![]() In this model, the external network cannot differentiate the container network and its traffic from the host network and its traffic. Specifically, a port is enabled on the node to direct traffic to the container's processes through iptable or by other means. A container can provide services externally through destination network address translation (DNAT). The container network can access external services by subjecting a node IP address to source network address translation (SNAT). With this design, the container network is virtualized and decoupled from the external network, so it does not occupy the host's IP address or resources. Docker uses a relatively simple network model that consists of an internal bridge and an internally reserved IP address. The container network originated from the Docker network. ![]() Evolution of the Kubernetes Network Model This article is divided into the following parts: (1) A review of container network development history and analysis of the origins of the Kubernetes network model (2) An exploration of the Flannel HostGW implementation, which demonstrates how a packet is converted when being routed from a container to a host(3) An introduction to the mechanisms and usage of services that are closely related to networks and a description of how services work with a simple example. This article explores the Kubernetes basic network model. By Daonong, Senior Technical Expert at Alibaba Cloud
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |