Book Image

Getting Started with Containerization

By : Dr. Gabriel N. Schenker, Hideto Saito, Hui-Chuan Chloe Lee, Ke-Jou Carol Hsu
Book Image

Getting Started with Containerization

By: Dr. Gabriel N. Schenker, Hideto Saito, Hui-Chuan Chloe Lee, Ke-Jou Carol Hsu

Overview of this book

Kubernetes is an open source orchestration platform for managing containers in a cluster environment. This Learning Path introduces you to the world of containerization, in addition to providing you with an overview of Docker fundamentals. As you progress, you will be able to understand how Kubernetes works with containers. Starting with creating Kubernetes clusters and running applications with proper authentication and authorization, you'll learn how to create high-availability Kubernetes clusters on Amazon Web Services (AWS), and also learn how to use kubeconfig to manage different clusters. Whether it is learning about Docker containers and Docker Compose, or building a continuous delivery pipeline for your application, this Learning Path will equip you with all the right tools and techniques to get started with containerization. By the end of this Learning Path, you will have gained hands-on experience of working with Docker containers and orchestrators, including SwarmKit and Kubernetes. This Learning Path includes content from the following Packt products: • Kubernetes Cookbook - Second Edition by Hideto Saito, Hui-Chuan Chloe Lee, and Ke-Jou Carol Hsu • Learn Docker - Fundamentals of Docker 18.x by Gabriel N. Schenker
Table of Contents (25 chapters)
Title Page
Copyright
About Packt
Contributors
Preface
Index

Port management


Now that we know how we can isolate or firewall containers from each other by placing them on different networks, and that we can have a container attached to more than one network, we have one problem that remains unsolved. How can we expose an application service to the outside world? Imagine a container running a web server hosting our webAPI from before. We want customers from the internet to be able to access this API. We have designed it to be a publicly accessible API. To achieve this, we have to, figuratively speaking, open a gate in our firewall through which we can funnel external traffic to our API. For security reasons, we don't just want to open the doors wide, but to have only a single controlled gate through which traffic flows. 

We can create such a gate by mapping a container port to an available port on the host. We're also calling this container port to publish a port. Remember, the container has its own virtual network stack, as does the host. Therefore...