Routing Mesh (Global Traffic Router)

  • Routes ingress (incoming) packets for a Service to proper Task
  • Spans all nodes in Swarm
  • Uses IPVS from Linux Kernel
  • Load balances Swarm Services across their Tasks
  • Two ways this works:

    • Container-to-container in an Overlay network (uses VIP)
    • External traffic incoming to published ports (all nodes listen)
  • This is stateless load balancing

  • This LB is at OSI Layer 3 (TCP), not Layer 4 (DNS)
  • Both limitation can be overcome with:
    • Nginx or HAProxy LB proxy, or:
    • Docker Enterprise Edition, which comes with built-in L4 web proxy

  • Similar to hardware load balancer


  • Let's run `elasticsearch service
[node1] ~> docker service create --name search --replicas 3 -p 9200:9200 elasticsearch:2

[node1] ~> docker service ps search
ID                  NAME                IMAGE               NODE                DESIRED STATE       CURRENT STATE           ERROR               PORTS
p1jg45oq9tfi        search.1            elasticsearch:2     node3               Running             Running 7 seconds ago
jsw9g0vh6xkz        search.2            elasticsearch:2     node1               Running             Running 7 seconds ago
ni2c3sagawbh        search.3            elasticsearch:2     node2               Running             Running 7 seconds ago
  • The load is distributed to tasks

