Docker networking allows containers to communicate with each other and the outside world. Several network types are supported to facilitate common use cases.
Docker Network Types
Docker has 5 built-in network drivers:
bridge
: Default network. Isolates containers but allows them to communicate.host
: Removes isolation and attaches the container directly to the host network.overlay
: Allows containers on different Docker hosts to communicate.macvlan
: Assigns each container a MAC address, exposing it as a physical network interface.none
: Disables all networking for the container.
Bridge networks are the most commonly used. Host networks are useful when binding ports directly to the host. Overlay networks span multiple Docker hosts.
Basic Network Commands
The docker network
command allows you to create and manage Docker networks. The most commonly used subcommands are create
, ls
, inspect
, rm
, connect
and disconnect
.
docker network create
Creates a Docker network. You can specify the network driver and options:
docker network create --driver bridge my-network
docker network create --driver overlay --subnet 10.0.9.0/24 my-overlay
docker network ls
Lists all networks:
docker network ls
$ docker network ls
NETWORK ID NAME DRIVER SCOPE
338357be06bf bridge bridge local
ee5e48ae4cbc my-network bridge local
bfd8a38e6635 host host local
0cc57ea63f2a none null local
docker network inspect
Inspects a network's details:
docker network inspect bridge
$ docker network inspect bridge
[
{
"Name": "bridge",
"Id": "338357be06bf26c708d16e17417ce40f18e61db47d24df3ebfd0259f3961c490",
"Created": "2023-08-24T17:38:23.1225357Z",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": null,
"Config": [
{
"Subnet": "172.17.0.0/16",
"Gateway": "172.17.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {},
"Options": {
"com.docker.network.bridge.default_bridge": "true",
"com.docker.network.bridge.enable_icc": "true",
"com.docker.network.bridge.enable_ip_masquerade": "true",
"com.docker.network.bridge.host_binding_ipv4": "0.0.0.0",
"com.docker.network.bridge.name": "docker0",
"com.docker.network.driver.mtu": "1500"
},
"Labels": {}
}
]
docker network rm
Removes a network:
docker network rm my-network
docker network connect
Connects a container to a network:
docker network connect bridge container1
You can specify the IP address and aliases:
docker network connect --ip 172.16.238.10 --alias db bridge container1
docker network disconnect
Disconnects a container from a network:
docker network disconnect bridge container1
docker network prune
Removes all unused networks:
docker network prune
Docker Compose Networking
Docker Compose makes it easy to manage networking between containers in an application. By default, Compose sets up a single network for your app and joins all containers to it. Containers can then communicate using the service names as hostnames.
However, Compose also allows you to define custom networks with specific options. This gives you more flexibility and control over how your containers are connected.
How default networking works
By default, when you run docker compose up
, Compose performs the following:
A network called
[projectname]_default
is created.Containers are created for each service defined in the
docker-compose.yml
file.The containers join the default network and can be reached using their service names as hostnames.
For example:
services:
web:
build: .
db:
image: postgres
The web
container can then connect to the db
container using the hostname db
.
Specifying custom networks
You can define custom networks in the networks
section of your Compose file:
networks:
front-tier:
back-tier:
Then, you can attach services to the networks:
services:
web:
networks:
- front-tier
db:
networks:
- back-tier
This isolates the web
and db
containers on separate networks. Only services attached to both networks can communicate.
You can also:
Specify static IPs for containers
Connect to external networks
Use custom network drivers
Configure the default network
Docker Compose networking example
Here's an example docker-compose.yml
file that defines two custom networks:
networks:
backnet:
frontnet:
services:
db:
networks:
- backnet
backend:
networks:
- backnet
- frontnet
proxy:
networks:
- frontnet
The db
service is only connected to the backnet
while the backend
service is connected to both backnet
and frontnet
. This allows the backend
service to communicate with both db
and proxy
while isolating db
and proxy
.
Benefits of Docker Compose networking
Docker Compose makes it easy to manage networking between containers in an application:
Containers can communicate using service names by default
You can isolate services on custom networks
Compose manages port mappings between containers and the host
Advanced options allow for more complex network topologies
Overall, Compose networking drastically simplifies the process of connecting containers and allows you to focus on your application logic.
Conclusion
Docker networking provides flexibility in how containers communicate and connect to external networks. The appropriate network type depends on your use case. Bridge networks cover the majority of scenarios, with host and overlay networks fulfilling more specialized roles.
Hope this blog helped you somehow! Let me know if you have any other questions.