Docker Networks

Bridge Networks
The Docker bridge driver automatically installs rules in the host machine so that containers on different bridge networks cannot communicate directly with each other.
Bridge networks apply to containers running on the same Docker daemon host. For communication among containers running on different Docker daemon hosts, you can either manage routing at the OS level, or you can use an overlay network.
The default bridge network is considered a legacy detail of Docker and is not recommended for production use. Configuring it is a manual operation, and it has technical shortcomings.
User-defined bridge networks are best when you need multiple containers to communicate on the same Docker host.
 
Overlay Networks
Overlay networks are best when you need containers running on different Docker hosts to communicate, or when multiple applications work together using swarm services.
When you initialize a swarm or join a Docker host to an existing swarm, two new networks are created on that Docker host:
An overlay network called ingress, which handles control and data traffic related to swarm services. When you create a swarm service and do not connect it to a user-defined overlay network, it connects to the ingress network by default.
A bridge network called docker_gwbridge, which connects the individual Docker daemon to the other daemons participating in the swarm.
Containers can be connected to more than one network at a time. Containers can only communicate across networks they are each connected to.
The ingress network is created without the --attachable flag, which means that only swarm services can use it, and not standalone containers. You can connect standalone containers to user-defined overlay networks which are created with the --attachable flag. This gives standalone containers running on different Docker daemons the ability to communicate without the need to set up routing on the individual Docker daemon hosts.
Container discovery
For most situations, you should connect to the service name, which is load-balanced and handled by all containers (“tasks”) backing the service. To get a list of all tasks backing the service, do a DNS lookup for tasks.<service-name>.
 
Host Networks
Host networks are best when the network stack should not be isolated from the Docker host, but you want other aspects of the container to be isolated.
If you use the host network mode for a container, that container’s network stack is not isolated from the Docker host (the container shares the host’s networking namespace), and the container does not get its own IP-address allocated. For instance, if you run a container which binds to port 80 and you use host networking, the container’s application is available on port 80 on the host’s IP address.
Note: Given that the container does not have its own IP-address when using host mode networking, port-mapping does not take effect, and the -p, --publish, -P, and --publish-all option are ignored, producing a warning instead:
WARNING: Published ports are discarded when using host network mode
Host mode networking can be useful to optimize performance, as it does not require network address translation (NAT).
The host networking driver only works on Linux hosts, and is not supported on Docker Desktop for Mac, Docker Desktop for Windows, or Docker EE for Windows Server.
 
 
 
 

Docker Networks 笔记的更多相关文章

  1. Docker学习笔记 — 配置国内免费registry mirror

    Docker学习笔记 — 配置国内免费registry mirror Docker学习笔记 — 配置国内免费registry mirror

  2. docker学习笔记1 -- 安装和配置

    技术资料 docker中文官网:http://www.docker.org.cn/ 中文入门课程:http://www.docker.org.cn/book/docker.html docker学习笔 ...

  3. Docker学习笔记之一,搭建一个JAVA Tomcat运行环境

    Docker学习笔记之一,搭建一个JAVA Tomcat运行环境 前言 Docker旨在提供一种应用程序的自动化部署解决方案,在 Linux 系统上迅速创建一个容器(轻量级虚拟机)并部署和运行应用程序 ...

  4. docker~学习笔记索引

    回到占占推荐博客索引 使用docker也有段时间了,写了不少文章与总结,下面把它整理个目录出来,方便大家去学习与检索! docker~学习笔记索引 docker~linux下的部署和基本命令(2017 ...

  5. Docker学习笔记 - Docker容器内部署redis

    Docker学习笔记(2-4)Docker应用实验-redist server 和client的安装使用 一.获取redis容器(含客户端和服务端) 二.创建服务端容器 1.在终端A中运行redis- ...

  6. docker学习笔记(一)—— ubuntu16.04下安装docker

    docker学习笔记(一)—— ubuntu16.04下安装docker 原创 2018年03月01日 14:53:00 标签: docker / ubuntu 1682 本文开发环境为Ubuntu ...

  7. Docker入门笔记

    Docker入门笔记 随笔记录初学Docker遇到的问题, 以免下次再犯. 本机系统Ubuntu18.04 安装 Docker有2个版本 Community Edition (CE) 社区版(免费) ...

  8. Docker入门笔记(1)

    Docker入门笔记(1) 1.安装Docker yum -y install docker-ce 2.查看Docker版本 [root@localhost ~]# docker -v Docker ...

  9. Docker学习笔记总结

    Docker学习笔记 https://yeasy.gitbooks.io/docker_practice/content/   一 环境搭建 Ubuntu安装 .添加软件源的GPG密钥 curl -f ...

随机推荐

  1. jQuery 第二章 实例方法 DOM操作选择元素相关方法

    进一步选择元素相关方法:  .get() .eq() .find() .filter() .not() .is() .has() .add()集中操作  .end()回退操作 .get() $(&qu ...

  2. Java中CLASS_PATH与注释的使用

    一.CLASS_PATH的使用 我们在安装jdk的时候,通常情况下只是在电脑的环境变量中新建一个系统变量JAVA_HOME,这个变量用于储存jdk的/bin文件夹之前路径,然后在path中使用这个系统 ...

  3. P1633 二进制

    首先将 \(A,B,C\) 二进制中 \(1\) 的个数和最大长度 \(L\) 算出来. 接着考虑二进制位相加的情况: 低位不进上来. \(X\) 和 \(Y\) 中的两个 \(1\) 合成 \(Z\ ...

  4. C语言编程学习者问答第一期,看看这些问题你出现过吗?

    今天给大家分享我们学习基地的小伙伴遇到的问题,以及正确回答,看看这些问题你遇到过吗~ 1.这张图片文字"第二段"后面的说法是否有问题?   回答: 这是二进制的加法,很多人会误解减 ...

  5. JVM类加载机制详解,建议看这一篇就够了,深入浅出总结的十分详细!

    类加载机制 虚拟机把描述类的数据从Class文件加载到内存,并对数据进行校验.转换解析和初始化,最终形成可以被虚拟机直接使用的Java类型,这就是虚拟机的类加载机制. 类加载的时机 遇到new(比如n ...

  6. nginx,wsgi项目部署

    1.一些重要概念 https://www.cnblogs.com/xiaonq/p/8932266.html 1.1web容器 什么是web容器 1.web容器是帮助我们部署java丶php丶pyth ...

  7. OpenCV-Python图像转换为PyQt图像的变形及花屏无法正常显示问题研究

    ☞ ░ 前往老猿Python博文目录 ░ 一.引言 在<PyQt转换显示Python-OpenCV图像实现图形化界面的视频播放>介绍了实现在OpenCV和PyQt之间转换并传递图像实现在P ...

  8. 第8.13节 Python类中内置方法__repr__详解

    当我们在交互环境下输入对象时会直接显示对象的信息,交互环境下输入print(对象)或代码中print(对象)也会输出对象的信息,这些输出信息与两个内置方法:__str__方法和__repr__方法有关 ...

  9. 第11.19节 Python 中正则表达式的扩展功能:前视断言和前视取反

    一. 引言 在<第11.16节 Python正则元字符"()"(小括号)与组(group)匹配模式>中老猿介绍了组匹配模式的命名组功能及引用组功能,这两者都是组模式的扩 ...

  10. 搭建xss-platform平台

    一直想搭在公网搭建自己的XSS平台用来验证XSS漏洞,使用别人的平台自己心里总会有担心被摘果子的顾虑,前几天参考了不少前人的博客,终于搭建好了,搭建的途中也遇到了不少坑,故把搭建的经验分享出来,大佬轻 ...