Reputation: 29567
Doesn't Docker port binding obviate the need for Kubernetes' complex networking model?
Kubernetes has a pretty complicated networking model that appears to be predicated upon circumventing a critical flaw with Docker's default networking:
By default Docker containers cannot be contacted directly from the outside world, because their IP addresses are local/private to the subnet they're on.
To circumvent this, Kubernetes has a very complex network model that, amongst other things, requires you to carve out your own flat IP space that is then shared by all hosts and containers (pods), thus giving each pod its own public IP.
But I ask: isn't this already addressed by Docker port binding? If not, then what about port binding is still lacking, that requires Kubernetes to use the networking solution that they use?
Upvotes: 1
Views: 123
Answers (1)
Reputation: 13397
This is well described in the motivation section of Kubernetes's networking design doc.
Essentially, relying on port binding requires dynamic port mapping to avoid conflicts between different containers wanting the same port (e.g. a lot of applications will want port 80). While dynamic port mapping can be made to work, it also causes a lot of problems, as outlined in the doc.
Upvotes: 1
Related Questions
- Why do we need a port/containerPort in a Kuberntes deployment/container definition?
- do we really need port for a headless service?
- Relationship between Dockerfile EXPOSE and Kubernetes service/container ports?
- Interconnect a Kubernetes cluster with a Docker network
- what role does network bridge `docker0` play in k8s with flannel
- Do you need to define ports.containerPort in K8s if Dockerfile describes as EXPOSE
- Alternative solution for host port networking that allows running multiple pods in Kubernetes
- Why don't use host network in docker since docker and kubernetes network is so complex
- docker network port binding
- Kubernetes locally via Docker: why do we need port forwarding?