How-tos

Cloud Foundry Container-to-Container Networking

Share this post:

Consider container-to-container networking when writing your next app

If you’re like many developers who are deploying applications to Cloud Foundry, you probably don’t think about networking too often. After all, as a PaaS, Cloud Foundry takes care of all the routing and connectivity for you. There is one feature, however, you might consider before writing your next app: container-to-container networking.

As the name suggests, container-to-container (C2C) networking allows two containers to communicate directly with each other, providing additional security and performance. Consider the following scenario depicted in the diagram:

An application is typically composed of several microservices. To allow the user (or web app) to reach them, public routes exist. The user can then simply access the application in his or her browser.

But what if the microservices need to talk to each other? Well, it turns out that the network path a microservice takes is similar to the path the user takes, even though microservices are “inside” Cloud Foundry. This is somewhat analogous to getting to the living room in your house by walking out the back door and then through the front.

C2C networking saves time

This presents a simple problem: communication takes longer. And considering that a modern application architecture may be composed of many microservices making remote API calls, the time adds up. It may also needlessly expose a microservice to the internet. To fix this, enable C2C networking:

ibmcloud cf add-network-policy $SOURCE_APP_NAME --destination-app $DEST_APP_NAME --port $PORT --protocol tcp

And remove any microservices that do not need a public route:

ibmcloud cf unmap-route $APP_NAME mybluemix.net --hostname $HOSTNAME

Overlay IP address

Even though C2C networking is now enabled, you’ll need to tell the microservices how to contact each other. This is done using a container’s overlay IP address.

You’ll find the overlay IP address in the CF_INSTANCE_INTERNAL_IP environment variable of a running container. Follow the step by step guide Logistics Wizard – Enabling Container to Container Networking to set up C2C networking and retrieve the address using SSH. Now that you know where the overlay IP address is, you can manually adjust the configuration of your microservices, have a microservice automatically broadcast it to dependents, or use it within a service discovery framework.

Learn more

Want to know more about Cloud Foundry container-to-container networking? Check out the following links.

IBM Offering Manager

More How-tos stories
December 13, 2018

Java Microservices with MicroProfile – API Documentation

To benefit from the reuse and consistency microservice APIs offer, other developers will need guidance to use your APIs correctly. With annotations defined in the MicroProfile OpenAPI specification from Java EE, it's easy to generate clear documentation.

Continue reading

December 13, 2018

Tutorial: Deploying the Jenkins Helm Community Chart on IBM Cloud Kubernetes Service

The IBM Hybrid Cloud Team has authored a tutorial that will guide you through the steps required to set up and install a Jenkins server and deploy a sample Node and React application on IBM Cloud Kubernetes Service.

Continue reading

December 12, 2018

Deploying to IBM Cloud Private 3.1 with IBM Cloud Developer Tools CLI

IBM Cloud Developer Tools CLI version 2.1.12 adds deployment support for IBM Cloud Private 3.1.

Continue reading