Lab #6: Test Routing Mesh

Docker swarm by default use ingress mode layer 4 routing mesh. The routing mesh enables each node in the swarm to accept connections on published ports for any service running in the swarm, even if there’s no task running on the node. You can bypass the routing mesh, using host mode when you create the service. Then you will able to access the service only from the node where task is running.

Pre-requisite:

Tested Infrastructure

Platform Number of Instance Reading Time
Play with Docker 1 5 min

Pre-requisite

Create a service in ingress mode

$ docker service create --name myWebApp --publish published=80,target=80,mode=ingress nginx:alpine

Checking Current PublishMode

$ docker service inspect --format "" myWebApp

[{"Protocol":"tcp","TargetPort":80,"PublishedPort":80,"PublishMode":"ingress"}]

Bypass the routing mesh by host Mode

$ docker service create --name bypassRM --publish published=8080,target=80,mode=host nginx:alpine

Checking Current PublishMode

$ docker service inspect --format "" bypassRM

[{"Protocol":"tcp","TargetPort":80,"PublishedPort":8080,"PublishMode":"host"}

Contributor

Savio Mathew