- Overlay Networks: For connecting Docker daemons across multiple hosts. Essential for Docker Swarm and Kubernetes (though Kubernetes uses its own CNI plugins). Allows containers on different physical machines to communicate as if they were on the same local network.
- Macvlan Networks: Assigns a MAC address to a container, making it appear as a physical device on your network. Useful for legacy applications that expect to directly control their network interface or for integrating with existing VLANs.
- Network Drivers: Different network drivers provide different functionalities (e.g.,
bridge,host,overlay,macvlan). - Network Isolation & Security: Best practices for segmenting applications into different networks.
- Discuss Overlay Networks: Explain how they enable multi-host container communication. Mention they require a key-value store (like Consul or etcd) or a Swarm mode.
- Discuss Macvlan Networks: Explain how they give containers a unique MAC address and appear as first-class citizens on the physical network.
- Use Cases: When would you use an overlay network (e.g., a distributed microservice architecture)? When would you use a Macvlan network (e.g., direct IP access, IoT devices)?
- Network Policies (Brief Mention): For more granular control over container-to-container communication within a network (often handled by orchestration tools).
- Research a real-world scenario where an Overlay Network would be indispensable. Describe the problem it solves.
- Research a real-world scenario where a Macvlan Network would be particularly useful. Describe why it's a good fit.
- What are the security implications of using
--network hostin production?