Exploring Docker Networks

Docker networks are a crucial aspect of containerized applications, enabling communication between containers and external systems. Think of Docker networks as virtual highways that allow your containerized apps to communicate with each other and the outside world. This guide will help you understand Docker networks in simple terms, with practical examples to get you started.

What Are Docker Networks?

In the world of Docker, containers run isolated from each other by default. Docker networks bridge this isolation, enabling containers to talk to each other. Imagine you have several containers, each running different parts of your application (like a web server, a database, and a caching service). Docker networks allow these containers to connect and share data seamlessly, just like devices connected to a local network in your home.

Types of Docker Networks

Docker provides several types of networks, each serving different purposes:

1. Bridge Network (Default)

The bridge network is the default network type Docker uses. When you start a container without specifying a network, Docker attaches it to this default bridge network. It’s like connecting devices to a home Wi-Fi network where they can talk to each other but are isolated from the outside unless configured otherwise.

Example:

Create a simple bridge network:

docker network create my_bridge_network

## Run two containers and attach them to this network:

docker run -d - name container1 - network my_bridge_network nginx
docker run -d - name container2 - network my_bridge_network redis

Now, `container1` and `container2` can communicate using their container names as hostnames.

2. Host Network

The host network removes the network isolation between the container and the Docker host. This means the container shares the host’s networking stack. It’s like running the container directly on the host’s network.

Example:

Run a container on the host network:

docker run -d - name my_container - network host nginx

Now, `my_container` can use the host’s network interfaces directly.

3. None Network

The none network disables all networking for the container. This is useful for containers that don’t need any network access.

Example:

Run a container with no network:

docker run -d - name isolated_container - network none nginx

4. Overlay Network

The overlay network is used for connecting multiple Docker daemons together, enabling swarm services to communicate across hosts. It’s like setting up a corporate network that spans multiple offices.

Example:

Create an overlay network (requires Docker Swarm mode):

docker network create -d overlay my_overlay_network

Deploy services that can communicate across different hosts in the swarm:

docker service create - name web - network my_overlay_network nginx
docker service create - name db - network my_overlay_network redis

5. Macvlan Network

The macvlan network gives containers their own MAC addresses, making them appear as physical devices on the network. It’s like giving each container its own network card.

Example:

Create a macvlan network:

docker network create -d macvlan \
 - subnet=192.168.1.0/24 \
 - gateway=192.168.1.1 \
 -o parent=eth0 my_macvlan_network

Run a container on the macvlan network:

docker run -d - name my_macvlan_container \
 - network my_macvlan_network nginx

Managing Docker Networks

You can list, inspect, and remove networks with these commands:

List Networks:

To list all available Docker networks, use the docker network ls command. This command gives you an overview of all the networks on your Docker host, including their names, IDs, and drivers, helping you identify and manage your networks easily.

docker network ls

NETWORK ID     NAME                DRIVER    SCOPE
7f11c15245e1   bridge              bridge    local
be2fdeea43f5   host                host      local
d6b4f8f4530e   my_custom_network   bridge    local
aedf135e6c78   none                null      local

In this example:

• NETWORK ID: Unique identifier for each Docker network.
• NAME: Name of the Docker network.
• DRIVER: Network driver used by Docker (e.g., bridge, host, overlay).
• SCOPE: Scope of the network (e.g., local).

This output provides an overview of the Docker networks present on the host machine, including the default networks (bridge, host, none) and any custom networks (my_custom_network in this case). Each network serves different purposes and has specific characteristics based on its driver and scope, facilitating various networking requirements for containerized applications.

Inspect a Network:

To get detailed information about a specific network, the docker network inspect my_bridge_network command is used. This command provides a comprehensive look at the network's configuration, including connected containers, IP address ranges, and network settings. It is particularly useful for troubleshooting and verifying network configurations.

docker network inspect my_bridge_network

[
    {
        "Name": "my_bridge_network",
        "Id": "f12ab34c5678def9012g3456hi789j012",
        "Created": "2024-06-23T12:00:00.000Z",
        "Scope": "local",
        "Driver": "bridge",
        "EnableIPv6": false,
        "IPAM": {
            "Driver": "default",
            "Options": {},
            "Config": [
                {
                    "Subnet": "172.20.0.0/16",
                    "Gateway": "172.20.0.1"
                }
            ]
        },
        "Internal": false,
        "Containers": {
            "a1b2c3d4e5f6": {
                "Name": "web_container",
                "EndpointID": "abcd1234efgh5678",
                "MacAddress": "02:42:ac:14:00:02",
                "IPv4Address": "172.20.0.2/16",
                "IPv6Address": ""
            },
            "b3c4d5e6f7g8": {
                "Name": "db_container",
                "EndpointID": "ijkl9012mnop3456",
                "MacAddress": "02:42:ac:14:00:03",
                "IPv4Address": "172.20.0.3/16",
                "IPv6Address": ""
            }
        },
        "Options": {},
        "Labels": {}
    }
]

In this example:

• Name: Name of the Docker network (my_bridge_network).
• Id: Unique identifier for the network.
• Created: Timestamp indicating when the network was created.
• Scope: Scope of the network (e.g., local).
• Driver: Network driver used by Docker (bridge in this case).
• EnableIPv6: Indicates if IPv6 is enabled for the network (false in this example).
• IPAM: IP Address Management configuration for the network, including subnet and gateway information.
• Internal: Indicates if the network is internal (not accessible from outside).
• Containers: Details of containers connected to the network, including their names, endpoint IDs, MAC addresses, and IP addresses (IPv4 and IPv6).

This output provides a detailed view of the my_bridge_network Docker network, including its configuration and connected containers, which helps in understanding how containers communicate within the network and their assigned network settings.

Remove a Network:

If you need to remove an existing network, the docker network rm my_bridge_network command will do the job. This command deletes the specified network, freeing up resources and ensuring that containers are no longer connected to it. It’s important to ensure that no active containers are using the network before removal to avoid disruptions.

docker network rm my_bridge_network

Conclusion

Docker networks are essential for building scalable and efficient containerized applications. By understanding and utilizing different network types, you can ensure that your containers communicate effectively, whether they’re on the same host or spread across multiple hosts. This guide has provided a basic overview and practical examples to get you started with Docker networking. Happy networking!

Rohit Kumar is a passionate software evangelist. Who loves implementing, breaking and engineering software products. He actively engages on platforms such as LinkedIn, GitHub, & Medium through email.