Here's a preview from my zine, How Containers Work!! If you want to see more comics like this, sign up for my saturday comics newsletter or browse more comics!
read the transcript!
network namespaces are kinda confusing
Illustration of an unhappy-looking stick figure with curly hair.
person: what does it MEAN for a process to have its own network??
namespaces usually have 2 interfaces
(+ sometimes more) - the loopback interface (127.0.0.1⁄8, for connections inside the namespace) - another interface (for connections from outside)
every server listens on a port and network interface(s)
0.0.0.0:8080 means “port 8080 on every network interface in my namespace”
127.0.0.1 stays inside your namespace
Illustration of a server, represented by a box with a smiley face, and a smiling stick figure with curly hair.
server, thinking: I’m listening on 127.0.0.1
person: that’s fine but nobody outside your network server namespace will be able
to make requests to you!
your physical network card is in the host network namespace
Illustration of a rectangular box drawn with a dotted line. Inside it are: - the label “host network namespace” - 192.168.1.149, with an arrow pointing to it reading “requests from other computers” - network card
other namespaces are connected to the host namespace with a bridge
Illustration of a rectangular box drawn with a dotted line. Inside it are: - the label “host network namespace” - three boxes, each labelled “container”
Saturday Morning Comics!
Want another comic like this in your email every Saturday? Sign up here!
