Challenges of Networking Containers and Microservices
Microservices practices have increased the scale of applications which has put even more importance on the methods of connectivity and isolation that we provide to applications. The Docker networking philosophy is application driven. It aims to provide options and flexibility to the network operators as well as the right level of abstraction to the application developers.
Like any design, network design is a balancing act. Docker Datacenter and the Docker ecosystem provides multiple tools to network engineers to achieve the best balance for their applications and environments. Each option provides different benefits and tradeoffs. The remainder of this guide details each of these choices so network engineers can understand what might be best for their environments.
Docker has developed a new way of delivering applications, and with that, containers have also changed some aspects of how we approach networking. The following topics are common design themes for containerized applications:
- Portability
- How do I guarantee maximum portability across diverse network environments while taking advantage of unique network characteristics?
- Service Discovery
- How do I know where services are living as they are scaled up and down?
- Load Balancing
- How do I share load across services as services themselves are brought up and scaled?
- Security
- How do I segment to prevent the right containers from accessing each other?
- How do I guarantee that a container with application and cluster control traffic is secure?
-
Performance
- How do I provide advanced network services while minimizing latency and maximizing bandwidth? - Scalability
- How do I ensure that none of these characteristics are sacrificed when scaling applications across many hosts?
Concepts
This section contains 14 different short networking concept chapters. Feel free to skip right to the tutorials if you feel you are ready and come back here if you need a refresher. The concept chapters are: