After trying out Cosmos Cloud (and it not working for the clients), I’m back at square one again. I was going to install Docker Desktop, but I see it warns that it runs on a VM. Will this be a problem when trying to remote connect to certain services, like Mealie or Jellyfin?
I didn’t have too much coffee, you had too much coffee.
IP address: a machine’s address on a network. Like a street address.
Port: a numbered door on that machine. The IP gets you to the building; the port gets you to the right room. Different programs listen on different ports.
DNS: the phonebook. Maps friendly names like example.com to IPs so you don’t have to memorize numbers.
Router: the doorman between your home and the internet. Stuff inside can reach out; nothing gets in unless you tell it to.
Container: a sandboxed mini-computer running on your machine. Isolated by default. You map a host port to a container port to let traffic in.
Reverse proxy: a switchboard. One program that takes all incoming traffic and routes it to the right service based on the hostname.
Welcome to foggy’s IP, ports, and containers lesson, take a shot of espresso, we’re going in!
special IP addresses:
127.0.0.1 - “This same machine.” Talking to yourself. Also written as localhost.
192.168.x.x - private home network range. What your router hands out to your devices. Not routable on the internet. 10.x.x.x - another private range. Bigger, used by businesses and some routers. Same idea as 192.168.
172.16.x.x to 172.31.x.x - the third private range. Docker likes this one for its internal container networks.
0.0.0.0 - “all interfaces” or “any address.” When a service binds to this, it means “listen on every network this machine is connected to.” Also sometimes means “no specific address” depending on context.
255.255.255.255 - brosdcast. “Everyone on this network.” Rarely something you’ll type, but you’ll see it.
169.254.x.x - link-local. What your machine assigns itself when it wanted a DHCP address from the router but didn’t get one. If you see this, something’s wrong with your network.
Port talk:
Ports 0-1023: well-known ports. Reserved for standard services. On Linux you need root to bind to these. The ones you’ll actually see:
Ports 1024-49151: registered ports. Assigned to specific apps by convention. A sampling:
Nothing enforces these: they’re just conventions. You could run Jellyfin on port 7777 if you wanted.
Ports 49152–65535: ephemeral ports. A neato part:
When you connect to a servers port 443, for example, your machine connects to the server’s port 443, but it also needs a port on your end for the server to send replies back to. Your OS grabs a random unused port from this high range, uses it for that one connection, and releases it when done. Thus, ‘ephemeral’
Containers? Sure:
A container is a program packaged in a bubble. It’s basically a VM without the machine part. Let’s say you wanna run Jellyfin AND Plex. Let’s say tomorrow there’s a brand new video file format and Jellyfin supports it and Plex doesn’t. Jellyfin needs to use some new version of ffmpeg that Plex cannot use. The solution? Containers.
Each program is containered with what it needs to run happily. Nothing more. Your machine does the rest.