Docker Swarm services sysctl
I remember a while ago (~ 1+ year ago ) when I was dockerizing a Kafka & a Redis cluster I faced an issue with my implementation, sysctls is not supported in Docker Swarm services (docker-compose.yml + docker stack deploy).
It is indeed supported by
docker run --sysctl net.ipv4.ip_forward=1 ...# &docker-compose up
which are single engine commands, not really useful if you wish to have services in a container orchestrator like Swarm
Let’s take Redis for example when you put it in Swarm it displays the following warning:
WARNING: The TCP backlog setting of 511 cannot be enforced because /proc/sys/net/core/somaxconn is set to the lower value of 128.💡 I found a work around but it was not enough, also at that time Docker swarm did not support sysctls just as Kubernetes supports sysctls for Pods.
Perhaps your sysctl use case is not for services like Redis or Kafka, but for your own application, you might face the issue that your application requires a specific kernel feature turned on/off or perhaps increased.
Meet sysctls for Docker Swarm
Before proceeding make sure to install/upgrade to Docker 19.03.1
So after more than 3 years since the initial request the wait is over! 🎉 🎉 🎉
Now you can verify if it worked:
$ docker ps --filter "name=redis" -q |xargs -I {} docker exec {} sysctl net.core.somaxconnnet.core.somaxconn = 1024
With this new feature we can now control kernel limits by service.
⚠️ However not all that glitters is gold, there are some limitations on which specific sysctl params are supported, to save you some time ⏳ here’s the link
