Configuring container networking

Container-to-Container Networking, introduced in IBM Cloud Private 3.1.2, reuses an overlay network to manage communication between app instances, without going through the Gorouter. For a description of container networking features and more details, see Understanding Container-to-Container Networking Opens in a new tab.

Before you begin

Ensure that IBM® Cloud Private Cloud Foundry is installed.

Note: Container networking is enabled by default.

Configuration

The Container-to-Container Networking feature also provides a unique IP address to each app container and provides direct IP address reachability between app instances.

Container-to-Container Networking for your deployment requires you to create policies for communication between app instances by using the cf command line. By default, the application containers are not visible to each other. The policies that you create specify a source app, destination app, protocol, and port so that app instances can communicate directly without going through the Gorouter, a load balancer, or a firewall. Container-to-Container Networking supports UDP and TCP, and you can configure policies for multiple ports. These policies apply immediately without restarting the application.

Optional configuration

The following optional parameters can be adjusted to match your deployment requirements. Edit the your-uiconfig.yml file to adjust the following values to customize Container-to-Container Networking in your deployment:

  1. cf_neworking.disable: When set to true, disables container networking completely. The default value is false.

  2. cf_networking.network_cidr: Enter an IP address range for the overlay network. The CIDR must specify an RFC 1918 range. If you do not set a custom range, the deployment uses 10.255.0.0/16.

  3. iptables_logging: Set the flag to true to turn on kernel IP address table logging. The default value is false.

  4. Change the state of the deployment. Run the following command to change the status to READY:

    ./cm state -s prepare-cf set --status READY
./cm state -s deploy-cf set --status READY

  5. Relaunch the deployment by running the following command:

    ./launch_deployment.sh -c your-uiconfig.yml