github.com/Heebron/moby@v0.0.0-20221111184709-6eab4f55faf7/libnetwork/cmd/ssd/README.md

github.com/Heebron/moby@v0.0.0-20221111184709-6eab4f55faf7/libnetwork/cmd/ssd/README.md (about)

     1  # Docker Swarm Service Driller(ssd)
     2  
     3  ssd is a troubleshooting utility for Docker swarm networks. 
     4  
     5  ### control-plane and datapath consistency check on a node
     6  ssd checks for the consistency between docker network control-plane (from the docker daemon in-memory state) and kernel data path programming. Currently the tool checks only for the consistency of the Load balancer (implemented using IPVS).
     7  
     8  In a three node swarm cluster ssd status for a overlay network `ov2` which has three services running, each replicated to 3 instances.
     9  
    10  ````bash
    11  vagrant@net-1:~/code/go/src/github.com/docker/docker-e2e/tests$ docker run -v /var/run/docker.sock:/var/run/docker.sock -v /var/run/docker/netns:/var/run/docker/netns --privileged --net=host sanimej/ssd ov2
    12  Verifying LB programming for containers on network ov2
    13  Verifying container /s2.3.ltrdwef0iqf90rqauw3ehcs56...
    14  service s2... OK
    15  service s3... OK
    16  service s1... OK
    17  Verifying container /s3.3.nyhwvdvnocb4wftyhb8dr4fj8...
    18  service s2... OK
    19  service s3... OK
    20  service s1... OK
    21  Verifying container /s1.3.wwx5tuxhnvoz5vrb8ohphby0r...
    22  service s2... OK
    23  service s3... OK
    24  service s1... OK
    25  Verifying LB programming for containers on network ingress
    26  Verifying container Ingress...
    27  service web... OK
    28  ````
    29  
    30  ssd checks the required iptables programming to direct an incoming packet with the <host ip>:<published port> to the right <backend ip>:<target port>
    31  
    32  ### control-plane consistency check across nodes in a cluster
    33  
    34  Docker networking uses a gossip protocol to synchronize networking state across nodes  in a cluster. ssd's `gossip-consistency` command verifies if the state maintained by all the nodes are consistent.
    35  
    36  ````bash
    37  In a three node cluster with services running on an overlay network ov2 ssd consistency-checker shows 
    38  
    39  vagrant@net-1:~/code/go/src/github.com/docker/docker-e2e/tests$ docker run -v /var/run/docker.sock:/var/run/docker.sock -v /var/run/docker/netns:/var/run/docker/netns --privileged sanimej/ssd ov2 gossip-consistency
    40  Node id: sjfp0ca8f43rvnab6v7f21gq0 gossip hash c57d89094dbb574a37930393278dc282
    41  
    42  Node id: bg228r3q9095grj4wxkqs80oe gossip hash c57d89094dbb574a37930393278dc282
    43  
    44  Node id: 6jylcraipcv2pxdricqe77j5q gossip hash c57d89094dbb574a37930393278dc282
    45  ````
    46  
    47  This is hash digest of the control-plane state for the network `ov2` from all the cluster nodes. If the values have a mismatch `docker network inspect --verbose` on the individual nodes can help in identifying what the specific difference is.