Docker Networking 101
Docker by default has three networks with it, that containers may use on the host. I will try my best to explain them, and how to use them.
The Bridge network, is the 172.17.0.x network that containers use by default. This allows them to connect to each other and the host to connect to the containers, this also allows them to reach out to the WAN. This is nice, in the fact you can have mutiple containers all available and able to talk to each other, and perform the necessary steps to perform their function. In this case, if you need to open up access to those containers, you could do so with Apache HTTPD as an HTTP Proxy to route from your network to your Bridge network for you.
This is essentially not providing a network to your container at all. An exact purpose for this would be a container that perform a specific function that does not need access to anything. BIT Coing mining, Large Prime Searching, and other things that you may not want to have easily accessible. I’m sure there are many other purposes that this could be used for as well, just they are not coming to mind.
The Host network, is mapping the the Docker Host’s network over to the container. This provides access out to the intranet/internet as your host has access. Maybe your container needs to access the cooperate LDAP server for authentication, access the DB2 server for lookups, or any of a million other things it may need access to. This makes it available to other system external to the Docker Host to access as well. Providing further access going to and out of the container.
Docker has three networks as described above by default, however there are ways for you to create your own network. I’ll briefly discuss these here, to provide some familiarity.
You can actually create your own Bridge-Network for your containers to use. This is similar to the default Bridge network. Allowing you to modify it’s setting to control exactly how this network runs.
Used with a key-store such as Zookeeper, to bridge a network across multiple Docker Hosts. The Docker Hosts must be running Docker Engine, and best if they are provisioned by a Docker Machine. This allows you to create a very extensive network across multiple Docker Hosts for very large systems.
Take things to the next level and build your own network driver for Docker. For further information look here.
Listing Docker Networks
Need to know what networks are on your system? Use the following command to see what is present.
docker network ls
This will provide a list of the networks that Docker has on your current system.
Inspecting a Docker Network
Need to know the details about a specific network? Use the following command
docker network inspect <Network Name>
Will provide you a listing of all the settings for that network.
Using a Network
By default when creating a container it will use the Bridge network. If you need to use something different you can use the following command:
docker run -t -i -d -v /host/src/dir:/container/dest/dir --net=<Network Name> --name <Container Name> <image_name>
This will then create the container and it will use the specified Docker Network.