Docker Network

Docker networking is a crucial aspect of containerization, allowing containers to communicate with each other and the outside world. In this article, we’ll delve into the world of Docker networking, exploring the different types, how to create, modify, and delete networks, and highlighting important points to keep in mind.

• bridge: The default network type, which creates a bridge between the host machine and the container. This network is suitable for most use cases. If you don’t specify a driver, this is the type of network you are creating. Bridge networks are usually used when your applications run in standalone containers that need to communicate. See bridge networks.

• host: This network type allows containers to use the host machine’s network stack, making them appear as if they’re running directly on the host. For standalone containers, remove network isolation between the container and the Docker host, and use the host’s networking directly. See use the host network.

  In VMware or other hypervisor terminology bridged network means the network on your physical interface and host network means within your VMs only. But it is in reverse in docker.

• overlay: Overlay networks connect multiple Docker daemons together and enable swarm services to communicate with each other. You can also use overlay networks to facilitate communication between a swarm service and a standalone container, or between two standalone containers on different Docker daemons. This strategy removes the need to do OS-level routing between these containers. See overlay networks.

• ipvlan: IPvlan networks give users total control over both IPv4 and IPv6 addressing. The VLAN driver builds on top of that in giving operators complete control of layer 2 VLAN tagging and even IPvlan L3 routing for users interested in underlay network integration. See IPvlan networks.

• macvlan: Macvlan networks allow you to assign a MAC address to a container, making it appear as a physical device on your network. The Docker daemon routes traffic to containers by their MAC addresses. Using the macvlan driver is sometimes the best choice when dealing with legacy applications that expect to be directly connected to the physical network, rather than routed through the Docker host’s network stack. See Macvlan networks.

• none: For this container, disable all networking. Usually used in conjunction with a custom network driver. none is not available for swarm services. See disable container networking.

• Network plugins: You can install and use third-party network plugins with Docker. These plugins are available from Docker Hub or from third-party vendors. See the vendor’s documentation for installing and using a given network plugin.

Create docker network

To create a Docker network, use the following command:

1

docker network create <network_name>

Replace <network_name> with the desired name for your network. You can also specify additional options, such as the driver and subnet, using flags:

1
2
3

docker network create learning - This command will create a network called learning.
docker network create --driver bridge --subnet 172.20.0.0/16 my_network
docker network create --driver bridge --subnet 192.168.0.1/24 --gateway 192.168.0.1 db-network 

Create a docker container in custom network

Command to create a docker container in custom network: docker run -ti --net NetworkName --name ContainerName ImageName

Ex: docker run-ti --net learning --name UbuntuCustomNetwork ubuntu - This command will create a container called UbuntuCustomNetwork and add the learning network created above to the container.

Change docker container Network

Command to change network for a docker container:docker network connect NetworkName ContainerNameorID

Ex: docker network connect learning objective_wilson - This command will connect the network called “learning” to the container called “objective_wilson”.

View Docker Network

docker inspect containerid/name shows docker container details in which you will find the network name and ip details.

docker network ls to view all networks in your docker host.

docker network inspect NetworkName Ex: docker network inspect bridge - shows bridge network details like subnet etc…

Viewing docker container details along with network

docker ps -a --format '{{ .ID }}\t{{ .Names }}\t{{ json .Networks }}' - This command shows docker container id, name, and network details.

Modifying a Docker Network

To modify an existing Docker network, use the following command:

1

docker network update <network_name>

You can update various settings, such as the subnet or gateway, using flags:

1

docker network update --subnet 172.20.0.0/16 --gateway 172.20.0.1 my_network

Attach network to a container

docker run --name ubuntu2 --network none ubuntu creates a container called ubuntu2 from the ubuntu image and adds it to none network.

Deleting a Docker Network

To delete a Docker network, use the following command:

1

docker network rm <network_name>

Important Points to Keep in Mind

1. Network Isolation: Containers on the same network can communicate with each other, but containers on different networks cannot.
2. Network Drivers: Docker provides several network drivers, including bridge, host, and overlay. Each driver has its own strengths and weaknesses.
3. Subnet and Gateway: When creating a network, you can specify a subnet and gateway to define the network’s IP range and default gateway.
4. Container Networking: Containers can be connected to multiple networks, allowing them to communicate with different sets of containers.
5. Network Security: Docker networks provide a level of isolation, but you should still implement additional security measures, such as firewalls and access controls, to secure your containers.

In conclusion, Docker networking provides a flexible and powerful way to manage container communication. By understanding the different types of networks, how to create, modify, and delete networks, and keeping important points in mind, you can design and implement a robust and secure containerized infrastructure.