Docker - Network

Card Puncher Data Processing

About

After the docker installation you have 3 networks by default. A container is created in the bridge (docker0) network by default.

docker network ls
NETWORK ID          NAME                DRIVER              SCOPE
bb7eed89ed8f        bridge              bridge              local
c98218bf8e12        host                host                local
900385c9a1f0        none                null                local

Driver

  • built-in network drivers:bridge, overlay and macvlan.
  • plug-in network drivers

Bridge

The bridge driver creates a private network internal to the host so containers on this network can communicate.

If you want to access them from the outside you have to grant external access by (exposing|mapping) the ports. See port. It will map the port of your container to the port of your real server (the host network). After that accessing your server on 8080 will route to your bridge network on port 8080.

docker run -p 8080:8080

Everything in the bridge network is in the private range of “Subnet”: “172.17.0.0/16”

Full Example of a fictitious app comprised of a web and db container:

# Create a bridge
docker network create -d bridge mybridge
# Create a container named db (--name) with the myDBImage image on the mybridge network (--net) as a daemon (-d)
docker run -d --net mybridge --name db myDBImage
# Create a container named web (--name) with the myWebImage image on the mybridge network (--net) as a daemon (-d)
# set the environement varaible DB (-e) and open the container's port 5000 to the host as 8000 (-p)
docker run -d --net mybridge -e DB=db -p 8000:5000 --name web myWebImage

The bridge driver is a local scope driver, which means it only provides service discovery, IPAM, and connectivity on a single host. Multi-host service discovery requires an external solution that can map containers to their host location. This is where overlay drivers help.

Host

All containers in the host network are able to communicate with each other on the host interface. see Docker - Host Network

Compose

By default Compose sets up a single network for your app. Each container for a service joins the default network and is both reachable by other containers on that network, and discoverable by them at a hostname identical to the container name.

Network Mode

The app’s network is given as name: project name + _default

version 2.0

network_mode: "bridge"
network_mode: "host"
network_mode: "none"
network_mode: "service:[service name]"
network_mode: "container:[container name/id]"

where:

Port

Networked service-to-service communication use the CONTAINER_PORT. When HOST_PORT is defined, the service is accessible outside as well.

services:
  db:
    image: postgres
    ports:
      - "8001:5432"

The connection string to db would look like:

Management

Command Description
docker network connect Connect a container to a network
docker network create Create a network
docker network disconnect Disconnect a container from a network
docker network inspect Display detailed information on one or more networks
docker network ls List networks
docker network prune Remove all unused networks
docker network rm Remove one or more networks

Create

A network is created on the host.

network create

docker network create [OPTIONS] NETWORK

List

All

docker network ls
NETWORK ID          NAME                DRIVER              SCOPE
38a952454ba6        bridge              bridge              local
af83ed7a2409        dockerelk_elk       bridge              local
c11d9bd528c9        host                host                local
d06e4bcb5131        none                null                local

One

docker network inspect bridge
[
    {
        "Name": "bridge",
        "Id": "38a952454ba65f5448f4d796ca5c638c32d67f35ee68fb9df521e7c51dd003b4",
        "Scope": "local",
        "Driver": "bridge",
        "EnableIPv6": false,
        "IPAM": {
            "Driver": "default",
            "Options": null,
            "Config": [
                {
                    "Subnet": "172.17.0.0/16",
                    "Gateway": "172.17.0.1"
                }
            ]
        },
        "Internal": false,
        "Containers": {},
        "Options": {
            "com.docker.network.bridge.default_bridge": "true",
            "com.docker.network.bridge.enable_icc": "true",
            "com.docker.network.bridge.enable_ip_masquerade": "true",
            "com.docker.network.bridge.host_binding_ipv4": "0.0.0.0",
            "com.docker.network.bridge.name": "docker0",
            "com.docker.network.driver.mtu": "1500"
        },
        "Labels": {}
    }
]

Documentation / Reference





Discover More
Docker Host Virtualbox
Docker - (Virtual) Host (or Machine or Server) - Docker Type

a machine where docker server run or a network An host (or machine) is: a virtual host that you can see running in your virtual machine provider (such as virtual box). is managed through the...
Docker Daemon
Docker - Daemon - dockerd

The daemon is: a self-sufficient runtime for containers. a background service running on the host that manages building, running and distributing Docker containers. The daemon creates and manages...
Card Puncher Data Processing
Docker - Docker Root Dir (Docker Data Storage Path)

The docker root dir is the root path where all data docker is stored. Log into the host And select it where:
Card Puncher Data Processing
Docker - Host Network

An host net is a docker network. host machine The container’s network stack is not isolated from the Docker host. All containers in the host network are able to communicate with each other on the...
Card Puncher Data Processing
Docker - docker client

The CLI uses the Docker REST API to control or interact with the Docker daemon where subcommand is: attach - Attach to a running container build - Build an image from a Dockerfile commit -...



Share this page:
Follow us:
Task Runner