Docker network Present in VietNam DockerDay 2015

1. DOCKER NETWORKING VĂN ĐÌNH PHÚC TRẦN HỮU CƯỜNG NGUYỄN VĂN THƯỜNG HN - 7/17/2015DOCKERDAY – VIET NAM - 2015

2. Networking Breakout Madhu Venugopal Jana Radhakrishnan

3. AGENDA  Introduction  Networking Deep Dive (version 1.7)  Networking Deep Dive (Experimental)  Ecosystem  Q&A HN - 7/17/2015DOCKERDAY – VIET NAM - 2015

4. INTRODUCTION DOCKERDAY – VIET NAM - 2015 HN - 7/17/2015

5. WHAT IS DOCKER ? Docker containers wrap up a piece of software in a complete filesystem that contains everything it needs to run: code, runtime, system tools, system libraries – anything you can install on a server HN - 7/17/2015DOCKERDAY – VIET NAM - 2015

6. WHY IS NETWORKING IMPORTANT ?  Communication between containers and the wider world  Communication between containers in single host and multi hosts  Container attached to multi networks HN - 7/17/2015DOCKERDAY – VIET NAM - 2015

7. LIBNETWORK  Open Sourced in April  Over 200 Pull Requests  Over 200 GitHub Stars  Windows and FreeBSD ports in progress

8. LIBNETWORK  Project Pages define the goals of each Platform Version Release and identify current progress https://github.com/docker/libnetwork/wiki HN - 7/17/2015DOCKERDAY – VIET NAM - 2015 Project Page Target Date Current Sprint Platform Version libnetwork 0.5 10/06/2015 Docker 1.9.0 libnetwork 0.4 08/04/2015 Sprint 20 Docker 1.8.0 libnetwork 0.3 06/18/2015 Docker 1.7.0

9. NETWORKING DEEP DIVE (VERSION 1.7) DOCKERDAY – VIET NAM - 2015 HN - 7/17/2015

10. DOCKER0 BRIDGE HN - 7/17/2015DOCKERDAY – VIET NAM - 2015  Be a default bridge in Docker Hosts  Randomly chooses an address and subnet from the private range defined by RFC 1918  Automatically forwards packets between any other network interfaces that are attached to it

11. VIRTUAL ETHERNET INTERFACES  a pair of “peer” interfaces that are like opposite ends of a pipe — a packet sent on one will be received on the other  It gives one of the peers to the container to become its eth0 interface and keeps the other peer, with a unique name like veth37c1271 HN - 7/17/2015DOCKERDAY – VIET NAM - 2015

12. BINDING CONTAINER PORTS TO THE HOST  docker run:  -P or --publish-all=true|fals  -p SPEC or --publish=SPEC  -p IP:host_port:container_port  -p IP::port  --ip=IP_ADDRESS HN - 7/17/2015DOCKERDAY – VIET NAM - 2015  --expose <port>  EXPOSE line in the image’s Dockerfile orand

13. LINKING CONTAINERS TOGETHER  docker run --name db -d -e MYSQL_ROOT_PASSWORD=Memzoh78 -e MYSQL_DATABASE=wpdb -e MYSQL_USER=wpuser -e MYSQL_PASSWORD=wppwd mysql  docker run --name wp01 --link db:mysql -d -e WORDPRESS_DB_NAME=wpdb -e WORDPRESS_DB_USER=wpuser -e WORDPRESS_DB_PASSWORD=wppwd -p 8080:80 wordpress HN - 7/17/2015 DOCKERDAY – VIET NAM - 2015 Iptables Docker Host 8080/tcp eth0 db 3306/tcp • Wpuser • wppwd Wpdb eth0 wp01 • /etc/host • WORDPRESS_DB_NAME =wpdb • WORDPRESS_DB_USER =wpuser • WORDPRESS_DB_PASS WORD=wppwd eth0 Mysql:/ / 80/tcp

14. Docker Host eth0L0 docker0 HOW DOCKER NETWORKS A CONTAINER ?  option to docker run :  --net=bridge (default)  --net=host  --net=container:NAME_or_ID  --net=none HN - 7/17/2015DOCKERDAY – VIET NAM - 2015 db • Wpuser • wppwd Wpdb L0 Veth***eth0 3306/tcp  docker run --name db -d -e MYSQL_ROOT_PASSWORD=Memzoh78 -e MYSQL_DATABASE=wpdb -e MYSQL_USER=wpuser - e MYSQL_PASSWORD=wppwd mysql

15. EDITING NETWORKING CONFIG FILES  with Docker v.1.2.0, you can now edit /etc/hosts, /etc/hostname and /etc/resolve.conf in a running container  changes to these files will not be saved by docker commit nor will they be saved during docker run  won’t be saved in the image, nor will they persist when a container is restarted HN - 7/17/2015DOCKERDAY – VIET NAM - 2015

16. ADVANCED NETWORKING TOOLS (THIRD PARTIES)  Pipework (Jérôme Petazzoni) https://github.com/jpetazzo/pipework  Foundations of Python Network Programming (Brandon Rhodes) https://github.com/brandon-rhodes/fopnp/tree/m/playground  WEAVE https://github.com/weaveworks/weave HN - 7/17/2015DOCKERDAY – VIET NAM - 2015

17. NETWORKING DEEP DIVE (EXPERIMENTAL) DOCKERDAY – VIET NAM - 2015 HN - 7/17/2015

18. Why is Networking important? • Traditional Networking is incredibly vast and complex • Networking is an inherent part of distributed applications • Make it developer-friendly & application driven.

19. “We'll do for Networking, What Docker did for Compute.”

20. Goals • Make “network” & “service” as top-level objects • Provide a pluggable networking stack • Span networks across multiple hosts • Support multiple platforms

21. Whats New? • Updated Networking Stack in Docker • Create Networks using the Docker CLI • Multi-host Networking • Services UI blue = experimental

22. What is Libnetwork • Library for creating and managing network stacks for containers • Test daemon/client called "dnet" • Driver-based networking • Implements the Container Network Model

23. Container Network Model (CNM) • Endpoint • Network • Sandbox

24. Create Network Create Container Defer to Driver Defer to Driver

25. Libnetwork API • libnetwork.New • controller.ConfigureNetworkDriver • controller.NewNetwork • network.CreateEndpoint • endpoint.Join

26. RESTful API • Provides CRUD for Networks and Endpoints • /network • /network/<network_id>/endpoints • /network/<network_id>/endpoints/<endpoint_id> • /network/<network_id>/endpoints/<endpoint_id>/containers • /services • /services/<service_id> • /services/<service_id>/backends

27. Drivers • Drivers implement the Driver API • They provide the specifics of how a network and endpoint are implemented

28. Bridge Driver • Creates a Linux Bridge for each network • Creates a veth pair for each endpoint - One end is attached to the bridge - The other appears as eth0 inside the containers • iptables rules created for NAT

29. Overlay Driver • Creates a separate network namespace for every network - Facilitates overlapping IP address space across networks • Creates a Linux Bridge and VXLAN tunnels to every other discovered host • Creates a veth pair for each endpoint - One end is attached to the bridge - The other appears as eth0 inside the container • Network namespace connected to host network using NAT - Facilitates exiting the overlay network at every host(for external connectivity)

30. Network Plugins • Implemented using libnetwork's remote driver • Uses JSON-RPC transport • Can be written in any language • Can be deployed as a container

31. Networking Ecosystem

32. – R. Callon, RFC 1925 - The Twelve Networking Truths “One size never fits all.”

33. Call to Action! • Try the Docker Experimental Channel! - https://experimental.docker.com • Contribute to libnetwork - Raise an Issue or Submit a Pull Request • Chat with us on IRC - #docker-network on Freenode • Stop by at the booth for a demo

34. Q&A

35. Thanks you  Docker Hà Nội: http://www.meetup.com/Docker-HaNoi  Văn Đình Phúc – phucvd.ce@gmail.com  Trần Hữu Cường  Nguyễn Văn Thường

Docker network Present in VietNam DockerDay 2015

Esté a ler uma amostra.

Confira estes a seguir

Docker network Present in VietNam DockerDay 2015

Mais Conteúdo rRelacionado

Diapositivos para si (20)

Semelhante a Docker network Present in VietNam DockerDay 2015 (20)

Mais recentes (20)