Affects Version/s: DC/OS 1.9, DC/OS 1.10, DC/OS 1.11.2, DC/OS 1.11, DC/OS 1.12
I have a problem with docker containers using overlay network. My setup:
- service A in docker container using overlay network
- service B in docker container using bridge network
- both services on the same host.
When I want to connect from A to B it's not possible (for ex. ping doesn't work). Fun fact - when services are on different hosts it works as expected. After short investigation i found the problem - iptables rules:
What is strange - this is a cluster running 1.11.2 upgraded from 1.10. The problem is only on nodes which was rebooted after upgrade.
On nodes which wasn't rebooted it looks different:
As workaround I added a RETURN rule on the top of the chain manually.