not so important across hosts, however I want to utilize the overlay network to use network isolation on my continuous integration server which does not work so well with a single nat network (dns clashes etc). Its my understanding that a swarm of one should be fine.

As said previously I am able to create services and attach to the network. docker inspect shows everything as I would expect it to be. If I docker exec into the service containers and run ipconfig I can see that i have 2 virtual adapters one with the overlay network ip address 10.0.0.x e.g and another with a 172.x.x.x class b ip address with the gateway that matches the ip address of the virtual adaper (HNS) on the host. Pinging between the containers in the services seems fine.

I cannot, though, no matter what I try, access the containers externally. I have tried the gateway, the private ip addresses and everything I can think of. I have tried from other machines on the network in case its the nat windows problem, but I am having no success.

I am a little confused as to whether this should be working or I need to raise an issue (or its already raised!).

I am basing my understanding off this :- https://docs.microsoft.com/en-us/virtualization/windowscontainers/manage-containers/swarm-mode which suggests to me that swarm mode and the overlay driver are ready to go if you have the patch levels correct (except mesh networking support). The level of official communication from MS over support from this seems to be inconsistent at best (updates seem to have stopped around April / May time but I am sure this is all being worked on).

Do you happen to have any better information or awareness about what should be working and what still has issues?

Really appreciate anything you can share.

Thanks!

[StefanScherer]

The overlay network works between containers that use the same docker network. Accessing services/containers from outside you need to publish a port and this at some point implicates the routing mesh (load balancing to all replicas of a given service that should be published). The routing mesh still isn't available in Windows containers.

I have seen docker stack yaml files that uses host mode like this: https://github.com/mikegcoleman/hybrid-workshop/blob/f2a69f90c86a7cbb8e5b5716f3f2d955741dcf80/docker-compose.yaml#L7-L10

Another way could be using a Linux swarm manager to connect to the services as routing mesh works there. See my example using the whoami and accessing it from the linux manager IP address: https://github.com/StefanScherer/docker-windows-box/tree/master/swarm-mode#scale-up

That are the options I know of at the moment.

[pennywisdom]

Thanks @StefanScherer I see. That seems to correspond to how things have been working for me. I have tried variations of using host mode, but didnt have any success there either. A quick look on against docker issues suggested that some bugs may still exist or have been introduced. Thanks for sharing this.