Docker is an open source containerization platform that uses virtualization to package software applications and their dependencies into reusable units called containers. It can be run on any host with docker or similar runtime installed, locally or in a remote cloud.
Docker includes networking system for managing communication between the containers. Containers inside the docker network can talk to each other by sharing packets of information. Different types of networks are supported by docker.
In this article we will cover how docker network functions, types of network, and also cover some basic commands.
What is Docker Networking?
A network is a group of two of more devices that can communicate with each other either physically or virtually. The Docker network is a virtual network created by Docker to enable communication between docker containers. If two containers are running in same host they can communicate with each other without the need for ports to be exposed to the host machine.
Types of Network Drivers / Docker Network types
1. bridge
2. host
3. overlay
4. IPvLAN
5. macvlan
1. bridge
This is the default. Whenever you start Docker, a bridge network gets created and all newly started containers will connect automatically to the default bridge network. Each container in the network is assigned its own IP address. Containers connected to the network can communicate with each other, but they’re isolated from those outside the network. Since containers run in isolation, the bridge network solves the port conflict problem. Containers running in the same bridge network can communicate with each other and docker uses iptables on the host machine to prevent access outside of the bridge.
2. host
Containers will not have any IP address and they will be directly created in the system's network which will remove isolation between the docker host and containers. They aren’t allocated their own IP addresses, and port binds will be published directly to your host’s network interface, which means using this network driver a user will be unable to run multiple containers on the same host.
3. overlay
Overlay networks implement the networking for Docker Swarm clusters, but you can also use them when you’re running two separate instances of Docker Engine with containers that must directly contact each other. Think of an overlay network as a distributed virtualized network that’s built on top of an existing computer network. It allows containers across the host to communicate with each other without worrying about the setup.
4. IPvLAN
Users have complete control over both IPv4 and IPv6 addressing by using the IPvlan driver. This driver is useful when you’re integrating containerized services with an existing physical network. IPvLAN networks are assigned their own interfaces, which offers performance benefits over bridge-based networking.
5. macvlan
macvlan is another advanced option that allows containers to appear as physical devices on your network. It works by assigning each container in the network a unique MAC address. With this Mac address, the Docker server (daemon) routes the network traffic to a router.
As per the docker documentation:
“Macvlan networks allow you to assign a MAC address to a container, making it appear as a physical device on your network. The Docker daemon routes traffic to containers by their MAC addresses. Using the macvlan driver is sometimes the best choice when dealing with legacy applications that expect to be directly connected to the physical network, rather than routed through the Docker host’s network stack.”
How Docker Network functions ?
Docker uses your host’s network stack to implement its networking system. It works by manipulating iptables rules to route traffic to your containers. This also provides isolation between Docker networks and your host.
The details of how Docker networking is implemented are relatively complex. Docker abstracts them away from end users, providing a seamless container networking experience that’s predictable and effective. However, more information is available in Docker’s documentation.
Creating and Managing Networks
To create a new network, use the docker network create command. You can specify the driver to use any network such as bridge or host, by setting the -d flag.
A bridge network will be created if you do not give any flag.
$ docker network create demo-network -d bridge
Connecting containers to networks
You can attach new containers to a network by setting the --network flag with your docker run command.
Run this command in your second terminal window:
$ docker run -it --rm --name container1 --network demo-network busybox:latest
So far we have created a network named demo-network, created a container with demo-network.
Open a third terminal and run the container without network flag
$ docker run -it --rm --name container2 busybox:latest
Now try to ping from container1 to container2
Since the containers aren't in same network, they can't directly communicate with each other.
Use your first terminal window to join container2 to the network:
$ docker network connect demo-network container2
The container now share the same network, therefore they can communicate with each other.
None Network type: When a container is given a none network type, it will have no connectivity available, either to other containers or outside network.
Managing Networks: You can list all the networks with the docker network ls command.
You can automatically delete all unused networks using the network prune command:
$ docker network prune
Conclusion:
I believe that this article will help one understand the basics of Docker Networking and it might become easy for the readers to improve their Docker infrastructures with this understanding.
Docker’s networking system provides flexible options for managing communication between containers and your Docker host.
That should provide you with a decent overview of how Docker networking provides different modes of network drivers so that your containers can communicate on a single or multi-host setup.
Hope you enjoyed reading and learning something today.!
Thank you!
Give it a like and share 🔁 if this was valuable 👍☑️