# Reference: Mapping VPC Docker Network Tabella di riferimento rapido per i parallelismi tra reti Docker e VPC cloud. ## Tabella Parallelismi Principali | Concetto Docker | AWS VPC Equivalente | Descrizione | |-----------------|---------------------|-------------| | Bridge Network | VPC | Rete virtuale isolata | | Subnet (10.0.x.0/24) | Subnet CIDR | Segmento IP all'interno VPC | | Container | EC2 Instance | Entita di calcolo nella rete | | `--internal` flag | Private Subnet (no IGW) | Isolamento da internet | | `--gateway` | Subnet Gateway | Gateway predefinito subnet | | DNS embedded | Route 53 Resolver | Risoluzione nomi | | `docker network connect` | Attach Network Interface | Collegamento a rete | | Port mapping (`8080:80`) | Security Group + NAT | Regole accesso + NAT | ## Comandi a Confronto ### Creazione VPC/Subnet | Operazione Locale | Comando AWS | |-------------------|-------------| | `docker network create --driver bridge --subnet 10.0.1.0/24 vpc-main` | `aws ec2 create-vpc --cidr-block 10.0.0.0/16` | | `--subnet 10.0.1.0/24 --gateway 10.0.1.1` | `aws ec2 create-subnet --vpc-id VPC_ID --cidr-block 10.0.1.0/24` | | `--internal` | No route to Internet Gateway | ### Gestione Reti | Operazione Locale | Comando AWS | |-------------------|-------------| | `docker network ls` | `aws ec2 describe-vpcs` | | `docker network inspect vpc-main` | `aws ec2 describe-vpcs --vpc-ids VPC_ID` | | `docker network rm vpc-main` | `aws ec2 delete-vpc --vpc-id VPC_ID` | ### Container in Rete | Operazione Locale | Comando AWS | |-------------------|-------------| | `docker run --network vpc-main nginx` | `aws ec2 run-instances --subnet-id SUBNET_ID` | | `docker network connect vpc-main container` | `aws ec2 attach-network-interface` | | `docker network disconnect vpc-main container` | `aws ec2 detach-network-interface` | ## CIDR Blocks Standard | Tipo Locale | Cloud CIDR | Uso | |-------------|------------|-----| | `10.0.0.0/16` | `10.0.0.0/16` | VPC principale | | `10.0.1.0/24` | `10.0.1.0/24` | Public subnet (1a) | | `10.0.2.0/24` | `10.0.2.0/24` | Private subnet (1a) | | `10.0.3.0/24` | `10.0.3.0/24` | Private subnet (1b) | | `10.0.4.0/24` | `10.0.4.0/24` | Public subnet (1b) | ## Nomenclatura Cloud (PARA-02) ### Pattern di Naming ``` [Rolle]-[Ambiente]-[Tipo]-[Zona] Esempi: lab02-vpc-public (VPC pubblica lab) lab02-vpc-private (VPC privata lab) prod-vpc-main (VPC produzione) dev-app-public-1a (Public subnet dev, AZ 1a) ``` ### Tag Docker Networks ```bash # Aggiungi metadata alle reti docker network create \ --label env=development \ --label tier=frontend \ --label owner=lab02 \ frontend-network ``` ## Security Groups ↔ Docker Isolation | Security Group AWS | Docker Equivalente | |--------------------|---------------------| | All traffic from SG | Containers in same network | | No ingress rules | `--internal` network | | Specific port allow | Port mapping `127.0.0.1:PORT:CONTAINER` | | SG reference type | Multi-network container | ## Routing AWS ↔ Docker Bridge | AWS Route | Docker Bridge | |-----------|---------------| | Internet Gateway | Container host routing | | NAT Gateway | Container port mapping | | VPC Peering | `docker network connect` (shared) | | Transit Gateway | Multi-network container (router) | ## Limitazioni | Aspetto | Docker Locale | AWS Cloud | |---------|---------------|-----------| | Host scope | Singolo host | Multi-AZ, multi-region | | External access | NAT/Port mapping | Internet Gateway, NAT Gateway | | DNS resolution | Embedded DNS | Route 53 | | Network ACL | Non disponibile | Network ACLs disponibili | | Flow logs | Non disponibile | VPC Flow Logs disponibili | ## Comandi Utili ```bash # Verifica subnet di una rete docker network inspect vpc-public --format '{{range .IPAM.Config}}{{.Subnet}}{{end}}' # Trova container per IP docker ps -q | xargs docker inspect --format '{{range .NetworkSettings.Networks}}{{.IPAddress}} {{end}}{{.Name}}' # Simula VPC topology multi-tier docker network create --subnet 10.0.1.0/24 public docker network create --subnet 10.0.2.0/24 private docker network create --subnet 10.0.3.0/24 data ``` ## Vedi Anche - [Explanation: Docker VPC Parallels](../explanation/docker-network-vpc-parallels.md) - [How-To: Create Custom Network](../how-to-guides/create-custom-network.md)