Configure the layer 7 routing service
Estimated reading time: 1 minuteWhen enabling the layer 7 routing solution from the UCP web UI,
you can configure the ports for incoming traffic. If you want to further
customize the layer 7 routing solution, you can do it by updating the
ucp-interlock
service with a new Docker configuration.
Here’s how it works:
-
Find out what configuration is currently being used for the
ucp-interlock
service and save it to a file:CURRENT_CONFIG_NAME=$(docker service inspect --format '{{ (index .Spec.TaskTemplate.ContainerSpec.Configs 0).ConfigName }}' ucp-interlock) docker config inspect --format '{{ printf "%s" .Spec.Data }}' $CURRENT_CONFIG_NAME > config.toml
-
Make the necessary changes to the
config.toml
file. Learn about the configuration options available. -
Create a new Docker configuration object from the file you’ve edited:
NEW_CONFIG_NAME="com.docker.ucp.interlock.conf-$(( $(cut -d '-' -f 2 <<< "$CURRENT_CONFIG_NAME") + 1 ))" docker config create $NEW_CONFIG_NAME config.toml
-
Update the
ucp-interlock
service to start using the new configuration:docker service update \ --config-rm $CURRENT_CONFIG_NAME \ --config-add source=$NEW_CONFIG_NAME,target=/config.toml \ ucp-interlock
By default the ucp-interlock
service is configured to pause if you provide an
invalid configuration. The service won’t restart without a manual intervention.
If you want the service to automatically rollback to a previous stable configuration, you can update it with:
docker service update \
--update-failure-action rollback \
ucp-interlock
Another thing to be aware is that every time you enable the layer 7 routing
solution from the UCP UI, the ucp-interlock
service is started using the
default configuration.
If you’ve customized the configuration used by the ucp-interlock
service,
you’ll have to update it again to use the Docker configuration object
you’ve created.