Docker Advanced Networking

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
[Music] hello and welcome to this lecture on docker networking my name is moonshot monomyth and we are learning advanced docker concepts in this lecture we will learn about advanced networking concepts such as overlay networks in docker swarm and by the DNS servers routing mesh etc in the beginners course we discussed about three types of networks available in docker bridge null and host birch is the default network a container gets attached to if you would like to associate the container with any other network specify the network information using the network command line parameter like this the bridge network is a private internal network created by docker on the host all containers attached to this network by default and they get an internal IP address usually in the range 170 2.17 series the containers can access each other using this internal IP if required to access any of these containers from the outside world map ports of these containers to port on the docker host as we have seen before another type of network is the host network this takes out any network isolation between the docker host and the docker containers meaning if you were to run a web server on port 5,000 in a web app container attached to the host network it is automatically accessible on the same port externally without requiring to publish the port using the dash P option as a web container uses the hosts network this would also mean that unlike before you will now not be able to run multiple web containers on the same host on the same port as the port are now common to all containers in the host network the third option is the non network the containers are not attached to any network and does not have any access to the external net or other containers let's take a look at the bridge network in a bit more detail for example say we have multiple docker host running containers each docker host has its own internal private burst network in the 170 2.17 series allowing the containers running on each host to communicate with each other however containers across the host has no way of communicating with each other unless you publish the ports on those containers and set up some kind of routing yourself this is where overlay networks comes into play with docker swarm you could create a new network of type overlay which will create an internal private network that spans across all the nodes participating in the swamp cluster we could then attach the containers or services to this network using the network option while creating a service and so we can get them to communicate with each other through the overlay network let's talk about another type of network previously we learned about port publishing or port mapping say we have a web service running on port 5,000 for an external user to access the web service we must map the port to a port on the docker host in this case map port 5000 on the container to port 80 on the docker host in this case map port 5,000 on the docker host to port 80 on the docker container once we do that a user will be able to access the web server using the URL with port 80 now this works just fine when running a single container and it's easy to understand but what happens when we are working with a swamp cluster for example think of this host as a single node swamp cluster say we were to create a web server service with two replicas and a port mapping of port 80 to 5,000 since this is a single node cluster both the instances are deployed on the same node this will result in two web service containers both trying to map their 5000 ports to the common port 80 on the docker host but we cannot have two mappings to the same port this is where increased networking comes into picture when you create a docker swamp it automatically creates an ingress network the ingress network has a built-in load balancer that redirects traffic from the published port which in this case is port 82 all the mapped ports which are the ports 5,000 in on each container since the ingress network is created automatically there is no configuration that you have to do you simply have to create the service you need by running the service create command and publish the port's you would like to publish using the - P parameter just like before the ingress network and the internal load balancing will simply work out of the box but it's important for us to know how it really works let us now look how it works when there are multiple nodes in the docker swamp cluster in this case we have a three node docker swamp cluster running two instances of web server since we only requested for two replicas the third docker host is free and has no instances let's first keep ingress networking out of our discussion for a minute and see how this might work without the ingress networking first of all how do we expect the user to access our services in a swamp cluster of multiple nodes since this is a cluster we expect the users to be able to access services from any node in our cluster meaning any user should be able to access the web server using the IP address of any of these containers since they are all part of the same cluster without ingress networking a user could access the web server on nodes 1 & 2 but not on node 3 because there is no web service instance running on node 3 let's now bring back ingress networking ingress networking is in fact a type of overlay network meaning it's a single network that spans across all the nodes in the cluster the way the load balancer works is it receives requests from any node in the cluster and forwards that request to the respective instances on any other node essentially creating in routing mesh the routing mesh helps in routing the user traffic that is received on a node that isn't even running an instance of the web service to other nodes where the instances are actually running and again all of this is the default behavior of docker swamp and you don't need to do any additional configurations simply create your service specify the number of replicas and publish the port docker suam will ensure that the instances are distributed equally across the cluster the ports are published on all the nodes and the users can access the services using the IP of any of the notes and when they do the traffic is routed to the right services internally we've been talking about containers communicating with each other now how exactly does that work for example in this case I have a web service and a MySQL database service running on the same node or worker how can I get my web service to access the database on the database container one thing I could do is to use the internal IP address assigned to the minus QL container which in this case is 172 dot 1703 but that is not really ideal because it is not guaranteed that the container will get the same IP when the system reboots the right way to do it is to use the container name all containers in the docker host can resolve each other with the name of the container docker has a built-in DNS server that helps the containers to resolve each other using the container name note that the built in DNS server always runs at address 127 dot 0 dot 0 dot 11 that's all for now from this lecture on advanced networking I hope you had a good session and I will see you in the next lecture [Music]
Info
Channel: KodeKloud
Views: 93,825
Rating: 4.9609947 out of 5
Keywords: devops, docker, networking, tutorial, training, udemy
Id: Xxhhdo2e-DA
Channel Id: undefined
Length: 9min 19sec (559 seconds)
Published: Sat Oct 28 2017
Related Videos
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.