03 February 2021
Docker Networking
Docker runs the application inside the docker containers, and as different parts of the application present in different containers, all the containers should be connected with each other for the application to work. So docker needs networking for the container’s communication.
Docker networking is a pluggable system means we can use third party network drivers to extend the built in network functionality. When docker is installed, three networks are configured by default, i.e. none, host and bridge. The none and host are important components and cannot be removed. The bridge network is configurable so we can configure it. The bridge network is also known as docker0 network.
Docker provides commands to create networks. One docker container can be configured to use more than one network. A container which is attached to multiple networks can communicate with other containers connected within the same network.
Docker Network Drivers
Docker contains mainly five network drivers: Bridge, Host, None, Overlay and Macvlan
Bridge: This is the default network created by docker on the host machine on which it is installed. This network automatically creates an IP subnet and gateway. Containers attached to this network are a part of the same subnet. So, containers connected to this network communicate via IP addressing. The Bridge network is useful when the application runs in standalone containers that need to communicate. We can check the network definition by inspecting it which at the end will return a JSON object containing the description of the network.
Host: In the Host networking, this driver is used for standalone containers. If a container is attached to the Host driver then the isolation between the docker host and docker containers are removed and the container will not be allocated any IP address. So, in this case the docker containers will directly use the host’s network.
None: In this type of networking the containers are not attached to any network. The containers are not attached to other containers or any other networks and have no access to the external network. This type of networking is used when there is a requirement to disable the networking stack on a particular container.
Overlay: The Overlay network driver is used to create an internal private network spanning across all the docker swarm nodes in the swarm cluster. It is important that the containers can communicate with each other securely even when the containers are running on different hosts and are on different containers. In this scenario the Overlay networking comes into play. It allows to create a secure, layer-2 network, spanning multiple hosts. Containers connected to this network can communicate directly.
Macvlan: This network assigns a MAC address to a container. This makes it appear as a physical device in the network. The Docker daemon routes any coming traffic to the container using the MAC address assigned to them. Macvlan network simplifies the container communication.
There are also many third party network plugins available which can be used for the network communication.
Docker Networking Commands
List Docker networks: To list all the networks run the below command:
- docker network ls
Create a Docker network: To create a docker network run the below command:
- docker network create –driver <driver-name> <network-name>
List network commands: To list the available network commands run the below command:
- docker network help
Removing a network: To remove a specific network run the below command
- docker network rm <network-name/network-id>
Removing unused network: To remove all the unused network run the below command:
- docker network prune
Inspecting a network: To get detailed information about the network run the below command:
- Docker network inspect <network-name/network-id>