Docker Networking and Communication in Advanced Operating Systems

docker networking and communication n.w
1 / 21
Embed
Share

Explore the complexities of Docker networking and communication in advanced operating systems, covering virtual network devices, container access to external networks, and automation for container networking scenarios. Learn about commonly-used Docker commands, Docker compose for multi-container applications, and useful Docker utilities. Dive into managing container processes, utilizing Tini for container initialization, and Docker container cleanup practices.

  • Docker Networking
  • Container Management
  • Operating Systems
  • Docker Commands
  • Docker Utilities
rayaanacharya
akill Follow

Uploaded on | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.

Download Presentation

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.

E N D

Presentation Transcript

  1. Docker Networking and Communication Marion Sudvarg, Chris Gill CSE 522S Advanced Operating Systems Washington University in St. Louis St. Louis, MO 63130 1

  2. Last Time We provided a brief overview of networking Discussed virtual network devices: veth: emulates an ethernet port bridge: emulates a switch Discussed how containers can access outside networks via NAT, routing, and iptables Discussed how external traffic can reach containers: Port forwarding Macvlan bridging Docker helps to automate the setup for complex container networking scenarios CSE 522S Advanced Operating Systems 2

  3. Today New commonly-used Docker commands that ease container management Docker networking: framework for complex network namespace setup Docker compose: allows specification and setup of multi-container applications (including the network communication between them) CSE 522S Advanced Operating Systems 3

  4. USEFUL DOCKER COMMANDS AND UTILITIES CSE 522S Advanced Operating Systems 4

  5. docker top View container process information from perspective of root namespace docker ps: get running container names/IDs docker exec ti <container> /sh: launch a shell in the container Problem: calling ps from inside the container shows namespaced PIDs Solution: docker top <container> Remember, <container> can be name or ID CSE 522S Advanced Operating Systems 5

  6. Tini Recall: simple_init provided basic init utilities in a container, including reaping children and orphans Docker provides a simple init service to containers called Tini Open-source: https://github.com/krallin/tini Simply run with the --init flag: docker run -d --init --rm image:latest cmd 1. 2. Docker establishes the container (detached from terminal) Docker launches the following as PID 1: /sbin/docker-init -- /bin/sh -c cmd This launches Tini Which runs /bin/sh Which then execs cmd 3. 4. 5. CSE 522S Advanced Operating Systems 6

  7. docker rm docker run -d --init --rm image:latest cmd The --rm flag tells Docker to clean up the container (remove containerfs and references to its name) when the container exits If you don t use the --rm flag, containerfs will persist docker rm <container> Removes containerfs and reference to its name (and other resources, given appropriate flags) CSE 522S Advanced Operating Systems 7

  8. DOCKER NETWORKING CSE 522S Advanced Operating Systems 8

  9. Docker Network Drivers none The container has no networking capabilities host The container is not placed in a new network namespace bridge The default network driver; the container is attached to a bridge CSE 522S Advanced Operating Systems 9

  10. Network none Docker creates container in a new network namespace container1 lo Local loopback is enabled No other network interfaces are supplied lo eth0 Run with --network=none 192.168.1.12/24 docker run -it --rm --network=none alpine:latest CSE 522S Advanced Operating Systems 10

  11. Network host Docker creates container in the host s network namespace (i.e., it does not create a new network namespace) container1 Processes in container have same access to network resources as those outside Run with --network=host lo eth0 Still in new UTS namespace unless --uts=host specified 192.168.1.12/24 docker run -it --rm --network=host alpine:latest CSE 522S Advanced Operating Systems 11

  12. Network bridge Default network type container1 lo Docker sets up NAT with bridge as a gateway 10.1.1.2/24 veth1 docker0 10.1.1.10/24 bridge 10.1.1.1/24 This enables the container to access the outside network lo eth0 192.168.1.12/24 CSE 522S Advanced Operating Systems 12

  13. Network Namespace Inspection Unlike with ip netns, Docker does not create bind mounts for the network namespaces This forces the namespace to disappear when all of its processes terminate You can inspect namespace membership with: docker exec ti <container> sh ls l /proc/self/ns/net CSE 522S Advanced Operating Systems 13

  14. Listing Networks See the Docker networks with docker network list Notice there can be multiple bridge networks The default is named bridge CSE 522S Advanced Operating Systems 14

  15. Network Inspection Inspect a network with docker network inspect <name> Lots of JSON-formatted information Network subnet and gateway Addresses of individual containers on the bridge CSE 522S Advanced Operating Systems 15

  16. Port Forwarding Allows external socket requests to be forwarded to a container The requested port and container port can be different Example: container1 is a web server that listens on port 80 The host forwards requests on port 8080 to the container s port 80 docker run p 8080:80 apache:latest A client on the network sends a request on 8080 The request is received by a docker- proxy process Forwarded to the container port 80 container1 lo 10.1.1.2/24 veth1 docker0 10.1.1.10/24 bridge 10.1.1.1/24 Port 80 lo docker-proxy eth0 http://192.168.1.12:8080 192.168.1.12/24 CSE 522S Advanced Operating Systems 16

  17. Docker Compose Automates the creation of applications with multiple containers Can be used to establish multiple bridge networks, and define the connections among them Allow a container to accept connections on ports from within its network Establish port forwarding from outside the network c11 c21 c12 route iptables br0 br1 c13 c22 Forward 80 Forward 8080->80 lo eth0 192.168.1.12/24 CSE 522S Advanced Operating Systems 17

  18. Reading Assignments Several more pages from the Docker docs website: The Networking overview page The Use bridge networks page The Network settings section of the Docker run reference The Overview of Docker Compose page The Install Docker Compose page The Getting Started with Docker Compose page Again, it s fine to mostly skim these (Optional) DKR book: Chapter 7: Information on debugging container-related issues Pages 167-177: An example of using Docker Compose Chapter 11: How Docker works under the hood. Now that you ve experienced Docker, and you understand the underlying kernel mechanisms, this chapter will tie all of these concepts together. CSE 522S Advanced Operating Systems 18

  19. Studio Exercises Today Create a simple web application! Connect it to the network Create a separate container to monitor the web server Use Docker Compose to automate the configuration and communication of the two containers CSE 522S Advanced Operating Systems 19

  20. Final Thoughts This wraps up our coverage of Docker this was not intended to be exhaustive! Docker is becoming increasingly popular in cloud and SMB infrastructure If you intend to work with Docker in your career, and want to learn more, look at: The DKR textbook The Docker Documentation: https://docs.docker.com/ Kubernetes (orchestrating containers across a cluster): https://kubernetes.io/docs/home/ Understanding the kernel mechanisms that support this technology is key to becoming an expert CSE 522S Advanced Operating Systems 20

  21. Have a relaxing Spring Break! CSE 522S Advanced Operating Systems 21

Related


Labels for paint & lubricant containers manufacturer in Asia, India

Labels for paint & lubricant containers manufacturer in Asia, India

winnerslableseo
Tan Cang Haiphong International Container Terminal Overview

Tan Cang Haiphong International Container Terminal Overview

callum
Secure Shared Data Analysis Environment on Kubernetes at CERN

Secure Shared Data Analysis Environment on Kubernetes at CERN

kornelia
Challenges and Interventions in Port of Cape Town Container Logistics

Challenges and Interventions in Port of Cape Town Container Logistics

malayah
GEODIS Ocean Freight Services - Comprehensive Solutions for Sustainable Shipping

GEODIS Ocean Freight Services - Comprehensive Solutions for Sustainable Shipping

elliemai
Enhancing Container Logistics at Port of Cape Town: Collaboration and Priorities

Enhancing Container Logistics at Port of Cape Town: Collaboration and Priorities

marius
Challenges And Opportunities For Container Shipping Companies In Saudi Arabia Amid Global Uncertainties

Challenges And Opportunities For Container Shipping Companies In Saudi Arabia Amid Global Uncertainties

vishnu3
Permanent-Mold Die Casting Processes Overview

Permanent-Mold Die Casting Processes Overview

hugo
Important Networking Concepts Overview

Important Networking Concepts Overview

bernice
Zipaworld’s Cost-Effective Ocean Freight Solutions

Zipaworld’s Cost-Effective Ocean Freight Solutions

Akash1
Effective Communication Skills for Healthcare Professionals

Effective Communication Skills for Healthcare Professionals

sanaa
Growth of CA Firms through Networking & Merger

Growth of CA Firms through Networking & Merger

laylarose
Diploma in Hardware & Networking: Upgrade Your IT Skills

Diploma in Hardware & Networking: Upgrade Your IT Skills

melia
Networking and Partnership Formation for AECD at University of Gondar College of Education

Networking and Partnership Formation for AECD at University of Gondar College of Education

tariq
Networking: Mastering the Basics

Networking: Mastering the Basics

bryn
Rising Container Park Fees - Increases Since Inception

Rising Container Park Fees - Increases Since Inception

zackary
Investigating and Reducing Mailmark Missorts for Industry Enhancement

Investigating and Reducing Mailmark Missorts for Industry Enhancement

ivor
Container Security: What Could Possibly Go Wrong?

Container Security: What Could Possibly Go Wrong?

sariah
Dell ProSupport Networking Support Capabilities Update Sales Training

Dell ProSupport Networking Support Capabilities Update Sales Training

charlette
The Importance of Networking for Community Growth

The Importance of Networking for Community Growth

elso635
Integrating OpenContrail into Neutron Stadium - Networking Advancements

Integrating OpenContrail into Neutron Stadium - Networking Advancements

parrett_k
Multi-phase System Call Filtering for Container Security Enhancement

Multi-phase System Call Filtering for Container Security Enhancement

schurman_s

More Related Content