can not use user-defined bridge in swarm compose yaml file

Question

I learned from docker documentation that I can not use docker DNS to find containers using their hostnames without utilizing user-defined bridge network. I created one using the command:

docker network create --driver=overlay --subnet=172.22.0.0/16 --gateway=172.22.0.1 user_defined_overlay

and tried to deploy a container that uses it. compose file looks like:

  version: "3.0"
    services:
      web1:
        image: "test"
        ports:
           - "12023:22"
        hostname: "mytest-web1"
        networks:
          - test
      web2:
        image: "test"
        ports:
           - "12024:22"
        hostname: "mytest-web2"
        networks:
          - test
    networks:
      test:
        external: 
          name: user_defined_overlay

my docker version is: Docker version 17.06.2-ce, build cec0b72 and I got the following error when I tried deploying the stack:

network "user_defined_bridge" is declared as external, but it is not in the right scope: "local" instead of "swarm"

I was able to create an overlay network and define it in compose file. that worked fine but it didn't for bridge. result of docker network ls:

NETWORK ID          NAME                       DRIVER              SCOPE
cd6c1e05fca1        bridge                     bridge              local
f0df22fb157a        docker_gwbridge            bridge              local
786416ba8d7f        host                       host                local
cuhjxyi98x15        ingress                    overlay             swarm
531b858419ba        none                       null                local
15f7e38081eb        user_defined_overlay       overlay             swarm

UPDATE

I tried creating two containers running on two different swarm nodes(1st container runs on manager while second runs on worker node) and I specified the user-defined overlay network as shown in stack above. I tried pinging mytest-web2 container from within mytest-web1 container using hostname but I got unknown host mytest-web2

If you use docker stack then the network has to be overlay. so what is the issue with that — Tarun Lalwani, Sep 07 '17 at 18:18

BMitch · Accepted Answer · 2017-09-07T23:00:55.030

As of 17.06, you can create node local networks with a swarm scope. Do so with the --scope=swarm option, e.g.:

docker network create --scope=swarm --driver=bridge \
  --subnet=172.22.0.0/16 --gateway=172.22.0.1 user_defined_bridge

Then you can use this network with services and stacks defined in swarm mode. For more details, you can see PR #32981.

Edit: you appear to have significantly overcomplicated your problem. As long as everything is being done in a single compose file, there's no need to define the network as external. There is a requirement to use an overlay network if you want to communicate container-to-container. DNS discovery is included on bridge and overlay networks with the exception of the default "bridge" network that docker creates. With a compose file, you would never use this network without explicitly configuring it as an external network with that name. So to get container to container networking to work, you can let docker-compose or docker stack deploy create the network for your project/stack automatically with:

version: "3.0"
   services:
     web1:
       image: "test"
       ports:
       - "12023:22"
     web2:
       image: "test"
       ports:
         - "12024:22"

Note that I have also removed the "hostname" setting. It's not needed for DNS resolution. You can communicate directly with a service VIP with the name "web1" or "web2" from either of these containers.

With docker-compose it will create a default bridge network. Swarm mode will create an overlay network. These defaults are ideal to allow DNS discovery and container-to-container communication in each of the scenarios.

thanks @BMitch the command you provided ran without errors .. but I still can't ping a container from another container using hostname. I created 2 containers one running in manager and the 2nd running in worker I can ping each other using their alias but I can't using their hostname. I thought if I specify defined bridge network will solve my problem. is my assumption incorrect? — tkyass, Sep 07 '17 at 20:11
Node local networks like the bridge network do not work across multiple nodes in the swarm. For that you would need an overlay network. Only containers running on the same node will be able to talk container-to-container. Anything outside of that would need to access via the published ports on the host. — BMitch, Sep 07 '17 at 20:29
thanks again @BMitch for your answer. but I think my question is not clear enough. all I want to do is to be able to communicate between containers created from single stack using their hostname without using host files. I thought docker has DNS support for such case if I deploy the stack with user-defined network. I made edits in my question above to best reflect my inquiry — tkyass, Sep 07 '17 at 21:03
@tkyass DNS works, without even defining the hostname on the container, with either overlay or bridge networking, but you must be on the same network. A bridge network does not span multiple docker hosts, so if containers are run on different hosts, like a manager and worker, then it's not possible to communicate between the containers with a bridge network. — BMitch, Sep 07 '17 at 23:03

score 0 · Answer 2 · answered Sep 07 '17 at 19:29

0

The overlay network is the network to be used in swarm. Swarm is meant to be used to manage containers on multiple hosts and overlay networks are docker's multi-host networks https://docs.docker.com/engine/userguide/networking/get-started-overlay/

answered Sep 07 '17 at 19:29

yamenk

46,736
10
93
87

can not use user-defined bridge in swarm compose yaml file

2 Answers2

Linked