Cli: Docker stack deploy with network host fails yaml validation on docker for windows
Description
I am trying to deploy a stack with a service using network host because this service needs to do a multicast.
As stated in the docs (https://docs.docker.com/compose/compose-file/#host-or-none) I declared an external netowrk called host and use that network in my service. This works perfectly fine on linux with docker 17.12.0-ce (or 17.12.1-ce or any other version I tested) however on docker for widnows with version 17.12.0 I get:
network "host" is declared as external, but it is not in the right scope: "local" instead of "swarm"
Steps to reproduce the issue:
- Create a stack with network
networks:
hostnet:
external:
name: host
- Declare a service using said network:
example-service:
image: hello-world
networks:
- hostnet
- deploy the stack
Describe the results you received:
network "host" is declared as external, but it is not in the right scope: "local" instead of "swarm"
Describe the results you expected:
Stack is successfully deployed
Additional information you deem important (e.g. issue happens only occasionally):
When calling docker stack deploy from within a container running 17.10 which has the docker socket mounted the behaviour is as desired.
Output of docker version:
Version: 17.12.0-ce API version: 1.35 Go version: go1.9.2 Git commit: c97c6d6 Built: Wed Dec 27 20:05:22 2017 OS/Arch: windows/amd64 Server: Engine: Version: 17.12.0-ce API version: 1.35 (minimum version 1.12) Go version: go1.9.2 Git commit: c97c6d6 Built: Wed Dec 27 20:12:29 2017 OS/Arch: linux/amd64 Experimental: false
Output of docker info:
Containers: 43 Running: 22 Paused: 0 Stopped: 21 Images: 20 Server Version: 17.12.0-ce Storage Driver: overlay2 Backing Filesystem: extfs Supports d_type: true Native Overlay Diff: true Logging Driver: json-file Cgroup Driver: cgroupfs Plugins: Volume: local Network: bridge host macvlan null overlay Log: awslogs fluentd gcplogs gelf journald json-file logentries splunk syslog Swarm: active NodeID: lcayhpu052oheu67v8z4kq5z9 Is Manager: true ClusterID: quho6g21euunnxpkcqc41bpbj Managers: 1 Nodes: 1 Orchestration: Task History Retention Limit: 5 Raft: Snapshot Interval: 10000 Number of Old Snapshots to Retain: 0 Heartbeat Tick: 1 Election Tick: 3 Dispatcher: Heartbeat Period: 5 seconds CA Configuration: Expiry Duration: 3 months Force Rotate: 0 Autolock Managers: false Root Rotation In Progress: false Node Address: 192.168.65.3 Manager Addresses: 192.168.65.3:2377 Runtimes: runc Default Runtime: runc Init Binary: docker-init containerd version: 89623f28b87a6004d4b785663257362d1658a729 runc version: b2567b37d7b75eb4cf325b77297b140ea686ce8f init version: 949e6fa Security Options: seccomp Profile: default Kernel Version: 4.9.60-linuxkit-aufs Operating System: Docker for Windows OSType: linux Architecture: x86_64 CPUs: 2 Total Memory: 1.934GiB Name: linuxkit-00155d087104 ID: YSPZ:2MRF:HAXW:KTZA:WCKX:NSTV:B4G3:CMC2:ZIH6:WA4B:K5DE:TFYL Docker Root Dir: /var/lib/docker Debug Mode (client): false Debug Mode (server): true File Descriptors: 171 Goroutines: 346 System Time: 2018-03-19T15:15:38.913833Z EventsListeners: 16 Registry: https://index.docker.io/v1/ Labels: Experimental: false Insecure Registries: 127.0.0.0/8 Live Restore Enabled: false
Hermain
All 10 comments
This is because the network name check is being done client side, and the client in this case is windows, so it's not recognizing the host network as a non-user defined network.
cc @vdemeester I believe you noticed this issue recently as well.
dnephin
on 19 Mar 2018
I believe the following PR (in moby)聽fixes it https://github.com/moby/moby/pull/36316
It should be in 18.03聽GA I think
vdemeester
on 19 Mar 2018
This issue is windows specific and does not affect linux with the exact same version. 36316 seems to fix something general though which affects linux too.
I don't know why windows and linux clients behave differently on exactly the same version but this from my point of view is a critical issue. Not only can't I trust that an application on docker for windows will run as well as on native linux, now i can't even be sure that my stack file will be accepted by any system running the same version.
What about labelling it a bug?
Hermain
on 20 Mar 2018
I updated to the new 18.03 GA on windows and still get:
network "host" is declared as external, but it is not in the right scope: "local" instead of "swarm"
Hermain
on 27 Mar 2018
The same "local" instead of "swarm" ...
Server Version: 18.03.1-ce
andrey-denisenko
on 18 Jun 2018
Any update ?
ondrejtomcik
on 19 Jul 2018
This makes it really hard to use docker for windows for testing...
strawgate
on 10 Aug 2018
Just bumped into this :(
b01t
on 22 Aug 2018
This still seems to be an issue
christopher-coffin
on 18 Jun 2019
I have this issue on Docker version 19.03.5
running:
env $(cat .env |grep ^[A-Z] | xargs) docker stack deploy --compose-file docker-compose.stack.yaml backend
docker-stack.yaml
version: "3.4"
services:
api:
image: 'backend:b64b003'
networks:
- private
- public
ports:
- "4443:443"
- "8088:80"
environment:
ASPNETCORE_URLS: 'https://+;http://+'
ASPNETCORE_HTTPS_PORT: 443
ASPNETCORE_Kestrel__Certificates__Default__Password: ""
phpmyadmin:
#depends_on:
image: phpmyadmin/phpmyadmin
restart: always
networks:
- private
ports:
- '13306:80'
environment:
PMA_HOST: localhost
MYSQL_ROOT_PASSWORD: ${MYSQL_ROOT_PASSWORD}
PMA_ABSOLUTE_URI: ${PMA_ABSOLUTE_URI}
PMA_SOCKET: /var/run/mysqld/mysqld.sock
volumes:
- /var/run/mysqld/mysqld.sock:/var/run/mysqld/mysqld.sock
- /var/run/mysqld/mysqld.sock:/tmp/mysqld.sock
volumes:
backend-api-https-pfx-volume:
elastic_data:
kibana_log:
portainer_data:
networks:
public:
driver: overlay
private:
driver: bridge
mason-chase
on 15 Jan 2020
Related issues
loeffel-io
路
4Comments
dedalusj
路
3Comments
thaJeztah
路
3Comments
and800
路
3Comments
dpyro
路
4Comments
Most helpful comment
This issue is windows specific and does not affect linux with the exact same version. 36316 seems to fix something general though which affects linux too.
I don't know why windows and linux clients behave differently on exactly the same version but this from my point of view is a critical issue. Not only can't I trust that an application on docker for windows will run as well as on native linux, now i can't even be sure that my stack file will be accepted by any system running the same version.
What about labelling it a bug?