Docker Networking with Weave

johann Romefort - co-founder @ getrainbow.com

Docker Networking

• Linux Bridge based

• Work as this:

• Creates a Virtual Eth Bridge on docker0

• Assign docker0 bridge an IP unused on host

• create a vethXXXX interface

• map vethXXXX to ethX on host

Docker networking

host1

Container1

docker0vethXXX

eth0

eth0

Docker networking

host1

Container1

docker0

Container2

eth0vethXXX

vethXXX

eth0eth0

Docker networking

host1

wordpress

docker0

mysql

eth0

Container Interconnection through docker0

That’s how container linking works: exporting host information in local ENV

Container communicate through open ports

$docker run -d --name mysql -e MYSQL_DATABASE=WORDPRESS -e MYSQL_USER=wp -e MYSQL_PASSWORD=huhu orchardup/mysql

$docker run --name wordpress --link mysql:mysql -d -e WORDPRESS_DB_USER=wp -e WORDPRESS_DB_NAME=WORDPRESS -e WORDPRESS_DB_PASSWORD=huhu wordpress

vethXXX

vethXXX

eth0eth0

Docker networking

host1

wordpress mysql

eth0

Container exposing public port

docker0

$docker run -d --name mysql -e MYSQL_DATABASE=WORDPRESS -e MYSQL_USER=wp -e MYSQL_PASSWORD=huhu orchardup/mysql

$docker run --name wordpress --link mysql:mysql -d -e WORDPRESS_DB_USER=wp -e WORDPRESS_DB_NAME=WORDPRESS -e WORDPRESS_DB_PASSWORD=huhu -p 80:80 wordpress

$sudo docker exec -it wordpress bash

:80

vethXXX

vethXXX

eth0eth0

Weave

• Allows containers to all behave as if they were connected to the same physical network switch

• Connectivity to outside world

Weave features

• Multi-Datacenter support

• Traverse firewalls

• Encrypted links

• Multi-hop routing

• Container mobility

• Fault tolerance

It’s demo time!

Weave networkhost1 host2

Weave network

e

weave router

e

weave router

eth0

host 1 host 2

container1 container2

$weave launch

$weave run 10.0.1.1/24 -d —name container1 ubuntu /bin/bash

$nc -lk -p 4422

weave launch 10.0.1.1

weave run 10.0.1.2/24 -d —name container2 ubuntu /bin/bash

echo 'Hello, world.' | nc 10.0.1.1 4422

Weave network

e

weave router

e

weave router

eth0

host 1 host 2

container2 container2

weave expose 10.0.1.102/24

ping 10.0.1.1 ping 10.0.1.2

iptables -t nat -A PREROUTING -p tcp -i eth0 --dport 2211 -j DNAT --to-destination 10.0.1.1:4422

10.0.1.102

Demo

• Launching 3 VMs

• Installing weave on each

• Launching weave router

• Launching containers with weave

• Dynamically attaching a container to weave

Thank you!

twitter: @romefort email: romefort@gmail.com