Port forwarding does not work when using docker swarm

[lxbuilder]

Port forwarding works well when running containers. However, when using a stack in docker swarm, I cannot access it from my Mac.

To reproduce, here is the YAML (test.yml) file:

version: '3.7'
services:
  test:
    image: nginx:1.21.5-alpine
    ports:
      - 80:80

To initialize a docker swarm I use docker swarm init. Afterwards, I create the stack with docker stack deploy -c test.yml teststack1

If I run curl http://localhost it does not fail to connect, but is stuck after initial connection.

This was tested with a fresh install today (brew install colima) and no custom settings.

Edit: YAML code highlighting

[abiosoft]

What is the default behaviour on Docker for Mac?

I noticed that the ports are not yet exposed when I checked docker service ps, but it worked after I changed the port setting a bit.

version: '3.7'
services:
  test:
    image: nginx:1.21.5-alpine
    ports:
      - target: 80
        published: 80
        mode: host

[lxbuilder]

What is the default behaviour on Docker for Mac?

It would work and curl would give me the response from nginx

I noticed that the ports are not yet exposed when I checked docker service ps, but it worked after I changed the port setting a bit.

version: '3.7'
services:
  test:
    image: nginx:1.21.5-alpine
    ports:
      - target: 80
        published: 80
        mode: host

Interesting, but I try to migrate from Docker Desktop to Colima, hoping to have the same behavior. Everything else I tested works like a charm, just this issue is not solvable for me without changing my previous working configuration files. Is it possible to achieve get the curl response without changing the yaml/client side?

[lxbuilder]

Furthermore, if you ssh into the colima vm (colima ssh) you are able to receive a response with curl

[duddingl]

What is the default behaviour on Docker for Mac?

I noticed that the ports are not yet exposed when I checked docker service ps, but it worked after I changed the port setting a bit.

version: '3.7'
services:
  test:
    image: nginx:1.21.5-alpine
    ports:
      - target: 80
        published: 80
        mode: host

Whilst this works for replicas=1, it doesn't for multiple replicas, the error being no suitable node (host-mode port already in use on 1 node)

[abiosoft]

Kindly install the current development version with brew install --HEAD colima

The containers should be reachable via the VM's IP address.

[root360-AndreasUlm]

Hi,

I got the same issue while running and trying to connect to traefik within docker swarm.
When changing the port configuration to target-published-mode syntax it works.

• colima version:

  colima version 0.4.2
  git commit: f112f336d05926d62eb6134ee3d00f206560493b
  
  runtime: docker
  arch: x86_64
  client: v20.10.16
  server: v20.10.14
  

• stack-config:

  services
    traefik:
      image: traefik:v2.4
      command: --providers.docker.swarmMode=true --providers.docker.network=traefik --providers.docker.exposedByDefault=false --api.dashboard=true --api.insecure=true --accesslog=true --pilot.dashboard=false --entryPoints.http.address=:80 --serverstransport.insecureskipverify=true
      networks:
        - traefik
      ports:
        - 8080:8080
        - 80:80
        - 443:443
      volumes:
        - /var/run/docker.sock:/var/run/docker.sock

Regards,
Andreas

[abiosoft]

@root360-AndreasUlm as a workaround, you can start colima with reachable IP address. i.e. colima start --network-address, view the IP address in colima ls and the port should be reachable at the IP address.

It seems the overlay network used in swarm is blocking requests not originated from localhost.