Consider a swarm node where my-swarm-container and metadataproxy-container run. metadataproxy-container is not part of the swarm and is run in the following way.
The problem is that my-swarm-container will ask metadataproxy-container for credentials and metadataproxy-container will respond with status 404 and will output the following in its logs.
{"asctime": "2020-04-09 01:10:05,003", "name": "metadataproxy.roles", "levelname": "ERROR", "message": "No container found for ip 172.18.0.7"}
{"asctime": "2020-04-09 01:10:05,003", "name": "metadataproxy.routes.proxy", "levelname": "ERROR", "message": "Role name not found; returning 404."}
The reason is that swarm bridge network docker_gwbridge is not reported in the output of docker inspect my-swarm-container (see https://github.com/moby/libnetwork/issues/1082). When metadataproxy tries to match request ip to its container, it looks at the ip of each container in the node and finds no match.
A solution to the problem is to match the ip to its container by looking at the list of containers for network docker_gwbridge. PR https://github.com/lyft/metadataproxy/pull/101 implements the lookup.
Consider a swarm node where
my-swarm-container
andmetadataproxy-container
run.metadataproxy-container
is not part of the swarm and is run in the following way.The problem is that
my-swarm-container
will askmetadataproxy-container
for credentials andmetadataproxy-container
will respond with status 404 and will output the following in its logs.The reason is that swarm bridge network
docker_gwbridge
is not reported in the output ofdocker inspect my-swarm-container
(see https://github.com/moby/libnetwork/issues/1082). When metadataproxy tries to match request ip to its container, it looks at the ip of each container in the node and finds no match.A solution to the problem is to match the ip to its container by looking at the list of containers for network
docker_gwbridge
. PR https://github.com/lyft/metadataproxy/pull/101 implements the lookup.