I didn't misunderstand. It's a bit alarming that you'd say something is hacky without knowing anything about it... just because it's something new to you vs something you're familiar with. In your perspective, using wg for docker connectivity is hacky. I don't suppose you looked up how many people combine these two. There's a tinge of something being right because you're doing it that way, but I may be wrong though. I'm a fan of Swarm too, especially suggesting its consideration before thinking about kubernetes.
On Thursday, November 9th, 2023 at 10:29, David Crayford <[email protected]> wrote: > You misunderstood my point. I'm not bashing WireGuard. I'm sure it's a > brilliant product and all power to them. My point is that using it to hack > a clustering solution seems a bit odd if you have Docker Swarm to create a > multi-host network using the overlay protocol. I know nothing about WG, but > I use Docker every day. > > On Thu, Nov 9, 2023 at 10:51 AM kekronbekron < > [email protected]> wrote: > > > > ... instead of hacking together solutions that don’t work? > > > > Say that with a straight face to the companies building or relying on > > WireGuard and see what happens. > > > > On Wednesday, November 8th, 2023 at 19:30, David Crayford < > > [email protected]> wrote: > > > > > > On 8 Nov 2023, at 9:36 pm, Timothy Sipples [email protected] wrote: > > > > > > > > Dave Jousma wrote: > > > > > > > > > Thanks Timothy. Yep found all that, have the instance up and working > > > > > just fine > > > > > > > > > it’s the peer to peer networking that is not working. The fine folks > > > > > at > > > > > > > > > Rocket indicate that their software is picking up the internal > > > > > container IP, > > > > > > > > > and not using the Host IP causing the problem. They are working up > > > > > their own > > > > > > > > > testing, and believe that docker overlay networking can resolve this. > > > > > > > > OK, it’s interesting the software works that way. > > > > > > What software are you referring to, Docker? That’s fundamental to how > > > Docker networking works. Publishing ports using “-p <portnum>” doesn’t > > > make > > > the services discoverable in docker containers. You meed overlay > > > networking. TE Web is a typical clustering architecture using > > > active/passive HA. You will also find that you can not run curl from > > > within > > > a Docker image. Most docker containers are built to take up as small a > > > footprint as necessary so utilities like curl are not installed and you > > > cannot instal them using apt if security keys are not enabled, which is > > > best practice. > > > > > > > (“Thinking out loud...”) Could you run a “bigger” Linux container > > > > image that includes a VPN tunnel (such as WireGuard) to connect these > > > > two > > > > peers with one another to work around the issue? > > > > > > Why not just use a Docker clustering such as swarm instead of hacking > > > together solutions that don’t work? > > > ---------------------------------------------------------------------- > > > For IBM-MAIN subscribe / signoff / archive access instructions, > > > send email to [email protected] with the message: INFO IBM-MAIN > > > > ---------------------------------------------------------------------- > > For IBM-MAIN subscribe / signoff / archive access instructions, > > send email to [email protected] with the message: INFO IBM-MAIN > > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to [email protected] with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
