This guide covers how to create, manage, and use Docker networks. Docker networks provide a way for multiple containers to communicate with each other or with the host system. In this blog, we will learn about Docker networks and create our own network.
What is Docker?
Docker is an open platform for developing, shipping and running applications in a distributed environment. It provides developers with tools to create lightweight, portable and reusable containers from any application.
Docker network drivers
The networking subsystem is pluggable, using drivers. Docker’s networking subsystem is extensive and allows you to choose how your containers are connected to one another and to the external world. Rather than having a single default driver, Docker comes with several drivers by default. With these drivers, you can choose the type of network that links containers together.
In this post, we will discuss few of the important ones regarding Docker networking drivers to help you in future blogs and articles.
A bridge network allows containers connected to the same bridge network to communicate, while providing isolation from containers which are not connected to that bridge network. The Docker bridge driver automatically installs rules in the host machine so that containers on different bridge networks cannot communicate directly with each other.
The default bridge network is created automatically when you start a container. By default, containers connect to this network unless otherwise specified. Similarly, you can also create user-defined custom bridge networks. User-defined bridge networks are superior to the default one because they can have an extra subnet attached to them.
To create a bridge network, use the following command:
$ docker network create your-network
When you run a container with host networking enabled, the container’s network stack is not isolated from the Docker host (the container shares the host’s networking namespace), and the container does not get its own IP-address allocated.
In host mode networking, Docker containers can move to a specific port number without having to re-assign ports. Host mode only supports Linux hosts (not Docker Desktop for Mac or Docker Desktop for Windows or Docker EE for Windows Server) and only works on ports that are already mapped inside the container.
You can use a
host network for a service, by passing
--network host to the
docker service create command.
The overlay network driver creates a distributed network among multiple Docker daemon hosts. This enabled containers, as well as swarm services, to communicate securely by encrypting all data transmitted between the nodes in the overlay network. To ensure all packets are routed securely and reliably, Docker transparently handles routing of each packet to and from the correct Docker daemon host and the correct destination container.
To create a overlay network, use the following command:
$ docker network create -d overlay your-overlay
If you want to completely isolate the container by disabling the networking stack, you can use the
--network none flag in
docker run command. Then within the container, only the loopback device is created.
Docker networking is the ability of containers to communicate with other containers, networks and devices. In this post, we discussed about bridge, host, overlay and none network types. But there are three more network types: ipvlan, macvlan and Network plugins. We can discuss about them later based on different related topics.