search
Exit Documentation
githubEdit

network-wiredVLAN

Enable private networking between Discloud applications using VLAN and HOSTNAME in discloud.config.

hashtag
🧾 Overview

The VLAN feature lets multiple Discloud applications communicate over an isolated private network (container-to-container) without exposing internal services publicly. Typical scenarios:

Service
Purpose
Example

Backend API

Business logic

api app calling database

Database

Persistent storage

MongoDB / PostgreSQL template or container

Cache

Low-latency data

Redis instance

circle-info

Traffic stays within the Discloud infrastructure. No public ingress is created for services accessed only via the private hostname.

hashtag
⚙️ Configuration (discloud.config)

Add the following keys to each application that should participate in the private network:

discloud.config
# ...
NAME=My Mongo Server
VLAN=true
HOSTNAME=mymongoserver
#       |      ^     |
#       |      Private network name for this application
Key
Required
Description

VLAN

Yes

Enables private networking for the application

HOSTNAME

Recommended

Custom hostname alias for other apps to reach this one

circle-exclamation

If two apps set the same HOSTNAME, behavior is undefined. Keep hostnames unique and lowercase (letters, digits, hyphens).

hashtag
🧷 Example: MongoDB Service + Backend

Service app:

Backend connection code:

hashtag
🧵 Hostname Conventions

Rule
Recommendation

Characters

a-z 0-9 - only

Length

1–25 chars

hashtag
🛡️ Security Notes

Aspect
Detail

Isolation

Only apps you deploy with VLAN enabled can reach each other

Exposure

No automatic public port publishing

Secrets

Still store credentials via environment variables

Principle

Disable VLAN on apps that do not need internal reachability

circle-check

Combine VLAN with environment-scoped credentials for least privilege.

PreviousVersionsNext.discloudignore

Last updated