Networking trouble with stock Portainer stack - instances unreachable

Hi folks,

Somewhat ‘new’, although I’ve been running Portainer for a while to help simplify my home-office Docker setup.
Still learning the finer minutia of both Docker & Portainer by trying stuff out - learning by doing.

I’ve recently rebuilt my server from a Proxmox mixed-setup, to a dedicated Portainer server:

  • Stock baremetal Debian
  • XFS (due to the SSD I mi=oved to); applied requite formatting options
  • Stock Docker (swarm) & Portainer-CE as per RTFM

Trying to keep it super lean & simple.

Initially I had hoped to stand up Portainer in Swarm, so that the service(s) run persistently, but this is where the fly got in the ointment.

I can see from the various logs that it seems things get stood up OK, but I’m unable to connect to the services/container from my LAN using the defaults.
I tried tweaking with the YML files to see if there’s something amiss, but still not getting connectivity.

I put a pin in it & just stood up the Portainer container itself so that I could move on to what I was planning to do.

Next I tried standing up a few images - as I did with this box pre-rebuild - but I still cannot reach them!
I use (essentially) the same yml files to stand up app via CLI docker-compose & they seem to work fine, but not in Portainer.

Due to my locale & timezone-difference, picking brains via the Discord channels is suuuper problematic, but one point of interest we drilled down and tested was around the ‘ports’ section for my app.

Attaching to the app(s) in question with ports mapped/defined, I am unable to curl/ping my LAN/WAN, but with the ports section omitted, but when the ports section IS defined, networking is FUBAR.
In both instances I am still unable to reach the app(s) remotely.

The combination of issues would seem indicate that there’s something wrong with my networking stack for Portainer itself.
The reason I’m suspecting this (TL;RD for above):

  • Networking seems OK from Docker CLI, but not when deploying Portainer via compose/swarm
  • Standing container is OK via Docker CLI & Portainer
  • Running YML file via CLI compose is OK, but not through Portainer stack
  • Networking for containers via Portainer stack is completely FUBAR with ports mapped, but slightly less so (but still unusable) with ports section omitted.

I have no doubt that this is a case of PIBKAC, but going from fresh OS to stacks via Portainer (I’ve since rebuilt this box a few times, assuming I’ve missed something), I think I’ve skipped a step or dropped a stitch somewhere along the way & cannot figure out where.

From what I can tell, everything “should just work” :tm:, but this is giving me grief & doing my head in.

Any help would be greatly appreciated, please.

Hello @jakes

I apologize for the late response. Did you ever get this ironed out? If not let me know and I will do my best to get you where you need to be.