docker/api/client/network.go
Docker Networking options
-net=bridge This is default option that Docker provides where containers connect to the linux "docker" bridge.
-net=host There is no new network namespace created for the cotainer and the container shares the same network namespace as host machine
-net=(container name or id) The new container shares the same network namespace as the specified container in the 'net' option
-net=none Container does not get allocated a new network namespace. Only the loopback interface is created in this case.
Driver
- Drivers implement the Driver API
- They provides the specifics of how a network and endpoint are implemented
Weave
- Weave creates a Weave bridge as well as a Weave router in the host machine.
- Weave router establishes both TCP and UDP connection across hosts to other Weave routers. TCP connection is used for discovery and protocol related exchange. UDP is used for data encapsulation. Encryption can be done if needed.
- Weave cn traverse firewalls and oprte in partially connected networks
- Traffic can be encrypted, allowing hosts to be connected across an untrusted network.
- With wave you can easily construct applications consisting of multiple containers, running anywhere.
- Weave works alongside Docker's existing (single host) networking capabilities, so these can continue to be used by containers.
Flannel
- Flannel creates an Overlay network using either UDP or VxLAN encapsulation.
- Flannel links itself to the Docker bridge to wich the containers are attached and creates the overlay.
- Flannel is closely integrated with CoreOS, can be used as standalone as well.