Understanding Docker Networking

Image title


When we talk about Docker, we say that containers are isolated. How do we communicate with our containers, or other applications like MySQL database? It is not useful if we can't access it.

Docker has a network concept. It has several network drivers to work with. Depending on how we want our container to behave, we can select our network. This helps us to connect container with a container or container with host.

Image title


Network Commands Summary

Docker Network Drivers

 bridge is the default network. When the Docker daemon service starts, it configures a virtual bridge named docker0 . When we don't specify the network, this is the one Docker uses. Docker creates a private network inside the host which allows containers to communicate with each other. host tells Docker to use host computers network directly.

Network Commands

Just like other Docker commands, the Docker network command have the same pattern.

List Available Network Commands

docker network help

 

Inspecting a Network

Use the inspect command to inspect a Docker:

docker network inspect bridge

Create a Network

We can create our own network using the create command.

docker network create mynetwork

Docker prints the ID of the created network. Use the inspect command to see properties. You will see that it has used bridge as the driver since we didn't specify a driver to be used. We can specify a driver using the -d  option.

docker network inspect mynetwork
docker network create -d bridge mynetwork2

Remove a Network

We can use rm command to remove a network.

docker network rm mynetwork

Connect to A Network

When we create a Docker container, by default it is connected to bridge network. We can use the --net   option to connect with another network when we run the container.

docker container run -it --net=mynetwork nginx

Connect with The Host

Now we need to use our containers from the host. There is no meaning of isolating a container if we can't access it when needed (although there are isolated containers in some cases).

We can get the exposed port of an image by inspecting it. Issue the inspect command and see the line for "ExposedPorts."

docker image inspect nginx 
"ExposedPorts": {"80/tcp": {}}

This means Nginx exposes port 80 to access from the host or other containers.

We can use -p   or --publish  option to bind this port to the host's port when running an image.

 hostport:containerport 
 docker container run -it -p 81:80 nginx

This means we are binding the port 81 with Docker container's exposed port 80.

If we want to connect with a network,

docker container run -it --net=mynetwork -p 81:80 nginx

When we publish the port, we can access it using localhost like localhost:81

Image title

Or we can use host network directly.

docker container run -it --net=host nginx

Get Container Ports

We can get the containers port using port command

 docker port cotainer_name/id

Let's run Nginx again and publish to 81.

docker container run --name my-nginx -p 81:80 nginx

Now when we inspect the container (under NetworkSettings), we can see that it has attached to host's port 81.

docker container inspect my-nginx 
 "Ports": {"80/tcp": [{"HostIp": "0.0.0.0","HostPort": "81"}]},

Conclusion

Docker networking is a very useful thing to learn. When we are building microservices and deploy using Docker containers, we need to connect them into the same network. It will be much easier to work with these kinds of scenarios when we have a basic understanding.

 

 

 

 

Top