I am trying to run docker swarm in an LXD container. "Normal" docker is working.
After some configuration issues with the /.dockerenv file and some Kernel modules that were missing I got things running.
docker service create --detach=false -p 80:80 nginx I can start up an NGINX service.
But there is an issue with the ingress network it seems. The docker container can't be accessed from outside.
A bit more specific: I started the NGINX container. From within the nginx container I can connect to the outside world. No problem.
But when I'm on the LXD container and try to access it via
curl localhost or
curl hostname I get a timeout.
The iptables rules are being updated with DOCKER-INGRESS chains. But something seems to be wrong as there is no connectivity.
Some more research showed that packets go to the nginx container and from the nginx container to the ingress-sbox but then nothing leaves the ingress-sbox. Somehow it seems to be related to the ip_vs load balancer in the ingress-sbox.
Probably a docker expert is needed here. But there is a connection to LXD as the same setup works just fine if it doesn't run in a LXD container.
The logs show nothing suspicious.
[Edit] Maybe they do. If I start another docker service I get warnings that kernel modules are missing from /lib/module. However I have them added in the docker profile and I created a file /.dockerenv which should tell docker not to look in /lib/modules for modules. Also a lsmod shows that all modules are available.
They are warnings so maybe they can be ignored?!?!
Any idea what the issue could be?