Configuring container networking
Container-to-Container Networking, introduced in IBM Cloud Private 3.1.2, reuses an overlay network to manage communication between app instances, without going through the Gorouter. For a description of container networking features and more details, see Understanding Container-to-Container Networking .
Before you begin
Ensure that IBM® Cloud Private Cloud Foundry is installed.
Note: Container networking is enabled by default.
Configuration
The Container-to-Container Networking feature also provides a unique IP address to each app container and provides direct IP address reachability between app instances.
Container-to-Container Networking for your deployment requires you to create policies for communication between app instances by using the cf
command line. By default, the application containers are not visible to each other. The policies
that you create specify a source app, destination app, protocol, and port so that app instances can communicate directly without going through the Gorouter, a load balancer, or a firewall. Container-to-Container Networking supports UDP and TCP,
and you can configure policies for multiple ports. These policies apply immediately without restarting the application.
Optional configuration
The following optional
parameters can be adjusted to match your deployment requirements. Edit the your-uiconfig.yml
file to adjust the following values to customize Container-to-Container Networking in your deployment:
-
cf_neworking.disable
: When set totrue
, disables container networking completely. The default value isfalse
. -
cf_networking.network_cidr
: Enter an IP address range for the overlay network. The CIDR must specify an RFC 1918 range. If you do not set a custom range, the deployment uses10.255.0.0/16
. -
iptables_logging
: Set the flag totrue
to turn on kernel IP address table logging. The default value isfalse
. -
Change the state of the deployment. Run the following command to change the status to READY:
./cm state -s prepare-cf set --status READY ./cm state -s deploy-cf set --status READY
-
Relaunch the deployment by running the following command:
./launch_deployment.sh -c your-uiconfig.yml