Docker Networking
-
References: Networking-1, Swarm, Networking-2
-
Docker containter network architecutre is built on set of interfaces/rules called as Container Networking Model (CNM)
-
CNM Constructs:
- Sandbox: this is containers network stack with features such as container network interfaces, routing tables and DNS settings
- Endpoint: joins sandbox to network
- Network: Network is collection of endpoints with connectivity b/w them.
-
CNM Driver Interfaces
-
CNM provides two pluggable and open interfaces
- Network Driver
- IPAM (IP Addresss Managment) Drivers
-
Native Network Drivers: docker has a section for network
docker network
-
Docker native network drivers:
- Host: with host driver , a container uses the networking stack of host.
- Bridge: This is default driver. Connecting multiple containers on the same bridge network in a single host. The containers created by default are connected to bridge network
- Overlay: This driver creates an overlay network to support multi-host containers.
- MACVLAN:
- None
-
Lets experiment.
- Create a nginx container and execute docker inspect <container-id>
- now lets inspect bridge network
docker network inspect bridge
- Create a nginx container and execute docker inspect <container-id>
Bridge Network
- In docker by default we will have a default bridge network with name bridge.
- Lets create a new bridge (user-defined bridge)
docker network create --help
docker network create --driver bridge --subnet 10.10.0.0/24 mybridge
- So lets create two container inside mybridge network
docker container run -d --name c1 --network mybridge alpine sleep 1d
docker container run -d --name c2 --network mybridge alpine sleep 1d
- Lets find the ipaddress of the contianer
docker network inspect mybridge
- Lets ping between container by name and ipaddress
docker container exec c1 ping -c 4 c2
docker container exec c1 ping -c 4 10.10.0.3
Docker Swarm
-
Docker swarm is docker native orchestration tool which helps in running containers on multi hosts.
-
In the below image assume we have mulitple hosts running containers on their bridge network.
-
Communications between containers on same host are possible but not on multi-hosts
-
In Docker swarm all the machines are referred as nodes. There are two kinds of nodes
- Manager node(s)
- worker nodes
-
Lets create docker swarm by following steps mentioned over here in the swarm setup
-
Service, task and container
-
Lets create a service to run 3 replicas of httpd in swarm manager
docker service create --replicas 2 --name httpd httpd
- scale the containers
- create a docker service with ports exposed
docker service create --name httpd --replicas 2 --update-delay 10s --publish published=8081,target=80 httpd
Networking in Windows Server
- Default driver is NAT (equivalent to bridge)
- Transperent driver is equivalent to host driver
