-
Notifications
You must be signed in to change notification settings - Fork 33
Networking
create a docker bridge network
docker network create --driver=bridge --subnet=192.168.1.0/24 --opt "com.docker.network.driver.mtu"="1501" devel0
list all the networks
docker network ls
connect to a network
docker network connect [options] NETWORK CONTAINER
inspect a network
docker network inspect --format="{{.NetworkSettings.Networks.bridge.IPAddress}}" <container-id>
connect to a network
docker network connect --ip=192.168.1.10 <container-1> <container-2>
disconnect from a network
docker network disconnect bridge <container-name>
configure docker for external DNS
docker run -d --name <container-name> <image-name>
configure dns from command line
docker run -d --name <new-name> --dns=8.8.8.8 --dns=8.8.4.4 <image-name>
configure from daemon.json
{ "dns":["8.8.8.8","8.8.4.4"]}
publish a port so that application can be accessed any port
docker run -d --name mycontainer -P <image>:<tag>
publish a port so that application can be accessed externally
docker run -d --name <any-name> --publish 80:80 <image>:<tag>
deploy a container on overlay network
docker network create --driver=overlay --subnet=192.168.1.0/24 <container-name>
inspect a newly created network
docker network inspect <network-name>
create a docker swarm with the newly created network
docker service create --name <new-name> -p 80:80 --network=<network-name> --replicas 3 httpd
Usecase - Bridge (default)
private network internal to host system. All containers implemented on host using Bridge networking can communicate
Usecase - None
absolutely no network access
Usecase - Host
only accessible via underlying host. Access to services can only be provided by exposing container ports to host system
Usecase - Overlay (swarm scoped driver)
allows communication among all docker daemons that are participating in a swarm. (Default mode of swarm communication)
Usecase - Ingress
"- special overlay network that load balances network traffic amongst a given service's working nodes
- maintains list of all IP addresses from nodes that participate in the service and when a request comes in, routes to one of them for indicated service
- provides ""routing mesh"" that allows services to be exposed to the external network without having a replica running on every node in the swarm"
Usecase - Docker Gateway Bridge
port publishing modes
"Host:
- ports are available only on the underlying host system and NOT available for services outside of the host where the instance exists
- controlled by '--mode=host' deployment
Ingress:
- Since it is responsible for 'routing mesh', it makes all published ports available on all hosts participating on cluster"
troubleshoot container & engine logs
"centos: /var/log/messages
ubuntu: /var/log/daemon
cat /var/log/messages | grep [dD]ocker"
container logs
docker container logs <container-name>
container network model
"SEND NC
Sandbox - network stack configuration
Endpoint - interfaces, switches, ports
Network - collection of endpoints that can communicate directly (bridges, VLANs)
Driver -
Network Controller -"
IPAM
Internet Protocol Address Management
Use of IPAM
Network Drivers enable IPAM through DHCP drivers or plugin drivers so that complex implementations support
Traffic Type on DockerEnginer & UCP & DTR
"1. TCP/UDP
2. Inter Process Communication (IPC)
3. API (REST)"
"When a container is connected to multiple networks, its external connectivity is provided via the first non-internal network, in lexical order."
TRUE
Custom network plugins
docker network create --driver weave mynet