Published on

Docker Networking: Connecting Containers

Authors
  • avatar
    Name
    Hieu Cao
    Twitter

Introduction

Docker networking is a core feature that allows containers to communicate with each other and the external world. This guide explains the types of networks in Docker and demonstrates how to use them effectively to connect containers.

Why Docker Networking Matters

By default, containers are isolated from each other. Docker networking provides the mechanisms to:

  • Enable container-to-container communication.
  • Connect containers to external networks.
  • Provide secure communication channels.

Types of Docker Networks

Docker supports five types of networks:

1. Bridge Network (Default)

The Bridge network is the default network for standalone containers. It allows containers to communicate with each other on the same host.

Example:

docker network ls

Lists all available networks. The default Bridge network is named bridge.

Run two containers on the Bridge network:

docker run -dit --name container1 --network bridge alpine

docker run -dit --name container2 --network bridge alpine

Test communication between the containers:

docker exec -it container1 ping container2

2. Host Network

The Host network shares the container's network stack with the Docker host, providing maximum performance but removing container isolation.

Example:

Run a container with the Host network:

docker run -dit --name host-container --network host nginx

Access the container directly via the host's network interfaces.

3. None Network

The None network disables networking for the container, ensuring complete isolation.

Example:

Run a container with no network:

docker run -dit --name isolated-container --network none alpine

Verify no network interfaces:

docker exec -it isolated-container ifconfig

4. Overlay Network

Overlay networks allow containers running on different hosts to communicate securely. This is often used in Docker Swarm or Kubernetes environments.

Example:

Create an Overlay network:

docker network create -d overlay my-overlay

Run a service on the Overlay network:

docker service create --name my-service --network my-overlay nginx

5. Macvlan Network

Macvlan networks allow containers to appear as physical devices on the network, providing unique MAC addresses for each container.

Example:

Create a Macvlan network:

docker network create -d macvlan \
  --subnet=192.168.1.0/24 \
  --gateway=192.168.1.1 \
  -o parent=eth0 my-macvlan

Run a container on the Macvlan network:

docker run -dit --name macvlan-container --network my-macvlan alpine

Creating and Using Custom Networks

Custom networks provide more control over container communication and isolation.

Create a Custom Bridge Network

docker network create my-custom-network

Run containers on the custom network:

docker run -dit --name container3 --network my-custom-network alpine

docker run -dit --name container4 --network my-custom-network alpine

Test connectivity:

docker exec -it container3 ping container4

Common Docker Networking Commands

Inspect a Network

docker network inspect bridge

Shows detailed information about a specific network.

Disconnect a Container from a Network

docker network disconnect bridge container1

Remove a Network

docker network rm my-custom-network

Deletes a custom network.

Best Practices for Docker Networking

  1. Use custom networks for better isolation and control.
  2. Avoid using the Host network in production for security reasons.
  3. Leverage Overlay networks for distributed applications.
  4. Monitor and inspect networks regularly to ensure proper configuration.

Conclusion

Docker networking is a powerful feature that enables containers to communicate efficiently while maintaining isolation. By understanding and leveraging the different network types, you can design scalable and secure containerized applications.