Docker Networking Series – I

Linux Networking Fundamentals

  • Docker networking uses the kernel’s networking stack to create high level networking feature of Docker
  • Docker Networking is Linux Networking
  • Also refer OSI Networking Model over here

Building Blocks

Linux Bridge

  • This is layer 2 device with virtual implementation of physical switch inside Linux Kernel
  • Forwards the traffic based on MAC address by inspecting traffic.

Network Namespace

  • Isolated network stack in kernel with its own interfaces, routes & firewall rules

Virtual Ethernet Devices or veth

  • Linux networking interface that acts as connecting wire between two two network namespaces

iptables

  • Generic table structure that defines rules & commands as part of the netfilter framework.

Docker Networking Architecture

  • Docker Networking Architecture is based on Container Networking Model.

Preview

note: Image from Docker

CNM Constructs – Sandbox

  • Contains the configuration of the containers network stack.
  • Includes routing tables, container’s interfaces, DNS setting etc.
  • Sample implementation could be Linux Network Namespace or any other similar concept.

CNM Constructs – Endpoint

  • Joins sandbox to the Network.
  • This abstracts actual connection to the network away from application.
  • Maintains portability for applications, so that they can use different network drivers

CNM Constructs – Network

  • Collection of endpoints having connectivity b/w themselves

CNM Driver Interfaces

  • CNM provides two pluggable & open interfaces to leverage additional functionality and control in the network
    • Network Drivers
    • IPAM Drivers Preview

Docker Native Network Drivers

  • Host
    • Container uses the networking stack of the host.
  • Bridge
    • Creates a bridge on the host that is managed by Docker.
    • All containers on Bridge Driver can communicate among themselves
    • Default Driver
  • Overlay
    • Used for multi-host networks.
    • uses local linux bridges & VXLAN to overlay container-to-container networking
  • MACVLAN
    • uses Linux MACVLAN bridge to establish connection b/w container interfaces & parent host interfaces
    • MAC address can be attached to each container
  • None

Docker Networking Scopes

  • Local: provides connectivity within host
  • Swarm: provides connectivity across swarm cluster

Tutorials

Host Network Driver

  • In host network driver all the containers are in same network namespace(sandbox)

Preview

Bridge Network Driver

Default Bridge Network Driver

Preview

User-Defined Bridge Networks

Preview

note: All the images are picked from Docker Documentations

By continuous learner

devops & cloud enthusiastic learner

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Please turn AdBlock off
Floating Social Media Icons by Acurax Wordpress Designers

Discover more from Direct DevOps from Quality Thought

Subscribe now to keep reading and get access to the full archive.

Continue reading

Visit Us On FacebookVisit Us On LinkedinVisit Us On Youtube