Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Docker meetup oct14


Published on

Slides presented at:

Published in: Technology

Docker meetup oct14

  1. 1. Policy Based Container Networking Vipin Jain
  2. 2. Ocean of Applications Cluster Applications can be grouped e.g. a scale-out micro service tiers Relationship exists between groups and applications within group
  3. 3. Where to apply network policies? Between containers within a service tier Between service tiers All containers in a service tier External Service Tier = Policy Domain Policy Global Tenant Scope:
  4. 4. What exactly can a network policy be? • Security:  Scoped white/black list rules on specific protocol/ports  In/Out policy to/from outside the cluster  Permit/Deny Inter-Container traffic within service tier • Network Services for Apps:  Virtual or Physical Service appliances (LB, FW, etc.) • Analytics/Diagnostics:  Netflow for certain application traffic  Copy traffic to/from a specific application • Physical Infrastructure Usage:  Bandwidth, Latency, etc. • IP Allocation Management (IPAM) Policy  Auto-allocation, DHCP-based, integration with IPAM tools • Etc.
  5. 5. Rendering Networking Policies Docker Composition + Policy Intent Node1 Node2 Node-n Contiv Master Docker Remote Plugin
  6. 6. Mapping them to Docker Constrcuts CNM Endpoint CNM Network Compose Service Node1 Node-n
  7. 7. Demonstration (Docker + Contiv) – Setup Web Contiv Plugin Host-1 Contiv Master Host-2 DB Web DB Application Intent Tenant-1: External  Web:80  DB:6379 Tenant-2: External  Web:80  DB:Port $ docker-compose up Launch Multi-tier Application 1 Docker Swarm Automated Network, Policy Creation2 Automated Workload Creation and Scheduling 3 Policy Instantiation4 One Click Application Deployment with Policy Instantiation Contiv Plugin
  8. 8. Thank You - Enjoy your Docker Containers!