docker swarm access service

How to access swarm services on a multi-host docker swarm.

For a docker swarm, lets say that the services are named: abc, pqr, xyz

  • If the services are placed in the same host, they are able to access by http://pqr/a or http://xyz/a

    but if they are on different host they are not able to access by http://pqr/a or http://xyz/a. Even ping to the other service names are not working.

    docker service create --constraint 'node.labels.momachinename == t4301' --name abc --network=ni_default mo-vo:7.10.0s node /a/src/start.js
    docker service create --constraint 'node.labels.momachinename == t4302' --name pqr --network=ni_default mo-vo:7.10.0s node /a/src/start.js
    docker network ls
    NETWORK ID          NAME                DRIVER              SCOPE
    d7478273de19        bridge              bridge              local
    485112e08c0f        docker_gwbridge     bridge              local
    c8a75eb27f1f        host                host                local
    5rmqgswur2lp        ingress             overlay             swarm
    q26p8tdr0xw6        networld            overlay             swarm
    d2kf3bfdbmol        ni_default          overlay             swarm
    64094b86b804        none                null                local

  • One Solution collect form web for “docker swarm access service”

    From your symptoms, it sounds like you have the containers running on the same overlay network and can communicate using DNS resolution on the same host, but you’re just having problems between hosts. For overlay networking between hosts, you need the following firewall rules:

    iptables -A INPUT -p tcp -m tcp --dport 7946 -j ACCEPT
    iptables -A INPUT -p tcp -m udp --dport 7946 -j ACCEPT
    iptables -A INPUT -p tcp -m tcp --dport 4789 -j ACCEPT
    iptables -A INPUT -p 50 -j ACCEPT

    That’s port 7946 for tcp/udp (this is the control port), port 4789 for tcp (this is the data port), and protocol 50 (needed for secure networks using IPSEC).

