Code-Memo

Containers & Networking

Docker networking basics

• Containers share the host kernel but usually get isolated network namespaces.
• Docker provides virtual networks and connects containers via bridges/overlays.

Bridge, host, overlay networks

• Bridge: default; containers on a local virtual switch (NAT to reach outside).
• Host: container uses host network stack (no isolation, fastest/least overhead).
• Overlay: spans hosts (often via VXLAN) for multi-node container networking.

Port mapping

• Publishes container port to host port (e.g., -p 8080:80).
• Typically implemented via NAT/iptables; important for inbound access.

Kubernetes networking overview

• Each pod gets an IP; pods can usually talk to each other without NAT (cluster model).
• Services provide stable virtual IPs and load balancing to pods.

Service discovery in clusters

• DNS-based discovery is common (service name → cluster IP).
• Also includes sidecars/service meshes, env vars, or dedicated discovery systems.