Here is a hands on tutorial on docker bridge networks. Feel free to install docker and follow along
Show all the docker networks
docker network ls
This command will list all the docker networks currently running on the host machine which is generally your computer. The list would include the driver and the scope of the docker networks.
Creating a custom network in docker
Lets spin up two light-weight containers
docker run -dit --name container-one alpine
docker run -dit --name container-two alpine
On looking them up on the running containers list it would appear that the two light-weight containers that we have created are not listening on any port.
docker ps // command to look up the running container
However, by default all containers in docker are connected to the bridge network.
docker network inspect bridge
Inspecting the bridge network of the docker ecosystem would return the response in form of a json. Under the
Containers key of the response you will see both the light-weight containers connected to the default bridge network.
Let’s ssh into container-one with the ash shell and try pinging the other container. The ping command may be used to ping a host. The number of pings to the host can be limited with the -c flag.
docker exec -it container-one ash
/ # ping -c 5 container-two
This would fail with
ping: bad address ‘container-two’
The ip of the containers is specified in the response from docker network inspect bridge under the Containers key. Lets say the ip of container-two happens to be 172.17.0.3.
/ # ping -c 5 172.17.0.3
This would return a successful ping to the other container over the default bridge network which goes by the name docker0.
However the default bridge network is not recommended in production.
User defined Bridge Network
User defined Bridge networks in docker are custom bridge networks.
Create a user defined bridge network
docker network create user-defined-bridge
The command creates a user defined bridge of the name
user-defined-bridge. The newly created network can be seen on running the command
docker network ls
To connect a container to a user defined bridge, the name of the network should be explicitly specified in the docker run command while creating the container
docker run -dit --name container-three network="user-defined-bridge" alpine
That was networking in docker with the bridge driver. The other drivers are the host, the overlay and the macvlan. The command to see the network drivers in docker is:
docker info | grep Network
Container Network Model
Docker uses the libnetwork which is an implementation of the Container Network Model. The Container Network Model(CNM) is an interface that formalizes the steps required to provide networking for containers while providing the abstraction required to support multiple network drivers. The main components of CNN are:
The sandbox contains the configuration for the container’s network stack including the container’s routing table and DNS settings.
The endpoint is usually a veth pair. The endpoint joins the sandbox to the network
The network is a group of endpoints that can communicate with each other directly.
All the above network drivers provided by the libnetwork.
Estimated reading time: 3 minutes One of the reasons Docker containers and services are so powerful is that you can…
This document describes how libnetwork has been designed in order to achieve this. Requirements for individual releases…