The default networking mode in Docker (as of Release 1.5) is the bridge mode. The bridge mode setting creates a virtual Ethernet bridge device on the Linux host that enables containers to talk to each other, and the host. Docker’s port mappings can then be used to manage external traffic, from the host interface to containers.
However, in some cases you may need to have a container directly attached to an host interface. This can be done by setting the Docker network mode to the “host” option. Here are some reasons why we have seen customers use the host network mode:
- IPv4 routed addresses: you require the container to have a IPv4 routed address, so upstream network services can directly address a service endpoint in your container.
- VLANs: your host interface connects to multiple VLANs, and you need to access those in a container.
- One VM per application: your application services are containerized, but you wish to packaged them in a single VM. This may be done if you ship your application as a virtual appliance, or perhaps in dev-test to get an isolated sandbox environment.
In this post I will show you how you can easily use the Host networking mode, for one or more services in an application, with Nirmata.
- Enable host networking and configure service endpoints:
You can enable Host networking while adding a new service to an application, or by editing an existing service:
Each Service can have one or more endpoints (ports) exposed. When Host networking mode is selected, Nirmata will automatically make the host and container ports the same.
- Optional - configure service affinity rules
Nirmata’s service affinity rules allow fine-grained control over the placement of groups of services. You can specify rules to place all services, or a subset of services within an application, on a unique host. You can even configure different service affinities, for different environment types (e.g. dev-test, staging, or production).
For example, here is a rule that specifies placement of all services in shopme demo application on a unique host instance:
When you select the Same Host or Unique Host affinity rules, Nirmata will also validate the services for any potential port conflicts - a handy little feature that can save valuable troubleshooting time!
You can now deploy your application, and Nirmata’s orchestration service will select an available host and place all services on the same Host:
Docker has many flexible and powerful configuration options for container networking. Nirmata makes it easy to learn about these options and try them out. You can then apply the right options to one or more environments, using Nirmata’s powerful policy based application orchestration constructs.
At Nirmata our goal is to enable the next generation of software innovation, by making it easy to manage cloud-native applications that are built using application containers. We recently launched a public beta, and are continually releasing new features based on user feedback. If you are using or evaluating Docker, you can save time and effort by having Nirmata manage your applications!
CEO and Founder
Nirmata
try Nirmata for free at: http://nirmata.io/security/signup.html