Docker Network Management

Introduction

Docker provides various options for managing networking between containers and between containers and the host system

Docker's network management features allow developers to easily create and manage network connections between containers and between containers and the host system

• Bridge network driver: Creates a virtual bridge network that allows containers to communicate with each other and with the host system
• Host network driver: Removes the network isolation between the container and the host system, and allows the container to use the host system's networking stack
• None network driver: Disables networking for the container, which means that the container cannot connect to the network or access the Internet
• Overlay network driver: Creates a multi-host network that spans multiple Docker hosts, allowing containers to communicate with each other across hosts

Short hands on

Creating 2 containers

docker run -d --name myWEB nginx

# The second container
docker run -d --name myWEB2 nginx

Now we if check our network interfaces

ifconfig
veth14ce8a6
veth5e588d5

👉 We will be able to see 2 new interfaces that are created automatically when the containers are created

Using following command we can check bridge interface details

brctl show docker0
bridge name bridge id       STP enabled interfaces
docker0     8000.0242cc3ec3d9   no      veth14ce8a6
                            veth5e588d5

👉 So as we didn't use the -it command when running the container, we can use

docker exec -it myWEB /bin/bash

✨ This will let us connect to the bash shell of our nginx server image

Now we need to check the interface and IP address of this container

apt-get update && apt-get install net-tools

ifconfig
ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 172.17.0.2  netmask 255.255.0.0  broadcast 172.17.255.255

If we check on our second container

eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 172.17.0.3  netmask 255.255.0.0  broadcast 172.17.255.255

We are able to confirm that

myWEB1 => eth0: 172.17.0.2
myWEB2 => eth0: 172.17.0.3

Another thing we can try is creating a custom bridge

docker network create --driver=bridge \
--subnet=10.1.1.0/24 \
--ip-range=10.1.1.0/24 \
--gateway=10.1.1.1 myNet

To confirm

docker network ls

dd6eaf504ee5        myNet               bridge              local

If we check the local host network interfaces

ifconfig

br-dd6eaf504ee5: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
        inet 10.1.1.1  netmask 255.255.255.0  broadcast 10.1.1.255

We can also inspect using

docker network inspect myNet

So what if we want to run a new container using our Network interface?

docker run -d --net myNet -p 80:80 --name myNet_nginx1 nginx

docker run -d --net myNet -p 8080:80 --name myNet_nginx2 nginx

We are actually performing port forwarding here

If we use the Host Linux's base Interface IP address,

This will mean that we need to tell each client that they need to connect to either port 80 or port 8080 to access the website. This is not a very efficient way. This is where we could potentially use a Proxy server (HAproxy Docker Image) along with the Net-alias

In this post, I shared some of the basic network management tools used in Docker. In the future posts, I will be sharing how we can actually utilize Proxy with the net-aliases ✔