Introduction

To understand the Docker ecosystem, you need to have a good knowledge of container networking. I'm going to post three chapters of this article, but this first chapter discusses the most important container networking concepts. You don't have to be a Docker expert to understand the various concepts presented here, but you'll probably need some basic knowledge of networking, Docker, and Kubernetes.

[Docker Network Chapter 2] [Docker Network Chapter 3]

** Docker ** is a tool designed to create, build, and run isolated environments that run inside containers. It is widely used to containerize applications so that they can run inside lightweight containers. To master Docker, you need to be familiar with how to create and run images, protect containers, operate the Docker file system, and manage your Docker network.

And Docker networking in it may be the most confusing part of the learning process. Over the last few years, the entire dynamic ecosystem has been developed around this technology. Technologies such as Docker Compose, Docker Swarm, and Kubernetes have solved many problems in the containerized ecosystem, but have created new challenges, especially for networking. A good understanding of the Docker ecosystem requires a good knowledge of networking.

Container: Do one thing and do it well

When you run a container (such as Wordpress), you can build an image to use a web server (Nginx or Apache) + PHP or (PHP FPM) + Mysql / MariaDB database. This solution solves many network problems. You can also use a process manager such as supervisord to verify that the process is running.

However, this is not a good idea as you will be adding layers to the image. To use supervisord, you need to install it and ship its configuration with the container. An important process is to build and run a lightweight container that contains only the important processes and software packages.

Moreover, running multiple processes in a single container is a bad pattern. We recommend that you run your own process inside the container.

For Wordpress, you need a container for your web server (Apache or Nginx), a container for PHP, and another container for your database. These containers need to communicate with each other. The web server receives the request and sends it to the PHP container. If the latter needs data, it asks the database container. The reverse path must also be incorporated into the equation. If you run these containers on different hosts, they should be able to send and receive traffic to and from each other, even if they are not on the same host. Minimal security standards should be considered for traffic between multiple hosts. You may also face some cases where you need to scale your web server or application container and use a load balancer to route traffic to them.

Even if this use case looks basic, you can see how the network plays an important role in running the entire stack.

Orchestration: Complex layer?

It is possible to run standalone containers, but in high availability environments, especially in production environments, you need an orchestration platform to manage these containers.

An orchestration system like Kubernetes definitely solves many problems that containers alone cannot provide a satisfactory solution.

Let's identify some of them:

Scale up/down the number of containers that make up the service
Load distribution between different containers of the same service
Transferring a container from one node (VM) to another
Publishing other services and services to the Internet
Service detection between container and service
Container deployment

Looking at most of these use cases and features, we can see that networks are a common point.

Orchestration is mandatory, but additional layers of the network will be added at the same time. In addition to inter-container networks within the same node, master-to-cluster, cluster-to-master, Internet-to-service, service-to-pod, pod-to-pod, container-to-container networks There are multiple types of networks in Kubernetes, including networks in. If you want to go into more detail, you can also consider nodes, kubelet, Kube-proxy, and DNS networking.

Kubernetes is considered the latest data center operating system. You may be surprised to see the complexity of this network on a platform of this size, but one of the most complex and perhaps most important parts of Kubernetes is the network. You won't be able to learn Kubernetes without adopting a networking system.

Container networks are complex but not difficult

Zen of Python has the following maxim:

「Simple is better than complex. Complex is better than complicated.」

In IT, Complex refers to the number of components in a system and the level of interaction between the components. On the other hand, Complicated means that the difficulty level is high.

Networking containers, especially in orchestrated systems, is complex, but not complexed. In addition, this Complex may be needed to create abstract systems and common solutions to common problems. This was declared by Joe Beda, one of the Kubernetes developers.

** "Kubernetes is a Complex system. It does a lot and brings a new abstraction as an engineer. We tend to ignore the Complexed we need to learn for the Complex we build ourselves. there is."**

Beda further said that creating complex deployment systems using Jenkins, Bash, Puppet / Chef / Salt / Ansible, AWS, Terraform and more will get used to the unique Complex brand. It doesn't feel complicated because it has grown organically, but it is difficult to help new people with such an organically grown system. They may know some tools, but the way they are assembled is unique.

This is where Kubernetes adds value. It provides a set of abstractions that solve a set of common problems. As people build their understanding and skills on these issues, they become more productive in more situations.

Container networking is seemingly Complicated, but it's easy to get close to if you have the time to invest in basic knowledge of networking and learning new skills.

The articles in this next chapter will elaborate on the technical details. Understand how Docker container networks work, how multi-container networks work, the differences between stand-alone container networks, and multi-container networks when run in standalone mode. It also describes how to manage networking in the fascinating Kubernetes networking world with multiple hosts.

series