3

I have setup docker manually on windows server 2016 by following this article https://docs.docker.com/ee/docker-ee/windows/docker-ee/

I have two windows server 2016 hyper-v machines sharing the same network and I added firewall rules to allow network connectivity form each one to the other.

The first machine holds the private IP 192.168.192.254 and the other one holds the private IP 192.168.192.242 and they can ping each other.

I have tried to init swarm on the first machine and used the below command docker swarm init --advertise-addr 192.168.192.245:2377 --listen-addr 192.168.192.245:2377 but I got the below error *

Error response from daemon: manager stopped: failed to listen on remote API address: listen tcp 192.168.192.245:2377: bind: The requested address is not valid in its context.

* I executed the below command then

docker network inspect nat

and below was the result enter image description here

Looks like the docker has its own interface and its network IP is different than the hyper-v default switch! This means that both dockers on the both machines do not know how to communicate with each other, if my understanding is correct, how can I build multi node swarm with this situation?

The other thing I have tried to do and failed with, is to init the swarm and used an IP address within the range of the docker window but I got the same issue enter image description here

Edit Again:

Now it worked with this IP:Port 192.168.192.243:2377 and was able to add the first hyper-v VM as a manager node but as you see the other machine can't join the swarm. I have noticed that when I add --listen-addr 192.168.192.243:2377 I get the same error like above.

I have also disabled firewalls on both machines but nothing is working

enter image description here

Mo Haidar
  • 3,748
  • 6
  • 37
  • 76
  • 2
    If a host has IP address `192.168.192.242` wouldn't the init command be `docker swarm init --advertise-addr 192.168.192.242`? Why would you try to advertise/bind to other IP addresses (like `*.243` or `*.245`)? – Ionut Ticus May 11 '20 at 19:13
  • you are the man, that worked as a charm, please add this as an answer, I thought that I can use any IP address in the network subnet, can't I attach my docker engine to any IP in the subnet? maybe I misunderstand the concept. any way, thanks a lot. – Mo Haidar May 11 '20 at 19:34
  • Another thing, why advertise-addr accepts any IP in the subnet while listen-addr not – Mo Haidar May 11 '20 at 19:47

1 Answers1

1

You need to use one of the host's IP address for listen-addr because as the name implies it will try to listen on that IP address.

There's advertise-addr as well as this is the network address advertised to other nodes (they will use that address to connect to the swarm).

In most setups the two will be identical but there are cases where they are different (for example hosts with multiple network cards might only want the swarm to be reachable in a single network, or hosts interconnected via VPN perhaps want the swarm to only communicate via the VPN interface).
You could theoretically have a swarm manager behind a NAT interface in which case the advertise-addr would be that of the NAT device (I'm only speculating the NAT case - I haven't tried this).

Anyway using this initialization command should work in your case:
docker swarm init --advertise-addr 192.168.192.242

Ionut Ticus
  • 2,683
  • 2
  • 17
  • 25
  • Thanks a lot, the thing that I don't really understand is why Swarm accepts to listen on a specific address and advertise another address, that is really not clear. It is like telling someone to send you a package to united states and you are waiting to receive it in UK, how would that work, I don't really understand. – Mo Haidar May 11 '20 at 20:39
  • 1
    For example: you can listen on all addresses (`0.0.0.0`) but you obviously can't advertise that address. Another example is using NAT: you listen on your home address but you advertise your uncle's address because your house is unreachable using the Fedex truck; Fedex will deliver the package to you uncle (the NAT device) and your uncle will deliver the package to you (he has a smaller truck). – Ionut Ticus May 11 '20 at 21:09
  • I got you, I should have focused on the NAT part in the answer as it is a very good example and explains my concerns. Again many thanks. – Mo Haidar May 11 '20 at 21:38
  • @Iont It was my pleasure to award the 100 bounty to you. Do you have any guidance about how to troubleshoot container network issues, any good articles? – Mo Haidar May 12 '20 at 19:12
  • 1
    thank you @MoHaidar! The only sources I used were Docker's [docs](https://docs.docker.com/engine/swarm/swarm-tutorial/) and basic tools like `ping`, `netcat`, `tcpdump` to verify connections between nodes before initializing the swarm. – Ionut Ticus May 12 '20 at 19:23