Docker network configuration

Docker network configuration – docker allows network services for externally accessing containers and container interconnections. There are also open source network management tools for docker. Make sure you have a good understanding of the ecosystem before reading this article, check out the introduction.

Access a container externally

To access an application running in a container, use docker run -P or docker run -p to map the designated port. You only connect to the #port number that is exposed by the container.

-p Is used to specify hostPort:containerPort, this is now explained in details below.

-P Is used to map any port which is between 49000 to 49900 into the container open network port.

Run docker container ls to see the port mapping of your running containers.

~$ docker container ls
CONTAINER ID        IMAGE                   COMMAND                  CREATED             STATUS              PORTS                                         NAMES
6f2b11a3af89        centos                  "/bin/bash"              2 days ago          Up 2 days                                                         reverent_lichterman
b02388efe96a        centos:7                "/bin/bash"              2 days ago          Up 2 days                                                         awesome_dirac
7ea20a106509        debian                  "bash"                   3 days ago          Up 3 days                                                         export-import-container
8b293a900340        centos:7                "bash"                   4 days ago          Up 4 days                                                         centos-container
ddd49a17e1c7        nginx:latest            "bash"                   6 days ago          Up 6 days           0.0.0.0:8080->80/tcp                          amazing_cohen
554c90243b9b        nginx:1.13              "nginx -g 'daemon of…"   3 weeks ago         Up 6 days           0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp      bb-nginx
42b62681337e        docker-compose_app      "/usr/local/bin/mvn-…"   3 weeks ago         Up 6 days           8080/tcp                                      docker-compose_app_1
e922a2a09778        mysql:5.7.18            "docker-entrypoint.s…"   7 weeks ago         Up 5 days           0.0.0.0:3306->3306/tcp                        wc3_mysql

Map all interface addresses

Use hostPort:containerPort format to map a local-port 5000 to port 5000 of the container

Copy

Use curl localhost:5000 to confirm that the container is attached to localhost port 5000.
By default, all addresses on all local interfaces are bound.

Map to the specified port of the specified address

Use ip:hostPort:containerPort format to specify a particular address map, such as localhost address 127.0.0.1 and connect it to a specific port.

Copy

Map to any port of a specified address

Use ip::containerPort of any binding localhost port to the container port 5000, the host automatically assigns a port.

Copy

You can also use UDP tag to specify the UDP port. By default it is TCP.

Copy

Check mapped port configuration

Use docker port containerName to view the current port configuration mapping, you can also view the address binding

Copy

While debugging or finding more information such as network configs etc, use docker inspect containerName|containerID

Docker container interconnection

Will be using docker network to establish a connection, I do not recommend using --link (if you are already using it, please stop).

Understanding docker network drivers

Docker’s networking subsystem is pluggable, using a specific driver. Understand which driver best suits your purpose based on the below description.

bridge – User-defined bridge networks, best for connecting multiple containers on the same host to communicate.
host – Host networks, best when network stacks not to be isolated from the docker host.
overlay – Overlay networks, best when multiple containers running on different hosts to communicate, or multiple applications works together using docker swarm.
macvlan – Macvlan networks, best when migrating from a VM setup or containers need to look like physical hosts.
Network plugins – Third-party network plugins allow you to integrate Docker with specialized network stacks.

To understand the container interconnection, follow the example below.

Create a new docker network

Let us create a new docker network by using the code below

Copy

-d – Parameter is used to specify the docker network types, as explained above, bridge, overlay, macvlan and etc.

Container connection

Run 2 containers and connect them using the new bridge my-bridge-nwk.

Copy

Open another terminal and run the below code,

Copy

If both the above code was sucessful, try pinging one container from another, like ping busybox2 from busybox1.

Similarly, you try to ping busybox1 from busybox2 and see if it is reachable.

NOTE: For multi containers that need to connect to each other, I recommend to use Docker Compose.

Edit network configuration file

Docker 1.2.0 onwards, it is possible to edit the container’s /etc/hosts, /etc/hostnameand and /etc/resolv.conffiles.

NOTE: these changes are temporary and only remain in the running container and will not be saved after the termination of a container or restart, even if you use docker commit.

Check out the networking tools:

Netshoot – a Docker + Kubernetes network trouble-shooting swiss-army container
Calico-Docker – Calico is a pure layer 3 virtual network that allows containers over multiple docker-hosts to talk to each other.
Flannel – Flannel is a virtual network that gives a subnet to each host for use with container runtimes.
Freeflow – High-performance container overlay networks on Linux. Enabling RDMA (on both InfiniBand and RoCE) and accelerating TCP to bare metal performance.
Pipework – Software-Defined Networking for Linux Containers, Pipework works with “plain” LXC containers, and with the awesome Docker.
Weave (The Docker network) – Weave creates a virtual network that connects Docker containers deployed across multiple hosts.

Access a container externally
Docker container interconnection
Edit network configuration file
Check out the networking tools:

Join on Gitter

Github

Access a container externally

Map all interface addresses

Map to the specified port of the specified address

Map to any port of a specified address

Check mapped port configuration

Docker container interconnection

Understanding docker network drivers

Create a new docker network

Container connection

Edit network configuration file

Check out the networking tools:

Table of Contents