Networking

Docker Networking Cheat Sheet

Overview

Docker networking enables communication between containers and the outside world. Containers can communicate with each other, the host machine, and external networks using Docker’s built-in networking capabilities.

---

Key Networking Drivers

Driver	Description
bridge	Default driver for single-host container networking. Containers can communicate using an internal bridge.
host	Removes the network isolation; the container uses the host's network stack directly.
none	Disables networking for the container.
overlay	Allows communication between containers across multiple hosts in a swarm.
macvlan	Assigns a MAC address to the container, making it appear as a physical device.

---

Commands for Managing Networks

Command	Description
docker network ls	List all available networks.
docker network inspect <name>	Display details about a specific network.
docker network create <name>	Create a custom network.
docker network rm <name>	Remove a specific network.
docker network prune	Remove all unused networks.

---

Using Networks in Containers

Attach a Container to a Custom Network

1. Create a network:

   docker network create my_network

2. Run a container and connect it to the network:

   docker run -d --name my_container --network my_network my_image

---

Types of Networks

Bridge Network (Default)

• Automatically created on the host.
• Containers can communicate with each other using container names.
• Example:

  docker run -d --name app1 --network bridge nginx
  docker run -d --name app2 --network bridge nginx
  docker exec app1 ping app2

Host Network

• Shares the host’s network stack.
• Useful for performance-critical applications.
• Example:

  docker run --network host nginx

None Network

• Disables all networking.
• Useful for isolated workloads.
• Example:

  docker run --network none nginx

Overlay Network

• Enables communication between containers on different Docker hosts in a swarm.
• Example:

  docker network create -d overlay my_overlay

Macvlan Network

• Assigns a MAC address to the container.
• Example:

  docker network create -d macvlan \
    --subnet=192.168.1.0/24 \
    --gateway=192.168.1.1 \
    -o parent=eth0 my_macvlan

---

Networking in Docker Compose

Defining Networks in docker-compose.yml

version: '3.8'

services:
  app:
    image: my_app
    networks:
      - frontend
      - backend

  db:
    image: postgres
    networks:
      - backend

networks:
  frontend:
  backend:

---

Connecting Existing Containers to Networks

Connect a Container to a Network

docker network connect my_network my_container

Disconnect a Container from a Network

docker network disconnect my_network my_container

---

Examples of Networking

Container Communication via Network

1. Create a custom network:

   docker network create my_network

2. Start two containers on the same network:

   docker run -d --name app1 --network my_network alpine sleep 3600
   docker run -d --name app2 --network my_network alpine sleep 3600

3. Test communication:

   docker exec app1 ping app2

Exposing Ports for External Access

docker run -d -p 8080:80 nginx

• -p 8080:80: Maps port 80 in the container to port 8080 on the host.

---

Inspecting and Debugging Networks

Inspect a Network

docker network inspect my_network

Test Container Connectivity

Use tools like curl or ping to verify connectivity:

docker exec my_container curl http://app2

Prune Unused Networks

docker network prune

---

Best Practices

1. Use Custom Networks: Prefer custom networks over the default bridge for better isolation and control.
2. Name Your Networks: Use meaningful names to identify networks easily.
3. Secure Sensitive Containers: Use the none network or restrict access using firewalls.
4. Leverage docker-compose: Define and manage networks for multi-container applications in docker-compose.yml.