This chapter focuses on networking topics for single-host container networking, with an emphasis on Docker. We’ll also have a look at administrative challenges such as IP address management and security considerations. In Chapter 3, we will discuss multi-host scenarios.
Single-Host Container Networking 101
A container needs a host to run on. This can be a physical machine, such as a bare-metal server in your on-premises datacenter, or a virtual machine, either on premises or in the cloud.
In the case of a Docker container the host has a daemon and a client running, as depicted in Figure 2-1, enabling you to interact with a
container registry. Further, you can pull/push container images and start, stop, pause, and inspect containers. Note that nowadays most (if not all) containers are compliant with the Open Container Initiative (OCI), and alongside Docker there are interesting alternatives, especially in the context of Kubernetes, available.
Figure 2-1. Simplified Docker architecture for a single host
The relationship between a host and containers is 1:N. This means that one host typically has several containers running on it. For example, Facebook reports that—depending on how beefy the machine is—it sees on average some 10 to 40 containers per host running.
No matter if you have a single-host deployment or use a cluster of machines, ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month, and much more.
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.
Julian F.
Head of Cybersecurity
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.
Addison B.
Field Engineer
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.
Amir M.
Data Platform Tech Lead
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.
