SlideShare a Scribd company logo
1 of 13
Docker Networking
Kingston Smiler. S (kingstonsmiler@gmail.com)
Agenda
 Introduction and Key Concepts
 Docker Communication requirement
 Different methods of Docker networking
 Sample Setup
 Limitation of current Docker Networking
Docker Networking - Introduction
Concept Description
Network Namespace Provide a way of having separate network stack for each
instance of a container.
Docker0 Bridge Default bridge created by docker to provide communication
across docker containers and external world including the
host.
Port Mapping Mechanism to map a port in the host machine with the
Docker container’s networking stack.
Veth Pair Veth is a special, logical, virtual interface which is similar to a
link / pipe. It has two ends which are logical interfaces and
provide connectivity across two different network elements.
Different Communication Requirement
 Container – Container
Communication
 Container to Host Communication
 Container to External world
communication.
 Container - Container
communication across containers
running in different host.
Cont 1 Cont 2 Cont 3
Docker0/OVS Port Map
Host1
etho
Different Methods of Docker Networking
 Docker Bridging
 Host Port Binding to Docker
 Docker network using host network stack (--net=host)
 Docker communication using –net=container
 Docker Container linking using –link option
 Docker Networking Using OVS (Advanced)
Docker Bridging
 Docker0 bridge
 Virtual bridge similar to linux
bridge
 Created in the host machine
during the creation of Docker
container.
 Veth Pair
 Will be created during the
creation of Docker container.
 One end of the veth pair is
attached to the eth0 interface
of Docker container
 Another end is attached to the
docker0 bridge with interface
name starts with vethc3cd.
Host Port Binding To Docker Container
 In this method, a port in the host machine will be bound to a port
in Docker.
 Simple way of running a service in Docker container and exposing
the service to external world.
 Example case is, running a webserver in the docker container and
forwarding all the web traffic which is coming to the HTTP port in
host machine to Docker container.
 -p IP:host_port:container_port option does it.
 /usr/bin/docker run -d --name port_forward -p 80:80 ubuntu_apache
/usr/sbin/apache2ctl -D FOREGROUND
 This operation is similar to NAT.
 Two or more container won’t be able to provide the same service
on same host port.
Docker Network Using Host Network Stack
 Docker container can use the host machines networking stack
instead of having a separate network stack.
 One way of making containers talk to external world.
 --net=host option does it
 /usr/bin/docker run -d --name h1 --net=host ubuntu_ftp vsftpd
 If two containers in the host system prefers to use this
mechanism then, port collision across the container happens.
Docker Communication Using Other Docker’s Network Stack
 Simple way of making containers talk to each other.
 Uses other Docker’s networking stack instead of having a
separate network stack.
 Similar to –net=host option. But here instead of using the host
machines network stack, it uses some other Docker’s network
stack.
 The two containers can talk to each other by using loopback
interface.
 --net=host option does it
 /usr/bin/docker run -d --name cont_net1 --net=container:b1 ubuntu /bin/sh -c "while
true; do echo Hello World; sleep 1; done"
Docker Communication Using Link
 Provides a mechanism for Docker container to transfer
information from one container to another securely.
 No ports are explicitly exposed to the destination container by
source.
 Unidirectional Conduit / Pipe between source and destination
container.
 Information about the service which is running in the source
container will be exposed to the destination.
 Simple way of providing service chaining in docker environment.
making containers talk to each other.
 docker run -d -P --name link_dest --link port_forward:link1 ubuntu /bin/sh -c "while true;
do echo Hello World; sleep 1; done"
Requirement Vs Communication Methods
 Container – Container Communication
 Docker0 bridge (Cont1 – Cont2 via Docker0)
 Container networking using –net=container option
(Cont4 – Cont5)
 UDS / pipe (Cont1 – Cont2)
 Container linking using –link option
 OVS (Cont1 – Cont2 via OVS)
 Container to Host Communication
 Host networking using –net=host option (Cont6)
 Docker0 bridge (Cont1, Cont2, Cont4)
 Container to External world communication.
 Port Mapping (Cont 3)
 Host networking using –net=host option (Cont 6)
 Container - Container communication across
containers running in different host.
 OVS
Cont 4 Cont 5
Cont 6
Docker0/OVS Host
Network
Host 2
Cont 1 Cont 2 Cont 3
Docker0/OVS Port Map
Host1
Veth Pair
UDS / Pipe
GRE / VXLAN Tunnel
Port Map
--net=host option
--net = container option
Eth 1
Eth 1
Sample Setup
b1
Host Network Stack
Host VM Machine
b2
Link
dest
h1
Port
forward
Cont
net1
enp0s3 enp0s8
Docker0/OVS
Thank you
kingstonsmiler@gmail.com

More Related Content

What's hot

containerd the universal container runtime
containerd the universal container runtimecontainerd the universal container runtime
containerd the universal container runtimeDocker, Inc.
 
Why Docker
Why DockerWhy Docker
Why DockerdotCloud
 
Introduction to Docker Containers - Docker Captain
Introduction to Docker Containers - Docker CaptainIntroduction to Docker Containers - Docker Captain
Introduction to Docker Containers - Docker CaptainAjeet Singh Raina
 
Docker 101: An Introduction
Docker 101: An IntroductionDocker 101: An Introduction
Docker 101: An IntroductionPOSSCON
 
Docker: From Zero to Hero
Docker: From Zero to HeroDocker: From Zero to Hero
Docker: From Zero to Herofazalraja
 
Docker introduction
Docker introductionDocker introduction
Docker introductionPhuc Nguyen
 
Introduction to docker
Introduction to dockerIntroduction to docker
Introduction to dockerJohn Willis
 
Docker introduction & benefits
Docker introduction & benefitsDocker introduction & benefits
Docker introduction & benefitsAmit Manwade
 
Introduction to Docker storage, volume and image
Introduction to Docker storage, volume and imageIntroduction to Docker storage, volume and image
Introduction to Docker storage, volume and imageejlp12
 
Intro to containerization
Intro to containerizationIntro to containerization
Intro to containerizationBalint Pato
 
Docker 101: Introduction to Docker
Docker 101: Introduction to DockerDocker 101: Introduction to Docker
Docker 101: Introduction to DockerDocker, Inc.
 
Docker Explained | What Is A Docker Container? | Docker Simplified | Docker T...
Docker Explained | What Is A Docker Container? | Docker Simplified | Docker T...Docker Explained | What Is A Docker Container? | Docker Simplified | Docker T...
Docker Explained | What Is A Docker Container? | Docker Simplified | Docker T...Edureka!
 
Docker Swarm Introduction
Docker Swarm IntroductionDocker Swarm Introduction
Docker Swarm Introductionrajdeep
 
Getting started with Docker
Getting started with DockerGetting started with Docker
Getting started with DockerRavindu Fernando
 
Dockers and containers basics
Dockers and containers basicsDockers and containers basics
Dockers and containers basicsSourabh Saxena
 

What's hot (20)

containerd the universal container runtime
containerd the universal container runtimecontainerd the universal container runtime
containerd the universal container runtime
 
Why Docker
Why DockerWhy Docker
Why Docker
 
Introduction to Docker Containers - Docker Captain
Introduction to Docker Containers - Docker CaptainIntroduction to Docker Containers - Docker Captain
Introduction to Docker Containers - Docker Captain
 
Docker 101: An Introduction
Docker 101: An IntroductionDocker 101: An Introduction
Docker 101: An Introduction
 
Docker: From Zero to Hero
Docker: From Zero to HeroDocker: From Zero to Hero
Docker: From Zero to Hero
 
Docker introduction
Docker introductionDocker introduction
Docker introduction
 
Introduction to docker
Introduction to dockerIntroduction to docker
Introduction to docker
 
Introduction to Docker
Introduction to DockerIntroduction to Docker
Introduction to Docker
 
Docker introduction & benefits
Docker introduction & benefitsDocker introduction & benefits
Docker introduction & benefits
 
Docker swarm
Docker swarmDocker swarm
Docker swarm
 
Dockerfile
Dockerfile Dockerfile
Dockerfile
 
Introduction to Docker storage, volume and image
Introduction to Docker storage, volume and imageIntroduction to Docker storage, volume and image
Introduction to Docker storage, volume and image
 
Intro to containerization
Intro to containerizationIntro to containerization
Intro to containerization
 
Docker on Docker
Docker on DockerDocker on Docker
Docker on Docker
 
Docker Basics
Docker BasicsDocker Basics
Docker Basics
 
Docker 101: Introduction to Docker
Docker 101: Introduction to DockerDocker 101: Introduction to Docker
Docker 101: Introduction to Docker
 
Docker Explained | What Is A Docker Container? | Docker Simplified | Docker T...
Docker Explained | What Is A Docker Container? | Docker Simplified | Docker T...Docker Explained | What Is A Docker Container? | Docker Simplified | Docker T...
Docker Explained | What Is A Docker Container? | Docker Simplified | Docker T...
 
Docker Swarm Introduction
Docker Swarm IntroductionDocker Swarm Introduction
Docker Swarm Introduction
 
Getting started with Docker
Getting started with DockerGetting started with Docker
Getting started with Docker
 
Dockers and containers basics
Dockers and containers basicsDockers and containers basics
Dockers and containers basics
 

Viewers also liked

Graduating To Go - A Jumpstart into the Go Programming Language
Graduating To Go - A Jumpstart into the Go Programming LanguageGraduating To Go - A Jumpstart into the Go Programming Language
Graduating To Go - A Jumpstart into the Go Programming LanguageKaylyn Gibilterra
 
What in the World is Going on at The Linux Foundation?
What in the World is Going on at The Linux Foundation?What in the World is Going on at The Linux Foundation?
What in the World is Going on at The Linux Foundation?Black Duck by Synopsys
 
[若渴計畫] Challenges and Solutions of Window Remote Shellcode
[若渴計畫] Challenges and Solutions of Window Remote Shellcode[若渴計畫] Challenges and Solutions of Window Remote Shellcode
[若渴計畫] Challenges and Solutions of Window Remote ShellcodeAj MaChInE
 
Linux Security APIs and the Chromium Sandbox (SwedenCpp Meetup 2017)
Linux Security APIs and the Chromium Sandbox (SwedenCpp Meetup 2017)Linux Security APIs and the Chromium Sandbox (SwedenCpp Meetup 2017)
Linux Security APIs and the Chromium Sandbox (SwedenCpp Meetup 2017)Patricia Aas
 
OCCIware, an extensible, standard-based XaaS consumer platform to manage ever...
OCCIware, an extensible, standard-based XaaS consumer platform to manage ever...OCCIware, an extensible, standard-based XaaS consumer platform to manage ever...
OCCIware, an extensible, standard-based XaaS consumer platform to manage ever...OCCIware
 
Scale Up with Lock-Free Algorithms @ JavaOne
Scale Up with Lock-Free Algorithms @ JavaOneScale Up with Lock-Free Algorithms @ JavaOne
Scale Up with Lock-Free Algorithms @ JavaOneRoman Elizarov
 
Advanced memory allocation
Advanced memory allocationAdvanced memory allocation
Advanced memory allocationJoris Bonnefoy
 
Communication hardware
Communication hardwareCommunication hardware
Communication hardwareHans Mallen
 
DevRomagna / Golang Intro
DevRomagna / Golang IntroDevRomagna / Golang Intro
DevRomagna / Golang IntroSimone Gentili
 
In-Memory Computing Essentials for Architects and Engineers
In-Memory Computing Essentials for Architects and EngineersIn-Memory Computing Essentials for Architects and Engineers
In-Memory Computing Essentials for Architects and EngineersDenis Magda
 
Walk through an enterprise Linux migration
Walk through an enterprise Linux migrationWalk through an enterprise Linux migration
Walk through an enterprise Linux migrationRogue Wave Software
 
In-depth forensic analysis of Windows registry files
In-depth forensic analysis of Windows registry filesIn-depth forensic analysis of Windows registry files
In-depth forensic analysis of Windows registry filesMaxim Suhanov
 
SDN Architecture & Ecosystem
SDN Architecture & EcosystemSDN Architecture & Ecosystem
SDN Architecture & EcosystemKingston Smiler
 
Deep dive into Coroutines on JVM @ KotlinConf 2017
Deep dive into Coroutines on JVM @ KotlinConf 2017Deep dive into Coroutines on JVM @ KotlinConf 2017
Deep dive into Coroutines on JVM @ KotlinConf 2017Roman Elizarov
 

Viewers also liked (20)

Graduating To Go - A Jumpstart into the Go Programming Language
Graduating To Go - A Jumpstart into the Go Programming LanguageGraduating To Go - A Jumpstart into the Go Programming Language
Graduating To Go - A Jumpstart into the Go Programming Language
 
numPYNQ @ NGCLE@e-Novia 15.11.2017
numPYNQ @ NGCLE@e-Novia 15.11.2017numPYNQ @ NGCLE@e-Novia 15.11.2017
numPYNQ @ NGCLE@e-Novia 15.11.2017
 
What in the World is Going on at The Linux Foundation?
What in the World is Going on at The Linux Foundation?What in the World is Going on at The Linux Foundation?
What in the World is Going on at The Linux Foundation?
 
[若渴計畫] Challenges and Solutions of Window Remote Shellcode
[若渴計畫] Challenges and Solutions of Window Remote Shellcode[若渴計畫] Challenges and Solutions of Window Remote Shellcode
[若渴計畫] Challenges and Solutions of Window Remote Shellcode
 
Linux Security APIs and the Chromium Sandbox (SwedenCpp Meetup 2017)
Linux Security APIs and the Chromium Sandbox (SwedenCpp Meetup 2017)Linux Security APIs and the Chromium Sandbox (SwedenCpp Meetup 2017)
Linux Security APIs and the Chromium Sandbox (SwedenCpp Meetup 2017)
 
OCCIware, an extensible, standard-based XaaS consumer platform to manage ever...
OCCIware, an extensible, standard-based XaaS consumer platform to manage ever...OCCIware, an extensible, standard-based XaaS consumer platform to manage ever...
OCCIware, an extensible, standard-based XaaS consumer platform to manage ever...
 
Scale Up with Lock-Free Algorithms @ JavaOne
Scale Up with Lock-Free Algorithms @ JavaOneScale Up with Lock-Free Algorithms @ JavaOne
Scale Up with Lock-Free Algorithms @ JavaOne
 
Advanced memory allocation
Advanced memory allocationAdvanced memory allocation
Advanced memory allocation
 
Communication hardware
Communication hardwareCommunication hardware
Communication hardware
 
DevRomagna / Golang Intro
DevRomagna / Golang IntroDevRomagna / Golang Intro
DevRomagna / Golang Intro
 
In-Memory Computing Essentials for Architects and Engineers
In-Memory Computing Essentials for Architects and EngineersIn-Memory Computing Essentials for Architects and Engineers
In-Memory Computing Essentials for Architects and Engineers
 
Walk through an enterprise Linux migration
Walk through an enterprise Linux migrationWalk through an enterprise Linux migration
Walk through an enterprise Linux migration
 
Server virtualization
Server virtualizationServer virtualization
Server virtualization
 
Go Execution Tracer
Go Execution TracerGo Execution Tracer
Go Execution Tracer
 
Virtualization
VirtualizationVirtualization
Virtualization
 
In-depth forensic analysis of Windows registry files
In-depth forensic analysis of Windows registry filesIn-depth forensic analysis of Windows registry files
In-depth forensic analysis of Windows registry files
 
SDN Architecture & Ecosystem
SDN Architecture & EcosystemSDN Architecture & Ecosystem
SDN Architecture & Ecosystem
 
OpenFlow
OpenFlowOpenFlow
OpenFlow
 
Network Virtualization
Network VirtualizationNetwork Virtualization
Network Virtualization
 
Deep dive into Coroutines on JVM @ KotlinConf 2017
Deep dive into Coroutines on JVM @ KotlinConf 2017Deep dive into Coroutines on JVM @ KotlinConf 2017
Deep dive into Coroutines on JVM @ KotlinConf 2017
 

Similar to Docker Networking

Single Host Docker Networking
Single Host Docker NetworkingSingle Host Docker Networking
Single Host Docker Networkingallingeek
 
Docker networking Tutorial 101
Docker networking Tutorial 101Docker networking Tutorial 101
Docker networking Tutorial 101LorisPack Project
 
Managing multicast/igmp stream on Docker
Managing multicast/igmp stream on DockerManaging multicast/igmp stream on Docker
Managing multicast/igmp stream on DockerThierry Gayet
 
Docker meetup
Docker meetupDocker meetup
Docker meetupsyed1
 
Docker Networking - Boulder Linux Users Group (BLUG)
Docker Networking - Boulder Linux Users Group (BLUG)Docker Networking - Boulder Linux Users Group (BLUG)
Docker Networking - Boulder Linux Users Group (BLUG)Dan Mackin
 
Docker Networking - Current Status and goals of Experimental Networking
Docker Networking - Current Status and goals of Experimental NetworkingDocker Networking - Current Status and goals of Experimental Networking
Docker Networking - Current Status and goals of Experimental NetworkingSreenivas Makam
 
Octo talk : docker multi-host networking
Octo talk : docker multi-host networking Octo talk : docker multi-host networking
Octo talk : docker multi-host networking Hervé Leclerc
 
Docker networking tutorial 102
Docker networking tutorial 102Docker networking tutorial 102
Docker networking tutorial 102LorisPack Project
 
Kubernetes on open stack
Kubernetes on open stackKubernetes on open stack
Kubernetes on open stackNaveen Joy
 
Building a sdn solution for the deployment of web application stacks in docker
Building a sdn solution for the deployment of web application stacks in dockerBuilding a sdn solution for the deployment of web application stacks in docker
Building a sdn solution for the deployment of web application stacks in dockerJorge Juan Mendoza
 
Scaling Docker with Kubernetes
Scaling Docker with KubernetesScaling Docker with Kubernetes
Scaling Docker with KubernetesCarlos Sanchez
 
Docker Meetup: Docker Networking 1.11 with Madhu Venugopal
Docker Meetup: Docker Networking 1.11 with Madhu VenugopalDocker Meetup: Docker Networking 1.11 with Madhu Venugopal
Docker Meetup: Docker Networking 1.11 with Madhu VenugopalDocker, Inc.
 
Docker 1.11 Meetup: Networking Showcase
Docker 1.11 Meetup: Networking ShowcaseDocker 1.11 Meetup: Networking Showcase
Docker 1.11 Meetup: Networking ShowcaseDocker, Inc.
 
Docker Meetup: Docker Networking 1.11, by Madhu Venugopal
Docker Meetup: Docker Networking 1.11, by Madhu VenugopalDocker Meetup: Docker Networking 1.11, by Madhu Venugopal
Docker Meetup: Docker Networking 1.11, by Madhu VenugopalMichelle Antebi
 
Docker-OVS
Docker-OVSDocker-OVS
Docker-OVSsnrism
 
Docker Multihost Networking
Docker Multihost Networking Docker Multihost Networking
Docker Multihost Networking Nicola Kabar
 
Docker Networking Meetup - Intro to Docker Networking
Docker Networking Meetup - Intro to Docker NetworkingDocker Networking Meetup - Intro to Docker Networking
Docker Networking Meetup - Intro to Docker NetworkingDhananjay Sampath
 
Designing scalable Docker networks
Designing scalable Docker networksDesigning scalable Docker networks
Designing scalable Docker networksMurat Mukhtarov
 

Similar to Docker Networking (20)

Single Host Docker Networking
Single Host Docker NetworkingSingle Host Docker Networking
Single Host Docker Networking
 
Docker networking Tutorial 101
Docker networking Tutorial 101Docker networking Tutorial 101
Docker networking Tutorial 101
 
Managing multicast/igmp stream on Docker
Managing multicast/igmp stream on DockerManaging multicast/igmp stream on Docker
Managing multicast/igmp stream on Docker
 
Docker meetup
Docker meetupDocker meetup
Docker meetup
 
Docker Networking - Boulder Linux Users Group (BLUG)
Docker Networking - Boulder Linux Users Group (BLUG)Docker Networking - Boulder Linux Users Group (BLUG)
Docker Networking - Boulder Linux Users Group (BLUG)
 
Docker Networking - Current Status and goals of Experimental Networking
Docker Networking - Current Status and goals of Experimental NetworkingDocker Networking - Current Status and goals of Experimental Networking
Docker Networking - Current Status and goals of Experimental Networking
 
Demystfying container-networking
Demystfying container-networkingDemystfying container-networking
Demystfying container-networking
 
Octo talk : docker multi-host networking
Octo talk : docker multi-host networking Octo talk : docker multi-host networking
Octo talk : docker multi-host networking
 
Docker networking tutorial 102
Docker networking tutorial 102Docker networking tutorial 102
Docker networking tutorial 102
 
Kubernetes networks
Kubernetes networksKubernetes networks
Kubernetes networks
 
Kubernetes on open stack
Kubernetes on open stackKubernetes on open stack
Kubernetes on open stack
 
Building a sdn solution for the deployment of web application stacks in docker
Building a sdn solution for the deployment of web application stacks in dockerBuilding a sdn solution for the deployment of web application stacks in docker
Building a sdn solution for the deployment of web application stacks in docker
 
Scaling Docker with Kubernetes
Scaling Docker with KubernetesScaling Docker with Kubernetes
Scaling Docker with Kubernetes
 
Docker Meetup: Docker Networking 1.11 with Madhu Venugopal
Docker Meetup: Docker Networking 1.11 with Madhu VenugopalDocker Meetup: Docker Networking 1.11 with Madhu Venugopal
Docker Meetup: Docker Networking 1.11 with Madhu Venugopal
 
Docker 1.11 Meetup: Networking Showcase
Docker 1.11 Meetup: Networking ShowcaseDocker 1.11 Meetup: Networking Showcase
Docker 1.11 Meetup: Networking Showcase
 
Docker Meetup: Docker Networking 1.11, by Madhu Venugopal
Docker Meetup: Docker Networking 1.11, by Madhu VenugopalDocker Meetup: Docker Networking 1.11, by Madhu Venugopal
Docker Meetup: Docker Networking 1.11, by Madhu Venugopal
 
Docker-OVS
Docker-OVSDocker-OVS
Docker-OVS
 
Docker Multihost Networking
Docker Multihost Networking Docker Multihost Networking
Docker Multihost Networking
 
Docker Networking Meetup - Intro to Docker Networking
Docker Networking Meetup - Intro to Docker NetworkingDocker Networking Meetup - Intro to Docker Networking
Docker Networking Meetup - Intro to Docker Networking
 
Designing scalable Docker networks
Designing scalable Docker networksDesigning scalable Docker networks
Designing scalable Docker networks
 

Recently uploaded

Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfIngrid Airi González
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersRaghuram Pandurangan
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Hiroshi SHIBATA
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rick Flair
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesThousandEyes
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsRavi Sanghani
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentPim van der Noll
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Strongerpanagenda
 
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesAssure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesThousandEyes
 
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Scott Andery
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfpanagenda
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Farhan Tariq
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demoHarshalMandlekar2
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfNeo4j
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsNathaniel Shimoni
 

Recently uploaded (20)

Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdf
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information Developers
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and Insights
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
 
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesAssure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
 
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demo
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdf
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
 

Docker Networking

  • 1. Docker Networking Kingston Smiler. S (kingstonsmiler@gmail.com)
  • 2. Agenda  Introduction and Key Concepts  Docker Communication requirement  Different methods of Docker networking  Sample Setup  Limitation of current Docker Networking
  • 3. Docker Networking - Introduction Concept Description Network Namespace Provide a way of having separate network stack for each instance of a container. Docker0 Bridge Default bridge created by docker to provide communication across docker containers and external world including the host. Port Mapping Mechanism to map a port in the host machine with the Docker container’s networking stack. Veth Pair Veth is a special, logical, virtual interface which is similar to a link / pipe. It has two ends which are logical interfaces and provide connectivity across two different network elements.
  • 4. Different Communication Requirement  Container – Container Communication  Container to Host Communication  Container to External world communication.  Container - Container communication across containers running in different host. Cont 1 Cont 2 Cont 3 Docker0/OVS Port Map Host1 etho
  • 5. Different Methods of Docker Networking  Docker Bridging  Host Port Binding to Docker  Docker network using host network stack (--net=host)  Docker communication using –net=container  Docker Container linking using –link option  Docker Networking Using OVS (Advanced)
  • 6. Docker Bridging  Docker0 bridge  Virtual bridge similar to linux bridge  Created in the host machine during the creation of Docker container.  Veth Pair  Will be created during the creation of Docker container.  One end of the veth pair is attached to the eth0 interface of Docker container  Another end is attached to the docker0 bridge with interface name starts with vethc3cd.
  • 7. Host Port Binding To Docker Container  In this method, a port in the host machine will be bound to a port in Docker.  Simple way of running a service in Docker container and exposing the service to external world.  Example case is, running a webserver in the docker container and forwarding all the web traffic which is coming to the HTTP port in host machine to Docker container.  -p IP:host_port:container_port option does it.  /usr/bin/docker run -d --name port_forward -p 80:80 ubuntu_apache /usr/sbin/apache2ctl -D FOREGROUND  This operation is similar to NAT.  Two or more container won’t be able to provide the same service on same host port.
  • 8. Docker Network Using Host Network Stack  Docker container can use the host machines networking stack instead of having a separate network stack.  One way of making containers talk to external world.  --net=host option does it  /usr/bin/docker run -d --name h1 --net=host ubuntu_ftp vsftpd  If two containers in the host system prefers to use this mechanism then, port collision across the container happens.
  • 9. Docker Communication Using Other Docker’s Network Stack  Simple way of making containers talk to each other.  Uses other Docker’s networking stack instead of having a separate network stack.  Similar to –net=host option. But here instead of using the host machines network stack, it uses some other Docker’s network stack.  The two containers can talk to each other by using loopback interface.  --net=host option does it  /usr/bin/docker run -d --name cont_net1 --net=container:b1 ubuntu /bin/sh -c "while true; do echo Hello World; sleep 1; done"
  • 10. Docker Communication Using Link  Provides a mechanism for Docker container to transfer information from one container to another securely.  No ports are explicitly exposed to the destination container by source.  Unidirectional Conduit / Pipe between source and destination container.  Information about the service which is running in the source container will be exposed to the destination.  Simple way of providing service chaining in docker environment. making containers talk to each other.  docker run -d -P --name link_dest --link port_forward:link1 ubuntu /bin/sh -c "while true; do echo Hello World; sleep 1; done"
  • 11. Requirement Vs Communication Methods  Container – Container Communication  Docker0 bridge (Cont1 – Cont2 via Docker0)  Container networking using –net=container option (Cont4 – Cont5)  UDS / pipe (Cont1 – Cont2)  Container linking using –link option  OVS (Cont1 – Cont2 via OVS)  Container to Host Communication  Host networking using –net=host option (Cont6)  Docker0 bridge (Cont1, Cont2, Cont4)  Container to External world communication.  Port Mapping (Cont 3)  Host networking using –net=host option (Cont 6)  Container - Container communication across containers running in different host.  OVS Cont 4 Cont 5 Cont 6 Docker0/OVS Host Network Host 2 Cont 1 Cont 2 Cont 3 Docker0/OVS Port Map Host1 Veth Pair UDS / Pipe GRE / VXLAN Tunnel Port Map --net=host option --net = container option Eth 1 Eth 1
  • 12. Sample Setup b1 Host Network Stack Host VM Machine b2 Link dest h1 Port forward Cont net1 enp0s3 enp0s8 Docker0/OVS