You misunderstood my point. I'm not bashing WireGuard. I'm sure it's a brilliant product and all power to them. My point is that using it to hack a clustering solution seems a bit odd if you have Docker Swarm to create a multi-host network using the overlay protocol. I know nothing about WG, but I use Docker every day.
On Thu, Nov 9, 2023 at 10:51 AM kekronbekron < 000002dee3fcae33-dmarc-requ...@listserv.ua.edu> wrote: > > ... instead of hacking together solutions that don’t work? > > Say that with a straight face to the companies building or relying on > WireGuard and see what happens. > > > > On Wednesday, November 8th, 2023 at 19:30, David Crayford < > dcrayf...@gmail.com> wrote: > > > > > On 8 Nov 2023, at 9:36 pm, Timothy Sipples sipp...@sg.ibm.com wrote: > > > > > > Dave Jousma wrote: > > > > > > > Thanks Timothy. Yep found all that, have the instance up and working > just fine > > > > > > > it’s the peer to peer networking that is not working. The fine folks > at > > > > > > > Rocket indicate that their software is picking up the internal > container IP, > > > > > > > and not using the Host IP causing the problem. They are working up > their own > > > > > > > testing, and believe that docker overlay networking can resolve this. > > > > > > OK, it’s interesting the software works that way. > > > > > > What software are you referring to, Docker? That’s fundamental to how > Docker networking works. Publishing ports using “-p <portnum>” doesn’t make > the services discoverable in docker containers. You meed overlay > networking. TE Web is a typical clustering architecture using > active/passive HA. You will also find that you can not run curl from within > a Docker image. Most docker containers are built to take up as small a > footprint as necessary so utilities like curl are not installed and you > cannot instal them using apt if security keys are not enabled, which is > best practice. > > > > > > > > > (“Thinking out loud...”) Could you run a “bigger” Linux container > image that includes a VPN tunnel (such as WireGuard) to connect these two > peers with one another to work around the issue? > > > > > > Why not just use a Docker clustering such as swarm instead of hacking > together solutions that don’t work? > > ---------------------------------------------------------------------- > > For IBM-MAIN subscribe / signoff / archive access instructions, > > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN