Network

  • Every account is assigned a default Layer-2 virtual private network in each region.

  • Networks are isolated from each other and the Internet.

  • The CIDR of the network is set to 172.16.0.0/16. Note: We reserve a few addresses of your private network for the platform's own usage.

  • All your pods will be automatically placed in your own network.

  • Every pod receives a unique private IP address (aka Pod IP) upon startup, which is specific to the network the pod resides in. There is currently no way to control the allocation of Pod IP.

  • Pod IP address is static during the pod lifespan and is only returned when the pod is terminated.

  • Pod IP is shared by all containers in a pod, therefore you must ensure no port conflicts among containers within a pod.

  • Pods in the same network are reachable to each other (using Pod IP), but isolated from other networks (hence customers).

  • Pods come with the access to the Internet by default, but they are not accessible from the Internet. This makes your application more secure as you can't accidently expose an important part of your infrastructure to the Internet.

  • A network has a virtual router, whose IP address may vary over time. Pods use the virtual router for outgoing traffic.

  • Service serves as load balancer in front of a fleet of pods. Each service is created with a private IP (Service IP) and an internal DNS name (Service DNS Name), which are accessible by other pods within the same network.

  • When associated with Floating IP, the service is exposed on the Internet. Traffic sent to the Floating IP address will be balanced among the backend pod fleet.

  • One service can bind only one Floating IP, but multiple services can be associated with a single Floating IP, as long as no port conflicts among different services. This allows you to use different ports for different sub-systems, but with a single public IP address.

PreviousFloating IPNextService

Last updated