OPENSHIFT NETWORKING FROM A CONTAINER/WORKLOAD POINT OF VIEW – PART 6: CONTROLLING EGRESS TRAFFIC

OpenShift 3.3 and later contain the functionality to route pod traffic to the external world via a well-defined IP address. This is useful for example if your external services are protected using a firewall and you do not want to open the firewall to all cluster nodes. The way it works is that a egress … Read moreOPENSHIFT NETWORKING FROM A CONTAINER/WORKLOAD POINT OF VIEW – PART 6: CONTROLLING EGRESS TRAFFIC

OPENSHIFT NETWORKING FROM A CONTAINER/WORKLOAD POINT OF VIEW – PART 5: OPENSHIFT ROUTER

In the OpenShift world, Services take place on the OSI Layer 3 / IP, while Routing is an OSI Layer 7 / HTTP/TLS concept. Once you’ve wrapped your head around this backwards choice of naming, things are fairly easy: An OpenShift Router is a component which listens on a physical host’s HTTP/S ports for incoming … Read moreOPENSHIFT NETWORKING FROM A CONTAINER/WORKLOAD POINT OF VIEW – PART 5: OPENSHIFT ROUTER

OpenShift 3.1 Networking from a container/workload point of view – Part 1: Container Networking on a plain Docker Host

From a container point of view, networking on a plain Docker Host is simple. A running container is nothing more than a Linux process which is namespaced and constrained with regards to access (SELinux) and resource consumption (cgroups). In each namespace, there is a single (virtual) network interface called eth0 which is assigned an IP … Read moreOpenShift 3.1 Networking from a container/workload point of view – Part 1: Container Networking on a plain Docker Host