Chapter 3. Docker Multihost Networking

As long as you’re using Docker on a single host, the techniques introduced in the previous chapter are really all you need. However, if the capacity of a host is not sufficient to sustain the workload, you will either need to buy a bigger box (scale up) or add more machines of the same type (scale out).

In the latter case, you end up with a network of machines (i.e., a cluster). Now, a number of questions arise: How do containers talk to each other on different hosts? How do you control communication between containers and between the outside world? How do you keep state, such as IP address assignments, consistent in a cluster? What are the integration points with the existing networking infrastructure? What about security policies?

In order to address these questions, we will review technologies for Docker multihost networking in this chapter.1


For the options discussed in this chapter, please do remember that Docker subscribes to a “batteries included but replaceable” paradigm. By that I mean that there will always be a default functionality (like networking or service discovery) that you can exchange with alternatives.


In March 2015, Docker, Inc., acquired the software-defined networking (SDN) startup SocketPlane and rebranded it as Docker Overlay Driver; this is the upcoming default for multihost networking (in Docker 1.9 and above). The Overlay Driver extends the normal bridge mode by a peer-to-peer communication and uses ...

Get Docker Networking and Service Discovery now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.