By default, containers are allowed to access the outside network by masquerading or hiding their real IP address behind that of the Docker host. This is accomplished through netfilter masquerade
rules that hide container traffic behind the Docker host interface referenced in the next hop. We saw a detailed example of this in Chapter 2, Configuring and Monitoring Docker Networks, when we discussed container-to-container connectivity across hosts. While this type of configuration is ideal in many respects, there are some cases when you might prefer to disable the outbound masquerading capability. For instance, if you prefer to not allow your containers to have outbound connectivity at all, disabling masquerading would prevent containers from talking to the outside network. This, however, only prevents outbound traffic due to lack of return routing. A better option might be to treat containers like any other individual network endpoint and use existing security...
Docker Networking Cookbook
Docker Networking Cookbook
Overview of this book
Networking functionality in Docker has changed considerably since its first release, evolving to offer a rich set of built-in networking features, as well as an extensible plugin model allowing for a wide variety of networking functionality. This book explores Docker networking capabilities from end to end. Begin by examining the building blocks used by Docker to implement fundamental containing networking before learning how to consume built-in networking constructs as well as custom networks you create on your own. Next, explore common third-party networking plugins, including detailed information on how these plugins inter-operate with the Docker engine. Consider available options for securing container networks, as well as a process for troubleshooting container connectivity.
Finally, examine advanced Docker networking functions and their relevant use cases, tying together everything you need to succeed with your own projects.
Table of Contents (18 chapters)
Docker Networking Cookbook
Credits
About the Author
About the Reviewer
www.PacktPub.com
Preface
Free Chapter
Linux Networking Constructs
Configuring and Monitoring Docker Networks
User-Defined Networks
Building Docker Networks
Container Linking and Docker DNS
Securing Container Networks
Working with Weave Net
Working with Flannel
Exploring Network Features
Leveraging IPv6
Troubleshooting Docker Networks
Index
Customer Reviews