SlideShare uma empresa Scribd logo

Docker Networking Deep Dive

Transferir como PPTX, PDF
Van Phuc
Van Phuc

none

Tecnologia
1 de 36
DOCKER NETWORKING VĂN ĐÌNH PHÚC TRẦN HỮU CƯỜNG NGUYỄN VĂN THƯỜNG HN - 7/17/2015DOCKERDAY – VIET NAM - 2015
Networking Breakout Madhu Venugopal Jana Radhakrishnan
AGENDA  Introduction  Networking Deep Dive (version 1.7)  Networking Deep Dive (Experimental)  Ecosystem  Q&A HN - 7/17/2015DOCKERDAY – VIET NAM - 2015
INTRODUCTION DOCKERDAY – VIET NAM - 2015 HN - 7/17/2015
WHAT IS DOCKER ? Docker containers wrap up a piece of software in a complete filesystem that contains everything it needs to run: code, runtime, system tools, system libraries – anything you can install on a server HN - 7/17/2015DOCKERDAY – VIET NAM - 2015
WHY IS NETWORKING IMPORTANT ?  Communication between containers and the wider world  Communication between containers in single host and multi hosts  Container attached to multi networks HN - 7/17/2015DOCKERDAY – VIET NAM - 2015
LIBNETWORK  Open Sourced in April  Over 200 Pull Requests  Over 200 GitHub Stars  Windows and FreeBSD ports in progress
LIBNETWORK  Project Pages define the goals of each Platform Version Release and identify current progress https://github.com/docker/libnetwork/wiki HN - 7/17/2015DOCKERDAY – VIET NAM - 2015 Project Page Target Date Current Sprint Platform Version libnetwork 0.5 10/06/2015 Docker 1.9.0 libnetwork 0.4 08/04/2015 Sprint 20 Docker 1.8.0 libnetwork 0.3 06/18/2015 Docker 1.7.0
NETWORKING DEEP DIVE (VERSION 1.7) DOCKERDAY – VIET NAM - 2015 HN - 7/17/2015
DOCKER0 BRIDGE HN - 7/17/2015DOCKERDAY – VIET NAM - 2015  Be a default bridge in Docker Hosts  Randomly chooses an address and subnet from the private range defined by RFC 1918  Automatically forwards packets between any other network interfaces that are attached to it
VIRTUAL ETHERNET INTERFACES  a pair of “peer” interfaces that are like opposite ends of a pipe — a packet sent on one will be received on the other  It gives one of the peers to the container to become its eth0 interface and keeps the other peer, with a unique name like veth37c1271 HN - 7/17/2015DOCKERDAY – VIET NAM - 2015
BINDING CONTAINER PORTS TO THE HOST  docker run:  -P or --publish-all=true|fals  -p SPEC or --publish=SPEC  -p IP:host_port:container_port  -p IP::port  --ip=IP_ADDRESS HN - 7/17/2015DOCKERDAY – VIET NAM - 2015  --expose <port>  EXPOSE line in the image’s Dockerfile orand
LINKING CONTAINERS TOGETHER  docker run --name db -d -e MYSQL_ROOT_PASSWORD=Memzoh78 -e MYSQL_DATABASE=wpdb -e MYSQL_USER=wpuser -e MYSQL_PASSWORD=wppwd mysql  docker run --name wp01 --link db:mysql -d -e WORDPRESS_DB_NAME=wpdb -e WORDPRESS_DB_USER=wpuser -e WORDPRESS_DB_PASSWORD=wppwd -p 8080:80 wordpress HN - 7/17/2015 DOCKERDAY – VIET NAM - 2015 Iptables Docker Host 8080/tcp eth0 db 3306/tcp • Wpuser • wppwd Wpdb eth0 wp01 • /etc/host • WORDPRESS_DB_NAME =wpdb • WORDPRESS_DB_USER =wpuser • WORDPRESS_DB_PASS WORD=wppwd eth0 Mysql:/ / 80/tcp
Docker Host eth0L0 docker0 HOW DOCKER NETWORKS A CONTAINER ?  option to docker run :  --net=bridge (default)  --net=host  --net=container:NAME_or_ID  --net=none HN - 7/17/2015DOCKERDAY – VIET NAM - 2015 db • Wpuser • wppwd Wpdb L0 Veth***eth0 3306/tcp  docker run --name db -d -e MYSQL_ROOT_PASSWORD=Memzoh78 -e MYSQL_DATABASE=wpdb -e MYSQL_USER=wpuser - e MYSQL_PASSWORD=wppwd mysql
EDITING NETWORKING CONFIG FILES  with Docker v.1.2.0, you can now edit /etc/hosts, /etc/hostname and /etc/resolve.conf in a running container  changes to these files will not be saved by docker commit nor will they be saved during docker run  won’t be saved in the image, nor will they persist when a container is restarted HN - 7/17/2015DOCKERDAY – VIET NAM - 2015
ADVANCED NETWORKING TOOLS (THIRD PARTIES)  Pipework (Jérôme Petazzoni) https://github.com/jpetazzo/pipework  Foundations of Python Network Programming (Brandon Rhodes) https://github.com/brandon-rhodes/fopnp/tree/m/playground  WEAVE https://github.com/weaveworks/weave HN - 7/17/2015DOCKERDAY – VIET NAM - 2015
NETWORKING DEEP DIVE (EXPERIMENTAL) DOCKERDAY – VIET NAM - 2015 HN - 7/17/2015
Why is Networking important? • Traditional Networking is incredibly vast and complex • Networking is an inherent part of distributed applications • Make it developer-friendly & application driven.
“We'll do for Networking, What Docker did for Compute.”
Goals • Make “network” & “service” as top-level objects • Provide a pluggable networking stack • Span networks across multiple hosts • Support multiple platforms
Whats New? • Updated Networking Stack in Docker • Create Networks using the Docker CLI • Multi-host Networking • Services UI blue = experimental
What is Libnetwork • Library for creating and managing network stacks for containers • Test daemon/client called "dnet" • Driver-based networking • Implements the Container Network Model
Container Network Model (CNM) • Endpoint • Network • Sandbox
Create Network Create Container Defer to Driver Defer to Driver
Libnetwork API • libnetwork.New • controller.ConfigureNetworkDriver • controller.NewNetwork • network.CreateEndpoint • endpoint.Join
RESTful API • Provides CRUD for Networks and Endpoints • /network • /network/<network_id>/endpoints • /network/<network_id>/endpoints/<endpoint_id> • /network/<network_id>/endpoints/<endpoint_id>/containers • /services • /services/<service_id> • /services/<service_id>/backends
Drivers • Drivers implement the Driver API • They provide the specifics of how a network and endpoint are implemented
Bridge Driver • Creates a Linux Bridge for each network • Creates a veth pair for each endpoint - One end is attached to the bridge - The other appears as eth0 inside the containers • iptables rules created for NAT
Overlay Driver • Creates a separate network namespace for every network - Facilitates overlapping IP address space across networks • Creates a Linux Bridge and VXLAN tunnels to every other discovered host • Creates a veth pair for each endpoint - One end is attached to the bridge - The other appears as eth0 inside the container • Network namespace connected to host network using NAT - Facilitates exiting the overlay network at every host(for external connectivity)
Network Plugins • Implemented using libnetwork's remote driver • Uses JSON-RPC transport • Can be written in any language • Can be deployed as a container
Networking Ecosystem
– R. Callon, RFC 1925 - The Twelve Networking Truths “One size never fits all.”
Call to Action! • Try the Docker Experimental Channel! - https://experimental.docker.com • Contribute to libnetwork - Raise an Issue or Submit a Pull Request • Chat with us on IRC - #docker-network on Freenode • Stop by at the booth for a demo
Q&A
Thanks you  Docker Hà Nội: http://www.meetup.com/Docker-HaNoi  Văn Đình Phúc – phucvd.ce@gmail.com  Trần Hữu Cường  Nguyễn Văn Thường

Recomendados

Docker Networking - Current Status and goals of Experimental Networking
Docker Networking - Current Status and goals of Experimental NetworkingDocker Networking - Current Status and goals of Experimental Networking
Docker Networking - Current Status and goals of Experimental NetworkingSreenivas Makam
 
Docker networking Tutorial 101
Docker networking Tutorial 101Docker networking Tutorial 101
Docker networking Tutorial 101LorisPack Project
 
Octo talk : docker multi-host networking
Octo talk : docker multi-host networking Octo talk : docker multi-host networking
Octo talk : docker multi-host networking Hervé Leclerc
 
Docker network
Docker networkDocker network
Docker networkMohammadreza Amini
 
Docker 1.12 networking deep dive
Docker 1.12 networking deep diveDocker 1.12 networking deep dive
Docker 1.12 networking deep diveMadhu Venugopal
 
Web scale infrastructures with kubernetes and flannel
Web scale infrastructures with kubernetes and flannelWeb scale infrastructures with kubernetes and flannel
Web scale infrastructures with kubernetes and flannelpurpleocean
 
Docker Networking - Common Issues and Troubleshooting Techniques
Docker Networking - Common Issues and Troubleshooting TechniquesDocker Networking - Common Issues and Troubleshooting Techniques
Docker Networking - Common Issues and Troubleshooting TechniquesSreenivas Makam
 
Deep dive in Docker Overlay Networks
Deep dive in Docker Overlay NetworksDeep dive in Docker Overlay Networks
Deep dive in Docker Overlay NetworksLaurent Bernaille
 

Recomendados

Docker Networking - Current Status and goals of Experimental Networking
Docker Networking - Current Status and goals of Experimental NetworkingDocker Networking - Current Status and goals of Experimental Networking
Docker Networking - Current Status and goals of Experimental NetworkingSreenivas Makam
 
Docker networking Tutorial 101
Docker networking Tutorial 101Docker networking Tutorial 101
Docker networking Tutorial 101LorisPack Project
 
Octo talk : docker multi-host networking
Octo talk : docker multi-host networking Octo talk : docker multi-host networking
Octo talk : docker multi-host networking Hervé Leclerc
 
Docker network
Docker networkDocker network
Docker networkMohammadreza Amini
 
Docker 1.12 networking deep dive
Docker 1.12 networking deep diveDocker 1.12 networking deep dive
Docker 1.12 networking deep diveMadhu Venugopal
 
Web scale infrastructures with kubernetes and flannel
Web scale infrastructures with kubernetes and flannelWeb scale infrastructures with kubernetes and flannel
Web scale infrastructures with kubernetes and flannelpurpleocean
 
Docker Networking - Common Issues and Troubleshooting Techniques
Docker Networking - Common Issues and Troubleshooting TechniquesDocker Networking - Common Issues and Troubleshooting Techniques
Docker Networking - Common Issues and Troubleshooting TechniquesSreenivas Makam
 
Deep dive in Docker Overlay Networks
Deep dive in Docker Overlay NetworksDeep dive in Docker Overlay Networks
Deep dive in Docker Overlay NetworksLaurent Bernaille
 
Docker networking tutorial 102
Docker networking tutorial 102Docker networking tutorial 102
Docker networking tutorial 102LorisPack Project
 
Docker Networking with New Ipvlan and Macvlan Drivers
Docker Networking with New Ipvlan and Macvlan DriversDocker Networking with New Ipvlan and Macvlan Drivers
Docker Networking with New Ipvlan and Macvlan DriversBrent Salisbury
 
Docker meetup
Docker meetupDocker meetup
Docker meetupsyed1
 
Understanding docker networking
Understanding docker networkingUnderstanding docker networking
Understanding docker networkingLorenzo Fontana
 
Docker-OVS
Docker-OVSDocker-OVS
Docker-OVSsnrism
 
What should be PID 1 in a container ? by Ranjith Rajaram for #rootConf 2017
What should be PID 1 in a container ? by Ranjith Rajaram for #rootConf 2017What should be PID 1 in a container ? by Ranjith Rajaram for #rootConf 2017
What should be PID 1 in a container ? by Ranjith Rajaram for #rootConf 2017Ranjith Rajaram
 
Docker Networking
Docker NetworkingDocker Networking
Docker NetworkingKingston Smiler
 
Docker networking
Docker networkingDocker networking
Docker networkingAlvaro Saurin
 
Networking in Docker Containers
Networking in Docker ContainersNetworking in Docker Containers
Networking in Docker ContainersAttila Kanto
 
Docker networking basics & coupling with Software Defined Networks
Docker networking basics & coupling with Software Defined NetworksDocker networking basics & coupling with Software Defined Networks
Docker networking basics & coupling with Software Defined NetworksAdrien Blind
 
Docker: the road ahead
Docker: the road aheadDocker: the road ahead
Docker: the road aheadshykes
 
Head First to Container&Kubernetes
Head First to Container&KubernetesHead First to Container&Kubernetes
Head First to Container&KubernetesHungWei Chiu
 
Pipework: Software-Defined Network for Containers and Docker
Pipework: Software-Defined Network for Containers and DockerPipework: Software-Defined Network for Containers and Docker
Pipework: Software-Defined Network for Containers and DockerJérôme Petazzoni
 
DevOps Guide to Container Networking
DevOps Guide to Container NetworkingDevOps Guide to Container Networking
DevOps Guide to Container NetworkingDirk Wallerstorfer
 
Docker Multihost Networking
Docker Multihost Networking Docker Multihost Networking
Docker Multihost Networking Nicola Kabar
 
Docker Meetup: Docker Networking 1.11, by Madhu Venugopal
Docker Meetup: Docker Networking 1.11, by Madhu VenugopalDocker Meetup: Docker Networking 1.11, by Madhu Venugopal
Docker Meetup: Docker Networking 1.11, by Madhu VenugopalMichelle Antebi
 
Tutorial on using CoreOS Flannel for Docker networking
Tutorial on using CoreOS Flannel for Docker networkingTutorial on using CoreOS Flannel for Docker networking
Tutorial on using CoreOS Flannel for Docker networkingLorisPack Project
 
Docker Network Overview and legacy "--link"
Docker Network Overview and legacy "--link"Docker Network Overview and legacy "--link"
Docker Network Overview and legacy "--link"Avash Mulmi
 
Plug-ins: Building, Shipping, Storing, and Running - Nandhini Santhanam and T...
Plug-ins: Building, Shipping, Storing, and Running - Nandhini Santhanam and T...Plug-ins: Building, Shipping, Storing, and Running - Nandhini Santhanam and T...
Plug-ins: Building, Shipping, Storing, and Running - Nandhini Santhanam and T...Docker, Inc.
 
Docker-Hanoi @DKT , Presentation about Docker Ecosystem
Docker-Hanoi @DKT , Presentation about Docker EcosystemDocker-Hanoi @DKT , Presentation about Docker Ecosystem
Docker-Hanoi @DKT , Presentation about Docker EcosystemVan Phuc
 
DockerDay2015: Docker Networking
DockerDay2015: Docker NetworkingDockerDay2015: Docker Networking
DockerDay2015: Docker NetworkingDocker-Hanoi
 
Chris Swan at Container.Camp: Docker networking
Chris Swan at Container.Camp: Docker networkingChris Swan at Container.Camp: Docker networking
Chris Swan at Container.Camp: Docker networkingCohesive Networks
 

Mais conteúdo relacionado

Mais procurados

Docker networking tutorial 102
Docker networking tutorial 102Docker networking tutorial 102
Docker networking tutorial 102LorisPack Project
 
Docker Networking with New Ipvlan and Macvlan Drivers
Docker Networking with New Ipvlan and Macvlan DriversDocker Networking with New Ipvlan and Macvlan Drivers
Docker Networking with New Ipvlan and Macvlan DriversBrent Salisbury
 
Docker meetup
Docker meetupDocker meetup
Docker meetupsyed1
 
Understanding docker networking
Understanding docker networkingUnderstanding docker networking
Understanding docker networkingLorenzo Fontana
 
Docker-OVS
Docker-OVSDocker-OVS
Docker-OVSsnrism
 
What should be PID 1 in a container ? by Ranjith Rajaram for #rootConf 2017
What should be PID 1 in a container ? by Ranjith Rajaram for #rootConf 2017What should be PID 1 in a container ? by Ranjith Rajaram for #rootConf 2017
What should be PID 1 in a container ? by Ranjith Rajaram for #rootConf 2017Ranjith Rajaram
 
Networking in Docker Containers
Networking in Docker ContainersNetworking in Docker Containers
Networking in Docker ContainersAttila Kanto
 
Docker networking basics & coupling with Software Defined Networks
Docker networking basics & coupling with Software Defined NetworksDocker networking basics & coupling with Software Defined Networks
Docker networking basics & coupling with Software Defined NetworksAdrien Blind
 
Docker: the road ahead
Docker: the road aheadDocker: the road ahead
Docker: the road aheadshykes
 
Head First to Container&Kubernetes
Head First to Container&KubernetesHead First to Container&Kubernetes
Head First to Container&KubernetesHungWei Chiu
 
Pipework: Software-Defined Network for Containers and Docker
Pipework: Software-Defined Network for Containers and DockerPipework: Software-Defined Network for Containers and Docker
Pipework: Software-Defined Network for Containers and DockerJérôme Petazzoni
 
DevOps Guide to Container Networking
DevOps Guide to Container NetworkingDevOps Guide to Container Networking
DevOps Guide to Container NetworkingDirk Wallerstorfer
 
Docker Multihost Networking
Docker Multihost Networking Docker Multihost Networking
Docker Multihost Networking Nicola Kabar
 
Docker Meetup: Docker Networking 1.11, by Madhu Venugopal
Docker Meetup: Docker Networking 1.11, by Madhu VenugopalDocker Meetup: Docker Networking 1.11, by Madhu Venugopal
Docker Meetup: Docker Networking 1.11, by Madhu VenugopalMichelle Antebi
 
Tutorial on using CoreOS Flannel for Docker networking
Tutorial on using CoreOS Flannel for Docker networkingTutorial on using CoreOS Flannel for Docker networking
Tutorial on using CoreOS Flannel for Docker networkingLorisPack Project
 
Docker Network Overview and legacy "--link"
Docker Network Overview and legacy "--link"Docker Network Overview and legacy "--link"
Docker Network Overview and legacy "--link"Avash Mulmi
 
Plug-ins: Building, Shipping, Storing, and Running - Nandhini Santhanam and T...
Plug-ins: Building, Shipping, Storing, and Running - Nandhini Santhanam and T...Plug-ins: Building, Shipping, Storing, and Running - Nandhini Santhanam and T...
Plug-ins: Building, Shipping, Storing, and Running - Nandhini Santhanam and T...Docker, Inc.
 
Docker-Hanoi @DKT , Presentation about Docker Ecosystem
Docker-Hanoi @DKT , Presentation about Docker EcosystemDocker-Hanoi @DKT , Presentation about Docker Ecosystem
Docker-Hanoi @DKT , Presentation about Docker EcosystemVan Phuc
 

Mais procurados (20)

Docker networking tutorial 102
Docker networking tutorial 102Docker networking tutorial 102
Docker networking tutorial 102
 
Docker Networking with New Ipvlan and Macvlan Drivers
Docker Networking with New Ipvlan and Macvlan DriversDocker Networking with New Ipvlan and Macvlan Drivers
Docker Networking with New Ipvlan and Macvlan Drivers
 
Docker meetup
Docker meetupDocker meetup
Docker meetup
 
Understanding docker networking
Understanding docker networkingUnderstanding docker networking
Understanding docker networking
 
Docker-OVS
Docker-OVSDocker-OVS
Docker-OVS
 
What should be PID 1 in a container ? by Ranjith Rajaram for #rootConf 2017
What should be PID 1 in a container ? by Ranjith Rajaram for #rootConf 2017What should be PID 1 in a container ? by Ranjith Rajaram for #rootConf 2017
What should be PID 1 in a container ? by Ranjith Rajaram for #rootConf 2017
 
Docker Networking
Docker NetworkingDocker Networking
Docker Networking
 
Docker networking
Docker networkingDocker networking
Docker networking
 
Networking in Docker Containers
Networking in Docker ContainersNetworking in Docker Containers
Networking in Docker Containers
 
Docker networking basics & coupling with Software Defined Networks
Docker networking basics & coupling with Software Defined NetworksDocker networking basics & coupling with Software Defined Networks
Docker networking basics & coupling with Software Defined Networks
 
Docker: the road ahead
Docker: the road aheadDocker: the road ahead
Docker: the road ahead
 
Head First to Container&Kubernetes
Head First to Container&KubernetesHead First to Container&Kubernetes
Head First to Container&Kubernetes
 
Pipework: Software-Defined Network for Containers and Docker
Pipework: Software-Defined Network for Containers and DockerPipework: Software-Defined Network for Containers and Docker
Pipework: Software-Defined Network for Containers and Docker
 
DevOps Guide to Container Networking
DevOps Guide to Container NetworkingDevOps Guide to Container Networking
DevOps Guide to Container Networking
 
Docker Multihost Networking
Docker Multihost Networking Docker Multihost Networking
Docker Multihost Networking
 
Docker Meetup: Docker Networking 1.11, by Madhu Venugopal
Docker Meetup: Docker Networking 1.11, by Madhu VenugopalDocker Meetup: Docker Networking 1.11, by Madhu Venugopal
Docker Meetup: Docker Networking 1.11, by Madhu Venugopal
 
Tutorial on using CoreOS Flannel for Docker networking
Tutorial on using CoreOS Flannel for Docker networkingTutorial on using CoreOS Flannel for Docker networking
Tutorial on using CoreOS Flannel for Docker networking
 
Docker Network Overview and legacy "--link"
Docker Network Overview and legacy "--link"Docker Network Overview and legacy "--link"
Docker Network Overview and legacy "--link"
 
Plug-ins: Building, Shipping, Storing, and Running - Nandhini Santhanam and T...
Plug-ins: Building, Shipping, Storing, and Running - Nandhini Santhanam and T...Plug-ins: Building, Shipping, Storing, and Running - Nandhini Santhanam and T...
Plug-ins: Building, Shipping, Storing, and Running - Nandhini Santhanam and T...
 
Docker-Hanoi @DKT , Presentation about Docker Ecosystem
Docker-Hanoi @DKT , Presentation about Docker EcosystemDocker-Hanoi @DKT , Presentation about Docker Ecosystem
Docker-Hanoi @DKT , Presentation about Docker Ecosystem
 

Semelhante a Docker Networking Deep Dive

DockerDay2015: Docker Networking
DockerDay2015: Docker NetworkingDockerDay2015: Docker Networking
DockerDay2015: Docker NetworkingDocker-Hanoi
 
Chris Swan at Container.Camp: Docker networking
Chris Swan at Container.Camp: Docker networkingChris Swan at Container.Camp: Docker networking
Chris Swan at Container.Camp: Docker networkingCohesive Networks
 
How Linux Processes Your Network Packet - Elazar Leibovich
How Linux Processes Your Network Packet - Elazar LeibovichHow Linux Processes Your Network Packet - Elazar Leibovich
How Linux Processes Your Network Packet - Elazar LeibovichDevOpsDays Tel Aviv
 
FreeSWITCH on Docker
FreeSWITCH on DockerFreeSWITCH on Docker
FreeSWITCH on Docker建澄 吳
 
Introduction into Docker Containers, the Oracle Platform and the Oracle (Nati...
Introduction into Docker Containers, the Oracle Platform and the Oracle (Nati...Introduction into Docker Containers, the Oracle Platform and the Oracle (Nati...
Introduction into Docker Containers, the Oracle Platform and the Oracle (Nati...Lucas Jellema
 
Metaswitch and Intel: A Systematic Approach to NFV
Metaswitch and Intel: A Systematic Approach to NFVMetaswitch and Intel: A Systematic Approach to NFV
Metaswitch and Intel: A Systematic Approach to NFVSimon Dredge
 
[Draft] Fast Prototyping with DPDK and eBPF in Containernet
[Draft] Fast Prototyping with DPDK and eBPF in Containernet[Draft] Fast Prototyping with DPDK and eBPF in Containernet
[Draft] Fast Prototyping with DPDK and eBPF in ContainernetAndrew Wang
 
DockerCon SF 2015: Networking Breakout
DockerCon SF 2015: Networking BreakoutDockerCon SF 2015: Networking Breakout
DockerCon SF 2015: Networking BreakoutDocker, Inc.
 
JDD2014: Docker.io - versioned linux containers for JVM devops - Dominik Dorn
JDD2014: Docker.io - versioned linux containers for JVM devops - Dominik DornJDD2014: Docker.io - versioned linux containers for JVM devops - Dominik Dorn
JDD2014: Docker.io - versioned linux containers for JVM devops - Dominik DornPROIDEA
 
Building a sdn solution for the deployment of web application stacks in docker
Building a sdn solution for the deployment of web application stacks in dockerBuilding a sdn solution for the deployment of web application stacks in docker
Building a sdn solution for the deployment of web application stacks in dockerJorge Juan Mendoza
 
Linux Container Technology inside Docker with RHEL7
Linux Container Technology inside Docker with RHEL7Linux Container Technology inside Docker with RHEL7
Linux Container Technology inside Docker with RHEL7Etsuji Nakai
 
Overlay/Underlay - Betting on Container Networking
Overlay/Underlay - Betting on Container NetworkingOverlay/Underlay - Betting on Container Networking
Overlay/Underlay - Betting on Container NetworkingLee Calcote
 
Network Design patters with Docker
Network Design patters with DockerNetwork Design patters with Docker
Network Design patters with DockerDaniel Finneran
 
Laravel, docker, kubernetes
Laravel, docker, kubernetesLaravel, docker, kubernetes
Laravel, docker, kubernetesPeter Mein
 
Why everyone is excited about Docker (and you should too...) - Carlo Bonamic...
Why everyone is excited about Docker (and you should too...) - Carlo Bonamic...Why everyone is excited about Docker (and you should too...) - Carlo Bonamic...
Why everyone is excited about Docker (and you should too...) - Carlo Bonamic...Codemotion
 
DockerCon SF 2015: Networking Breakout
DockerCon SF 2015: Networking BreakoutDockerCon SF 2015: Networking Breakout
DockerCon SF 2015: Networking BreakoutDocker, Inc.
 
PyCon UK - iCE: Interactive cloud experimentation
PyCon UK - iCE: Interactive cloud experimentationPyCon UK - iCE: Interactive cloud experimentation
PyCon UK - iCE: Interactive cloud experimentationGeorge Lestaris
 
Openstack Neutron & Interconnections with BGP/MPLS VPNs
Openstack Neutron & Interconnections with BGP/MPLS VPNsOpenstack Neutron & Interconnections with BGP/MPLS VPNs
Openstack Neutron & Interconnections with BGP/MPLS VPNsThomas Morin
 
Microservices using relocatable Docker containers
Microservices using relocatable Docker containersMicroservices using relocatable Docker containers
Microservices using relocatable Docker containersMauricio Garavaglia
 

Semelhante a Docker Networking Deep Dive (20)

DockerDay2015: Docker Networking
DockerDay2015: Docker NetworkingDockerDay2015: Docker Networking
DockerDay2015: Docker Networking
 
Chris Swan at Container.Camp: Docker networking
Chris Swan at Container.Camp: Docker networkingChris Swan at Container.Camp: Docker networking
Chris Swan at Container.Camp: Docker networking
 
How Linux Processes Your Network Packet - Elazar Leibovich
How Linux Processes Your Network Packet - Elazar LeibovichHow Linux Processes Your Network Packet - Elazar Leibovich
How Linux Processes Your Network Packet - Elazar Leibovich
 
FreeSWITCH on Docker
FreeSWITCH on DockerFreeSWITCH on Docker
FreeSWITCH on Docker
 
FreeSWITCH on Docker
FreeSWITCH on DockerFreeSWITCH on Docker
FreeSWITCH on Docker
 
Introduction into Docker Containers, the Oracle Platform and the Oracle (Nati...
Introduction into Docker Containers, the Oracle Platform and the Oracle (Nati...Introduction into Docker Containers, the Oracle Platform and the Oracle (Nati...
Introduction into Docker Containers, the Oracle Platform and the Oracle (Nati...
 
Metaswitch and Intel: A Systematic Approach to NFV
Metaswitch and Intel: A Systematic Approach to NFVMetaswitch and Intel: A Systematic Approach to NFV
Metaswitch and Intel: A Systematic Approach to NFV
 
[Draft] Fast Prototyping with DPDK and eBPF in Containernet
[Draft] Fast Prototyping with DPDK and eBPF in Containernet[Draft] Fast Prototyping with DPDK and eBPF in Containernet
[Draft] Fast Prototyping with DPDK and eBPF in Containernet
 
DockerCon SF 2015: Networking Breakout
DockerCon SF 2015: Networking BreakoutDockerCon SF 2015: Networking Breakout
DockerCon SF 2015: Networking Breakout
 
JDD2014: Docker.io - versioned linux containers for JVM devops - Dominik Dorn
JDD2014: Docker.io - versioned linux containers for JVM devops - Dominik DornJDD2014: Docker.io - versioned linux containers for JVM devops - Dominik Dorn
JDD2014: Docker.io - versioned linux containers for JVM devops - Dominik Dorn
 
Building a sdn solution for the deployment of web application stacks in docker
Building a sdn solution for the deployment of web application stacks in dockerBuilding a sdn solution for the deployment of web application stacks in docker
Building a sdn solution for the deployment of web application stacks in docker
 
Linux Container Technology inside Docker with RHEL7
Linux Container Technology inside Docker with RHEL7Linux Container Technology inside Docker with RHEL7
Linux Container Technology inside Docker with RHEL7
 
Overlay/Underlay - Betting on Container Networking
Overlay/Underlay - Betting on Container NetworkingOverlay/Underlay - Betting on Container Networking
Overlay/Underlay - Betting on Container Networking
 
Network Design patters with Docker
Network Design patters with DockerNetwork Design patters with Docker
Network Design patters with Docker
 
Laravel, docker, kubernetes
Laravel, docker, kubernetesLaravel, docker, kubernetes
Laravel, docker, kubernetes
 
Why everyone is excited about Docker (and you should too...) - Carlo Bonamic...
Why everyone is excited about Docker (and you should too...) - Carlo Bonamic...Why everyone is excited about Docker (and you should too...) - Carlo Bonamic...
Why everyone is excited about Docker (and you should too...) - Carlo Bonamic...
 
DockerCon SF 2015: Networking Breakout
DockerCon SF 2015: Networking BreakoutDockerCon SF 2015: Networking Breakout
DockerCon SF 2015: Networking Breakout
 
PyCon UK - iCE: Interactive cloud experimentation
PyCon UK - iCE: Interactive cloud experimentationPyCon UK - iCE: Interactive cloud experimentation
PyCon UK - iCE: Interactive cloud experimentation
 
Openstack Neutron & Interconnections with BGP/MPLS VPNs
Openstack Neutron & Interconnections with BGP/MPLS VPNsOpenstack Neutron & Interconnections with BGP/MPLS VPNs
Openstack Neutron & Interconnections with BGP/MPLS VPNs
 
Microservices using relocatable Docker containers
Microservices using relocatable Docker containersMicroservices using relocatable Docker containers
Microservices using relocatable Docker containers
 

Último

Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGSujit Pal
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 

Último (20)

Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAG
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 

Docker Networking Deep Dive

  • 1. DOCKER NETWORKING VĂN ĐÌNH PHÚC TRẦN HỮU CƯỜNG NGUYỄN VĂN THƯỜNG HN - 7/17/2015DOCKERDAY – VIET NAM - 2015
  • 3. AGENDA  Introduction  Networking Deep Dive (version 1.7)  Networking Deep Dive (Experimental)  Ecosystem  Q&A HN - 7/17/2015DOCKERDAY – VIET NAM - 2015
  • 4. INTRODUCTION DOCKERDAY – VIET NAM - 2015 HN - 7/17/2015
  • 5. WHAT IS DOCKER ? Docker containers wrap up a piece of software in a complete filesystem that contains everything it needs to run: code, runtime, system tools, system libraries – anything you can install on a server HN - 7/17/2015DOCKERDAY – VIET NAM - 2015
  • 6. WHY IS NETWORKING IMPORTANT ?  Communication between containers and the wider world  Communication between containers in single host and multi hosts  Container attached to multi networks HN - 7/17/2015DOCKERDAY – VIET NAM - 2015
  • 7. LIBNETWORK  Open Sourced in April  Over 200 Pull Requests  Over 200 GitHub Stars  Windows and FreeBSD ports in progress
  • 8. LIBNETWORK  Project Pages define the goals of each Platform Version Release and identify current progress https://github.com/docker/libnetwork/wiki HN - 7/17/2015DOCKERDAY – VIET NAM - 2015 Project Page Target Date Current Sprint Platform Version libnetwork 0.5 10/06/2015 Docker 1.9.0 libnetwork 0.4 08/04/2015 Sprint 20 Docker 1.8.0 libnetwork 0.3 06/18/2015 Docker 1.7.0
  • 9. NETWORKING DEEP DIVE (VERSION 1.7) DOCKERDAY – VIET NAM - 2015 HN - 7/17/2015
  • 10. DOCKER0 BRIDGE HN - 7/17/2015DOCKERDAY – VIET NAM - 2015  Be a default bridge in Docker Hosts  Randomly chooses an address and subnet from the private range defined by RFC 1918  Automatically forwards packets between any other network interfaces that are attached to it
  • 11. VIRTUAL ETHERNET INTERFACES  a pair of “peer” interfaces that are like opposite ends of a pipe — a packet sent on one will be received on the other  It gives one of the peers to the container to become its eth0 interface and keeps the other peer, with a unique name like veth37c1271 HN - 7/17/2015DOCKERDAY – VIET NAM - 2015
  • 12. BINDING CONTAINER PORTS TO THE HOST  docker run:  -P or --publish-all=true|fals  -p SPEC or --publish=SPEC  -p IP:host_port:container_port  -p IP::port  --ip=IP_ADDRESS HN - 7/17/2015DOCKERDAY – VIET NAM - 2015  --expose <port>  EXPOSE line in the image’s Dockerfile orand
  • 13. LINKING CONTAINERS TOGETHER  docker run --name db -d -e MYSQL_ROOT_PASSWORD=Memzoh78 -e MYSQL_DATABASE=wpdb -e MYSQL_USER=wpuser -e MYSQL_PASSWORD=wppwd mysql  docker run --name wp01 --link db:mysql -d -e WORDPRESS_DB_NAME=wpdb -e WORDPRESS_DB_USER=wpuser -e WORDPRESS_DB_PASSWORD=wppwd -p 8080:80 wordpress HN - 7/17/2015 DOCKERDAY – VIET NAM - 2015 Iptables Docker Host 8080/tcp eth0 db 3306/tcp • Wpuser • wppwd Wpdb eth0 wp01 • /etc/host • WORDPRESS_DB_NAME =wpdb • WORDPRESS_DB_USER =wpuser • WORDPRESS_DB_PASS WORD=wppwd eth0 Mysql:/ / 80/tcp
  • 14. Docker Host eth0L0 docker0 HOW DOCKER NETWORKS A CONTAINER ?  option to docker run :  --net=bridge (default)  --net=host  --net=container:NAME_or_ID  --net=none HN - 7/17/2015DOCKERDAY – VIET NAM - 2015 db • Wpuser • wppwd Wpdb L0 Veth***eth0 3306/tcp  docker run --name db -d -e MYSQL_ROOT_PASSWORD=Memzoh78 -e MYSQL_DATABASE=wpdb -e MYSQL_USER=wpuser - e MYSQL_PASSWORD=wppwd mysql
  • 15. EDITING NETWORKING CONFIG FILES  with Docker v.1.2.0, you can now edit /etc/hosts, /etc/hostname and /etc/resolve.conf in a running container  changes to these files will not be saved by docker commit nor will they be saved during docker run  won’t be saved in the image, nor will they persist when a container is restarted HN - 7/17/2015DOCKERDAY – VIET NAM - 2015
  • 16. ADVANCED NETWORKING TOOLS (THIRD PARTIES)  Pipework (Jérôme Petazzoni) https://github.com/jpetazzo/pipework  Foundations of Python Network Programming (Brandon Rhodes) https://github.com/brandon-rhodes/fopnp/tree/m/playground  WEAVE https://github.com/weaveworks/weave HN - 7/17/2015DOCKERDAY – VIET NAM - 2015
  • 17. NETWORKING DEEP DIVE (EXPERIMENTAL) DOCKERDAY – VIET NAM - 2015 HN - 7/17/2015
  • 18. Why is Networking important? • Traditional Networking is incredibly vast and complex • Networking is an inherent part of distributed applications • Make it developer-friendly & application driven.
  • 19. “We'll do for Networking, What Docker did for Compute.”
  • 20. Goals • Make “network” & “service” as top-level objects • Provide a pluggable networking stack • Span networks across multiple hosts • Support multiple platforms
  • 21. Whats New? • Updated Networking Stack in Docker • Create Networks using the Docker CLI • Multi-host Networking • Services UI blue = experimental
  • 22. What is Libnetwork • Library for creating and managing network stacks for containers • Test daemon/client called "dnet" • Driver-based networking • Implements the Container Network Model
  • 23. Container Network Model (CNM) • Endpoint • Network • Sandbox
  • 25. Libnetwork API • libnetwork.New • controller.ConfigureNetworkDriver • controller.NewNetwork • network.CreateEndpoint • endpoint.Join
  • 26. RESTful API • Provides CRUD for Networks and Endpoints • /network • /network/<network_id>/endpoints • /network/<network_id>/endpoints/<endpoint_id> • /network/<network_id>/endpoints/<endpoint_id>/containers • /services • /services/<service_id> • /services/<service_id>/backends
  • 27. Drivers • Drivers implement the Driver API • They provide the specifics of how a network and endpoint are implemented
  • 28. Bridge Driver • Creates a Linux Bridge for each network • Creates a veth pair for each endpoint - One end is attached to the bridge - The other appears as eth0 inside the containers • iptables rules created for NAT
  • 29. Overlay Driver • Creates a separate network namespace for every network - Facilitates overlapping IP address space across networks • Creates a Linux Bridge and VXLAN tunnels to every other discovered host • Creates a veth pair for each endpoint - One end is attached to the bridge - The other appears as eth0 inside the container • Network namespace connected to host network using NAT - Facilitates exiting the overlay network at every host(for external connectivity)
  • 30. Network Plugins • Implemented using libnetwork's remote driver • Uses JSON-RPC transport • Can be written in any language • Can be deployed as a container
  • 32. – R. Callon, RFC 1925 - The Twelve Networking Truths “One size never fits all.”
  • 33.
  • 34. Call to Action! • Try the Docker Experimental Channel! - https://experimental.docker.com • Contribute to libnetwork - Raise an Issue or Submit a Pull Request • Chat with us on IRC - #docker-network on Freenode • Stop by at the booth for a demo
  • 35. Q&A
  • 36. Thanks you  Docker Hà Nội: http://www.meetup.com/Docker-HaNoi  Văn Đình Phúc – phucvd.ce@gmail.com  Trần Hữu Cường  Nguyễn Văn Thường

Notas do Editor

  1. Trong slide cần đề cập sẽ xen lẫn các slide của Docker Con 2015 trong lúc trình bày để tiện theo dõi, ( các slide được thêm vào vẫn giữ nguyên format) Có thể show ra slide gốc. Tuy nhiên lúc public sẽ để riêng 2 slide
  2. Đặt 3 câu hỏi phân loại người nghe để phân bổ lại time cho từng phần present: Có bao nhiêu người đã và đang sử dụng các tính năng networking trong Docker ? Nêu tên 1 số modun trong docker networking ( nếu tỷ lệ nhiều tập trung vào deepdive và 1 số tính năng mới) 2. Có bao nhiêu người đã thử dùng Docker ?
  3. When constructing distributed systems to serve Docker containers, communication and networking become extremely important. Service-oriented architecture, undeniably, relies heavily upon communication between components in order to function correctly. How Do Containers Expose Services to Consumers? What Are Docker Links? While you can certainly deploy an application sandbox in a standaloneDocker container, many real-world use cases of Docker in production environments may involve deploying a complex multi-tier application in an ensemble of multiple containers, where each container plays a specific role (e.g., load balancer, LAMP stack, database, UI)
  4. Some features of 0.3 is about: Network will become a first class object and users can create multiple networks Replace docker networking codebase with libnetwork In 0.4, Libvirt come with full features of CNM and more plugin (docker 1.8)
  5. Đoạn này có thể trao đổi để Thuongnv trình bày
  6. Remember that the Docker host will not be willing to forward container packets out on to the Internet unless its ip_forward system setting is 1  Demo show docker0 voi ip a, show đó show lại brctl show
  7. Demo tạo thử 1 container Brctl show docker0 Ip a trên docker host và trong container Ip route list trong container Có thể cài và thử traceroute
  8. Show 1 chut ve iptable sau khi dùng lệnh docker run –P hoặc –p
  9. Bắt đầu bằng việc đặt câu hỏi về cách cài đặt wordpress + DB theo cách truyền thống Demo dùng docker link Nói 1 chút về ip_forward nếu để thì iptables tụ thêm policy
  10. Đoạn này có thể trao đổi để Thuongnv trình bày
  11. Creates a separate network namespace for every network This is not the docker container namespace Facilitates overlapping IP address space across networks Creates a Linux Bridge and VXLAN tunnels to every other discovered host Linux bridge created inside the network namespace A single VNI is allocated globally for each network Creates a vxlan p2mp tunnel using that VNI and attaches that to the bridge Creates a veth pair for each endpoint One end is attached to the bridge The other appears as eth0 inside the container Network namespace connected to host network using NAT Facilitates exiting the overlay network at every host(for external connectivity)