Open TCP connection to specific node in docker swarm

Question:

How can I access specific containers inside a docker swarm network from outside the network?

I don’t need to access arbitrary ports, the exposed container ports are fine, but I need to be able to connect to a specific container, not just any container I am routed to via load balancing.

As in, I can currently do:

curl localhost:8582/service_id

And get something like:

1589697532253.0.8570331623512102

But the result varies, because it is load balanced to a different container each time I make the request. I only need this for debugging, I usually want the load balancing behavior, but when there is an issue with a specific container it is essential that I make requests only to that container.

I can do it within a container inside the network, but it is a lot easier to debug from my local machine, instead of inside a container.

Environment:

I am not sure if it is relevant, but I am on windows, running docker desktop, engine v19.03.8.

Things I tried:

I tried tunneling into the docker network with wireguard, however I believe that is a non-starter because my host OS is windows, and I can’t find any wireguard images that support non-linux host OSes (and I’m not sure that is even technically possible).

When I run docker network inspect ingress -v I can see there appears to be IPs associated with each container (10.0.0.12, 10.0.0.13) which differ from the IPs on the overlay network (10.0.18.7, 10.0.18.8), but when I try to access my exposed port over any of those IPs, the connection attempt is ignored and does not connect.

I tried adding a specific network route to make sure the packets were going to docker, by forcing all packets in the /24 address range to go through the docker gateway, but that didn’t work either (route add -p 10.0.0.0 MASK 255.255.255.0 192.168.8.177 METRIC 1 IF 49).

Any suggestions would be greatly appreciated!

Source: StackOverflow