Docker Networking Configuration

The Docker engine automatically creates a bridge network and, unless otherwise specified, by default all containers in the host connect to it. So, with respect to the Solace PubSub+ software event broker Docker Container, unless otherwise specified with the --network=<network> option when the software event broker is created, it is automatically connected to the default bridge network using the bridge network-driver. Beginning with release Solace PubSub+ software event broker 8.8.0, software event broker Docker Containers support the bridge network-driver.

Network Drivers & Limitations

The following table lists the network-drivers supported by Solace PubSub+ software event broker Docker Containers.

Host Tenancy Supported Network-Driver Limitations
Single-Tenant (one container per host) bridge, host

Use of the host network-driver is recommended wherever possible; especially in use-cases with large numbers of client connections.

Solace PubSub+ software event broker Docker Containers in Windows or macOS environments support only single-tenant deployments with bridge networking.

Multi-Tenant (more than one container per host) bridge

Support is provided for only one physical interface per container.

Not supported by software event broker Docker Containers in Windows or macOS environments

Port Publishing in Single-Tenant Scenarios

When the bridge network-driver is used in single-tenant scenarios, the ports the software event broker will use must be published using the --publish option when the container is created.

For example, if a software event broker Docker Container uses service ports 8080 for SEMP / PubSub+ Manager / SolAdmin, and 55555 for SMF/non-compressed message data connections, they need to be published at container creation.

docker create \
<list of options> \
--publish 8080:8080 \
--publish 55555:55555 \
--name=solace solace-app:<version-edition>

Port Publishing in Multi-Tenant Scenarios

In multi-tenant scenarios, where the bridge network-driver is applied, ports used by the software event brokers must be both published, as in the single tenant scenario, and mapped to unused host ports to prevent port collisions amongst the software event brokers.

For example, consider two software event broker Docker Containers residing on a common host. The first software event broker uses these ports for the following services: 8080 for SEMP / PubSub+ Manager / SolAdmin, and 55555 for SMF/non-compressed message data connections. These can be mapped to unused host ports 10000 and 10001 with the --publish option when the container is created.

docker create \
<list of options> \
--publish 10000:8080 \
--publish 10001:55555 \
--name=solace1 solace-app:<version-edition>

Likewise, the second software event broker also uses the same container ports, and to prevent collisions they are mapped to unused host ports 20000 and 20001 with the --publish option.

docker create \
<list of options> \
--publish 20000:8080 \
--publish 20001:55555 \
--name=solace2 solace-app:<version-edition>

Now, consider the situation where those two software event brokers are going to be members of HA groups with software event brokers that reside on other hosts. As well as publishing and mapping the basic services as illustrated above, each software event broker's redundancy first listen port must be set to an unused container port and mapped 1-to-1 with a corresponding unused port on the host. To continue with the example, on the first software event broker the service/redundancy/firstlistenport configuration key is used to assign the redundancy first listen port to unused container port 11000, and then is published and mapped 1-to-1 to host port 11000.

:  Three sequential ports are used for redundancy, so there must be three unused sequential ports available, and random port mapping must not be used.

docker create \
<list of options> \
--publish 10000:8080 \
--publish 10001:55555 \
--env 'service_redundancy_firstlistenport=11000' \
--publish 11000:11000 \
--publish 11001:11001 \
--publish 11002:11002 \
--name=solace1 solace-app:<version-edition>

Likewise, on the second software event broker, a similar assignment and mapping is required. In this situation, the redundancy first listen port is mapped to port 21000.

docker create \
<list of options> \
--publish 20000:8080 \
--publish 20001:55555 \
--env 'service_redundancy_firstlistenport=21000' \
--publish 21000:21000 \
--publish 21001:21001 \
--publish 21002:21002 \
--name=solace2 solace-app:<version-edition>

It should be noted that all service ports are configurable with configuration keys. The default ports are listed at Default Configuration for Software Event Brokers and the Solace PubSub+ software event broker configuration keys are listed in the List of Configuration Keys.