Question: guidance/best practice on how to connect to other containers from functions #226
A function might query a MySQL database, for example.
A naive attempt at passing the IP address of the host to the function is not good enough, unfortunately.
Telling the function to join the same Docker network as the MySQL database is on also fails since port
And doing it the other way around--i.e., telling the MySQL database to join the swarm network--gives me an error:
$ docker-compose -f test/docker-compose.yml run --rm --service-ports db ERROR: Cannot start service db: Could not attach to network func_functions: rpc error: code = PermissionDenied desc = network func_functions not manually attachable
I have seen mention in various places that whether the swarm network is 'attachable' can be configured, but looking through the
But anyway, I'm not sure that would be sufficient, since it would require being able to configure how the database is launched, when most of the time we wouldn't have that control (it would already be running).
I know this is really a Docker networking issue but I don't know enough to know what to Google for!
So any help would be appreciated.
I'd like functions to have access to services that are already running--like ElasticSearch, MySQL, Postgres, etc.
The text was updated successfully, but these errors were encountered:
There are three ways to do this. Let me know if you have any questions about the approaches listed. You're also welcome to join Slack if you email email@example.com
Option 1 - host port
Bind a port to the host and use the host's IP / DNS-entry in the function
Option 2 - Swarm service
If you are creating a new container such as MySQL then you can create a swarm service and simply specify the network as an additional parameter. That makes it resolvable via DNS and doesn't require a host to be exposed on the host.
Option 3 - attachable network
Go to your docker-compose YAML file and uncomment the last line which says "attachable". Now delete and re-deploy OpenFaaS (this must remove func_functions from
Thanks @alexellis, I really appreciate you getting back to me so quickly.
Your comments made me revisit option 1. I'd been using '0.0.0.0' to try to access MySQL, but of course that won't work. As you say though, using the host's IP does work! Thanks!
I'll still join Slack if that's ok--I can see myself using OpenFaaS a lot going forwards.
Full index of guides including workflows / chaining.
Thanks @alexellis. Yes, I liked options 2 and 3 as well. However, the majority of the scenarios I'm working on involve using centralised databases. For example, a number of pipelines take data from MySQL and Postgres, map it to a different schema, and then place it into ElasticSearch; I'm working on using OpenFaaS to run these pipelines so that I get all of your Prometheus/scaling/healthcheck goodness 'for free'.
At some point I may factor the source and destination parts of the pipeline out so that the functions just do the data processing, but for now it's a nice interim step to be able to run the reads and writes 'inside' the OpenFaaS function.
There are also a number of little things that OpenFaaS is ideal for.
For example, we want to have an endpoint that simply tells you the available versions of an image. It's a simple query against the database, and we were about to go through all of the hassle of setting up a REST (or more likely, GraphQL) endpoint. But by using OpenFaaS we get the endpoint we want running in no time, and more importantly get all of your scaling and monitoring stuff.
None of these use cases will be news to you, of course! But they are illustrations of how you might need to access Docker services over which you don't have any control.
On reflection I've actually gone for option 3. I'll explain why in case anyone stumbles across this thread in the future.
Looking at it again, I realised that in a live environment the reference to some centralised DB is easy...it will be some host name that is unlikely to be running in the same swarm as the functions so visibility is unlikely to be a problem.
My issue was that I am trying to run unit tests that need access to a test database on my own development machine. And certainly the easiest way to set that up is simply to allow the database container to join the OpenFaaS network.
Just to let you know you can configure the database through environmental variables using the YAML stack file, here's an example: