Network Namespaces Basics Explained in 15 Minutes

Подписаться 189 тыс.

Просмотров 107 тыс.

50% 1

🆓Join our Slack Community for FREE: kode.wiki/JoinOurSlackCommunity
Get introduced to the basics of Network Namespaces in Linux.
Access full course here: kodekloud.com/p/certified-kub...
Network Namespaces are used by containerization technologies like Docker to isolate network between containers.
We’ll start with a simple host. As we know already containers are separated from the underlying host using namespaces. So what are namespaces?
When the container is created we create a network namespace for it that way it has no visibility to any network-related information on the host. Within its namespace the container can have its own virtual interfaces, routing and ARP tables. The container has an interface.
To create a new network namespace on a Linux host, run the ip nets add command. In this case we create two network namespaces read and blue. To list the network namespaces run the ip netns command.
To list the interfaces on my host, I run the ip link command. I see that my host has the loopback interface and the eth0 interface. Now, how do we view the same within the network namespace we created? How do we run the same command within the red or blue namespace? Pre-fix the command with the command ip netns exec followed by the namespace name which is red. Now the ip link command will be executed inside the red namespace. Another way to do it is to add the -n option to the original ip link command. Both of these are the same, the second one is simpler though. But remember this only works if you intend to run the ip command inside the namespace. As you can see it only lists the loopback interface. You cannot see the eth0 interface on the host. So with namespaces we have successfully prevented the container from seeing the hosts interface.
#NetworkNamespacesBasics #KodeKloud

Опубликовано:

2 июл 2024

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 211

@KodeKloud 4 года назад

Learning Kubernetes is essential for any DevOps professional. Learn, practice, and get certified on Kubernetes: kodekloud.com/p/certified-kubernetes-administrator-with-practice-tests

@manishfoodtechs 4 года назад

This took me 1 month to learn by self and you visualized in 15 minutes. Believe me.. you covered everything. Good Work

@Papun590 4 года назад

brother please if you understand make me understand it because ididint understand any thing

@abobakrabdellah7598 Месяц назад

I rarely comment on any video. But this amazing video forces me to comment. Great explanation. Thanks!

@agytjax 3 года назад

Wow. Entire Namespace condensed to 15 min and explained well as well. This should be the go-to tutorial for networking with Namespaces

@KodeKloud 3 года назад

Welcome🙏. All our videos are simple and easy to understand. Please subscribe to our channel & help us create more such videos.

@nikhilpurwant5030 2 года назад

Great Work KodeKloud! If the pings do not work - make sure you add ip addresses as 192.168.15.1/24 and 192.168.15.2/24 and for the bridge example make sure you also bring up the peer devices (veth-red-br and veth-blue-br) using following commands - sudo ip link set veth-red-br up and sudo ip link set veth-blue-br up before testing the pings.

@KodeKloud 2 года назад

Hi Nikhil, thanks for checking out our tutorial and for sharing the information. Do subscribe to our channel to stay posted on upcoming tutorials. Cheers!

@christianposta 2 года назад

Yeah, this helped me as well. The last thing that helped me was, the bridge traffic will traverse iptables by default… so either turn that off, or enable an “allow” policy for Forwarded traffic with “iptables -policy FORWARD ACCEPT”

@mintymintfresh Год назад

this is what i was missing.

@helgestegemoen73 Год назад

That helped me. Thanks :)

@zahurulhaque6377 3 года назад

Awesome video, Love this guy helped me pass my kube certs. BTW on amazon linux 2, I had to use 192.168.15.1/24 and 192.168.15.2/24 for red and blue namespaced network, otherwise could not ping.

@michalkosinski4459 Год назад

Same for me in Fedora , in other case I got Network is unreachable and cannot even ping own iface . Br, Michal

@helgestegemoen73 Год назад

Thanks. This worked for me on Ubuntu :)

@calebflenoury178 21 день назад

Yes same for me! I looked into this and apparently it's because the default subnet mask when creating the IP addresses for each namespace is 32 bits. This means that the namespaces act as single hosts that don't belong to a network. This prevents the Address Resolution Porotcol from finding the host that the IP address belongs to because it relies on a broadcast message and you can not broadcast on a network of one device. To fix this without changing the subnet mask on the IP's to be '/24' (24 bit) instead, i had to manually enter the IP address and corresponding interface into the routing table of each namespace. Like so: sudo ip netns exec red ip route add 192.168.15.2/32 dev veth-red sudo ip netns exec blue ip route add 192.168.15.1/32 dev veth-blue This allowed me to ping the namespaces successfully Also, I believe changing the subnet masks are also a completely valid way to achieve the same goal. I just wanted to give an alternative solution 😃

@NoProblem76 4 года назад

oh wow i've been trying to learn this for years and u made it so clear.

@Kodreanu23 4 года назад

Fantastic video! So short, down to the point. Thank you! Subscribed.

@pengdu7751 3 года назад

best 15 minutes I've spent today! thanks!

@UlissesOliva 4 года назад

That is completely perfect! Thank you vary much. It looks like that it's worth enough following this channel.

@TrungLe-lw4zm 4 года назад

This is probably one of the best video that could explain this concept

@shrutidalvi9202 4 года назад

This is the best explanation ever! Thank you so much.

@leamon9024 4 года назад

Awesome explanation! Thanks for all the hard work. Appreciate your effort.

@yoavklein123 2 года назад

Hi thanks for the video ! When following along, I noticed that there are 2 important things not mentioned in this video in order for this to work: 1. We need to set up the interfaces that are mastered by the bridge network. 2. We need to enable ip forwarding for the machine, i.e.: sysctl -w net.ipv4.ip_forward=1

@zyymcu 4 года назад

Great work ! This video deserves more thumb up! Thank you very much.

@drakezen 5 лет назад

Great explanation. Much appreciated!

@HosseinHosseinvand 3 года назад

Simple and Amazing. God bless you

@crutz3064 2 года назад

This is actually explained so well

@sandeepr5007 2 года назад

Awesome video with so much details compressed yet very much clear and precise explanation. Analogy was simply superb which I could not find in any videos and articles till now. Thank you :)

@sudhiris056 4 года назад

Excellent explanations. Super liked it... Thank you so much for this.

@shrish75 4 года назад

One of the best explanation in 15 mins

@oshoashram 4 года назад

Thanks ,wonderful explanation !!

@leelathati2280 5 лет назад

Great explanation!! Thanks.

@HXYZZZ 4 года назад

wow. Great explanation. thanks for putting this together.

@fase29 4 года назад

very well explained, great job!

@sir_enuf Год назад

This visualisation is just amazing. Thanks

@KodeKloud Год назад

Thanks for watching our video and sharing your thoughts. Do subscribe to our channel and stay tuned for more. Cheers!

@christymathew9035 2 года назад

God level teaching....Im literally speechless.Was struggling with openstack ping issues.this saved my life.

@saiyjin98 4 года назад

This is by FAR the best description of network namespaces I've ever seen! Thank you for putting this together!

@chandrag2536 4 года назад

Fantastic video...thank you.

@kalimuthu6831 3 года назад

Awesome video!!! Keep it up.

@hsubyron2277 Год назад

So well explained!!

@KodeKloud Год назад

Glad it was helpful!

@sujjalsheth2576 3 года назад

Appreciated, very simple and effective...

@KodeKloud 3 года назад

Glad it helped. Please subscribe to our channel for more such videos 😊

@samoh96 2 года назад

more than good level. great. thanks for sharing this smartly and clearly summarized video to public.

@KodeKloud 2 года назад

Hello, thank you for watching our video. We are glad that you liked our video. Do subscribe and stay connected with us. Cheers :)

@ofiry 7 месяцев назад

Amazing video. you basically answered all my questions!

@KodeKloud 7 месяцев назад

Thank you for the appreciation. You can check our videos related to DevOps and subscribe to our channel to stay updated with all the latest tools.

@mortezanik1148 2 года назад

Thank you for Awesome explanation!

@KodeKloud 2 года назад

You're very welcome!

@user-gl1fv2tu3h 3 года назад

Watching this video for the second time and it is as helpful as it was before, thank you so much 😁

@KodeKloud 3 года назад

Thanks😊 We make sure all the concepts are clearly explained. We have experts in our team who make even complex things look very easy. Please subscribe to our channel & help us create more such videos.

@jbragg33 5 месяцев назад

Amazing explanation, very clear, thank you

@KodeKloud 3 месяца назад

Glad it was helpful!

@tedpeng1862 3 года назад

this is really awesome explaination

@ravindra6028 3 года назад

again this video is such a master piece. Never saw any great video like this. Thanks from bottom of heart. This is what education should be. Figuring out from man pages it too much stressful

@spoown007 3 года назад

Very clear technical explanation , you can understand how networking is working within container, and between them! Really excellent, please continue...

@KodeKloud 3 года назад

Thanks for stopping by. Hope you saw our other videos on DevOps and other important tools.👍

@ujjwalrastogi9100 3 года назад

Thnks for informative vedio, this clear lots of thing for me regarding namespaces

@pankajchaurasia9105 Год назад

Awesome explanation. Simply superb video

@KodeKloud Год назад

Hello, thank you for watching our video. We are glad that you liked our video. Do subscribe and stay connected with us. Cheers :)

@iammrchetan 2 года назад

This is just awesome. Docker kept rolling in my mind for the entire video and helped me understand the implementation. Well, the first time, it went a little over my head because of less networking understanding. Watching it for many times to grasp everything. Thank you again, you're the best teacher!

@KodeKloud 2 года назад

WooHoo! We are so happy you love our videos. Please do keep checking back in. We put up new videos every week on all your favorite topics. Whenever you have the time, you must also check out website @kodekloud.com and tell us what you think. Have a good day!

@milossimicsimo 3 года назад

This is so damn good! Well explained and easy to follow.! Great source, thanks!

@KodeKloud 3 года назад

Thanks!😊😊😊

@moldrienperez9052 2 года назад

Great content! Very useful in this moment for me. Thank you very much!

@KodeKloud 2 года назад

Glad it was helpful!

@jjames7206 3 года назад

This is great great explanation!!

@KodeKloud 3 года назад

Thanks👍 Please subscribe and encourage us to provide more such quality content.

@a143r 3 года назад

excellent explanation, I. would watch this video 100 times, thanks

@KodeKloud 3 года назад

Wow, thanks! Please subscribe to the channel and support us.

@aliakbarhemmati31 5 лет назад

Another great content

@vaibhavmewada4508 2 месяца назад

Nice explanation

@upsangelhk 3 месяца назад

Great tutorial. The title can also be how to create a virtual Linux router. It s basically what a router do, besides the iptables rules then it completed.

@tahar1234 2 года назад

Excellent, that all I can say, THANK YOU

@KodeKloud 2 года назад

Glad you enjoyed it!

@jsaenzMusic Год назад

This was Outstanding! It helped me internalize the virtual networking I set up with my VM's and although I knew how to get things working, I now understand the fundamentals of why! Will be leveraging your services for sure!!!

@KodeKloud Год назад

Thank you for the appreciation. You can check our videos related to DevOps and subscribe to our channel to stay updated with all the latest tools.

@sovsemnetot 3 года назад

perfect explanation

@KodeKloud 3 года назад

Glad you liked it. Please subscribe to the channel and support us.

@ECX0x100h 2 года назад

This is the best video on namespaces I've come across thus far.

@KodeKloud 2 года назад

Comments like these motivate us to do more such videos. Thanks! Please subscribe to our channel for more such videos 😊

@ECX0x100h 2 года назад

@@KodeKloud By the way, I'm trying to run multiple VPNs simultaneously each within their own network namespace, then route subnets to their respective VPNs from the main system. You could do a video on how to do this if you want.

@imanebt8617 3 года назад

Please do more in depth courses like these (cgroups, overlay networks). I'm currently interested in what are pods concretely. From what I understood until now, it's just a bunch of containers (i.e a bunch of uts+pid+network+ipc) that belongs to the same network namespace.

@eryoung2172 3 года назад

Wow, a helpful video!

@jigneshpatel5469 Год назад

Bro. This is awesome. You helped me tremendously to understand this

@KodeKloud Год назад

Glad it helped!

@silvertad3833 4 года назад

excellent job

@zaherer2008 3 года назад

Teaching is a talent and you are amazingly talented. Best explanation ever

@KodeKloud 3 года назад

Wow, thank you! 😊

@reddinghiphop1 Год назад

Fantastic Video

@KodeKloud Год назад

Thank you very much!

@AnantaAkash.Podder Год назад

You are the Best Explainer Man... You truly make Difficult Topics understandable very easily...❤❤❤

@KodeKloud Год назад

Hey, thank you for appreciating our work. We are glad to have helped. Do check out our other tutorial videos and subscribe to us to stay connected. Cheers :)

@chaoukisouissi7092 Год назад

You are the best , bravo bravo🙏

@KodeKloud Год назад

Thanks a ton! Your support makes all the difference 💙

@KimsesizKedi Год назад

I can't skip without commenting. It was great! I enjoyed watching. For some reason mine didn't work but overall I learned A LOT.

@KodeKloud Год назад

Glad you enjoyed it! Check out our Early Black Friday offer to get upto 50% off on our Premium Courses: you can use our early Black Friday offer to enroll for our courses: b.link/wko6c6

@damirtheone 2 года назад

Well done! It seems like a too simple, too basic tutorial, but actually it covers, in an extremely simple way, so many important facts (I would say everything for the basic communication between namespaces/host/internal/external networks).

@KodeKloud 2 года назад

Hello, thank you for watching our video. We are glad that you liked our video. Do subscribe and stay connected with us. Cheers :)

@namitaigit 3 года назад

Amazing!

@victoriabressan4557 3 года назад

excelente!

@neilthomas5026 2 года назад

Great content tbh 👍🏾👍🏾👍🏾

@mrashad_com 2 года назад

WOW, in 15 mints you explained one of the most complicated subjects I didn't understand, simply by telling us the "why" I hope I can make 1000 like, thank you

@KodeKloud 2 года назад

We are glad you found our video helpful. Like and share our video with your peers and also do not forget to subscribe to our channel for not missing video updates. We will be coming up with more such videos. Cheers!

@edipocdf 11 месяцев назад

wow, really high level content, tks a lot for this.

@KodeKloud 10 месяцев назад

Glad you enjoyed it!

@saeedp92 3 года назад

So great

@g.t.3482 2 года назад

Thanks for posting this.. Great job!! It gets very confusing without animation and color coded diagrams.

@KodeKloud 2 года назад

Glad it was helpful!

@Angluar 4 года назад

Very Nice Video! Thx XD

@RegularEverydayNormalGuy Год назад

That intro is very smooth

@KodeKloud Год назад

Thanks a ton! Your support makes all the difference 💙

@miggyshiggy Год назад

Great visuals

@KodeKloud Год назад

Thanks a lot!

@kshitizjain9557 3 года назад

thanks for doing my coding assignment

@KodeKloud 3 года назад

You're welcome. Please subscribe to our channel and support us to do more such videos. Thanks 😊

@zenancai4656 3 года назад

Amazing video

@KodeKloud 3 года назад

Thanks! Please subscribe to the channel and support us.

@shalinikabilan7128 3 года назад

Exellent job

@zeeshanakhtar8081 4 года назад

Hi Mumshad, Thank soo much for video took me weeks to understand everything which you amazingly covered in just 15min. If possible also touch CI/CD pipeline (Jenkins) auto deployment networks within containers May Allah always bless you

@vellano.1637 5 лет назад

very good ! like it.

@amilcarchissola2262 2 года назад

Dammn Man, you are the Guy. thank you for this incredible lesson, I spent 1 week trying to understand these concepts, and now with your video, I understood everything in just 15 min.

@KodeKloud 2 года назад

Hello, thank you for watching our video. We are glad that you liked our video. Do subscribe and stay connected with us. Cheers :)

@kazifaisal-rj9js 2 месяца назад

very good video

@alexandersmirnov4274 3 года назад

you are the best!!!

@KodeKloud 3 года назад

Glad 🙂. Please subscribe and encourage us to provide more such quality content.

@user-jn5jg4lm9k 2 месяца назад

Wonderful explanation. If you do the same for other material it worth it spending the time to learn it

@navkang4 4 года назад

hats off !

@mouhammaddiakhate3546 3 года назад

This man is a genious.

@KodeKloud 3 года назад

Thanks!😊😊😊 Please subscribe to our channel for more such amazing videos.

@AronW4 2 года назад

Like * 1000000000 brilliant lesson

@tomknud 10 месяцев назад

That's a pretty thorough rundown of the internal networking facilities of OS's. The only thing that might make it better is if you brought up the places in the Linux codebase where these things are effected.

@KodeKloud 10 месяцев назад

Thank you so much : ) We are glad to be a part of your learning journey

@bimbumbamdolievori 3 года назад

enlightening

@KodeKloud 3 года назад

Thanks!

@imanebt8617 3 года назад

I don't understand the 6th downvotes, this video shed the light on so many things that other articles talk about and describe without saying what it actually is. All the articles I read say the fruit is round and may be green or red, while this video tells me directly that it is an apple.

@ClaudioPascual 2 года назад

Excellent tutorial. I had to explicitly bring up the `veth-*-br` devices -I don't see that in your video.

@coolcatson3 3 года назад

I needed to add /24 to the end of the ip's for this to work. ip -n red addr add 192.168.15.2/24 dev veth-red ip -n blue addr add 192.168.15.3/24 dev veth-blue

@vikas5951 2 года назад

Should we execute the commands on two different terminals ? should the bridge be created outside of both blue and red namespaces?

@Dipinthomas2003 5 лет назад

Hello Mumshad, Awesome video as always, thank you. Please let us know in few words how is network namespace different from using CNI like calico with namespace.

@Dipinthomas2003 5 лет назад

@@KodeKloud cool thank you for explanation.

@diskmandata4 3 года назад

In order to ping host itself one might need to bring loopback iface UP. Also to ping link host specify netmask /24 explicitly when you add your IP address, otherwise you might get "Network is unreachable" error.

@StanislavBashkirtsev 3 года назад

And if you already have this error and want to delete the incorrect IP address: ip -n red addr del 192.168.15.1/32 dev veth-red

@AimAmit 2 года назад

you are life saver man. Thanks

@sir_enuf Год назад

Thank you this fixed it for me :D To be more exact, first, as Stani said, delete the address you added to the interface: ip -n red addr del 192.168.15.1/32 dev veth-red Then, rerun the command that was featured in the tutorial except that you explicitly add the /24 at the end of the IP: ip -n red addr add 192.168.15.1/24 dev veth-red

@evolagenda 2 года назад

After ensuring the prefix was ip/netmask I also had to add an ip in the same range as the namespaces to the vswitch or "bridge" which was confusing since nothing is being routed. sudo ip addr add / dev You can also set this to n.n.n.0/

@yxs8495 4 года назад

Like @Honey Bee below I had to add full CIDR address. Also make sure all network interfaces are up e.g. sudo ip link set veth-blue-br up etc. This is not shown in the video

@solracthegreat1002 2 года назад

Many thanks for the great explanation, is it the same to link a Veth to a container than to a name space? Can you explain it using LXD please?

@ravindra6028 3 года назад

i was struggling with all this brige link etc for 1 month and you cleared it in 15min. This is cheating lol . Thanks :)

@rashie Год назад

👍👍

@KodeKloud Год назад

Thanks for watching our video. Cheers!

@jen_peter 2 года назад

Hi, It's an amazing summary! I was wondering if this method can be used to run separate programs in the separate namespaces and when I communicate with an outside API, will the API see separate IP addresses as well or will se the same since it's coming from the same Bridge and host? Thanks!

@KodeKloud Год назад

If you create a new network namespace and run a process in it, the process will have its own network stack and IP address. If you use a network namespace with a shared network stack, then the namespace and the host will share the same network stack and IP address.