0

My scenario has 7 nodes, 4 running in AWS (each one in a different account), 1 running in LINODE, 1 running in Google Cloud and 1 running in Oracle Cloud. Every node is using external IP, and I checked firewall ports into the provider and ensure that is disabled on the VM. I also edited the hosts files in each node to ensure that they will be reachable, all they are pinging ok.

All machines running in AWS and Linode can join the SWARM both as a worker or as a manager, but the machines running in the Google Cloud and Oracle, just can join as a worker.

Using one AWS node as Leader, I got the following error messages...

docker node ls on leader

trying join node from Oracle

trying join node from Google Cloud

At last, I tried to make the Google Cloud node as a leader into a new SWARM, and tried to join the Linode and Oracle Nodes into it and got the following error message

trying to join o a new swarm

In this last attempt, the node that I tried to add says that he is into a swarm but when I run a docker node ls into the Leader, no new nodes are added...

Anyone already used Google Cloud or Oracle to run dockers and swarm can help me to figure out what more I need configure or what port or protocol more I need to allow. I already tried to permit all traffic from the nodes IP... in theory, everything would be allowed...

My best regards, Leonardo Lima

Orest Gulman
  • 422
  • 1
  • 8
  • 25
Leonardo Lima
  • 35
  • 11
  • 1
    This is a networking problem, but your question has no detail on networking. – John Hanley Nov 11 '19 at 15:01
  • John, which details are you talking about? I just hide the public IP address, this is new for me and I don't know which information is good post, about the networks I know that all firewalls are down and ports are open – Leonardo Lima Nov 11 '19 at 18:29

1 Answers1

0

Google Cloud Platform handles implied Firewall rules and also have default Ingress rules added once a new VPC is created. If you don't explicitly allow the Ingress traffic to specific ports in the node/nodes within the VPC, connection will timeout. Therefore, you need to allow the traffic to the node through the manager port (2377) from 0.0.0.0/0 (any source). So, these are the networking configurations that we need to review before understand why you can't connect to your node as Manager.

Carlos Cuevas
  • 61
  • 2
  • Hello Carlos, I must be doing something wrong with the Google firewall because I tried to even open all ports for AWS IP and even a test opening all ports for all IP – Leonardo Lima Nov 29 '19 at 01:12