Lab #6: Test Routing Mesh
Docker swarm by default use ingress mode layer 4 routing mesh. The routing mesh enables each node in the swarm to accept connections on published ports for any service running in the swarm, even if there’s no task running on the node. You can bypass the routing mesh, using host mode when you create the service. Then you will able to access the service only from the node where task is running.
Pre-requisite:
Tested Infrastructure
| Platform | Number of Instance | Reading Time |
|---|---|---|
| Play with Docker | 1 | 5 min |
Pre-requisite
Create a service in ingress mode
$ docker service create --name myWebApp --publish published=80,target=80,mode=ingress nginx:alpine
Checking Current PublishMode
$ docker service inspect --format "" myWebApp
[{"Protocol":"tcp","TargetPort":80,"PublishedPort":80,"PublishMode":"ingress"}]
Bypass the routing mesh by host Mode
$ docker service create --name bypassRM --publish published=8080,target=80,mode=host nginx:alpine
Checking Current PublishMode
$ docker service inspect --format "" bypassRM
[{"Protocol":"tcp","TargetPort":80,"PublishedPort":8080,"PublishMode":"host"}