Add a better networking doc #5089
Conversation
| Before discussing the Kubernetes approach to networking, it is worthwhile to | ||
| review the "normal" way that networking works with Docker. By default, Docker | ||
| uses host-private networking. It creates a virtual bridge, called `docker0` by | ||
| default, and allocates an [RFC1918](https://tools.ietf.org/html/rfc1918) range |
There was a problem hiding this comment.
RFC1918 does not use the word "range" anywhere.
For precision, how about " ... allocates a subnet from one of the private address blocks defined in RFC1918".
|
Not sure about the new directory. What else would go in there? How about just putting this at the bottom of the current |
|
|
||
| GCE itself does not know anything about these IPs, though, so it will not NAT | ||
| them for outbound internet traffic. To achieve that we us an iptables rule to | ||
| masquerade traffic that is bound for IPs outside teh GCE project network |
|
I found this a really useful document. I understood K8s networking much better after reading it. |
|
Taking a look now. |
| * the IP that a container sees itself as is the same IP that others see it as | ||
|
|
||
| What this means in practice is that you can not just take two computers | ||
| running Docker and expect kubernetes to work. You must ensure that the |
There was a problem hiding this comment.
Capitalize Kubernetes everywhere.
|
Regarding new dir - I briefly discussed with Brian. I could see all of the getting started guides moving here, all of the networking-related docs, etc. Anything that the cluster admins would want to read but app developers might not care about. I could be talked out of it if you care... |
|
Many comments addressed |
|
No need for an LGTM from me, I trust you addressed whichever of my comments you thought were reasonable. :) |
|
If you are planning to do the work to move other things into the |
|
OK, I gave up on the extra dir - we can deal with that later |
This makes a new docs/cluster dir - we should move all detailed cluster-setup related docs here.
Hopefully this explains a bit better what is going on.