From 888b0523895855c0fbdeccd78e1e3397412d6238 Mon Sep 17 00:00:00 2001 From: David Karlsson Date: Mon, 24 Apr 2023 15:17:27 +0200 Subject: [PATCH] engine: create a section for network drivers Signed-off-by: David Karlsson --- _data/engine-cli/docker_service_create.yaml | 2 +- _data/glossary.yaml | 2 +- _data/toc.yaml | 30 ++-- config/containers/container-networking.md | 84 ---------- config/daemon/ipv6.md | 1 - engine/faq.md | 2 +- engine/release-notes/23.0.md | 2 +- engine/security/index.md | 2 +- engine/swarm/networking.md | 2 +- engine/swarm/services.md | 2 +- network/{ => drivers}/bridge.md | 21 +-- network/{ => drivers}/host.md | 8 +- network/{ => drivers}/images/ipvlan-l3.gliffy | 0 network/{ => drivers}/images/ipvlan-l3.png | Bin network/{ => drivers}/images/ipvlan-l3.svg | 0 .../images/ipvlan_l2_simple.gliffy | 0 .../{ => drivers}/images/ipvlan_l2_simple.png | Bin .../{ => drivers}/images/ipvlan_l2_simple.svg | 0 .../images/macvlan-bridge-ipvlan-l2.gliffy | 0 .../images/macvlan-bridge-ipvlan-l2.png | Bin .../images/macvlan-bridge-ipvlan-l2.svg | 0 .../images/vlans-deeper-look.gliffy | 0 .../images/vlans-deeper-look.png | Bin .../images/vlans-deeper-look.svg | 0 network/drivers/index.md | 70 ++++++++ network/{ => drivers}/ipvlan.md | 6 +- network/{ => drivers}/macvlan.md | 9 +- network/{ => drivers}/none.md | 8 +- network/{ => drivers}/overlay.md | 9 +- .../images/multi_tenant_8021q_vlans.gliffy | 1 - network/images/multi_tenant_8021q_vlans.png | Bin 17879 -> 0 bytes network/images/multi_tenant_8021q_vlans.svg | 1 - network/index.md | 156 +++++++++--------- network/links.md | 6 +- network/network-tutorial-standalone.md | 2 +- 35 files changed, 206 insertions(+), 220 deletions(-) delete mode 100644 config/containers/container-networking.md rename network/{ => drivers}/bridge.md (93%) rename network/{ => drivers}/host.md (93%) rename network/{ => drivers}/images/ipvlan-l3.gliffy (100%) rename network/{ => drivers}/images/ipvlan-l3.png (100%) rename network/{ => drivers}/images/ipvlan-l3.svg (100%) rename network/{ => drivers}/images/ipvlan_l2_simple.gliffy (100%) rename network/{ => drivers}/images/ipvlan_l2_simple.png (100%) rename network/{ => drivers}/images/ipvlan_l2_simple.svg (100%) rename network/{ => drivers}/images/macvlan-bridge-ipvlan-l2.gliffy (100%) rename network/{ => drivers}/images/macvlan-bridge-ipvlan-l2.png (100%) rename network/{ => drivers}/images/macvlan-bridge-ipvlan-l2.svg (100%) rename network/{ => drivers}/images/vlans-deeper-look.gliffy (100%) rename network/{ => drivers}/images/vlans-deeper-look.png (100%) rename network/{ => drivers}/images/vlans-deeper-look.svg (100%) create mode 100644 network/drivers/index.md rename network/{ => drivers}/ipvlan.md (99%) rename network/{ => drivers}/macvlan.md (94%) rename network/{ => drivers}/none.md (91%) rename network/{ => drivers}/overlay.md (98%) delete mode 100644 network/images/multi_tenant_8021q_vlans.gliffy delete mode 100644 network/images/multi_tenant_8021q_vlans.png delete mode 100644 network/images/multi_tenant_8021q_vlans.svg diff --git a/_data/engine-cli/docker_service_create.yaml b/_data/engine-cli/docker_service_create.yaml index 817c9716a0..66c0458feb 100644 --- a/_data/engine-cli/docker_service_create.yaml +++ b/_data/engine-cli/docker_service_create.yaml @@ -1585,7 +1585,7 @@ examples: |- The swarm extends my-network to each node running the service. Containers on the same network can access each other using - [service discovery](/network/overlay/#container-discovery). + [service discovery](/network/drivers/overlay/#container-discovery). Long form syntax of `--network` allows to specify list of aliases and driver options: `--network name=my-network,alias=web1,driver-opt=field1=value1` diff --git a/_data/glossary.yaml b/_data/glossary.yaml index e61be2e02c..ed42f28292 100644 --- a/_data/glossary.yaml +++ b/_data/glossary.yaml @@ -233,7 +233,7 @@ service: | service account: | A service account is a Docker ID used for automated management of container images or containerized applications. Service accounts are typically used in automated workflows, and do not share Docker IDs with the members in a Docker Team or Docker Business subscription plan. service discovery: | - Swarm mode [container discovery](/network/overlay/#container-discovery) is a DNS component internal to the swarm that automatically assigns each service on an overlay network in the swarm a VIP and DNS entry. Containers on the network share DNS mappings for the service through gossip so any container on the network can access the service through its service name. + Swarm mode [container discovery](/network/drivers/overlay/#container-discovery) is a DNS component internal to the swarm that automatically assigns each service on an overlay network in the swarm a VIP and DNS entry. Containers on the network share DNS mappings for the service through gossip so any container on the network can access the service through its service name. You don’t need to expose service-specific ports to make the service available to other services on the same overlay network. The swarm’s internal load balancer automatically distributes requests to the service VIP among the active tasks. swarm: | diff --git a/_data/toc.yaml b/_data/toc.yaml index 6e915d67b0..bb287bf860 100644 --- a/_data/toc.yaml +++ b/_data/toc.yaml @@ -1350,22 +1350,24 @@ manuals: section: - path: /network/ title: Overview - - path: /config/containers/container-networking/ - title: Container networking + - sectiontitle: Network drivers + section: + - path: /network/drivers/ + title: Drivers overview + - path: /network/drivers/bridge/ + title: Bridge + - path: /network/drivers/overlay/ + title: Overlay + - path: /network/drivers/host/ + title: Host + - path: /network/drivers/ipvlan/ + title: IPvlan + - path: /network/drivers/macvlan/ + title: Macvlan + - path: /network/drivers/none/ + title: None - path: /network/proxy/ title: Configure Docker to use a proxy server - - path: /network/bridge/ - title: Bridge networks - - path: /network/overlay/ - title: Overlay networks - - path: /network/host/ - title: Host networking - - path: /network/ipvlan/ - title: IPvlan networks - - path: /network/macvlan/ - title: Macvlan networks - - path: /network/none/ - title: Disable networking for a container - sectiontitle: Networking tutorials section: - path: /network/network-tutorial-standalone/ diff --git a/config/containers/container-networking.md b/config/containers/container-networking.md deleted file mode 100644 index dc24ad6d3e..0000000000 --- a/config/containers/container-networking.md +++ /dev/null @@ -1,84 +0,0 @@ ---- -title: Container networking -description: How networking works from the container's point of view -keywords: networking, container, standalone -redirect_from: - - /engine/userguide/networking/configure-dns/ - - /engine/userguide/networking/default_network/configure-dns/ - - /engine/userguide/networking/default_network/binding/ - - /engine/userguide/networking/default_network/container-communication/ ---- - -A container has no information about what kind of network it's attached to, -whether it's a [bridge](../../network/bridge.md), an [overlay](../../network/overlay.md), -a [macvlan network](../../network/macvlan.md), or a custom network plugin. -A container only sees a network interface with an IP address, -a gateway, a routing table, DNS services, and other networking details. -That is, unless the container uses the `none` network driver. -This page describes networking from the point of view of the container. - -## Published ports - -By default, when you create or run a container using `docker create` or `docker run`, -the container doesn't expose any of its ports to the outside world. -To make a port available to services outside of Docker, -or to Docker containers running on a different network, -use the `--publish` or `-p` flag. -This creates a firewall rule in the container, -mapping a container port to a port on the Docker host to the outside world. -Here are some examples: - -| Flag value | Description | -| ------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------- | -| `-p 8080:80` | Map TCP port 80 in the container to port `8080` on the Docker host. | -| `-p 192.168.1.100:8080:80` | Map TCP port 80 in the container to port `8080` on the Docker host for connections to host IP `192.168.1.100`. | -| `-p 8080:80/udp` | Map UDP port 80 in the container to port `8080` on the Docker host. | -| `-p 8080:80/tcp -p 8080:80/udp` | Map TCP port 80 in the container to TCP port `8080` on the Docker host, and map UDP port `80` in the container to UDP port `8080` on the Docker host. | - -## IP address and hostname - -By default, the container gets an IP address for every Docker network it attaches to. -A container receives an IP address out of the IP pool of the network it attaches to. -The Docker daemon effectively acts as a DHCP server for each container. -Each network also has a default subnet mask and gateway. - -When a container starts, it can only attach to a single network, using the `--network` flag. -You can connect a running container to multiple networks using the `docker network connect` command. -When you start a container using the `--network` flag, -you can specify the IP address for the container on that network using the `--ip` or `--ip6` flags. - -When you connect an existing container to a different network using `docker network connect`, -you can use the `--ip` or `--ip6` flags on that command -to specify the container's IP address on the additional network. - -In the same way, a container's hostname defaults to be the container's ID in Docker. -You can override the hostname using `--hostname`. -When connecting to an existing network using `docker network connect`, -you can use the `--alias` flag to specify an additional network alias for the container on that network. - -## DNS services - -By default, containers inherit the DNS settings of the host, as defined in the `/etc/resolv.conf` configuration file. -Containers that attach to the default `bridge` network receive a copy of this file. -Containers that attach to a -[custom network](../../network/network-tutorial-standalone.md#use-user-defined-bridge-networks) -use Docker's embedded DNS server. -The embedded DNS server forwards external DNS lookups to the DNS servers configured on the host. - -Custom hosts, defined in `/etc/hosts` on the host machine, aren't inherited by containers. -To pass additional hosts into container, refer to -[add entries to container hosts file](../../engine/reference/commandline/run.md#add-host) -in the `docker run` reference documentation. -You can override these settings on a per-container basis. - -| Flag | Description | -| -------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `--dns` | The IP address of a DNS server. To specify multiple DNS servers, use multiple `--dns` flags. If the container can't reach any of the IP addresses you specify, it uses Google's public DNS server at `8.8.8.8`. This allows containers to resolve internet domains. | -| `--dns-search` | A DNS search domain to search non-fully-qualified hostnames. To specify multiple DNS search prefixes, use multiple `--dns-search` flags. | -| `--dns-opt` | A key-value pair representing a DNS option and its value. See your operating system's documentation for `resolv.conf` for valid options. | -| `--hostname` | The hostname a container uses for itself. Defaults to the container's ID if not specified. | - -## Proxy server - -If your container needs to use a proxy server, see -[Use a proxy server](../../network/proxy.md). diff --git a/config/daemon/ipv6.md b/config/daemon/ipv6.md index 350c58f0cc..5e8b63dd57 100644 --- a/config/daemon/ipv6.md +++ b/config/daemon/ipv6.md @@ -37,4 +37,3 @@ addresses using the `--ip6` flag. ## Next steps - [Networking overview](../../network/index.md) -- [Container networking](../containers/container-networking.md) diff --git a/engine/faq.md b/engine/faq.md index 5daa6a85fc..044e3f5218 100644 --- a/engine/faq.md +++ b/engine/faq.md @@ -101,7 +101,7 @@ thousands or even millions of containers. ### How do I connect Docker containers? Currently the recommended way to connect containers is via the Docker network -feature. You can see details of [how to work with Docker networks](../network/bridge.md). +feature. You can see details of [how to work with Docker networks](../network/drivers/bridge.md). ### How do I run more than one process in a Docker container? diff --git a/engine/release-notes/23.0.md b/engine/release-notes/23.0.md index 6aa50de1c2..75419db599 100644 --- a/engine/release-notes/23.0.md +++ b/engine/release-notes/23.0.md @@ -468,7 +468,7 @@ To mitigate this, the previous build cache must be discarded. `docker builder pr #### ipvlan networks ([tracking issue](https://github.com/moby/moby/issues/44925)) -When upgrading to the 23.0 branch, the existence of any [ipvlan](/network/ipvlan/) networks will prevent the daemon from starting: +When upgrading to the 23.0 branch, the existence of any [ipvlan](../../network/drivers/ipvlan.md) networks will prevent the daemon from starting: ``` panic: interface conversion: interface {} is nil, not string diff --git a/engine/security/index.md b/engine/security/index.md index c71ccdd19f..5ecb72bba8 100644 --- a/engine/security/index.md +++ b/engine/security/index.md @@ -281,4 +281,4 @@ pull requests, or comments on the Docker community forums. * [Seccomp security profiles for Docker](seccomp.md) * [AppArmor security profiles for Docker](apparmor.md) * [On the Security of Containers (2014)](https://medium.com/@ewindisch/on-the-security-of-containers-2c60ffe25a9e) -* [Docker swarm mode overlay network security model](../../network/overlay.md) +* [Docker swarm mode overlay network security model](../../network/drivers/overlay.md) diff --git a/engine/swarm/networking.md b/engine/swarm/networking.md index f488b1618d..f1ae2f0a1c 100644 --- a/engine/swarm/networking.md +++ b/engine/swarm/networking.md @@ -231,7 +231,7 @@ endpoint mode with an external load balancer, or use multiple smaller overlay ne Management and control plane data related to a swarm is always encrypted. For more details about the encryption mechanisms, see the -[Docker swarm mode overlay network security model](../../network/overlay.md). +[Docker swarm mode overlay network security model](../../network/drivers/overlay.md). Application data among swarm nodes is not encrypted by default. To encrypt this traffic on a given overlay network, use the `--opt encrypted` flag on `docker diff --git a/engine/swarm/services.md b/engine/swarm/services.md index a6dc1d71e7..4384227bc0 100644 --- a/engine/swarm/services.md +++ b/engine/swarm/services.md @@ -546,7 +546,7 @@ $ docker service update --network-rm my-network my-web For more information on overlay networking and service discovery, refer to [Attach services to an overlay network](networking.md) and -[Docker swarm mode overlay network security model](../../network/overlay.md). +[Docker swarm mode overlay network security model](../../network/drivers/overlay.md). ### Grant a service access to secrets diff --git a/network/bridge.md b/network/drivers/bridge.md similarity index 93% rename from network/bridge.md rename to network/drivers/bridge.md index a1cd2b462c..2ae58eafc3 100644 --- a/network/bridge.md +++ b/network/drivers/bridge.md @@ -1,5 +1,5 @@ --- -title: Use bridge networks +title: Bridge network driver description: All about using user-defined bridge networks and the default bridge keywords: network, bridge, user-defined, standalone redirect_from: @@ -8,6 +8,7 @@ redirect_from: - /engine/userguide/networking/default_network/build-bridges/ - /engine/userguide/networking/work-with-networks/ - /config/containers/bridges/ +- /network/bridge/ --- In terms of networking, a bridge network is a Link Layer device @@ -37,7 +38,7 @@ network.** - **User-defined bridges provide automatic DNS resolution between containers**. Containers on the default bridge network can only access each other by IP - addresses, unless you use the [`--link` option](links.md), which is + addresses, unless you use the [`--link` option](../links.md), which is considered legacy. On a user-defined bridge network, containers can resolve each other by name or alias. @@ -80,7 +81,7 @@ network.** - **Linked containers on the default bridge network share environment variables**. Originally, the only way to share environment variables between two containers - was to link them using the [`--link` flag](links.md). This type of + was to link them using the [`--link` flag](../links.md). This type of variable sharing is not possible with user-defined networks. However, there are superior ways to share environment variables. A few ideas: @@ -91,8 +92,8 @@ network.** compose file can define the shared variables. - You can use swarm services instead of standalone containers, and take - advantage of shared [secrets](../engine/swarm/secrets.md) and - [configs](../engine/swarm/configs.md). + advantage of shared [secrets](../../engine/swarm/secrets.md) and + [configs](../../engine/swarm/configs.md). Containers connected to the same user-defined bridge network effectively expose all ports to each other. For a port to be accessible to containers or non-Docker hosts on @@ -110,7 +111,7 @@ $ docker network create my-net You can specify the subnet, the IP address range, the gateway, and other options. See the -[docker network create](../engine/reference/commandline/network_create.md#specify-advanced-options) +[docker network create](../../engine/reference/commandline/network_create.md#specify-advanced-options) reference or the output of `docker network create --help` for details. Use the `docker network rm` command to remove a user-defined bridge @@ -167,7 +168,7 @@ $ docker network disconnect my-net my-nginx ## Use IPv6 If you need IPv6 support for Docker containers, you need to -[enable the option](../config/daemon/ipv6.md) on the Docker daemon and reload its +[enable the option](../../config/daemon/ipv6.md) on the Docker daemon and reload its configuration, before creating any IPv6 networks or assigning containers IPv6 addresses. @@ -209,7 +210,7 @@ If you do not specify a network using the `--network` flag, and you do specify a network driver, your container is connected to the default `bridge` network by default. Containers connected to the default `bridge` network can communicate, but only by IP address, unless they are linked using the -[legacy `--link` flag](links.md). +[legacy `--link` flag](../links.md). ### Configure the default bridge network @@ -239,7 +240,7 @@ user-defined bridges, you can't selectively disable IPv6 on the default bridge. ## Next steps -- Go through the [standalone networking tutorial](network-tutorial-standalone.md) -- Learn about [networking from the container's point of view](../config/containers/container-networking.md) +- Go through the [standalone networking tutorial](../network-tutorial-standalone.md) +- Learn about [networking from the container's point of view](../index.md) - Learn about [overlay networks](overlay.md) - Learn about [Macvlan networks](macvlan.md) diff --git a/network/host.md b/network/drivers/host.md similarity index 93% rename from network/host.md rename to network/drivers/host.md index e5bb02820c..8b1679ba84 100644 --- a/network/host.md +++ b/network/drivers/host.md @@ -1,7 +1,9 @@ --- -title: Use host networking +title: Host network driver description: All about exposing containers on the Docker host's network keywords: network, host, standalone +redirect_from: + - /network/host/ --- If you use the `host` network mode for a container, that container's network @@ -39,8 +41,8 @@ given swarm node. ## Next steps -- Go through the [host networking tutorial](network-tutorial-host.md) -- Learn about [networking from the container's point of view](../config/containers/container-networking.md) +- Go through the [host networking tutorial](../network-tutorial-host.md) +- Learn about [networking from the container's point of view](../index.md) - Learn about [bridge networks](bridge.md) - Learn about [overlay networks](overlay.md) - Learn about [Macvlan networks](macvlan.md) diff --git a/network/images/ipvlan-l3.gliffy b/network/drivers/images/ipvlan-l3.gliffy similarity index 100% rename from network/images/ipvlan-l3.gliffy rename to network/drivers/images/ipvlan-l3.gliffy diff --git a/network/images/ipvlan-l3.png b/network/drivers/images/ipvlan-l3.png similarity index 100% rename from network/images/ipvlan-l3.png rename to network/drivers/images/ipvlan-l3.png diff --git a/network/images/ipvlan-l3.svg b/network/drivers/images/ipvlan-l3.svg similarity index 100% rename from network/images/ipvlan-l3.svg rename to network/drivers/images/ipvlan-l3.svg diff --git a/network/images/ipvlan_l2_simple.gliffy b/network/drivers/images/ipvlan_l2_simple.gliffy similarity index 100% rename from network/images/ipvlan_l2_simple.gliffy rename to network/drivers/images/ipvlan_l2_simple.gliffy diff --git a/network/images/ipvlan_l2_simple.png b/network/drivers/images/ipvlan_l2_simple.png similarity index 100% rename from network/images/ipvlan_l2_simple.png rename to network/drivers/images/ipvlan_l2_simple.png diff --git a/network/images/ipvlan_l2_simple.svg b/network/drivers/images/ipvlan_l2_simple.svg similarity index 100% rename from network/images/ipvlan_l2_simple.svg rename to network/drivers/images/ipvlan_l2_simple.svg diff --git a/network/images/macvlan-bridge-ipvlan-l2.gliffy b/network/drivers/images/macvlan-bridge-ipvlan-l2.gliffy similarity index 100% rename from network/images/macvlan-bridge-ipvlan-l2.gliffy rename to network/drivers/images/macvlan-bridge-ipvlan-l2.gliffy diff --git a/network/images/macvlan-bridge-ipvlan-l2.png b/network/drivers/images/macvlan-bridge-ipvlan-l2.png similarity index 100% rename from network/images/macvlan-bridge-ipvlan-l2.png rename to network/drivers/images/macvlan-bridge-ipvlan-l2.png diff --git a/network/images/macvlan-bridge-ipvlan-l2.svg b/network/drivers/images/macvlan-bridge-ipvlan-l2.svg similarity index 100% rename from network/images/macvlan-bridge-ipvlan-l2.svg rename to network/drivers/images/macvlan-bridge-ipvlan-l2.svg diff --git a/network/images/vlans-deeper-look.gliffy b/network/drivers/images/vlans-deeper-look.gliffy similarity index 100% rename from network/images/vlans-deeper-look.gliffy rename to network/drivers/images/vlans-deeper-look.gliffy diff --git a/network/images/vlans-deeper-look.png b/network/drivers/images/vlans-deeper-look.png similarity index 100% rename from network/images/vlans-deeper-look.png rename to network/drivers/images/vlans-deeper-look.png diff --git a/network/images/vlans-deeper-look.svg b/network/drivers/images/vlans-deeper-look.svg similarity index 100% rename from network/images/vlans-deeper-look.svg rename to network/drivers/images/vlans-deeper-look.svg diff --git a/network/drivers/index.md b/network/drivers/index.md new file mode 100644 index 0000000000..4e53aca927 --- /dev/null +++ b/network/drivers/index.md @@ -0,0 +1,70 @@ +--- +title: Network drivers overview +description: Overview of Docker network drivers and related concepts +keywords: networking, drivers, bridge, routing, routing mesh, overlay, ports +--- + +Docker's networking subsystem is pluggable, using drivers. Several drivers +exist by default, and provide core networking functionality: + +- `bridge`: The default network driver. If you don't specify a driver, this is + the type of network you are creating. **Bridge networks are usually used when + your applications run in standalone containers that need to communicate.** See + [bridge networks](bridge.md). + +- `host`: For standalone containers, remove network isolation between the + container and the Docker host, and use the host's networking directly. See + [use the host network](host.md). + +- `overlay`: Overlay networks connect multiple Docker daemons together and + enable swarm services to communicate with each other. You can also use overlay + networks to facilitate communication between a swarm service and a standalone + container, or between two standalone containers on different Docker daemons. + This strategy removes the need to do OS-level routing between these + containers. See [overlay networks](overlay.md). + +- `ipvlan`: IPvlan networks give users total control over both IPv4 and IPv6 + addressing. The VLAN driver builds on top of that in giving operators complete + control of layer 2 VLAN tagging and even IPvlan L3 routing for users + interested in underlay network integration. See [IPvlan networks](ipvlan.md). + +- `macvlan`: Macvlan networks allow you to assign a MAC address to a container, + making it appear as a physical device on your network. The Docker daemon + routes traffic to containers by their MAC addresses. Using the `macvlan` + driver is sometimes the best choice when dealing with legacy applications that + expect to be directly connected to the physical network, rather than routed + through the Docker host's network stack. See + [Macvlan networks](macvlan.md). + +- `none`: For this container, disable all networking. Usually used in + conjunction with a custom network driver. `none` is not available for swarm + services. See + [disable container networking](none.md). + +- [Network plugins](/engine/extend/plugins_services/): You can install and use + third-party network plugins with Docker. + +### Network driver summary + +- **User-defined bridge networks** are best when you need multiple containers to + communicate on the same Docker host. +- **Host networks** are best when the network stack should not be isolated from + the Docker host, but you want other aspects of the container to be isolated. +- **Overlay networks** are best when you need containers running on different + Docker hosts to communicate, or when multiple applications work together using + swarm services. +- **Macvlan networks** are best when you are migrating from a VM setup or + need your containers to look like physical hosts on your network, each with a + unique MAC address. +- **Third-party network plugins** allow you to integrate Docker with specialized + network stacks. + +## Networking tutorials + +Now that you understand the basics about Docker networks, deepen your +understanding using the following tutorials: + +- [Standalone networking tutorial](../network-tutorial-standalone.md) +- [Host networking tutorial](../network-tutorial-host.md) +- [Overlay networking tutorial](../network-tutorial-overlay.md) +- [Macvlan networking tutorial](../network-tutorial-macvlan.md) diff --git a/network/ipvlan.md b/network/drivers/ipvlan.md similarity index 99% rename from network/ipvlan.md rename to network/drivers/ipvlan.md index ebba73ce65..54c1ea7a7c 100644 --- a/network/ipvlan.md +++ b/network/drivers/ipvlan.md @@ -1,14 +1,16 @@ --- -title: Use IPvlan networks +title: IPvlan network driver description: All about using IPvlan to make your containers appear like physical machines on the network keywords: network, ipvlan, l2, l3, standalone +redirect_from: + - /network/ipvlan/ --- The IPvlan driver gives users total control over both IPv4 and IPv6 addressing. The VLAN driver builds on top of that in giving operators complete control of layer 2 VLAN tagging and even IPvlan L3 routing for users interested in underlay network integration. For overlay deployments that abstract away physical constraints -see the [multi-host overlay](network-tutorial-overlay.md) driver. +see the [multi-host overlay](../network-tutorial-overlay.md) driver. IPvlan is a new twist on the tried and true network virtualization technique. The Linux implementations are extremely lightweight because rather than using diff --git a/network/macvlan.md b/network/drivers/macvlan.md similarity index 94% rename from network/macvlan.md rename to network/drivers/macvlan.md index 4830764870..db44fdc08c 100644 --- a/network/macvlan.md +++ b/network/drivers/macvlan.md @@ -1,10 +1,11 @@ --- -title: Use macvlan networks +title: macvlan network driver description: All about using macvlan to make your containers appear like physical machines on the network keywords: network, macvlan, standalone redirect_from: - /engine/userguide/networking/get-started-macvlan/ - /config/containers/macvlan/ +- /network/macvlan/ --- Some applications, especially legacy applications or applications which monitor @@ -94,7 +95,7 @@ $ docker network create -d ipvlan \ ## Use IPv6 -If you have [configured the Docker daemon to allow IPv6](../config/daemon/ipv6.md), +If you have [configured the Docker daemon to allow IPv6](../../config/daemon/ipv6.md), you can use dual-stack IPv4/IPv6 `macvlan` networks. ```console @@ -108,8 +109,8 @@ $ docker network create -d macvlan \ ## Next steps -- Go through the [macvlan networking tutorial](network-tutorial-macvlan.md) -- Learn about [networking from the container's point of view](../config/containers/container-networking.md) +- Go through the [macvlan networking tutorial](../network-tutorial-macvlan.md) +- Learn about [networking from the container's point of view](../index.md) - Learn about [bridge networks](bridge.md) - Learn about [overlay networks](overlay.md) - Learn about [host networking](host.md) diff --git a/network/none.md b/network/drivers/none.md similarity index 91% rename from network/none.md rename to network/drivers/none.md index 4434d38d05..8609b79043 100644 --- a/network/none.md +++ b/network/drivers/none.md @@ -1,7 +1,9 @@ --- -title: Disable networking for a container +title: None network driver description: How to disable networking by using the none driver keywords: network, none, standalone +redirect_from: + - /network/none/ --- If you want to completely disable the networking stack on a container, you can @@ -47,8 +49,8 @@ only the loopback device is created. The following example illustrates this. ## Next steps -- Go through the [host networking tutorial](network-tutorial-host.md) -- Learn about [networking from the container's point of view](../config/containers/container-networking.md) +- Go through the [host networking tutorial](../network-tutorial-host.md) +- Learn about [networking from the container's point of view](../index.md) - Learn about [bridge networks](bridge.md) - Learn about [overlay networks](overlay.md) - Learn about [Macvlan networks](macvlan.md) diff --git a/network/overlay.md b/network/drivers/overlay.md similarity index 98% rename from network/overlay.md rename to network/drivers/overlay.md index f1cd8a4372..83eb85ef09 100644 --- a/network/overlay.md +++ b/network/drivers/overlay.md @@ -1,10 +1,11 @@ --- -title: Use overlay networks +title: Overlay network driver description: All about using overlay networks keywords: network, overlay, user-defined, swarm, service redirect_from: - /engine/userguide/networking/overlay-security-model/ - /config/containers/overlay/ +- /network/overlay/ --- The `overlay` network driver creates a distributed network among multiple @@ -187,7 +188,7 @@ from the swarm. 4. Create or re-create the `docker_gwbridge` bridge manually with your custom settings, using the `docker network create` command. This example uses the subnet `10.11.0.0/16`. For a full list of customizable - options, see [Bridge driver options](../engine/reference/commandline/network_create.md#bridge-driver-options). + options, see [Bridge driver options](../../engine/reference/commandline/network_create.md#bridge-driver-options). ```console $ docker network create \ @@ -286,7 +287,7 @@ For most situations, you should connect to the service name, which is load-balan ## Next steps -- Go through the [overlay networking tutorial](network-tutorial-overlay.md) -- Learn about [networking from the container's point of view](../config/containers/container-networking.md) +- Go through the [overlay networking tutorial](../network-tutorial-overlay.md) +- Learn about [networking from the container's point of view](../index.md) - Learn about [standalone bridge networks](bridge.md) - Learn about [Macvlan networks](macvlan.md) diff --git a/network/images/multi_tenant_8021q_vlans.gliffy b/network/images/multi_tenant_8021q_vlans.gliffy deleted file mode 100644 index 40eed17270..0000000000 --- a/network/images/multi_tenant_8021q_vlans.gliffy +++ /dev/null @@ -1 +0,0 @@ -{"contentType":"application/gliffy+json","version":"1.3","stage":{"background":"#ffffff","width":389,"height":213,"nodeIndex":276,"autoFit":true,"exportBorder":false,"gridOn":true,"snapToGrid":false,"drawingGuidesOn":false,"pageBreaksOn":false,"printGridOn":false,"printPaper":"LETTER","printShrinkToFit":false,"printPortrait":true,"maxWidth":5000,"maxHeight":5000,"themeData":null,"viewportType":"default","fitBB":{"min":{"x":5,"y":6.6999969482421875},"max":{"x":389,"y":212.14285409109937}},"printModel":{"pageSize":"a4","portrait":false,"fitToOnePage":false,"displayPageBreaks":false},"objects":[{"x":64.0,"y":36.0,"rotation":0.0,"id":216,"width":211.0,"height":31.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":10,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":5.0,"strokeColor":"#e69138","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":10.0,"controlPath":[[-12.0,33.0],[84.0,33.0],[84.0,86.0],[120.0,86.0]],"lockSegments":{"1":true},"ortho":true}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":190.0,"y":32.0,"rotation":0.0,"id":254,"width":211.0,"height":31.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":11,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":5.0,"strokeColor":"#f1c232","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":10.0,"controlPath":[[-142.0,16.0],[54.0,16.0],[54.0,115.0],[87.0,115.0]],"lockSegments":{"1":true},"ortho":true}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":133.38636363636374,"y":108.14285409109937,"rotation":0.0,"id":226,"width":123.00000000000001,"height":104.0,"uid":"com.gliffy.shape.iphone.iphone_ios7.icons_glyphs.glyph_cloud","order":12,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.iphone.iphone_ios7.icons_glyphs.glyph_cloud","strokeWidth":1.0,"strokeColor":"#000000","fillColor":"#999999","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":15.147567221510933,"y":139.96785409109907,"rotation":0.0,"id":115,"width":107.40845070422536,"height":49.0,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":29,"lockAspectRatio":false,"lockShape":false,"children":[{"x":31.506478873239438,"y":2.4460032626429853,"rotation":0.0,"id":116,"width":44.395492957746484,"height":29.54388254486117,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":17,"lockAspectRatio":false,"lockShape":false,"children":[{"x":20.86588169014084,"y":2.637846655791175,"rotation":0.0,"id":117,"width":2.663729577464789,"height":24.268189233278818,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":26,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":120,"py":0.0,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":120,"py":1.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[1.3318647887324033,-1.055138662316466],[1.3318647887324033,25.3233278955953]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":36.84825915492961,"y":2.637846655791175,"rotation":0.0,"id":118,"width":1.0000000000000002,"height":25.323327895595277,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":23,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[-0.8875219090985048,-1.0551386623167391],[-0.8875219090985048,25.323327895595412]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":7.103278873239435,"y":1.230995106035881,"rotation":0.0,"id":119,"width":1.0000000000000002,"height":25.323327895595277,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":20,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[1.2752008616871728,0.3517128874389471],[1.2752008616871728,26.73017944535047]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":0.0,"y":1.5827079934747048,"rotation":0.0,"id":120,"width":44.395492957746484,"height":26.378466557911768,"uid":"com.gliffy.shape.basic.basic_v1.default.rectangle","order":15,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#6fa8dc","fillColor":"#3d85c6","gradient":true,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":0.0,"y":37.199347471451986,"rotation":0.0,"id":121,"width":107.40845070422536,"height":28.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":28,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"

container1 - vlan10

192.168.1.2/24

","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":68.0,"y":82.69999694824219,"rotation":0.0,"id":140,"width":150.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":30,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"


","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":71.0,"y":4.1999969482421875,"rotation":0.0,"id":187,"width":108.99999999999999,"height":19.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":31,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"

eth0 - 802.1q trunk

","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":282.0,"y":8.0,"rotation":0.0,"id":199,"width":73.00000000000003,"height":40.150000000000006,"uid":"com.gliffy.shape.network.network_v4.business.router","order":32,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.network.network_v4.business.router","strokeWidth":1.0,"strokeColor":"#000000","fillColor":"#3966A0","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":62.0,"y":55.0,"rotation":0.0,"id":210,"width":211.0,"height":31.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":34,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":5.0,"strokeColor":"#e06666","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":10.0,"controlPath":[[-8.0,11.0],[-8.0,34.0],[26.0,34.0],[26.0,57.0]],"lockSegments":{},"ortho":true}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":12.805718530101615,"y":11.940280333547719,"rotation":0.0,"id":134,"width":59.31028146989837,"height":83.0,"uid":"com.gliffy.shape.cisco.cisco_v1.servers.standard_host","order":35,"lockAspectRatio":true,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.cisco.cisco_v1.servers.standard_host","strokeWidth":2.0,"strokeColor":"#333333","fillColor":"#3d85c6","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":64.0,"y":73.19999694824219,"rotation":0.0,"id":211,"width":60.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":36,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"

eth0.10

","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":65.0,"y":52.19999694824219,"rotation":0.0,"id":212,"width":60.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":37,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"

eth0.20

","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":7.386363636363733,"y":108.14285409109937,"rotation":0.0,"id":219,"width":123.00000000000001,"height":104.0,"uid":"com.gliffy.shape.iphone.iphone_ios7.icons_glyphs.glyph_cloud","order":38,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.iphone.iphone_ios7.icons_glyphs.glyph_cloud","strokeWidth":1.0,"strokeColor":"#000000","fillColor":"#999999","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":139.1475672215109,"y":139.96785409109907,"rotation":0.0,"id":227,"width":107.40845070422536,"height":49.0,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":55,"lockAspectRatio":false,"lockShape":false,"children":[{"x":31.506478873239438,"y":2.4460032626429853,"rotation":0.0,"id":228,"width":44.395492957746484,"height":29.54388254486117,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":43,"lockAspectRatio":false,"lockShape":false,"children":[{"x":20.86588169014084,"y":2.637846655791175,"rotation":0.0,"id":229,"width":2.663729577464789,"height":24.268189233278818,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":52,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":232,"py":0.0,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":232,"py":1.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[1.3318647887323891,-1.055138662316466],[1.3318647887323891,25.3233278955953]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":36.84825915492961,"y":2.637846655791175,"rotation":0.0,"id":230,"width":1.0000000000000002,"height":25.323327895595277,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":49,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[-0.8875219090985048,-1.0551386623167391],[-0.8875219090985048,25.323327895595412]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":7.103278873239435,"y":1.230995106035881,"rotation":0.0,"id":231,"width":1.0000000000000002,"height":25.323327895595277,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":46,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[1.2752008616871728,0.3517128874389471],[1.2752008616871728,26.73017944535047]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":0.0,"y":1.5827079934747048,"rotation":0.0,"id":232,"width":44.395492957746484,"height":26.378466557911768,"uid":"com.gliffy.shape.basic.basic_v1.default.rectangle","order":41,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#6fa8dc","fillColor":"#3d85c6","gradient":true,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":0.0,"y":37.199347471451986,"rotation":0.0,"id":233,"width":107.40845070422536,"height":28.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":54,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"

container2 - vlan20

172.16.1.2/24

","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":259.38636363636374,"y":108.14285409109937,"rotation":0.0,"id":248,"width":123.00000000000001,"height":104.0,"uid":"com.gliffy.shape.iphone.iphone_ios7.icons_glyphs.glyph_cloud","order":56,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.iphone.iphone_ios7.icons_glyphs.glyph_cloud","strokeWidth":1.0,"strokeColor":"#000000","fillColor":"#999999","gradient":false,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":265.14756722151094,"y":139.96785409109907,"rotation":0.0,"id":241,"width":107.40845070422536,"height":49.0,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":73,"lockAspectRatio":false,"lockShape":false,"children":[{"x":31.506478873239438,"y":2.4460032626429853,"rotation":0.0,"id":242,"width":44.395492957746484,"height":29.54388254486117,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":61,"lockAspectRatio":false,"lockShape":false,"children":[{"x":20.86588169014084,"y":2.637846655791175,"rotation":0.0,"id":243,"width":2.663729577464789,"height":24.268189233278818,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":70,"lockAspectRatio":false,"lockShape":false,"constraints":{"constraints":[],"startConstraint":{"type":"StartPositionConstraint","StartPositionConstraint":{"nodeId":246,"py":0.0,"px":0.5}},"endConstraint":{"type":"EndPositionConstraint","EndPositionConstraint":{"nodeId":246,"py":1.0,"px":0.5}}},"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[1.3318647887323891,-1.055138662316466],[1.3318647887323891,25.3233278955953]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":36.84825915492961,"y":2.637846655791175,"rotation":0.0,"id":244,"width":1.0000000000000002,"height":25.323327895595277,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":67,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[-0.8875219090985048,-1.0551386623167391],[-0.8875219090985048,25.323327895595412]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":7.103278873239435,"y":1.230995106035881,"rotation":0.0,"id":245,"width":1.0000000000000002,"height":25.323327895595277,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":64,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#0b5394","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[1.2752008616871728,0.3517128874389471],[1.2752008616871728,26.73017944535047]],"lockSegments":{},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":0.0,"y":1.5827079934747048,"rotation":0.0,"id":246,"width":44.395492957746484,"height":26.378466557911768,"uid":"com.gliffy.shape.basic.basic_v1.default.rectangle","order":59,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Shape","Shape":{"tid":"com.gliffy.stencil.rectangle.basic_v1","strokeWidth":2.0,"strokeColor":"#6fa8dc","fillColor":"#3d85c6","gradient":true,"dashStyle":null,"dropShadow":false,"state":0,"opacity":1.0,"shadowX":0.0,"shadowY":0.0}},"linkMap":[],"children":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":0.0,"y":37.199347471451986,"rotation":0.0,"id":247,"width":107.40845070422536,"height":28.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":72,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"

container3 - vlan30

10.1.1.2/16

","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":65.0,"y":31.199996948242188,"rotation":0.0,"id":253,"width":60.0,"height":14.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":74,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"

eth0.30

","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":44.49612211422149,"y":17.874999999999943,"rotation":0.0,"id":266,"width":275.00609168449375,"height":15.70000000000006,"uid":"com.gliffy.shape.basic.basic_v1.default.group","order":75,"lockAspectRatio":false,"lockShape":false,"children":[{"x":68.50387788577851,"y":43.12500000000006,"rotation":0.0,"id":258,"width":211.0,"height":31.0,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":9,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#999999","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[-64.00387788577851,-31.924999999999997],[197.00221379871527,-31.925000000000153]],"lockSegments":{"1":true},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":68.50387788577851,"y":38.55333333333314,"rotation":0.0,"id":262,"width":211.0,"height":33.06666666666631,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":7,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#999999","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[-64.00387788577851,-34.053333333332965],[197.00221379871527,-34.05333333333314]],"lockSegments":{"1":true},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":70.50387788577851,"y":40.7533333333331,"rotation":0.0,"id":261,"width":211.0,"height":33.06666666666631,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":5,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#e06666","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[-64.00387788577851,-34.053333333332965],[197.00221379871527,-34.05333333333314]],"lockSegments":{"1":true},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":70.50387788577851,"y":42.88666666666643,"rotation":0.0,"id":260,"width":211.0,"height":33.06666666666631,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":3,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#e69138","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[-64.00387788577851,-34.053333333332965],[197.00221379871527,-34.05333333333314]],"lockSegments":{"1":true},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":73.50387788577851,"y":43.95333333333309,"rotation":0.0,"id":259,"width":211.0,"height":33.06666666666631,"uid":"com.gliffy.shape.basic.basic_v1.default.line","order":1,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Line","Line":{"strokeWidth":2.0,"strokeColor":"#ffe599","fillColor":"none","dashStyle":null,"startArrow":0,"endArrow":0,"startArrowRotation":"auto","endArrowRotation":"auto","interpolationType":"linear","cornerRadius":null,"controlPath":[[-64.00387788577851,-34.053333333332965],[197.00221379871527,-34.05333333333314]],"lockSegments":{"1":true},"ortho":false}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":248.0,"y":51.19999694824219,"rotation":0.0,"id":207,"width":143.0,"height":70.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":33,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"

Network Router (gateway)

vlan10 - 192.168.1.1/24

vlan20 - 172.16.1.1/24

vlan30 - 10.1.1.1/16

","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"},{"x":3.0,"y":88.19999694824219,"rotation":0.0,"id":272,"width":77.99999999999999,"height":28.0,"uid":"com.gliffy.shape.basic.basic_v1.default.text","order":76,"lockAspectRatio":false,"lockShape":false,"graphic":{"type":"Text","Text":{"overflow":"none","paddingTop":2,"paddingRight":2,"paddingBottom":2,"paddingLeft":2,"outerPaddingTop":6,"outerPaddingRight":6,"outerPaddingBottom":2,"outerPaddingLeft":6,"type":"fixed","lineTValue":null,"linePerpValue":null,"cardinalityType":null,"html":"

Docker Host

","tid":null,"valign":"middle","vposition":"none","hposition":"none"}},"linkMap":[],"hidden":false,"layerId":"9wom3rMkTrb3"}],"layers":[{"guid":"9wom3rMkTrb3","order":0,"name":"Layer 0","active":true,"locked":false,"visible":true,"nodeIndex":80}],"shapeStyles":{},"lineStyles":{"global":{"stroke":"#e06666","strokeWidth":2,"orthoMode":1}},"textStyles":{"global":{"bold":true,"face":"Arial","size":"12px","color":"#000000"}}},"metadata":{"title":"untitled","revision":0,"exportBorder":false,"loadPosition":"default","libraries":["com.gliffy.libraries.network.network_v4.home","com.gliffy.libraries.network.network_v4.business","com.gliffy.libraries.network.network_v4.rack","com.gliffy.libraries.network.network_v3.home","com.gliffy.libraries.network.network_v3.business","com.gliffy.libraries.network.network_v3.rack"],"lastSerialized":1457586821719,"analyticsProduct":"Confluence"},"embeddedResources":{"index":0,"resources":[]}} \ No newline at end of file diff --git a/network/images/multi_tenant_8021q_vlans.png b/network/images/multi_tenant_8021q_vlans.png deleted file mode 100644 index a38633cdbc23014364bfc611d650b2a17dc72ae0..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 17879 zcmYhg1yEbx7cE?9f#O>wA2N=k^5TU; zo{GGTp7-KW?!7UgA^9LY@*H}Cd+%K1(B{(ASh93{t=X3Dy466wQ~@&Pj=v%}BW_Tv zbkUAB&>_O7chr-9U4T!T_5s~WI_wo`Hxeo-?Y#yLmK@UoPhtsg``T`mL=N9B!-bsW zgx|Q&gpY0y13~m9EY?WzZE_R{@hs0lpRCMaMHVgp79Xn2Ku{Ma|No98>dQ?kYv>Nv zsWm8Z-;KC6HhR6Lr!VeNd|tr%VOY^m zkwVRr&<8Req~^;ok(4~qc8%?}ztG$_^;BLz`tzB2Oc({;nbWga)0iI=_!KOa4M-C_ ztTazF`Hr*|1=0#(;FjKu?@{<00=iad-;Dj0b?Kb28_=j{!D5U#_8Zd^0xL57Wr;kV zW7Yogi>A0O_xXi?B{b%JsyPNb<9T4@0^Ua9m{`f@Ovrp&86MOYtf-^It+zxU^_2T1@9mNroUAc=~sP<&MwscFUeQ~U<|7u8-^w-37_ z?-JEMYVoHK&{lO$cTS!yzsMU2rqz<^>|956zA~~i8KsrX0scsyr~V=kQBHaJzO|cU zTzmPi`1-h;toXlFvEO)Dhttdt&?@q>Kd)2Vquk7t1{Yd_oSwgUmj1whTCDfD33ck9 z8RJU_(H9rX_0l_CkUw=EALt!#nWmXQAB_t;pO30$=Q^sZZaP`|Lj;nj;8ja2!7oV8 z60r=%w|IV$d3b~n<=QD^cSzQ7Vpm-Q+IaizNe1w?1stu&`ijkMd>wcd20ZSXmE!1I zI8Z;Z4{&eE;orfX6?=uD-Zc^jXFe|_NhE{gSt~z1m@cv{#2Ot7Dt%%N{W=MM*IAB6 zO*h~mm)cFI9OyBP>x`Y6Vxo^NBYlu5a$oT%!`QXsCSLEni?ZE5>9IAgThC|y@b=K) zup@H_BIEF_%5Ob&C2gXbHMgR~wd38|>Y>X)pg^&S(#@Qp{`5}_L)TAjPNKc3{R_Im zSTx*!+wnGYZWnBY3_>`pJ=Dj!#FUC~K^{-G#oe3eQeR|JSmIRTf|KTmOp)u~kKwNy ztr$AvQVd!r-YN-dJzN1!UqQ7M4I_mGlQj}eH&TSJxxDcg!oN~+fq?KYq*czb)8De< z@bw6WQp{wZ*NveGzgX|D9yD6qy=^=-BQVoy8O4?}f=3qpAOvaoMw*+Mnf-ufYlTmy zHG6OWpo!J2Z1iIa~O*@BFdJ2=tR+=&$w0&?W~!n&Tou+fz?XbS5x z?)E3!mMk5G5K4sx%>E`#WAZ0sl3d^Q$J@mmV$t>0g4BG4_>bM64d8oB1YJ65SI|}XnodMBgWbaKzxJQI_?a(SC6hSaSC6PjS3Sys<~Kr(di<~axaTe) za%Hw;r*#TBwCP%3Uo~;Q*)Af+HL~`&f5kcw9!*fzA8$9hki&vnbf2gx1HBGmr|LM$ z`@(Q`VlT9|BD@v0Osq%F*-}u*{5BzxKyc2M9V4oaBegp$`47kKyy)DwQ~J0LHDgA< zWb{EidaHNwHT|vMa~t-2Gd1GWO{fiz5JM=PAwnfkh0g9Ip9Y|WhQKM@UhRN&zPk@N8r}r7J%{fLmcR1XAlPz_PNfc zN|&SLZ2SxtKn_ed>cZM?j3(z@Qm?d4)VR4vJw<`8@OM1x#Ov9;B4#0E z4CVXs=_V=k1>gaGm2iPJZer)vq&w7Rk~oroQIV1gDlmHf{dclgvQ{qtxXoV)uLOSo zX z`CSXah0|4bZk|}UxVTK^cZ*IjP{%t|mFVyBDa8>G@=YnA?} zgD-#oF`fg9bI3JQN;mGX!GD)EonafCDf15VB z)D+V|i~tOxT6z3HYWbn_=c%>V)#cXDDJOGk&}$O{_XS^I7lH zZEVp1(PsD0r`Rw_kove#YX1(JL{n_7*`@jA$u>0>>W$>ND>KqKq}Ht`T13M%;lh2>dyc6VNPYTEIH1cr}Y|Ey8a zfu>QWO3t&dD+t;#Tx*{x3V3SpLH znu1t~d;FK-b@fQC*lQb(x=k21XO9pwH19Lwo9W8IV#p? z)@G&1;m!p8%7LJ(odTd%R+6>fYmz}chCuq(_Lj@nv-j4-x4~*4?9!r|4BSn}f|#r} z757FHa_Ywi5}df-E^S<|xZt8dV3W^5h}cR~{!AaF(d@Kv{RC)ZGv(ZLcp z>sU1pq%7n3Sj+l@fW>QXStG|drHMNll$Zv(q8sCI+I7Mt_aIJ2_zUE0RA#$Sksm8* zLS{KD)hPk)JS<899bTtfq+w`e_-!V{Oi_1@LNp>r$i|;qZ}Bt(@>wcUfsK!QZ^9x9 z_e;2Q>_Fo&8N^H-8 zA7?b&6>{I6&U#vRSdcO|)ETV+wGWAZjIbLuHj?RRL+P;Y)3ybw&ihi0u9rr6AKMkd zba9PkWo4O&L+UclrXF?+$x&-~LB=;Ky?qNcSMUjAX|ZzJY{J+s)~5OZUeu}bcM`9>7?7d0=Zy6~Y5~94 zHqIZ;oY`_Syah{NYlV+)xxLbXQR{atN zIkMpwHgL#z4=J50!Dc?&wXv>)7$HMBt7CZu2jv^_Kczn7(1g|>M9{YLw$Z^$q18?$l*f4Wg2Z`&Fwa|Jt$vzDtSl(R}P5tzI;DyAEYm=!kN>vXVM zxLuUebn3b{#i>s;%+;=b+%mbjhkDqg&Ov{*dEWQmfOm%?U3FWGbGg9R6i{sE`9>gklS7l4J#-RNg@sMFv zFyxqk_j_}|yMn6^V6`9&O%fuBY+4vDglCVl03$43_eIrxG5UqsL_NYGr@W}du2sAA zJIPSItk%GGA%bI~tWpaAC_?AG>x01TfDfNEe%T!jTL)_W>F}(oo@^*Zr>gIt#{R1VDuD*$^ zS|^}(ASNZ!>3VV@mM#QKDN4F}YVQpcARb++%x$%xZut*r`?qmc*7{NQu*dPp?ZHdC zGK#U56sz=K8-&)azkSK-oU`JM1VP{p1EX(}lUClsuKt+=C$BH(#vn=zgRmJ9#-%GE7dn}3|Q3kb|bt{!lG9d=icF zdhScP!jO%;3j8_&aZ$v*7%YL#;q=;{czRtFkMoHc2TCv-1?mGp})8NX4wIBz#d+Vuzl-*M#%(@81e)fgR>XUs^{(gVPM6UW*HV=EHlZO`8neF-+F z(hW;?u>OfdAFfaBd=)8hlv6)C$zs8c*(;jvPyJ+{nks%9>~hZ{=w=++HL-^rG8)8P>9tK$gml8CJrcltW;q!$snXiI{NYh0I8LFyWkilaW; z@n(xXY**z11v*RJ#^7q5{uOjWhH>_QU#F&-eDbtO;{!f6^+>2y56M>*gcftib0;aqY@-M!r#9+Q~ykQjU9PcrZfBmixm0dA| zhBYEv-$N4$8B4%5A5C%1tN>`RDQ5z++>P}43Hn@7$|t>C^=!&3$le`FvShp=u8k#7 zN{MeDNG_)7ywzuBI{@ej5#4bW-sm=1J7#Xb2>~6(o2GPgJ9sxse2D6Aj52kP@q9j* z@+i(ceOU6>SH_J~3H_eldKBhBK9+Tm{KgRYTmH-MquX>Ta8?Xf#F{aE;)lhj z5!JBC9m4*o$!R`{J7JY@D{}dsTJ`%eJTtIh&n1BGbQ*d@tGTHdjH%$z>l+@Sj*-d` zymFLDSD)iZNZ@Bf+=#r`t+hilrAJDneHKuurwiYSXq=pOt$0OS#H6qBhAhQK{u_xbl*gJZZGdYFlkn>Ys&Qn( zYVG5UZw}feXdn&wr!XSdi8}R6Tw|RQ&9Ym6-uHE*0$l}4C*OkIBu??oL7hwdL)IoSBB*R8Npahnzhc4b!tgvLS2o2 zTBl>?8SUah1Zwob3#$ik~fqlk!&e$)ydh zHnA*+)`U5eU8uTZPe!Brw&=-=HbvV(@BX#&|0+KYgLt&BlwC_xy0skCzX znZLO9skp03F}sKHN+&)nN#%<2>#Mvd_*H#E+^iZv0DQ~xx=X$91zn~-pRjz7ygbO< z@;e~+QgB-%6w|9zCs>}dzzLO@ROrm{h(z|W}+I28RQh#bHKL>C$FP( zysKRD(zYLRc|*-ixJb>w_BK*rh{@oK(-X?@sUctdRn{kr-XU2h2^J)?hId$t!WyO> zkMc9?-*Rb*8+%?u0eP$@UB)8jSZ2YU-3L|$(|n7;y!wvKFW0i--cL^O>lgj7YbrWb z42H0h71M5^Gv$0#*&=2<>CG;7au&oY_jAvE{5hMchsalPrjTvNNmS+#DMY^ataq+u z3rh$K|HZ)8_jZGcj5@$k@_U8PMk%!8B&=#ZhPQySrAbD#o`r@v!d!yVh6f+hE*Q^d zI*5Hfp8Q*dpT~zCS+a+aeg}pQuvOqft9ANcf;zSFSI{u;Kd4vJZkfm_%vo&75ekrq z8C{%Xw`uX^w@f-Jh6Ney?6W-R=wQxrwrmlkqBft+F-p4~MF(Jw0uUxr|3$#GLfkXd z^SCZBT{q~*+D1`bAPO`LvG0K0Lh;%i+&qAj9I~?fSOA5Dwo+$2xa9|i+5vB8uRlCP zI-J}J#@zBkU2d*+PdctPS7)>Do0@R0rM`#1f@+2vJud)l$+T@PD*v9}e{SPgYKcW- zdM;)b+%>wc?Cyk|eY!m0Gu}DPsXxA(d$QOq;oitTot7=Gi^IO=6@UhT@?39)uPx-1J`Os4e9@z2rmQrg zpVTmE^QR4wVm04w=`l`?oI})yow?Z+nMs(KTZDBIVxrWM(TB-70AfEliWk0edWuNq z_uDOmr36-nH!}F9_7QLpa)<@`J!fhipPE#LgRRNjnI@;9douW>DUQ!fr5uM@a(H4G zK2~B?@qIt5Skh2=qiPEWWOmA@M9yMzDaXgasOsE%6N50@Iz>@nbiA%E{RMOnWo)$e z5~j|PX&ZuHp`C1p5(1^&=o=e`OTUHQB1m@wMWfeb9}O`1bzVGtEy32|Cgd=#b&f{Oy+ z6*O<2DB!v2`F=S2`Res_Pl3Zi|3a=|UUfKXeVj(wImSB)Iui?yL*B?2;5va-VS|iq z939WEAZONQ1po}Iz<7-Jdp0f$4-8xRD7?_AwqIY5<>L@CGj4tkx~4$NWc)%sPt&N~qvk=b27kYF#3R=f3R6 zjhe(b)T6Z)GfZq-;9;tOnuk{Lp&c%8)(+7g^HwInMm-Q+&W52CNV53x6^5E`lg_B7PDr0APkyIFh-025+IhOK zYF&SH_mRT$qg zLSFMAkW+789n3H3{Ef@PhS>F}E5GQ@`t6lu(_iaVfcU`p(Nentf zA)7yK1krNUjpj0rN!h4!U z-re*S;|zDfG~im$Vcird>%{i*a2RwKRao_B z>B|cbi7kId^Ck5$qXpDyd~)snpTS>Wb||4{PrjTCM%T%6?i}}#Zk;XD*SlI~FyJ-w zGo-~ChiAPO89IyC9CnpbE%gC?RBQ`~8rguj5h$5edOsCl;4b(M@?wze*wp(B21On@kQuRuP$T zcaphyj@XJnKaL+G6ptvpT1FCA@qE~5g&_1)^5Knek^z zK+{*rErU0tCTxq|A?-;pFu;j5Ftg^x<7WW`G0L{>LLYFBcqMn;;eh z1^`+c@er_h3gHM<(|+o-T9#*bNSnd+L zQcN&90+Bz!+c@fD0ARjHi=Jb#m)9RKg4+w&iQ!!)kgIhDg1em?gld-MPfY@D{wURG zGO4*N*h%?q^@QU#HX`bu*1$VSGAiRJ-T;6!$o>U^F!hhUR9QqYnry0u2Gv-`SHK|j5pYZb;ubgZ3QGOtNlN&%6+S$qx&Zl25mP znzw_lw_}Ifntm^_qAaj1&60F^f2p$oa{2>i*Hi0=dGq5wn(+25p4ZKS`M@&0gkY9q zeZL!S^N0lhz41uR$Ka(gx1jru8vpG@>qMC;NNm0F+I=2kgMUp$ew;w<(L#Dn$?4kT z-zn~Ex0OZs2JQv7|HhF0i#Rt7Fgh4L*BmS%d^;MRFLUu>`l*)nwkyn|PxnDuY zGpO}ul99p=s+#_DQ*_U0xa_;JpA|~y!=yR5YJeW#L7)!K#S$Ke*a{m*tlh$Kx*4J} zOOjz$Gn?T@4R~cVH&YKYTU$!5FjVGmcU(u@x#WPr`pK=`D(^U?Oi#*VInO7J6-;$| z=M8R^$6tnW=Ke5VdzPGloQtjD|J#ZA)~0~NvxAfmcih(CQCX5K_F|t2_{ibWB^~-G zI4%f_nIrD>g?+q$~yTO{oSoY&%qqirY5sjACfNXvo8zz

b*{Hq>az{aEwl^vuL-ETW!AsvC0U0rmZ$_<6OOxU4rH z6u*cCCrj%CbZzu?LCU+fGt1_K0=ic0aiH8Tv(d}mzpAB)%@%6-6`Lyn zd;=aEyurlO2oEI|CPfQU*p&b-f0^7f+aySv?;0IYmhE8@&azM@s(W+tZ9c5e4!{sX zfiaPRB-x>31b(-@*OX3SfPO={;5>XR!!5^M3})_?`eW3RYLFL4dn&gCRlddq!UZp3 zAO=>+?ALa2%k{;xrD-8Kl++6_#b$F=O!pn7J1$t#B@!$C5)BfdlU5HN(yJrQ%j!dq}rfM(a$o8fv zTp~yzd4j8p6OX6R;`GAwKclI1Fc=V2d+jG|XGUoRj0-i(!+O4aQ6eJQWJVRWoER@>i z1n>F0IMxw9Tw>{kK1i)xicm&1#D5gu{o>fIFIqAt;KD8L+_HrIBbg;wPdL84HblQ)C+~sF>=()-`U*es#QL*>k3l!ZIIv@K;?LQ#Ty`{4Un&{&BHwE!4CHY8s zb9=V6y1JT|m)G4blMWT&;|nz-WC)pfM6;rDh2LXBA-h@)ttSbpP#BK2EA@3v!))k_I4*8zu-(cSeUL5Bkr5o$S)*>_9hh!9tbP63Ei-@-I*%W`U5q{cz|E*9v&Qg5%&dt z8!AqBkj06l=i^H)WY~-BjUhDa&H65JxDC=MS2hEuZ%EK2A?7il=<>wG#%6A#1e`7} zo5c3NGd9MIpFdt|q97+9fkL^>J9E;~(sFV}If_$KQp(F&<9&f+WOeBp)6DcfK(mM& ze>?Fg>6w+b&jHPHL|?21Nq6=$)R_j15nrFPD&Eh{H+?w}3v;%(RKEj$S!Mmq@NT8ky{N_Eq*cDRbAP`cP^8&pSqLb}@=d)^ojf1TGW= zuDwy*%gkJ?v!NjzhLx@$bKNNM;+5*d$YJ{zRg=C4TI5VM%m4OPr0(G0(9qICd@hXL z6;g5pN&P^^55gwB`9sbgRWKHhJBqdJyXfNrVPqfmezre`PZKHj!qWT@RALZRSPem- z5^p>^3k%wi;p4v4Z=Si@6@b5-guorPcC*_oI4o%WW^tQ)ge-JewU zoM=ex0>Ge^j5r+xnPav+yv)pKieCIzX%!U}w>)7m)}-_ukaFHzgi{wn7|G+5d1`x{ zr0MDDe;+en1TZl%d6)d(P0|sYq|2Usd$A8zE|HZaJf;mTq1MY{WzY(4=jWC?_Z)ui z@>{sQ6=vuSQ-CWdD5!~KaGABg4jtowUSD0oe{hF#+VlZ6_-BZIr3cSO`wR8M!;{5P z&L`WkhATD9p3M{ij5184NkCuY_wR=axPKtim(fa;f|ateva@{@{tu8YWZ2ay=;maF z@I8Y{2+_`OGnrC+00CB2FlwY`K?fuLs|<{990C|AWwK^5>2yB&!-s3o^|_v60eW*D zIjtPRgt>3DR2cA-q_psKZU(LJb|M7&gXFocbeWR(9K=jXv^Lt>+AmBjhJYXLEZjwN z+nG?T)i-~9YWJt}VS|-;lcg9Ywm)@XEfNnH|K<+Qy|wV4V^-iM73T;2p2BISVy&?R z+1aH=A{%|~ffA*ZDM)@p;7A)n;Gi}8<&9~TNoV)C((aRbW?*bgQDa%hL7|zz%%BzP zuZ%##mOR&z{*e+*!tvud{eI$Xe0+SIGM?-7tqIz>evMhj2x3da=m*aUR&H)TZ=~T$ zd9w*K#Vqo7GbmxG5D`KfMypV%*cRFuFp1Th#7&c_utafC6s0V@hnSEh6l=z zyt|W)LV62R*F7WzlgwF660sK-1E$zj*x_n>RjMHUIn zT8DC98iDbqIji4HQ0M-xXPE&3r(Lq+XgHPm=VWNyYhSJuNN)-bXyYYA4KX}?A-WZN zb>rEFp@zUGz?aO1V9cg zUQ<9y0QWk|6g3&X#u-3#Q6+3YbxzWQ4Ypf`Hc&YieLT8y*|r}!5T0qtpq1Oc+OD4C ziyrZ5{q-B}`y>Zb62pg))goLh&hEpb72S9zFOnb6KRi8D{r<8C1+?27}e0s3aI$1Q*m6Z`| z$9mVvQ^)P17IbJq=TXIentF%@*UeafK^jUZM zY%xzfxFw$W;#g%ScC@RLJViv{{DLp_=ziV&AZ?_bDw%!_85R^+K&$c+cC`b7;gf^! zdkf+K++yzA!7U(VlTN^zS(Dh!w$apvnxHq?H_9PLvkrmBv6taxYGR@0E&bY$Jxn`^ z=%9sJCCM_P>1ycq+bfLYH{4p6!&4Tkb*@^gP_cSk(^iEz7E+LhakO54^8zbDujJO_*>BO_v$z zj4LH+Ds`DR|4;;TMfm!oSDjZ-&`LOgx+g|WEv+_0b z`B9yb=ef5Ik~F%XVxI9y;y5N!Nll=ggAuL{8xrbj76_0td5R|R>l;2Cfzn=3!d;Tg zH0#m>fYa6$rzGjzU3HJ%hU1Bn!%yO6*k-7#&+0A@tKgsc{ck9_A!uFh7yJE-kH^XH zthZn0>y9|4+em&Hl=vTnhm_+q(-x^$JEaDWqgv>riK>>G`411%0U!7QNTNZop)^vXVh`0e*yCO;tD%bx59ow#0oplpi`6f zY~gW~ldgiAr6oZJSpww3S40G^TrRSUENHG~msvj@=;JJ-b1j`ZSji?Ee zLTl2nAyhWMHZ3iUzksZ{!}?{2zVfqu5>Y~5@~9WF(^_a;b~E&z=QvCjw|5WNejE?; z{%reMvCHi`dto8d?R}82^=I3&WL#s(LB292YEg%0BERP|DVnt?s>gftiWB$s=Nbvd z=SUbyI<#ttj~x{S{u2T!Q2RFLG*^wk1i9**7zqh7h@5Gl>9xo#|6N~n$3bb;6VgFN zUzJ8^$nWgB*Ikyg?flq8)>h{1cvk?-rpolPY!0(GM!SOzXP)Y2)R$YiF3cd026Zgt zC$-2(vYvx-rJwev4#xy9N*bz{jirO3CfZV~CgeytlXU)Ef;V1Vt6J?s=q7 z=djU<1Y;vHrhH(A>JE~{)8;^F*eLe7O7b%gL#p|Ep;tpwO&~;P>{6;M#4_XfS--bT zEYZIdr}5mCRMMM&O}DlQ6Ni^>a7I$R%&KRyH7)Pr_G{OY?5)>8+e3}RjDg&&Hhxi12ACsFKf`f z7oYv-$yT{+T$4%p1=MQOd3No39a3SnDEYVOLS7{rc{wd@iSWE>-p@m$%r#o02ziO% zxSH&+4z!y~N?Q zoNX(k9_6Cxns2M!L>{r^m_I8Tcf zb}|n5Q3iXZAGJYRPf|ojKYn^}?zDp~9{^7qdg++dm&hou72(25PwkVg{v+vvH1|(V zZTY~N<{za>gyBEcYJXDDYhUqd5=9N`TIFpYkmjC}Wv0L1QF^n3MhFlZVwMZM8>jvG zc8j=_#^DgaDeevn1;A16ClmhZUAZw+BJO|7GvJ0_=j9@hPU0u26PbDX zQwosiGyh(|WsVhbh7B7VSM#^2+bq^7=g9m=hABYDPgecGAu$(OENNcD;k)pY6W93} z{o=)u5!DB6WD$7xgnuu7CS28A_MgzhT{@DDctf8{@&8fwUBv4B?w2@UQwv)(U58s+ z>L-e-FMaZbnb5scP*iU^!5_+F|`*or!y+O+GPRrl6W9d9hq!*i@F(^6WPi+`|1oe#XHM#V8H?3VEHJp-9MA2BWM&*oupsHc!G$ zIl7T+C&KU#W><18`npZ12wP^0?we&E%f*<#SDY9E*M>ei&)MOq5yfCnX@Y`f~9Nw$HcbW(91%)zevdoylqjmA@%P2At{~42)X&EiW?+*+-4v4Ycp!@dWvw zDgBqLm`+2=~Fdb&CFawyt!AknMLEA8XK%Aupv%7KBaJv3dUU~F zDnhkLRK0fs$mi3UOTj*Aqy7ON6&X^UKXq(73j#;3Um*(6a7w=Eb&`O@KbAb|FG5l5 z@1^u!`!0@ondd;Z;zY&k>0abQ{OZ~A%;vBnGk7d#l4-^k?+a$ESC=ES;2A|LIw+sG zov|H??43x6y?*(tHMoJ0&o49co4MN#Rz_Y6vX6e z-(5!8HguEgP@N24RWa6d`e#;0fe(FSLq%Bx^b6%W3e2L;B^-)861&F4|)pMSa)fA5d%70C71M6))P z@6i^+GmhDfM`)-_;NQtQtm#tp>BTTUxJM5ND88t#K~=eB4*1M?e{-tjjU*7!-i@fI z1OK@F9K%`!K$E_XgkzH6ncXhYx+T$6AO;}gM<%e&Bg)$WXxf1q8@o*ynQp zYOfb;D0%56T7))UhDk!_V{bZDXuC|Hatfm5`Sk|heaUkQ4+GhwK!Ady$P(q>(9pkb zXk=u>^>o|eHA?VUb+Q?^S-X9b&=9V~`K1fl4;eWigu`zNPn6y5&tIe;*}Ov(ut@TM zQG6T}*(ppat0YdXMG1(TCjEyY5rKi}HS#1o;&8mf4~Y}wxFj4D1pp`?RzP^Q*`u1^ z+7CH=y)dE^(W%v>rJTa3etdjF^$1sc`vS!2@rb?P}6)hsEi*@mn$*rsZ z*JfPQrK6anuKW4(vrA?lGMd2=a|$k6h-LJAAtTMlC75cSiZj&6P7!sI%c0aCFCn&_ zaw0M}v%sR}WI`hFLD>DRdboJN4l-IZz@+>2#LXSmU)?JFXaW!aQqmm<)w~WAnW$&8 zO06QprL)YG)PHgvYRjT^Cx2nrbs!rfMl1Wtp(E@8wGf-nc%bO#NzDYpej0D?x4Vl5 z>m)%{(S?aP5eP~xF_48ah}6gc{lcH2I-?jlkMGVt+md@3Yx}V)kSbG6R&v++l4&6SN}?GZ zRdZTx5P5hf?(j7jkpe_LZf8E*#8~F#!JL+s`~$ggf;}>kXtlZ;G5`Fg%3Njq=b<&l zU>uvr=7(hE?<{hSeL-8xBbhI9>Yytcel^R1t$?rf&cX~r`L^i=o=O^IOom_Dd{qUJ zail2X-MQHDJkJBL`vp2MOTG)`p?pgp>l(&y%MI_{_LSQNCk`w3YSyDK0DjbJ@_kjH z;~sf4NKJJ26B_xmzpX--4KG(+W{l;!bSMkmne469Ugk|SEIl8^SpJSU@$a*kq(bN30OYWo%wjL35S$m2|v-vCEV z9;fQiEDv%U61L=z%FBOS5sN7^W_wf@xm}`e6~Qx(V3xYgj5KlI_KNU67`+1Y1GMbU zJCM?69K(%tleG#o%!G9113xSRR8o@6+FDyr)PDtYxdf^ND7r|>3+m2t;eOlHAbwrs zbw8)tp{`?#N>Hy>Vw#I7(z02B0x^N^}%SwYLlWp@+i|) zatj!bQnjjCdTV?pg>rnxS44WT0OEQfm>^wgO2=?0i6_}Y_~e$TTEI%|SPD1@R>bq< zg2`!ar%7_C%Kl<)qLZQSw{jsf^Jc+~V#S-%V{$ng&!1vV3q-tD?feCew$g(`diU5! zW=HzyUb}&!#!sNpq;x+tBf*c`0eX-_G$KL-Wq=;r!YaE6?I+d zJP4v zYwZ20rc)i-xvV)D@&Z76bEK3vf9%rU&<65}(H%_@)zH<-)#%-2Dn595eqv$TAnBkM z^?WTC_!ofY$wQ{V_+6uP$VBR2BBM`Sg;4ED@K2Etf1mSu{D-HS(;C?LO{??a92!_V z^fEQ&{q6@vX}el^h4NG4kf=6kDcv)sPjqb5d5K=xaT0#lv=c#($wC>ad^E@~Mm@Gg z*#Dobs?9oLE`6UK;Mo!1-gn+^VhULP-@Na-+)QVz4a;9j(o@sY!kuLImJ|A44rgn` zIu*tSH};M!Wk)1otS&LGhX;^ipQFMHRsVIpn(Nv(l(f-B@=!QB7Ef`Ftz2%qq+RF( z?YerZIHz%hxh0M{&AUy=+ar(f#0%E`)axho@(%&|?>IU;FY$xcE`Odt=|Q8V#;qCF^rc~|!; z$03QC1fa!sN2;rnk3x_e@|#I(4czUYba3DZ(ZWR-w~yzV%!jnS zI=|~Z2r@9^K6cOV9SQpw{wF37N%lAT=kQO~$#=au6eB#p?KtpWTcCmd!iM34ElUM` zT%NWTfA6=o639Q!#xt%X%4G|l@4IemhMEa^QItX%L_qY$Ma<64;qt#U2v=WU9$EjA z9y*uPxeXDO#I3#AAZpSPWa_)nnPJ12t%$=BrW6EHBz%c#iB`PC#H;UpUmx|IqEa}R z7rrqO^$_=QQo2H5f_61(&4qg)TW+IrnFGPhZ{~x4OK4gEcN(vBVXo1T=ck8fCUp6g%z?@m#P*^>KMXZd7=E>JyreSU^X zm&dee)0)ofFnxNm&F9I#?R$;Wa-}&AZ>SGmSY7Xaa?bw=^DkUntS0V%@Z1ESqs_;8 zB%Kt!IXVxTp73@|usNa7{M#zezDcJxbX|GuADdvInV)}7{OoD<@}Bi=_79OW>$m?g z`@eA2+2Y#lhUZV79p>-|Dl~EXVb}it@|S0quN(C$Xw0z|zW3|pzC7=e*S+%Ht15O} z@PGbzli_EFo6LXr8F5J6UioSE_0JD~Z_+CHU^$2X`F*{(@yrtv}nS5&!vBR_42NAzV-A%y8Q(dUenH`-^_q-7HNxz5MeY)8FOa zr*FOXrR@Ixx_i}SR>BV~r~Y)K1J1J{=R9QKWpYm{_9*M9=UPf z#iNJjFFzo6UDuJ@{{7O=r)w`>J9m0ZzP{XlyB||7|J(VuaDhQ-V3hUo-W%6agW2V_ zWJdk46ezQe-oO8ud;g7vb(?Rxn7;qL{e#Wx+}mI`=qZ5}=ncW#H{L8@?Uj_5D>q|nKA5%jk{U=wX7;6)2FF{BBqTqj@vwYd~H*~w%fp*k;|sH>+@1|w*I$?a-V1P zd+48%X}y>+<)EMxODP*S$b{vqQy*sV>MiBYSk->?!91O=^h+_kcTZn8ykpo_c_!IT zX|G7RN!Ox^y1HxWv*+ip+-container1 -vlan10192.168.1.2/24eth0 -802.1qtrunkNetworkRouter (gateway)vlan10 -192.168.1.1/24vlan20172.16.1.1/24vlan3010.1.1.1/16eth0.10eth0.20container2 -vlan20172.16.1.2/24container3 -vlan3010.1.1.2/16eth0.30DockerHost \ No newline at end of file diff --git a/network/index.md b/network/index.md index c578d66dcd..41de0dd5a1 100644 --- a/network/index.md +++ b/network/index.md @@ -1,103 +1,95 @@ --- title: Networking overview -description: Overview of Docker networks and networking concepts -keywords: networking, bridge, routing, routing mesh, overlay, ports +description: How networking works from the container's point of view +keywords: networking, container, standalone redirect_from: -- /engine/userguide/networking/ -- /engine/userguide/networking/dockernetworks/ -- /articles/networking/ + - /engine/userguide/networking/configure-dns/ + - /engine/userguide/networking/default_network/configure-dns/ + - /engine/userguide/networking/default_network/binding/ + - /engine/userguide/networking/default_network/container-communication/ + - /engine/userguide/networking/ + - /engine/userguide/networking/dockernetworks/ + - /articles/networking/ + - /config/containers/container-networking/ --- -One of the reasons Docker containers and services are so powerful is that -you can connect them together, or connect them to non-Docker workloads. Docker -containers and services do not even need to be aware that they are deployed on -Docker, or whether their peers are also Docker workloads or not. Whether your -Docker hosts run Linux, Windows, or a mix of the two, you can use Docker to -manage them in a platform-agnostic way. +Container networking refers to the ability for containers to connect to and +communicate with each other, or to non-Docker workloads. -This topic defines some basic Docker networking concepts and prepares you to -design and deploy your applications to take full advantage of these -capabilities. +A container has no information about what kind of network it's attached to, +or whether their peers are also Docker workloads or not. +A container only sees a network interface with an IP address, +a gateway, a routing table, DNS services, and other networking details. +That is, unless the container uses the `none` network driver. +This page describes networking from the point of view of the container. -## Scope of this topic +This page describes the concepts around container networking. +This page doesn't describe OS-specific details about how Docker networks work. +For information about how Docker manipulates `iptables` rules on Linux, +see [Docker and iptables](iptables.md). -This topic does **not** go into OS-specific details about how Docker networks -work, so you will not find information about how Docker manipulates `iptables` -rules on Linux or how it manipulates routing rules on Windows servers, and you -will not find detailed information about how Docker forms and encapsulates -packets or handles encryption. See [Docker and iptables](iptables.md). +## Published ports -In addition, this topic does not provide any tutorials for how to create, -manage, and use Docker networks. Each section includes links to relevant -tutorials and command references. +By default, when you create or run a container using `docker create` or `docker run`, +the container doesn't expose any of its ports to the outside world. +To make a port available to services outside of Docker, +or to Docker containers running on a different network, +use the `--publish` or `-p` flag. +This creates a firewall rule in the container, +mapping a container port to a port on the Docker host to the outside world. +Here are some examples: -## Network drivers +| Flag value | Description | +| ------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------- | +| `-p 8080:80` | Map TCP port 80 in the container to port `8080` on the Docker host. | +| `-p 192.168.1.100:8080:80` | Map TCP port 80 in the container to port `8080` on the Docker host for connections to host IP `192.168.1.100`. | +| `-p 8080:80/udp` | Map UDP port 80 in the container to port `8080` on the Docker host. | +| `-p 8080:80/tcp -p 8080:80/udp` | Map TCP port 80 in the container to TCP port `8080` on the Docker host, and map UDP port `80` in the container to UDP port `8080` on the Docker host. | -Docker's networking subsystem is pluggable, using drivers. Several drivers -exist by default, and provide core networking functionality: +## IP address and hostname -- `bridge`: The default network driver. If you don't specify a driver, this is - the type of network you are creating. **Bridge networks are usually used when - your applications run in standalone containers that need to communicate.** See - [bridge networks](bridge.md). +By default, the container gets an IP address for every Docker network it attaches to. +A container receives an IP address out of the IP pool of the network it attaches to. +The Docker daemon effectively acts as a DHCP server for each container. +Each network also has a default subnet mask and gateway. -- `host`: For standalone containers, remove network isolation between the - container and the Docker host, and use the host's networking directly. See - [use the host network](host.md). +When a container starts, it can only attach to a single network, using the `--network` flag. +You can connect a running container to multiple networks using the `docker network connect` command. +When you start a container using the `--network` flag, +you can specify the IP address for the container on that network using the `--ip` or `--ip6` flags. -- `overlay`: Overlay networks connect multiple Docker daemons together and - enable swarm services to communicate with each other. You can also use overlay - networks to facilitate communication between a swarm service and a standalone - container, or between two standalone containers on different Docker daemons. - This strategy removes the need to do OS-level routing between these - containers. See [overlay networks](overlay.md). +When you connect an existing container to a different network using `docker network connect`, +you can use the `--ip` or `--ip6` flags on that command +to specify the container's IP address on the additional network. -- `ipvlan`: IPvlan networks give users total control over both IPv4 and IPv6 - addressing. The VLAN driver builds on top of that in giving operators complete - control of layer 2 VLAN tagging and even IPvlan L3 routing for users - interested in underlay network integration. See [IPvlan networks](ipvlan.md). +In the same way, a container's hostname defaults to be the container's ID in Docker. +You can override the hostname using `--hostname`. +When connecting to an existing network using `docker network connect`, +you can use the `--alias` flag to specify an additional network alias for the container on that network. -- `macvlan`: Macvlan networks allow you to assign a MAC address to a container, - making it appear as a physical device on your network. The Docker daemon - routes traffic to containers by their MAC addresses. Using the `macvlan` - driver is sometimes the best choice when dealing with legacy applications that - expect to be directly connected to the physical network, rather than routed - through the Docker host's network stack. See - [Macvlan networks](macvlan.md). +## DNS services -- `none`: For this container, disable all networking. Usually used in - conjunction with a custom network driver. `none` is not available for swarm - services. See - [disable container networking](none.md). +By default, containers inherit the DNS settings of the host, as defined in the `/etc/resolv.conf` configuration file. +Containers that attach to the default `bridge` network receive a copy of this file. +Containers that attach to a +[custom network](network-tutorial-standalone.md#use-user-defined-bridge-networks) +use Docker's embedded DNS server. +The embedded DNS server forwards external DNS lookups to the DNS servers configured on the host. -- [Network plugins](/engine/extend/plugins_services/): You can install and use - third-party network plugins with Docker. These plugins are available from - [Docker Hub](https://hub.docker.com/search?category=network&q=&type=plugin) - or from third-party vendors. See the vendor's documentation for installing and - using a given network plugin. +Custom hosts, defined in `/etc/hosts` on the host machine, aren't inherited by containers. +To pass additional hosts into container, refer to +[add entries to container hosts file](../engine/reference/commandline/run.md#add-host) +in the `docker run` reference documentation. +You can override these settings on a per-container basis. +| Flag | Description | +| -------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `--dns` | The IP address of a DNS server. To specify multiple DNS servers, use multiple `--dns` flags. If the container can't reach any of the IP addresses you specify, it uses Google's public DNS server at `8.8.8.8`. This allows containers to resolve internet domains. | +| `--dns-search` | A DNS search domain to search non-fully-qualified hostnames. To specify multiple DNS search prefixes, use multiple `--dns-search` flags. | +| `--dns-opt` | A key-value pair representing a DNS option and its value. See your operating system's documentation for `resolv.conf` for valid options. | +| `--hostname` | The hostname a container uses for itself. Defaults to the container's ID if not specified. | -### Network driver summary +## Proxy server -- **User-defined bridge networks** are best when you need multiple containers to - communicate on the same Docker host. -- **Host networks** are best when the network stack should not be isolated from - the Docker host, but you want other aspects of the container to be isolated. -- **Overlay networks** are best when you need containers running on different - Docker hosts to communicate, or when multiple applications work together using - swarm services. -- **Macvlan networks** are best when you are migrating from a VM setup or - need your containers to look like physical hosts on your network, each with a - unique MAC address. -- **Third-party network plugins** allow you to integrate Docker with specialized - network stacks. - -## Networking tutorials - -Now that you understand the basics about Docker networks, deepen your -understanding using the following tutorials: - -- [Standalone networking tutorial](network-tutorial-standalone.md) -- [Host networking tutorial](network-tutorial-host.md) -- [Overlay networking tutorial](network-tutorial-overlay.md) -- [Macvlan networking tutorial](network-tutorial-macvlan.md) +If your container needs to use a proxy server, see +[Use a proxy server](proxy.md). diff --git a/network/links.md b/network/links.md index 91ad6aa4ab..49c07e45b3 100644 --- a/network/links.md +++ b/network/links.md @@ -17,7 +17,7 @@ with `--link` is sharing environment variables between containers. However, you can use other mechanisms such as volumes to share environment variables between containers in a more controlled way. > -> See [Differences between user-defined bridges and the default bridge](bridge.md#differences-between-user-defined-bridges-and-the-default-bridge) +> See [Differences between user-defined bridges and the default bridge](drivers/bridge.md#differences-between-user-defined-bridges-and-the-default-bridge) > for some alternatives to using `--link`. {:.warning} @@ -30,7 +30,7 @@ Docker link feature to allow containers to discover each other and securely transfer information about one container to another container. With the introduction of the Docker networks feature, you can still create links but they behave differently between default `bridge` network and -[user defined networks](bridge.md#differences-between-user-defined-bridges-and-the-default-bridge). +[user defined networks](drivers/bridge.md#differences-between-user-defined-bridges-and-the-default-bridge). This section briefly discusses connecting via a network port and then goes into detail on container linking in default `bridge` network. @@ -124,7 +124,7 @@ $ docker port nostalgic_morse 5000 > **Note**: > This section covers the legacy link feature in the default `bridge` network. -> Refer to [differences between user-defined bridges and the default bridge](bridge.md#differences-between-user-defined-bridges-and-the-default-bridge) +> Refer to [differences between user-defined bridges and the default bridge](drivers/bridge.md#differences-between-user-defined-bridges-and-the-default-bridge) > for more information on links in user-defined networks. Network port mappings are not the only way Docker containers can connect to one diff --git a/network/network-tutorial-standalone.md b/network/network-tutorial-standalone.md index bc8143fb42..44b7e26a2c 100644 --- a/network/network-tutorial-standalone.md +++ b/network/network-tutorial-standalone.md @@ -22,7 +22,7 @@ host running elsewhere. running on the same Docker host. This is recommended for standalone containers running in production. -Although [overlay networks](overlay.md) are generally used for swarm services, +Although [overlay networks](drivers/overlay.md) are generally used for swarm services, you can also use an overlay network for standalone containers. That's covered as part of the [tutorial on using overlay networks](network-tutorial-overlay.md#use-an-overlay-network-for-standalone-containers).