Docker Networking #

Configuration #

Bridge #

Default network container gets attached to.

A standard run automatically gets connected to bridge.

This is a private internal network on the host that enables different containeres on the host to access one another.

Usually, the assigned IP address for the containers is in 172.17.0.x. By mapping ports, these individual containers can be accessed externally.

None #

To explicitly connect the container to a none/null network:

docker run <image> --network=none

Containers are not attached to any network and are thus fully isolated.

Host #

To explicitly connect the container to the host network:

docker run <image> --network=host

These containers directly use the host network; no mappings are required.

For instance, running a web serve on a Port X would mean the container would be accessible externally at <host IP address>:X.

User-defined networks #

By default, Docker creates one internal network.

Users can create multiple internal networks, such that a set of containers are part of one network, and another set of containers are part of another network.

docker network create \
    --driver bridge \
    --subnet <some subnet specification>
    <custom network name>

Inspect #

List all networks:

docker network ls

To see copious container network details (IP addresss, MAC, gateway, etc.):

docker inspect <container image or id>

Embedded DNS #

With Docker, can access containers on the same host container names. This ensures consistency.

The internal DNS server by default runs at 127.0.0.11