Docker Networking

Docker networking forms the backbone of container communication, both internally among Docker containers and externally with non-Docker workloads. By default, each container is equipped with network interfaces, allowing it to seamlessly connect to various networks without specific knowledge of its peers' nature. This networking system is pivotal in enabling containers on the same host machine to interact without exposing ports externally, thus maintaining a secure and efficient communication channel.

Containers, managed by a master node in a Docker Network, can exchange information packets, streamlining workflow within a virtual network. Docker's flexibility is evident in its compatibility with various platforms, including Windows and Linux, ensuring a robust network environment. This networking model, transcending the limitations of traditional networking, underscores Docker's innovative approach in facilitating container communication and orchestration.

Network Drivers

Docker supports multiple network drivers, which are each designed for specific use cases. This allows users to select the best driver for their needs, ensuring that they have the best possible experience.

Docker creates a default bridge network to manage communication between containers, which takes some networking pressure off of you so you can focus on creating and running containers. However, the default bridge network isn't the only network option available to you.

Different types of networks are supported by Docker, each being suitable for specific use cases. E.g., the process of communication between containers is managed by Docker through the creation of a default bridge network.

Docker allows you to create three different types of network drivers out-of-the-box: bridge, host, and none.

Network Driver Summary

To summarise, Docker supports multiple network drivers for different use cases, allowing users to select the best driver for their needs. By default, Docker creates a bridge network to manage communication between containers, but it also supports host and none network drivers. Each network driver is suitable for specific use cases.

Advantages of Docker Networking

Docker networking provides some great benefits for running containerized applications. Containers running inside Docker share a single operating system and run in an isolated environment, making it easy to set up networking options and deliver software quickly. This also makes the application more portable.

How Does Docker Networking Work?

Docker networking works differently based on the selected network driver.

The "bridge" network driver assigns IPs to containers in the range of 172.17.x.x, making them accessible from outside the host machine by mapping the ports of these containers to ports on the host machine.

On the other hand, selecting the "host" network driver removes any network isolation between the docker host and the containers. For example, if you run a container on port 5000, it will be accessible on the same port of the docker host without any explicit port mapping.

Container Network Model

Understanding the network model will help understand the docker networking model clearly. Let's discuss the components of the container network model in detail -

Network Sandbox

When a user requests to generate an endpoint on the network, a network sandbox is created. This isolated sandbox contains the network configuration for containers.

Endpoints

An endpoint establishes the connectivity for container services within a network with other services.

Docker Engine

It is the engine running on your host machine to build and run containers using docker components and services whose task is to manage the network with multiple drivers.

The above are the important components of the 'Container Network Model' - so be sure to understand them clearly.

How Containers Communicate with Each Other

For containers to communicate with each other, they must be on the same network. By default, Docker creates a virtual network called the bridge and connects your containers to it. In the network, each container is assigned an IP address, which it can use to communicate with other containers.

How Containers Communicate with the Outside World?

For containers to communicate with outside applications, their requests are intercepted by the docker network running on the host inside the docker engine. This network passes the request to a network address translator, NAT, on the host that replaces the source address with the IP of the host. The host then sends the packet to the internet with its IP address as the origin.

Network Drivers

Different types of networks are supported by Docker, each being suitable for specific use cases. Docker allows you to create three different types of network drivers out-of-the-box: bridge, host, and none.

The Bridge Driver

It's a docker networking driver that is perfect for when you need your containers to be able to connect and communicate with each other while still running in isolation. The bridge network lets containers running in the same network communicate with each other, and Docker uses iptables to stop any access from outside of the bridge.

Overlay Networks

It's a docker networking driver that is for multi-host network communication, making it perfect for use with Docker Swarm or Kubernetes. With this driver, containers across different hosts can communicate with each other without needing to worry about the initial setup.

Macvlan Networks

It's a docker networking driver that lets us make Docker containers connect directly to the physical host network. It's a good option for applications that need to be attached to a physical host network for performance reasons.

Basic Docker Networking Commands

In this section, we are going to see some of the most widely used networking commands -

List Down the Networks Associated with Docker

This docker networking command displays a list of all the networks available on the Docker engine.

Example -

Assign IP Address to a Container

This docker networking command is used to specify the IP address (for example, 10.10.36.122) that a user wants to assign to a container.

Example -

Remove a Network

This docker networking command is used to remove a network from the docker engine.

Example -

Creating Your Own New Network

This docker networking command helps you create your network inside the engine.

Example -

Inspecting a Docker network

This docker networking command helps you inspect the configurations of a network.

Example -