Running Docker Swarm on Linux VPS
What this is
Docker Swarm works on Linux VPS, with one adjustment you need to know up front: create your services with dnsrr endpoint mode instead of the default.
By default, Swarm gives each service a virtual IP and balances traffic to it using ipvs, a kernel load-balancing feature our Linux VPS platform doesn't provide. Services created in the default mode will misbehave. The built-in alternative, DNS round-robin (dnsrr), skips the virtual IP entirely: Swarm's internal DNS returns the IPs of the service's replicas directly, and that works fine here.
How to use dnsrr
Per service:
docker service create --name web --endpoint-mode dnsrr myimage
In a stack/compose file:
services:
web:
image: myimage
deploy:
endpoint_mode: dnsrr
What dnsrr changes in practice
- Published ports:
dnsrrdoesn't do the routing-mesh style--publish(modeingress). Publish in host mode instead (--publish published=80,target=80,mode=host) or, more commonly, put a reverse proxy (Traefik, nginx, Caddy) in front, Traefik in particular works naturally with dnsrr services, discovering replicas through Swarm. - Service-to-service traffic inside the overlay network just works: containers resolve the service name and get replica IPs.
- If you've seen older errors about
br_netfilterwhen initializing Swarm on our platform, that era is over, current Linux VPS need only the endpoint-mode adjustment described here.
Panels built on Swarm: EasyPanel
Some server panels run on Swarm under the hood, EasyPanel is the common one, which means a fresh install on a Linux VPS creates its services in the default VIP mode and they misbehave (typically as persistent 502 errors on every deployed app). EasyPanel doesn't currently expose an endpoint-mode setting in its UI, so convert its services from the shell:
docker service update --endpoint-mode dnsrr easypanel
And the same for every other service it has created, list them and convert in one pass:
docker service ls --format '{{.Name}}'
for s in $(docker service ls -q); do docker service update --endpoint-mode dnsrr $s; done
Keep in mind the panel creates a new service per app you deploy, and new services come up in the default mode again, re-run the update for newly deployed apps (or the loop above after adding several).
If you'd rather have stock behavior
Premium VPS is full KVM, a plain kernel of your own, so Swarm's default ipvs mode (and everything else) behaves exactly as on bare metal.
Still need help?
You can open a support ticket. So we can help on the first reply, it's worth mentioning:
- the VPS hostname or IP,
- the service's endpoint mode (from
docker service inspect), - the symptom (502s, an unreachable service, a panel like EasyPanel involved).
Related questions
- "Does Docker Swarm work on your Linux VPS?"
- "What is endpoint-mode dnsrr and why do I need it?"
- "My Swarm service isn't reachable on its virtual IP."
- "How do I publish ports with dnsrr?"
- "EasyPanel apps all return 502 on my Linux VPS, how do I fix it?"
- "How do I switch every Swarm service to dnsrr at once?"