Docker Networking – Part 8

June 14, 2020
by Deepak Sood
2 min read
No alt text provided for this image

By default when you install a docker engine it creates a virtual subnet and docker0 will be the bridge over there. Docker0 uses the bridge network.

No alt text provided for this image

There are different drivers available.

Bridge driver/docker0 is creates a virtual network and all the containers are isolated in that. In host driver, the containers are not isolated. Overlay driver is used when there are multiple docker engines that are clustered together and there will be multiple containers in different docker engines. To connect host1 container to host2 overlay network will be used. It is similar to VPC(Virtual Private Cloud).

More about docker network you can find info at the below link

https://docs.docker.com/network/

Container Bridge Networking

  • Container created gets name and IP address
  • Container default gateway is bridge
  • Container can connect to each other with IP and Name
  • Container’s name resolution is done automatically

Let’s see if how container’s communicate with each other. I am attaching to xxapp container and from there I will ping the db container.

ubuntu@ip-172-31-5-45:~/Docker-db$ docker inspect xxxxapp|grep "IPAddress"
            "SecondaryIPAddresses": null,
            "IPAddress": "172.17.0.3",
                    "IPAddress": "172.17.0.3",
ubuntu@ip-172-31-5-45:~/Docker-db$ docker inspect xxxxdb|grep "IPAddress"
            "SecondaryIPAddresses": null,
            "IPAddress": "172.17.0.2",
                    "IPAddress": "172.17.0.2",
ubuntu@ip-172-31-5-45:~/Docker-db$ docker exec -it xxxxxapp /bin/bash
root@3978e95d0d8e:/usr/local/tomcat# ping xxxxxdb
PING mysql (172.17.0.2) 56(84) bytes of data.
64 bytes from mysql (172.17.0.2): icmp_seq=1 ttl=64 time=0.044 ms
64 bytes from mysql (172.17.0.2): icmp_seq=2 ttl=64 time=0.067 ms

If you wish you can create your own network

ubuntu@ip-172-31-5-45:~$ docker network create my-net
9a2b1d66736fbfb07f4ae7c6e798c068894be61625cfeabe01d76a306669be05

ubuntu@ip-172-31-5-45:~$ docker network ls
NETWORK ID          NAME                DRIVER              SCOPE
a884949f360a        bridge              bridge              local
d63bc051aa8d        host                host                local
9a2b1d66736f        my-net              bridge              local

ubuntu@ip-172-31-5-45:~$ ifconfig
br-9a2b1d66736f: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
        inet 172.18.0.1  netmask 255.255.0.0  broadcast 172.18.255.255

docker0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 172.17.0.1  netmask 255.255.0.0  broadcast 172.17.255.255

There containers created in these seperate networks can only communicate using overlay network. If you want to create a container in the new network, then –net command needs to be used while creating a container.

About the author

Deepak Sood

Deepak Sood is Lead Consultant in an IT firm holding expertise in Devops and QA Architecture with 8 years of experience.

His expertise is in building highly scalable frameworks. His skills include Java, Configuration Management, Containers, and Kubernetes.

Reach out to him using contact form.

View all posts