Basic Docker Networking on a Single Host

Leave your reply

Learn how to use basic and advanced networking tools to manage Docker containers. The networking feature allows users to define their own networks and connect containers to them.

You can create a network on a single host, or on a network that spans multiple hosts using the Docker network feature. This article will cover networking Docker containers on a single host. For information and instructions on networking Docker containers across multiple hosts, see our article on the subject.

Requirements

  • 1&1 IONOS Linux Cloud Server
  • Docker installed and running on your system.

Safely Working With Docker Without Using Sudo

The Docker daemon runs as root, which means that users will need to use sudo to run Docker commands.

To avoid having to use sudo for every Docker command, simply add your user(s) to the docker group with the command:

usermod -aG docker [username]

For example, by adding the user jdoe to the Docker group, this user will no longer have to use sudo for every Docker command. To add the user to the group, use the command:

usermod -aG docker jdoe

Docker's Default Networks

Each Docker installation automatically builds three default networks. You can list these networks with the command:

sudo docker network ls

The output of this command will look something like this:

Networking with Docker 1

The bridge network is the default network. Unless otherwise specified, bridge is the network where Docker will launch any new container.

Docker Networking: Bridge vs Overlay

Docker natively supports two types of networks: bridge and overlay.

  • A bridge network is limited to a single host (server).
  • An overlay network can span multiple hosts (servers).

Because overlay networks are more complicated, we will cover them in another article.

Inspecting a Network

Inspecting a Docker network will return information about that network, including which containers are attached to the network, and their IP addresses. This is a valuable testing tool, as well as an easy way to find your container's IP address.

You can inspect a network with the command:

sudo docker network inspect [network name]

For example, to inspect the bridge network, the command is:

sudo docker network inspect bridge

The output of this command will look something like this:

Networking with Docker 2: Inspect network

As you can see in the above screenshot, only one container is running on this bridge network. The container's name is test_centos_container and the IP address assigned to it is 172.17.0.3.

Note: Containers can only communicate with each other when they are running on the same network. For example, if you had a web application in one container which needed to connect to a database in another container, both of those containers would need to be on the same network.

Creating a New Bridge Network

To create your own network, the command is:

sudo docker network create -d [driver] [new network name]

The -d flag lets you specify the driver for the network. For a bridge network, use the bridge driver.

For example, to create a bridge network named new_test_network, use the command:

sudo docker network create -d bridge new_test_network

You can use sudo docker network ls to list the networks on your host and verify that your network has been created.

Starting a Container and Adding it to a Network

If you do not specify a network when you start up a container, it will automatically be added to the default bridge network.

To start up a container and add it to a specific network, use the command:

sudo docker run -it --net=[network name] --name [container name] [image]

For example, to start a container named test_python_container from the python image and add it to a network named new_test_network, the command would be:

sudo docker run -it --net=new_test_network --name test_centos_container centos

Use CTRL-pCTRL-q to detach from the container.

You can use sudo docker network inspect [network name] to check the network and verify that the container is attached.

Adding a Running Container to a Network

You can add a running container to a network with the command:

sudo docker network connect [network name] [container name]

For example, to add a running container named test_centos_container to a network named another_test_network, the command would be:

sudo docker network connect another_test_network test_centos_container

You can use sudo docker network inspect [network name] to check the network and verify that the container is attached.

Note: Docker allows you to add containers to multiple networks. There is no need to disconnect a container from one network before adding it to another.

Disconnecting a Container from a Network

To disconnect a container from a network, use the command:

sudo docker network disconnect [network name] [container ID or name]

For example to disconnect a container named test_centos_container from the new_test_network network, the command would be:

sudo docker network disconnect new_test_network test_centos_container

You can use the command sudo docker network inspect [network name] to inspect the network and verify that the container has been disconnected.

Note: Docker allows you to add containers to multiple networks. There is no need to disconnect a container from one network before adding it to another.

Deleting a Network

Note: You cannot delete the default networks that Docker creates on start-up.

After all of the containers that have been added to a network have been stopped or disconnected, you can delete the network with the command:

sudo docker network rm [network ID or name]

For example, to remove the network new_test_network, the command would be:

sudo docker network rm new_test_network

You can verify that the network was removed with the sudo docker network ls command.

Example: Pinging Between Two Containers on the Same Network

For this example we will create a custom bridge network, start up two containers on that network, attach to the ping_sender container, and ping the other container ping_receiver from there.

Note: This example will use the official CentOS 7 image named centos which you can download from the Docker website with the command:

sudo docker pull centos

If you prefer to use Ubuntu, simply substitute an Ubuntu image instead.

First, create a bridge network named ping_test_network with the command:

sudo docker network create -d bridge ping_test_network

Next, start a container named ping_receiver and attach it to the ping_test_network bridge network with the command:

sudo docker run -it --net=ping_test_network  --name ping_receiver centos /bin/bash

Use CTRL-p CTRL-q to detach from the ping_receiver container.

Inspect the ping_test_network to get the IP address of the ping_receiver container with the command:

sudo docker network inspect ping_test_network

Make a note of the container's IP address.

Networking with Docker 5: Get the IP address

In this case, the IP address is 172.19.0.2.

Start a container named ping_sender and attach it to the ping_test_network bridge with the command:

sudo docker run -it --net=ping_test_network  --name ping_sender centos bin/bash

Once you are attached to the container and have a command prompt, ping the other container with the command:

ping [IP address of ping_receiver]

In this case we will ping the IP address 172.19.0.2. The results of a successful ping will look something like this:

Networking with Docker 4

Exit ping with CTRL-c, then use CTRL-pCTRL-q to exit the container.