Each container gets assigned an IP address to be able to communicate with other containers inside the same host.
To be able to communicate with applications outside of the host, we map the port of the application running inside the container to a port on the host.
Only the IP address of the host is used for external communications.
To be able to use the IP addresses of the containers outside of their host, we assign unique IP addresses to the containers and we use a network plugin like Flannel to route traffic between containers that "live" on different hosts.
Flannel is responsible for allocating an IP address range to thecontainers.
Flannel runs as a daemon called "flanneld" on each host that is running containers .
Flannel uses the TUN/TAPLinux devices to create UDP - layer 3 -to encapsulate IP packets.
The TUN represents the IP layer in a way and TAP represents the hardware layer or the Ethernet layer.
Flannel keeps track of the each container IP address along with the IP address of the host it "lives" on in some sort of routing table.
The above table tells us that the container"172.18.0.1", for example, lives on the "192.168.0.1" host.
The containers IP addresses and the host IP addresses live on different networks.