An endpoint can only belong to one network or one sandbox. The typical implementation of endpoint is Veth pair. Each sandbox can have multiple endpoints belonging to different networks.Įndpoint is used to connect sandbox to network. In other words, Sandbox isolates one container from another through the namespace. Sandbox can contain endpoints from different networks.
Linux Network namespace is the standard implementation of sandbox. Sandbox is the network stack of the container, including the container’s interface, routing table and DNS settings. This model abstracts the container network and is composed of the following three types of components: The core content of libnetwork is the container network model (CNM) defined by it. Libnetwork is the docker container network library. Third party solutions: commonly used include flannel, weave and calico.ĭocker integrates the above solutions with docker through libnetwork and CNM. Docker cross host network solutions include:
