Docker-Hanoi, profile picture
Uploaded byDocker-Hanoi
1,223 views

DockerDay2015: Docker Networking

This document summarizes a presentation on Docker networking. It introduces Docker networking concepts like the Docker0 bridge, virtual ethernet interfaces, linking containers, and editing networking configuration files. It then provides a deep dive on experimental Docker networking features in libnetwork like creating networks, multi-host networking, services, and drivers. The presentation encourages users to try experimental networking and contribute to libnetwork.

Embed presentation

Downloaded 64 times
Docker   Networking Văn  Đình  Phúc  –  System  Engineer   Nguyễn  Văn  Thường  –  Linux  Sysadmin   Trần  Hữu  Cường  –  R&D  
Networking Breakout Madhu Venugopal Jana Radhakrishnan Source: recap from DockerCon US 2015
AGENDA ¡  Introduction ¡  Networking Deep Dive (version 1.7) ¡  Networking Deep Dive (Experimental) ¡  Ecosystem ¡  Q&A HN - 19/07/2015DOCKERDAY –VIET NAM - 2015
INTRODUCTION DOCKERDAY –VIET NAM - 2015 HN - 19/07/2015
WHAT IS DOCKER ? Docker containers wrap up a piece of software in a complete filesystem that contains everything it needs to run: code, runtime, system tools, system libraries – anything you can install on a server HN - 19/07/2015DOCKERDAY –VIET NAM - 2015
WHY IS NETWORKING IMPORTANT ? ¡  Communication between containers and the wider world ¡  Communication between containers in single host and multi hosts ¡  Container attached to multi networks HN - 19/07/2015DOCKERDAY –VIET NAM - 2015
LIBNETWORK ¡  Open Sourced in April ¡  Over 200 Pull Requests ¡  Over 200 GitHub Stars ¡  Windows and FreeBSD ports in progress Source: recap from DockerCon US 2015
LIBNETWORK ¡  Project Pages define the goals of each PlatformVersion Release and identify current progress https://github.com/docker/libnetwork/wiki HN - 19/07/2015DOCKERDAY –VIET NAM - 2015 Project Page Target Date Current Sprint PlatformVersion libnetwork 0.5 10/06/2015 Docker 1.9.0 libnetwork 0.4 08/04/2015 Sprint 20 Docker 1.8.0 libnetwork 0.3 06/18/2015 Docker 1.7.0
NETWORKING DEEP DIVE (VERSION 1.7) DOCKERDAY –VIET NAM - 2015 HN - 19/07/2015
DOCKER0 BRIDGE HN - 19/07/2015DOCKERDAY –VIET NAM - 2015 ¡  Be a default bridge in Docker Hosts ¡  Randomly chooses an address and subnet from the private range defined by RFC 1918 ¡  Automatically forwards packets between any other network interfaces that are attached to it
VIRTUAL ETHERNET INTERFACES ¡  a pair of “peer” interfaces that are like opposite ends of a pipe — a packet sent on one will be received on the other ¡  It gives one of the peers to the container to become its eth0 interface and keeps the other peer, with a unique name like veth37c1271 HN - 19/07/2015DOCKERDAY –VIET NAM - 2015
BINDING CONTAINER PORTS TO THE HOST ¡  docker run: ¡  -P or --publish-all=true|fals ¡  -p SPEC or --publish=SPEC ¡  -p IP:host_port:container_port ¡  -p IP::port ¡  --ip=IP_ADDRESS HN - 19/07/2015DOCKERDAY –VIET NAM - 2015 ¡  --expose <port> ¡  EXPOSE line in the image’s Dockerfile orand
LINKING CONTAINERS TOGETHER ¡  docker run --name db -d -e MYSQL_ROOT_PASSWORD=Memzoh78 -e MYSQL_DATABASE=wpdb -e MYSQL_USER=wpuser -e MYSQL_PASSWORD=wppwd mysql ¡  docker run --name wp01 --link db:mysql -d -e WORDPRESS_DB_NAME=wpdb -e WORDPRESS_DB_USER=wpuser -e WORDPRESS_DB_PASSWORD=wppwd -p 8080:80 wordpress HN - 19/07/2015 DOCKERDAY –VIET NAM - 2015 Iptables Docker Host 8080/tcp eth0 db 3306/tcp •  Wpuser •  wppwd Wpdb eth0 wp01 •  /etc/host •  WORDPRESS_DB_N AME=wpdb •  WORDPRESS_DB_US ER=wpuser •  WORDPRESS_DB_PA SSWORD=wppwd eth0 Mysql:// 80/tcp
Docker Host eth0L0 docker0 HOW DOCKER NETWORKS A CONTAINER ? ¡  option to docker run : ¡  --net=bridge (default) ¡  --net=host ¡  --net=container:NAME_or_ID ¡  --net=none HN - 19/07/2015DOCKERDAY –VIET NAM - 2015 db •  Wpuser •  wppwd Wpdb L0 Veth***eth0 3306/tcp ¡  docker run --name db -d -e MYSQL_ROOT_PASSWORD=Memzoh78 -e MYSQL_DATABASE=wpdb -e MYSQL_USER=wpuser -e MYSQL_PASSWORD=wppwd mysql
EDITING NETWORKING CONFIG FILES ¡  with Docker v.1.2.0, you can now edit /etc/hosts, /etc/hostname and /etc/resolve.conf in a running container ¡  changes to these files will not be saved by docker commit nor will they be saved during docker run ¡  won’t be saved in the image, nor will they persist when a container is restarted HN - 19/07/2015DOCKERDAY –VIET NAM - 2015
ADVANCED NETWORKING TOOLS (THIRD PARTIES) ¡  Pipework (Jérôme Petazzoni) https://github.com/jpetazzo/pipework ¡  Foundations of Python Network Programming (Brandon Rhodes) https://github.com/brandon-rhodes/fopnp/tree/m/playground ¡  WEAVE https://github.com/weaveworks/weave HN - 19/07/2015DOCKERDAY –VIET NAM - 2015
NETWORKING DEEP DIVE (EXPERIMENTAL) DOCKERDAY –VIET NAM - 2015 HN - 19/07/2015
Why is Networking important? •  Traditional Networking is incredibly vast and complex •  Networking is an inherent part of distributed applications •  Make it developer-friendly & application driven. Source: recap from DockerCon US 2015
“We'll do for Networking, What Docker did for Compute.” Source: recap from DockerCon US 2015
Goals •  Make “network” & “service” as top-level objects •  Provide a pluggable networking stack •  Span networks across multiple hosts •  Support multiple platforms Source: recap from DockerCon US 2015
Whats New? •  Updated Networking Stack in Docker •  Create Networks using the Docker CLI •  Multi-host Networking •  Services UI blue = experimentalSource: recap from DockerCon US 2015
What is Libnetwork •  Library for creating and managing network stacks for containers •  Test daemon/client called "dnet" •  Driver-based networking •  Implements the Container Network Model Source: recap from DockerCon US 2015
Container Network Model (CNM) •  Endpoint •  Network •  Sandbox Source: recap from DockerCon US 2015
Create Network Create Container Defer to Driver Defer to Driver Source: recap from DockerCon US 2015
Libnetwork API •  libnetwork.New •  controller.ConfigureNetworkDriver •  controller.NewNetwork •  network.CreateEndpoint •  endpoint.Join Source: recap from DockerCon US 2015
RESTful API •  Provides CRUD for Networks and Endpoints •  /network •  /network/<network_id>/endpoints •  /network/<network_id>/endpoints/<endpoint_id> •  /network/<network_id>/endpoints/<endpoint_id>/containers •  /services •  /services/<service_id> •  /services/<service_id>/backends Source: recap from DockerCon US 2015
Drivers •  Drivers implement the Driver API •  They provide the specifics of how a network and endpoint are implemented Source: recap from DockerCon US 2015
Bridge Driver •  Creates a Linux Bridge for each network •  Creates a veth pair for each endpoint -  One end is attached to the bridge -  The other appears as eth0 inside the containers •  iptables rules created for NAT Source: recap from DockerCon US 2015
Overlay Driver •  Creates a separate network namespace for every network -  Facilitates overlapping IP address space across networks •  Creates a Linux Bridge and VXLAN tunnels to every other discovered host •  Creates a veth pair for each endpoint -  One end is attached to the bridge -  The other appears as eth0 inside the container •  Network namespace connected to host network using NAT -  Facilitates exiting the overlay network at every host(for external connectivity) Source: recap from DockerCon US 2015
Network Plugins •  Implemented using libnetwork's remote driver •  Uses JSON-RPC transport •  Can be written in any language •  Can be deployed as a container Source: recap from DockerCon US 2015
Networking Ecosystem Source: recap from DockerCon US 2015
– R. Callon, RFC 1925 - The Twelve Networking Truths “One size never fits all.” Source: recap from DockerCon US 2015
Source: recap from DockerCon US 2015
Call to Action! •  Try the Docker Experimental Channel! -  https://experimental.docker.com •  Contribute to libnetwork -  Raise an Issue or Submit a Pull Request •  Chat with us on IRC -  #docker-network on Freenode •  Stop by at the booth for a demo Source: recap from DockerCon US 2015
Q&A Source: recap from DockerCon US 2015
Thanks you ¡  Docker Hà Nội: http://www.meetup.com/Docker-HaNoi ¡  Văn Đình Phúc – phucvd.ce@gmail.com ¡  Trần Hữu Cường - tranhuucuong91@gmail.com ¡  NguyễnVăn Thường - thuongnvbk@gmail.com HN - 19/07/2015DOCKERDAY –VIET NAM - 2015

More Related Content

PPT
Docker Multi Host Networking, Rachit Arora, IBM
byNeependra Khare
 
PPTX
Docker networking Tutorial 101
byLorisPack Project
 
PDF
Container Network Interface: Network Plugins for Kubernetes and beyond
byKubeAcademy
 
PPTX
Docker networking
bylakshman kumar Vit.Lakshman
 
PPTX
Docker Online Meetup #29: Docker Networking is Now GA
byDocker, Inc.
 
PDF
DockerDay2015: Docker orchestration for sysadmin
byDocker-Hanoi
 
PPTX
Docker Networking - Current Status and goals of Experimental Networking
bySreenivas Makam
 
PPTX
Docker Networking : 0 to 60mph slides
byDocker, Inc.
 
Docker Multi Host Networking, Rachit Arora, IBM
byNeependra Khare
 
Docker networking Tutorial 101
byLorisPack Project
 
Container Network Interface: Network Plugins for Kubernetes and beyond
byKubeAcademy
 
Docker networking
bylakshman kumar Vit.Lakshman
 
Docker Online Meetup #29: Docker Networking is Now GA
byDocker, Inc.
 
DockerDay2015: Docker orchestration for sysadmin
byDocker-Hanoi
 
Docker Networking - Current Status and goals of Experimental Networking
bySreenivas Makam
 
Docker Networking : 0 to 60mph slides
byDocker, Inc.
 

What's hot

PDF
Docker Online Meetup #22: Docker Networking
byDocker, Inc.
 
PPTX
Docker network Present in VietNam DockerDay 2015
byVan Phuc
 
PPTX
Docker summit : Docker Networking Control-plane & Data-Plane
byMadhu Venugopal
 
PPTX
DockerCon US 2016 - Docker Networking deep dive
byMadhu Venugopal
 
PPTX
Docker networking tutorial 102
byLorisPack Project
 
PPTX
Docker Networking in OpenStack: What you need to know now
byPLUMgrid
 
PDF
Docker network performance in the public cloud
byArjan Schaaf
 
PDF
Docker Online Meetup #28: Production-Ready Docker Swarm
byDocker, Inc.
 
PPTX
Docker Networking Overview
bySreenivas Makam
 
PDF
Docker 1.12 networking deep dive
byMadhu Venugopal
 
PDF
Kubernetes Networking
byCJ Cullen
 
PDF
Unikernels: the rise of the library hypervisor in MirageOS
byDocker, Inc.
 
PDF
Kubernetes Networking - Giragadurai Vallirajan
byNeependra Khare
 
PPTX
DevOps Guide to Container Networking
byDirk Wallerstorfer
 
PDF
Kubernetes networking in AWS
byZvika Gazit
 
PDF
Docker Multihost Networking
byNicola Kabar
 
PDF
Kubernetes Networking
byGiragadurai Vallirajan
 
PDF
Docker Meetup: Docker Networking 1.11, by Madhu Venugopal
byMichelle Antebi
 
PDF
Driving containerd operations with gRPC
byDocker, Inc.
 
Docker Online Meetup #22: Docker Networking
byDocker, Inc.
 
Docker network Present in VietNam DockerDay 2015
byVan Phuc
 
Docker summit : Docker Networking Control-plane & Data-Plane
byMadhu Venugopal
 
DockerCon US 2016 - Docker Networking deep dive
byMadhu Venugopal
 
Docker networking tutorial 102
byLorisPack Project
 
Docker Networking in OpenStack: What you need to know now
byPLUMgrid
 
Docker network performance in the public cloud
byArjan Schaaf
 
Docker Online Meetup #28: Production-Ready Docker Swarm
byDocker, Inc.
 
Docker Networking Overview
bySreenivas Makam
 
Docker 1.12 networking deep dive
byMadhu Venugopal
 
Kubernetes Networking
byCJ Cullen
 
Unikernels: the rise of the library hypervisor in MirageOS
byDocker, Inc.
 
Kubernetes Networking - Giragadurai Vallirajan
byNeependra Khare
 
DevOps Guide to Container Networking
byDirk Wallerstorfer
 
Kubernetes networking in AWS
byZvika Gazit
 
Docker Multihost Networking
byNicola Kabar
 
Kubernetes Networking
byGiragadurai Vallirajan
 
Docker Meetup: Docker Networking 1.11, by Madhu Venugopal
byMichelle Antebi
 
Driving containerd operations with gRPC
byDocker, Inc.
 

Similar to DockerDay2015: Docker Networking

PPTX
Docker Networking (Libnetwork) - Lakshman Kumar
byNeependra Khare
 
PDF
Austin Docker Meetup May 2015
byJohn Willis
 
PPTX
DockerCon SF 2015: Networking Breakout
byDocker, Inc.
 
PDF
DockerCon SF 2015: Networking Breakout
byDocker, Inc.
 
PPTX
Docker 1.9 release party - Docker Ha Noi
byVan Phuc
 
PDF
Networking in Docker
byKnoldus Inc.
 
PDF
Building a sdn solution for the deployment of web application stacks in docker
byJorge Juan Mendoza
 
PPTX
Network Design patters with Docker
byDaniel Finneran
 
PDF
Practical Design Patterns in Docker Networking
byDocker, Inc.
 
PDF
KubernetesNetworkingAndImplementation-Lecture.pdf
byAnkitShukla661141
 
PDF
DockerCon EU 2015: Docker Networking Deep Dive
byDocker, Inc.
 
PDF
Octo talk : docker multi-host networking
byHervé Leclerc
 
PPTX
Docker Networking - Common Issues and Troubleshooting Techniques
bySreenivas Makam
 
PDF
Docker - From Walking To Running
byGiacomo Vacca
 
PDF
Docker Networking Deep Dive
byDocker, Inc.
 
PDF
Docker: the road ahead
byshykes
 
PDF
Collabnix Online Webinar - Demystifying Docker & Kubernetes Networking by Bal...
byAjeet Singh Raina
 
PPTX
Docker networking basics & coupling with Software Defined Networks
byAdrien Blind
 
PPTX
Lectre # 11 (VS&S). virtualization .pptx
byfarheengul004
 
PPTX
DockerCon EU 2018 Workshop: Container Networking for Swarm and Kubernetes in ...
byGuillaume Morini
 
Docker Networking (Libnetwork) - Lakshman Kumar
byNeependra Khare
 
Austin Docker Meetup May 2015
byJohn Willis
 
DockerCon SF 2015: Networking Breakout
byDocker, Inc.
 
DockerCon SF 2015: Networking Breakout
byDocker, Inc.
 
Docker 1.9 release party - Docker Ha Noi
byVan Phuc
 
Networking in Docker
byKnoldus Inc.
 
Building a sdn solution for the deployment of web application stacks in docker
byJorge Juan Mendoza
 
Network Design patters with Docker
byDaniel Finneran
 
Practical Design Patterns in Docker Networking
byDocker, Inc.
 
KubernetesNetworkingAndImplementation-Lecture.pdf
byAnkitShukla661141
 
DockerCon EU 2015: Docker Networking Deep Dive
byDocker, Inc.
 
Octo talk : docker multi-host networking
byHervé Leclerc
 
Docker Networking - Common Issues and Troubleshooting Techniques
bySreenivas Makam
 
Docker - From Walking To Running
byGiacomo Vacca
 
Docker Networking Deep Dive
byDocker, Inc.
 
Docker: the road ahead
byshykes
 
Collabnix Online Webinar - Demystifying Docker & Kubernetes Networking by Bal...
byAjeet Singh Raina
 
Docker networking basics & coupling with Software Defined Networks
byAdrien Blind
 
Lectre # 11 (VS&S). virtualization .pptx
byfarheengul004
 
DockerCon EU 2018 Workshop: Container Networking for Swarm and Kubernetes in ...
byGuillaume Morini
 

More from Docker-Hanoi

PDF
ContainerDayVietnam2016: Lesson Leanred on Docker 1.12 and Swarm Mode
byDocker-Hanoi
 
PDF
ContainerDayVietnam2016: Docker 1.12 at OpenFPT
byDocker-Hanoi
 
PDF
ContainerDayVietnam2016: Become a Cloud-native Developer
byDocker-Hanoi
 
PDF
ContainerDayVietnam2016: Kubernetes State-of-the-art Container Management Pla...
byDocker-Hanoi
 
PDF
ContainerDayVietnam2016: Docker for JS Developer
byDocker-Hanoi
 
PDF
ContainerDayVietnam2016: Containers with OpenStack
byDocker-Hanoi
 
PDF
ContainerDayVietnam2016: Django Development with Docker
byDocker-Hanoi
 
PDF
ContainerDayVietnam2016: Docker at scale with Mesos
byDocker-Hanoi
 
PDF
ContainerDayVietnam2016: Dockerize a small business
byDocker-Hanoi
 
PDF
ContainerDayVietnam2016: Hybrid and Automation System Architecture
byDocker-Hanoi
 
PPTX
Azure Container Service
byDocker-Hanoi
 
PPTX
Docker-Ha Noi- Year end 2015 party
byDocker-Hanoi
 
PDF
DockerDay2015: Introduction to OpenStack Magnum
byDocker-Hanoi
 
PPTX
DockerDay2015: Keynote
byDocker-Hanoi
 
PDF
DockerDay2015: Deploy Apps on IBM Bluemix
byDocker-Hanoi
 
PDF
DockerDay2015: Docker Security
byDocker-Hanoi
 
PDF
DockerDay2015: Docker orchestration for developers
byDocker-Hanoi
 
PDF
DockerDay2015: Getting started with Google Container Engine
byDocker-Hanoi
 
PDF
DockerDay2015: Build and monitor a load balanced web application with Docker ...
byDocker-Hanoi
 
PDF
DockerDay2015: Introduction to Dockerfile
byDocker-Hanoi
 
ContainerDayVietnam2016: Lesson Leanred on Docker 1.12 and Swarm Mode
byDocker-Hanoi
 
ContainerDayVietnam2016: Docker 1.12 at OpenFPT
byDocker-Hanoi
 
ContainerDayVietnam2016: Become a Cloud-native Developer
byDocker-Hanoi
 
ContainerDayVietnam2016: Kubernetes State-of-the-art Container Management Pla...
byDocker-Hanoi
 
ContainerDayVietnam2016: Docker for JS Developer
byDocker-Hanoi
 
ContainerDayVietnam2016: Containers with OpenStack
byDocker-Hanoi
 
ContainerDayVietnam2016: Django Development with Docker
byDocker-Hanoi
 
ContainerDayVietnam2016: Docker at scale with Mesos
byDocker-Hanoi
 
ContainerDayVietnam2016: Dockerize a small business
byDocker-Hanoi
 
ContainerDayVietnam2016: Hybrid and Automation System Architecture
byDocker-Hanoi
 
Azure Container Service
byDocker-Hanoi
 
Docker-Ha Noi- Year end 2015 party
byDocker-Hanoi
 
DockerDay2015: Introduction to OpenStack Magnum
byDocker-Hanoi
 
DockerDay2015: Keynote
byDocker-Hanoi
 
DockerDay2015: Deploy Apps on IBM Bluemix
byDocker-Hanoi
 
DockerDay2015: Docker Security
byDocker-Hanoi
 
DockerDay2015: Docker orchestration for developers
byDocker-Hanoi
 
DockerDay2015: Getting started with Google Container Engine
byDocker-Hanoi
 
DockerDay2015: Build and monitor a load balanced web application with Docker ...
byDocker-Hanoi
 
DockerDay2015: Introduction to Dockerfile
byDocker-Hanoi
 

Recently uploaded

PPTX
Microsoft Azure News - February 2026 - BAUG
byDaniel Toomey
 
PDF
UiPath Automation Developer Associate Training Series 2025 - Session 4
byDianaGray10
 
PPTX
GenerationAI Paris 2025 | AI in Tech: Beyond Expectations, Into Execution
byapidays
 
PDF
NTG -Company Profile_Software_Vendor_Company_in_MENA
byMustafa Kuğu
 
PDF
Security-Fails-in-the-Gaps-Between-Systems.pptx.pdf
byOhhproJunction
 
PDF
Oracle Cloud Infrastructure 2025 Architect Professional (1Z0-1127-25) Master ...
byExamCert App
 
PDF
20260212 Security-JAWS activity results for 2025 and activity goals for 2026
byTyphon 666
 
PDF
Constraint Collapse and Fidelity Decay in Scaled Language Models
bySemantic Fidelity Lab | A. Jacobs
 
PDF
apidays Paris 2025 | Zero Trust By Design
byapidays
 
PDF
UiPath Modern Automation Playbook -Session 2
bysuhanisingh58689
 
PDF
GDG Cloud Southlake #49: Pradeep R Kumar: Implications of Agentic AI for Iden...
byJames Anderson
 
PDF
Effortless Distributed Systems with Aspire.pdf
byParticular Software
 
PDF
How AI Can Help Platform Engineers Build Better Platforms
byAll Things Open
 
PDF
February 2026 Patch Tuesday hosted by Chris Goettl and Todd Schell
byIvanti
 
PDF
final.pdf
byomarbishtawi04
 
PDF
Spec-Driven Development with Kiro: Elevating Software Quality, Traceability, ...
byHaim Michael
 
PPTX
Automation Without Apprentices: How AI Challenges the Open Source Way
byIcinga
 
PPTX
Introducing VisualSim 2610 The Next Leap in System Level Modeling
byDeepak Shankar
 
PDF
Chapter 5 Security Mechanisms iin computer security.pdf
byGetnet Tigabie Askale -(GM)
 
PPTX
Do You Control the AI, or Does the AI Control You?
bymedhateltoukhy
 
Microsoft Azure News - February 2026 - BAUG
byDaniel Toomey
 
UiPath Automation Developer Associate Training Series 2025 - Session 4
byDianaGray10
 
GenerationAI Paris 2025 | AI in Tech: Beyond Expectations, Into Execution
byapidays
 
NTG -Company Profile_Software_Vendor_Company_in_MENA
byMustafa Kuğu
 
Security-Fails-in-the-Gaps-Between-Systems.pptx.pdf
byOhhproJunction
 
Oracle Cloud Infrastructure 2025 Architect Professional (1Z0-1127-25) Master ...
byExamCert App
 
20260212 Security-JAWS activity results for 2025 and activity goals for 2026
byTyphon 666
 
Constraint Collapse and Fidelity Decay in Scaled Language Models
bySemantic Fidelity Lab | A. Jacobs
 
apidays Paris 2025 | Zero Trust By Design
byapidays
 
UiPath Modern Automation Playbook -Session 2
bysuhanisingh58689
 
GDG Cloud Southlake #49: Pradeep R Kumar: Implications of Agentic AI for Iden...
byJames Anderson
 
Effortless Distributed Systems with Aspire.pdf
byParticular Software
 
How AI Can Help Platform Engineers Build Better Platforms
byAll Things Open
 
February 2026 Patch Tuesday hosted by Chris Goettl and Todd Schell
byIvanti
 
final.pdf
byomarbishtawi04
 
Spec-Driven Development with Kiro: Elevating Software Quality, Traceability, ...
byHaim Michael
 
Automation Without Apprentices: How AI Challenges the Open Source Way
byIcinga
 
Introducing VisualSim 2610 The Next Leap in System Level Modeling
byDeepak Shankar
 
Chapter 5 Security Mechanisms iin computer security.pdf
byGetnet Tigabie Askale -(GM)
 
Do You Control the AI, or Does the AI Control You?
bymedhateltoukhy
 

DockerDay2015: Docker Networking

  • 1.
    Docker   Networking Văn  Đình  Phúc  –  System  Engineer   Nguyễn  Văn  Thường  –  Linux  Sysadmin   Trần  Hữu  Cường  –  R&D  
  • 2.
    Networking Breakout Madhu Venugopal JanaRadhakrishnan Source: recap from DockerCon US 2015
  • 3.
    AGENDA ¡  Introduction ¡  NetworkingDeep Dive (version 1.7) ¡  Networking Deep Dive (Experimental) ¡  Ecosystem ¡  Q&A HN - 19/07/2015DOCKERDAY –VIET NAM - 2015
  • 4.
    INTRODUCTION DOCKERDAY –VIET NAM- 2015 HN - 19/07/2015
  • 5.
    WHAT IS DOCKER? Docker containers wrap up a piece of software in a complete filesystem that contains everything it needs to run: code, runtime, system tools, system libraries – anything you can install on a server HN - 19/07/2015DOCKERDAY –VIET NAM - 2015
  • 6.
    WHY IS NETWORKINGIMPORTANT ? ¡  Communication between containers and the wider world ¡  Communication between containers in single host and multi hosts ¡  Container attached to multi networks HN - 19/07/2015DOCKERDAY –VIET NAM - 2015
  • 7.
    LIBNETWORK ¡  Open Sourcedin April ¡  Over 200 Pull Requests ¡  Over 200 GitHub Stars ¡  Windows and FreeBSD ports in progress Source: recap from DockerCon US 2015
  • 8.
    LIBNETWORK ¡  Project Pagesdefine the goals of each PlatformVersion Release and identify current progress https://github.com/docker/libnetwork/wiki HN - 19/07/2015DOCKERDAY –VIET NAM - 2015 Project Page Target Date Current Sprint PlatformVersion libnetwork 0.5 10/06/2015 Docker 1.9.0 libnetwork 0.4 08/04/2015 Sprint 20 Docker 1.8.0 libnetwork 0.3 06/18/2015 Docker 1.7.0
  • 9.
    NETWORKING DEEP DIVE(VERSION 1.7) DOCKERDAY –VIET NAM - 2015 HN - 19/07/2015
  • 10.
    DOCKER0 BRIDGE HN -19/07/2015DOCKERDAY –VIET NAM - 2015 ¡  Be a default bridge in Docker Hosts ¡  Randomly chooses an address and subnet from the private range defined by RFC 1918 ¡  Automatically forwards packets between any other network interfaces that are attached to it
  • 11.
    VIRTUAL ETHERNET INTERFACES ¡ a pair of “peer” interfaces that are like opposite ends of a pipe — a packet sent on one will be received on the other ¡  It gives one of the peers to the container to become its eth0 interface and keeps the other peer, with a unique name like veth37c1271 HN - 19/07/2015DOCKERDAY –VIET NAM - 2015
  • 12.
    BINDING CONTAINER PORTSTO THE HOST ¡  docker run: ¡  -P or --publish-all=true|fals ¡  -p SPEC or --publish=SPEC ¡  -p IP:host_port:container_port ¡  -p IP::port ¡  --ip=IP_ADDRESS HN - 19/07/2015DOCKERDAY –VIET NAM - 2015 ¡  --expose <port> ¡  EXPOSE line in the image’s Dockerfile orand
  • 13.
    LINKING CONTAINERS TOGETHER ¡ docker run --name db -d -e MYSQL_ROOT_PASSWORD=Memzoh78 -e MYSQL_DATABASE=wpdb -e MYSQL_USER=wpuser -e MYSQL_PASSWORD=wppwd mysql ¡  docker run --name wp01 --link db:mysql -d -e WORDPRESS_DB_NAME=wpdb -e WORDPRESS_DB_USER=wpuser -e WORDPRESS_DB_PASSWORD=wppwd -p 8080:80 wordpress HN - 19/07/2015 DOCKERDAY –VIET NAM - 2015 Iptables Docker Host 8080/tcp eth0 db 3306/tcp •  Wpuser •  wppwd Wpdb eth0 wp01 •  /etc/host •  WORDPRESS_DB_N AME=wpdb •  WORDPRESS_DB_US ER=wpuser •  WORDPRESS_DB_PA SSWORD=wppwd eth0 Mysql:// 80/tcp
  • 14.
    Docker Host eth0L0 docker0 HOW DOCKERNETWORKS A CONTAINER ? ¡  option to docker run : ¡  --net=bridge (default) ¡  --net=host ¡  --net=container:NAME_or_ID ¡  --net=none HN - 19/07/2015DOCKERDAY –VIET NAM - 2015 db •  Wpuser •  wppwd Wpdb L0 Veth***eth0 3306/tcp ¡  docker run --name db -d -e MYSQL_ROOT_PASSWORD=Memzoh78 -e MYSQL_DATABASE=wpdb -e MYSQL_USER=wpuser -e MYSQL_PASSWORD=wppwd mysql
  • 15.
    EDITING NETWORKING CONFIGFILES ¡  with Docker v.1.2.0, you can now edit /etc/hosts, /etc/hostname and /etc/resolve.conf in a running container ¡  changes to these files will not be saved by docker commit nor will they be saved during docker run ¡  won’t be saved in the image, nor will they persist when a container is restarted HN - 19/07/2015DOCKERDAY –VIET NAM - 2015
  • 16.
    ADVANCED NETWORKING TOOLS(THIRD PARTIES) ¡  Pipework (Jérôme Petazzoni) https://github.com/jpetazzo/pipework ¡  Foundations of Python Network Programming (Brandon Rhodes) https://github.com/brandon-rhodes/fopnp/tree/m/playground ¡  WEAVE https://github.com/weaveworks/weave HN - 19/07/2015DOCKERDAY –VIET NAM - 2015
  • 17.
    NETWORKING DEEP DIVE(EXPERIMENTAL) DOCKERDAY –VIET NAM - 2015 HN - 19/07/2015
  • 18.
    Why is Networkingimportant? •  Traditional Networking is incredibly vast and complex •  Networking is an inherent part of distributed applications •  Make it developer-friendly & application driven. Source: recap from DockerCon US 2015
  • 19.
    “We'll do forNetworking, What Docker did for Compute.” Source: recap from DockerCon US 2015
  • 20.
    Goals •  Make “network”& “service” as top-level objects •  Provide a pluggable networking stack •  Span networks across multiple hosts •  Support multiple platforms Source: recap from DockerCon US 2015
  • 21.
    Whats New? •  UpdatedNetworking Stack in Docker •  Create Networks using the Docker CLI •  Multi-host Networking •  Services UI blue = experimentalSource: recap from DockerCon US 2015
  • 22.
    What is Libnetwork • Library for creating and managing network stacks for containers •  Test daemon/client called "dnet" •  Driver-based networking •  Implements the Container Network Model Source: recap from DockerCon US 2015
  • 23.
    Container Network Model (CNM) • Endpoint •  Network •  Sandbox Source: recap from DockerCon US 2015
  • 24.
  • 25.
    Libnetwork API •  libnetwork.New • controller.ConfigureNetworkDriver •  controller.NewNetwork •  network.CreateEndpoint •  endpoint.Join Source: recap from DockerCon US 2015
  • 26.
    RESTful API •  ProvidesCRUD for Networks and Endpoints •  /network •  /network/<network_id>/endpoints •  /network/<network_id>/endpoints/<endpoint_id> •  /network/<network_id>/endpoints/<endpoint_id>/containers •  /services •  /services/<service_id> •  /services/<service_id>/backends Source: recap from DockerCon US 2015
  • 27.
    Drivers •  Drivers implementthe Driver API •  They provide the specifics of how a network and endpoint are implemented Source: recap from DockerCon US 2015
  • 28.
    Bridge Driver •  Createsa Linux Bridge for each network •  Creates a veth pair for each endpoint -  One end is attached to the bridge -  The other appears as eth0 inside the containers •  iptables rules created for NAT Source: recap from DockerCon US 2015
  • 29.
    Overlay Driver •  Createsa separate network namespace for every network -  Facilitates overlapping IP address space across networks •  Creates a Linux Bridge and VXLAN tunnels to every other discovered host •  Creates a veth pair for each endpoint -  One end is attached to the bridge -  The other appears as eth0 inside the container •  Network namespace connected to host network using NAT -  Facilitates exiting the overlay network at every host(for external connectivity) Source: recap from DockerCon US 2015
  • 30.
    Network Plugins •  Implementedusing libnetwork's remote driver •  Uses JSON-RPC transport •  Can be written in any language •  Can be deployed as a container Source: recap from DockerCon US 2015
  • 31.
    Networking Ecosystem Source: recapfrom DockerCon US 2015
  • 32.
    – R. Callon,RFC 1925 - The Twelve Networking Truths “One size never fits all.” Source: recap from DockerCon US 2015
  • 33.
    Source: recap fromDockerCon US 2015
  • 34.
    Call to Action! • Try the Docker Experimental Channel! -  https://experimental.docker.com •  Contribute to libnetwork -  Raise an Issue or Submit a Pull Request •  Chat with us on IRC -  #docker-network on Freenode •  Stop by at the booth for a demo Source: recap from DockerCon US 2015
  • 35.
    Q&A Source: recap fromDockerCon US 2015
  • 36.
    Thanks you ¡  DockerHà Nội: http://www.meetup.com/Docker-HaNoi ¡  Văn Đình Phúc – phucvd.ce@gmail.com ¡  Trần Hữu Cường - tranhuucuong91@gmail.com ¡  NguyễnVăn Thường - thuongnvbk@gmail.com HN - 19/07/2015DOCKERDAY –VIET NAM - 2015