How-tos

Cloud Foundry Container-to-Container Networking

Share this post:

Consider container-to-container networking when writing your next app

If you’re like many developers who are deploying applications to Cloud Foundry, you probably don’t think about networking too often. After all, as a PaaS, Cloud Foundry takes care of all the routing and connectivity for you. There is one feature, however, you might consider before writing your next app: container-to-container networking.

As the name suggests, container-to-container (C2C) networking allows two containers to communicate directly with each other, providing additional security and performance. Consider the following scenario depicted in the diagram:

An application is typically composed of several microservices. To allow the user (or web app) to reach them, public routes exist. The user can then simply access the application in his or her browser.

But what if the microservices need to talk to each other? Well, it turns out that the network path a microservice takes is similar to the path the user takes, even though microservices are “inside” Cloud Foundry. This is somewhat analogous to getting to the living room in your house by walking out the back door and then through the front.

C2C networking saves time

This presents a simple problem: communication takes longer. And considering that a modern application architecture may be composed of many microservices making remote API calls, the time adds up. It may also needlessly expose a microservice to the internet. To fix this, enable C2C networking:

ibmcloud cf add-network-policy $SOURCE_APP_NAME --destination-app $DEST_APP_NAME --port $PORT --protocol tcp

And remove any microservices that do not need a public route:

ibmcloud cf unmap-route $APP_NAME mybluemix.net --hostname $HOSTNAME

Overlay IP address

Even though C2C networking is now enabled, you’ll need to tell the microservices how to contact each other. This is done using a container’s overlay IP address.

You’ll find the overlay IP address in the CF_INSTANCE_INTERNAL_IP environment variable of a running container. Follow the step by step guide Logistics Wizard – Enabling Container to Container Networking to set up C2C networking and retrieve the address using SSH. Now that you know where the overlay IP address is, you can manually adjust the configuration of your microservices, have a microservice automatically broadcast it to dependents, or use it within a service discovery framework.

Learn more

Want to know more about Cloud Foundry container-to-container networking? Check out the following links.

IBM Offering Manager

More How-tos stories
May 3, 2019

Kubernetes Tutorials: 5 Ways to Get You Building Fast

Ready to start working with Kubernetes? Want to build your Kubernetes skills? The five tutorials in this post will teach you everything you need to know about how to manage your containerized apps with Kubernetes.

Continue reading

May 3, 2019

Using Portworx to Deploy and Manage an HA MySQL Cluster on IBM Cloud Kubernetes Service

This tutorial is a walkthrough of the steps involved in deploying and managing a highly available MySQL cluster on IBM Cloud Kubernetes Service.

Continue reading

May 2, 2019

Kubernetes v1.14.1 Now Available in IBM Cloud Kubernetes Service

We are excited to announce the availability of Kubernetes v1.14.1 for your clusters that are running in IBM Cloud Kubernetes Service. IBM Cloud Kubernetes Service continues to be the first public managed Kubernetes service to support the latest upstream versions from the community.

Continue reading