Docker takes care of the networking aspects so that the containers can communicate with other containers and also with the Docker Host. When Docker is installed, a default bridge network named docker0 is created. Each new Docker container is automatically attached to this network, unless a custom network is specified.
Docker comes with network drivers geared towards different use cases. The most common network types being: bridge, overlay, and host.
Bridge networking is the most common network type. It is limited to containers within a single host running the Docker engine. Bridge networks are easy to create, manage and troubleshoot.
For the containers on bridge network to communicate or be reachable from the outside world, port mapping needs to be configured.
To create a bridge network named my-bridge-net , pass the argument bridge to the -d (driver) parameter as shown below:
# docker network create -d bridge my-bridge-net
An overlay network uses software virtualization to create additional layers of network abstraction running on top of a physical network. In Docker, an overlay network driver is used for multi-host network communication. This driver utilizes Virtual Extensible LAN (VXLAN) technology which provide portability between cloud, on-premise and virtual environments. VXLAN solves common portability limitations by extending layer 2 subnets across layer 3 network boundaries, hence containers can run on foreign IP subnets.
To Create Network
To create an overlay network named my-overlay-net, you’ll also need the –subnet parameter to specify the network block that Docker will use to assign IP addresses to the containers:
# docker network create -d overlay –subnet=192.168.10.0/24 my-overlay-net
Some common operations with Docker networking include:
- Inspect a network: To see a specific network’s configuration details like subnet information, network name, IPAM driver, network ID, network driver, or connected containers, use the docker network inspect command.
- List all networks: Run docker network ls to display all networks (along with their type and scope) present on the current host.
- Create a new network: To create a new network, use the docker network create command and specify if it’s of type bridge (default), overlay or macvlan.
- Run or connect a container to a specific network: Note first of all, the network must exist already on the host. Either specify the network at container creation/startup time (docker create or docker run) with the –net option; or attach an existing container by using the docker network connect command. For example:
# docker network connect my-network my-container
- Disconnect a container from a network: The container must be running to disconnect it from the network using the docker network disconnect command.
- Remove an existing network: A network can only be removed using the command docker network rm if there are no containers attached to it. When a network is removed, the associated bridge will be removed as well.
Directly linking containers
It is possible to directly link one container to another using the –link option when starting a container. This allow containers to discover each other and securely transfer information about one container to another container. However, Docker has deprecated this feature and recommends creating user-defined networks instead.
As an example, imagine you have a mydb container running a database service. We can then create an application container named myweb and directly link it to mydb:
# docker run –name myweb –link mydb:mydb -d -P myapp python app.py
References:
- https://docs.docker.com
- from Miscellaneous technical websites.