Skip to content

Docker Deep Dive: Networking Containers

Jump to bottom
Tanveer Alam edited this page Jul 19, 2019 · 2 revisions

Network Containers

Creating bridge network with subnet and gateway

$ docker network create --subnet 10.1.0.0/24 --gateway 10.1.0.1 br02
479bb9d85bb420b94d1112810ff586db3824aa88baf403b4feb42d4af86a3c45
$ docker network ls
NETWORK ID          NAME                DRIVER              SCOPE
479bb9d85bb4        br02                bridge              local
fe5848720696        bridge              bridge              local
7236e7bce5ef        host                host                local
7f79d641e684        none                null                local

Deleting all unused network

$ docker network prune -f
Deleted Networks:
br02

$ docker network ls
NETWORK ID          NAME                DRIVER              SCOPE
fe5848720696        bridge              bridge              local
7236e7bce5ef        host                host                local
7f79d641e684        none                null                local

Creating network with subnet, gateway, ip range, network driver type, label

$ docker network create --subnet 10.1.0.0/16 --gateway 10.1.0.1 --ip-range 10.1.4.0/24 --driver bridge --label host4network br04
08452885759b18a0536f700237c8598038a2df13ceaee95b4e4d99e237ebee0a
$ docker network ls
NETWORK ID          NAME                DRIVER              SCOPE
08452885759b        br04                bridge              local
fe5848720696        bridge              bridge              local
7236e7bce5ef        host                host                local
7f79d641e684        none                null                local

$ docker network inspect br04
[
    {
        "Name": "br04",
        "Id": "08452885759b18a0536f700237c8598038a2df13ceaee95b4e4d99e237ebee0a",
        "Created": "2019-07-19T00:49:49.206384398+05:30",
        "Scope": "local",
        "Driver": "bridge",
        "EnableIPv6": false,
        "IPAM": {
            "Driver": "default",
            "Options": {},
            "Config": [
                {
                    "Subnet": "10.1.0.0/16",
                    "IPRange": "10.1.4.0/24",
                    "Gateway": "10.1.0.1"
                }
            ]
        },
        "Internal": false,
        "Attachable": false,
        "Ingress": false,
        "ConfigFrom": {
            "Network": ""
        },
        "ConfigOnly": false,
        "Containers": {},
        "Options": {},
        "Labels": {
            "host4network": ""
        }
    }
]

Create a container and attach to network br04

$ docker container run --name network-test01 -it --network br04 centos /bin/bash
[root@a14bad567ee7 /]# 
[root@a14bad567ee7 /]# yum update -y
[root@a14bad567ee7 /]# yum install net-tools -y

[root@a14bad567ee7 /]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 10.1.4.0  netmask 255.255.0.0  broadcast 10.1.255.255
        ether 02:42:0a:01:04:00  txqueuelen 0  (Ethernet)
        RX packets 33856  bytes 54851703 (52.3 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 22041  bytes 1700210 (1.6 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 100  bytes 8909 (8.7 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 100  bytes 8909 (8.7 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

[root@a14bad567ee7 /]# netstat -rn
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
0.0.0.0         10.1.0.1        0.0.0.0         UG        0 0          0 eth0
10.1.0.0        0.0.0.0         255.255.0.0     U         0 0          0 eth0

There are 3 files that docker manages for you /etc/hosts /etc/hostname /etc/resolv.conf

[root@a14bad567ee7 /]# cat /etc/hosts
127.0.0.1	localhost
::1	localhost ip6-localhost ip6-loopback
fe00::0	ip6-localnet
ff00::0	ip6-mcastprefix
ff02::1	ip6-allnodes
ff02::2	ip6-allrouters
10.1.4.0	a14bad567ee7
[root@a14bad567ee7 /]# cat /etc/hostname 
a14bad567ee7
[root@a14bad567ee7 /]# cat /etc/resolv.conf 
nameserver 127.0.0.11
options ndots:0

Give container a specific IP address:

$ docker container run -itd --name netwwork-test02 --ip 10.1.4.102 --network br04 nginx
$ docker container inspect netwwork-test02 | grep -i ipa
            "SecondaryIPAddresses": null,
            "IPAddress": "",
                    "IPAMConfig": {
                    "IPAddress": "10.1.4.102",

Internal flag - using this flag we tell docker to not bound this network to any of the host's interface

$ docker network create --driver bridge --internal localhost 
54a83492190de17f5c3cd84470d1a1be28bdad699930a1c223dec62cb518e178

Creating MySQL container using internal network

$ docker container run -d --name test_mysql -e MYSQL_ROOT_PASSWORD=admin123 --network localhost mysql:5.7
$ docker container create -it --name ping-mysql --network bridge --network localhost centos
$ docker start ping-mysql
$ docker exec -it ping-mysql /bin/bash
[root@a7e2d00f4c9f /]# 
[root@a7e2d00f4c9f /]# ping test_mysql
PING test_mysql (172.17.0.2) 56(84) bytes of data.
64 bytes from test_mysql.localhost (172.17.0.2): icmp_seq=1 ttl=64 time=0.169 ms

Trying to ping test_mysql container using default network bridge network.

$ docker container run -it --name cant-ping-mysql centos
[root@425b1feb8c41 /]# 
[root@425b1feb8c41 /]# ping test_mysql
ping: test_mysql: Name or service not known

Trying to reach container having a internal network from host

$ docker container run -d --name private-nginx -p 8081:80 --network localhost nginx

It fails to reach to port 8081 as the network is internal and it is not bound to any of the interface on the docker host

$ curl localhost:8081
curl: (7) Failed to connect to localhost port 8081: Connection refused

To reach on container's port 8081 we can use its private ip

$ docker inspect private-nginx | jq '.[].NetworkSettings.Networks.localhost.IPAddress'
"172.17.0.4"
$ curl 172.17.0.4:80
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
    body {
        width: 35em;
        margin: 0 auto;
        font-family: Tahoma, Verdana, Arial, sans-serif;
    }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>

<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>

<p><em>Thank you for using nginx.</em></p>
</body>
</html>

$ curl 172.17.0.4
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
    body {
        width: 35em;
        margin: 0 auto;
        font-family: Tahoma, Verdana, Arial, sans-serif;
    }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>

<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>

<p><em>Thank you for using nginx.</em></p>
</body>
</html>

Notice that we have used container's internal port 80 not 8081 mapped port.

Container's World

Clone this wiki locally