Docker networking

Docker containers will often need to communicate to other servers. Networking will enable this.

Network design is part of deployment architecture and can help with container isolation.

Bridge networks

A bridge network is a subnet on the host, e.g. 172.20.0.0/16

Creating a network

To add a new network named example_network with a subnet 172.20.0.0/16, run:

$ docker network create --subnet 172.20.0.0/16 example_network
b6df28662f17b32787e770a5404820178e3968af277cbe6e873ff97cbaf944c9

This creates the network on the host,

Running a container in a network

To start a container inside a given network, use the --network option, for example:

$ docker container run --network example_network httpd:2.4
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.20.0.2.

It will be assigned an IP within the network’s subnet.

If the --network option is not specified then it will be run in Docker’s default bridge network.

To start a container with a specific IP and network, use the --ip and --network options.

$ docker container run --network example_network --ip 172.20.0.55 ubuntu cat /etc/hosts
127.0.0.1       localhost
::1     localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
172.20.0.55     cdbce911318d

The above will start a new ubuntu container and assign it IP 172.20.0.55. The /etc/hosts file shows config that docker added into the container.

References

• Networking overview
• docker network --help