Search code examples
dockerdocker-swarm

Is it possible to customize swarm port? If so, how to do this?

according to docker doc:

The following ports must be available. On some systems, these ports are open by default.

TCP port 2377 for cluster management communications

TCP and UDP port 7946 for communication among nodes

UDP port 4789 for overlay network traffic

so if these 3 default ports are not avaiavle on hosts, how to customized these ports?

Solution

  • The following options are available in 19.03 (just released):

    $ docker swarm init --help

Usage:  docker swarm init [OPTIONS]

Initialize a swarm

Options:
      --advertise-addr string                  Advertised address (format: <ip|interface>[:port])
      --autolock                               Enable manager autolocking (requiring an unlock key to start a stopped manager)
      --availability string                    Availability of the node ("active"|"pause"|"drain") (default "active")
      --cert-expiry duration                   Validity period for node certificates (ns|us|ms|s|m|h) (default 2160h0m0s)
      --data-path-addr string                  Address or interface to use for data path traffic (format: <ip|interface>)
      --data-path-port uint32                  Port number to use for data path traffic (1024 - 49151). If no value is set or is set to 0, the default port (4789) is used.
      --default-addr-pool ipNetSlice           default address pool in CIDR format (default [])
      --default-addr-pool-mask-length uint32   default address pool subnet mask length (default 24)
      --dispatcher-heartbeat duration          Dispatcher heartbeat period (ns|us|ms|s|m|h) (default 5s)
      --external-ca external-ca                Specifications of one or more certificate signing endpoints
      --force-new-cluster                      Force create a new cluster from current state
      --listen-addr node-addr                  Listen address (format: <ip|interface>[:port]) (default 0.0.0.0:2377)
      --max-snapshots uint                     Number of additional Raft snapshots to retain
      --snapshot-interval uint                 Number of log entries between Raft snapshots (default 10000)
      --task-history-limit int                 Task history retention limit (default 5)

    To change the listening port on 2377 and the VXLAN port on 4789, you should be able to run something like:

    docker swarm init --listen-addr 0.0.0.0:3377 --data-path-port 5789

    I do not believe 7946 is configurable yet.

    When joining other nodes to the swarm, you have the following options:

    $ docker swarm join --help

Usage:  docker swarm join [OPTIONS] HOST:PORT

Join a swarm as a node and/or manager

Options:
      --advertise-addr string   Advertised address (format: <ip|interface>[:port])
      --availability string     Availability of the node ("active"|"pause"|"drain") (default "active")
      --data-path-addr string   Address or interface to use for data path traffic (format: <ip|interface>)
      --listen-addr node-addr   Listen address (format: <ip|interface>[:port]) (default 0.0.0.0:2377)
      --token string            Token for entry into the swarm

    That lets you adjust the listener address/port. I don't know if data-path-port is a global setting in the entire swarm, that feature was only released GA an hour ago, so it will need some testing to understand how it behaves.

    From your comment:

    I'd like to know if the docker community will consider to make 7946 configurable

    Docker is open source, so you are free to submit PR's to moby/moby, libnetwork, and/or swarmkit. Not sure which repo specifically covers this implementation detail.