Docker networking

By mikado on

7 types of networks

1. The Default Bridge

sudo apt install docker.io -y
  • docker0
ip address show
sudo docker network ls

DRIVER = network type

bridge link

  • See container names and associated ip address:
docker inspect bridge

As a network:

  • DHCP
  • DNS: takes a copy of /etc/resolv.conf from the Host to the container
  • so container is this network can speak to eachother
docker exec -it thor sh

  • to be available from the internet –> need to expose the port:
docker run -itd --rm -p 80:80 --name mywebserver nginx

2. The User defined Bridge

  • Create a new network
docker network create mynet
  • See the new bridge in both:
ip address show
docker network ls
  • Run containers in the new network mynet
docker run -itd --rm --network mynet --name con1 busibox
  • See that the new network interfaces are tight to the bridge created:
bridge link
docker inspect mynet

3. The Host

  • no isolation

4. The macVLAN

docker network create -d macvlan --subnet 10.7.1.0/24 --gateway 10.7.1.3 -o parent=wnp0s3 mynewnet
  • Network interface with MAC address, share same port –> Promiscuous to enabled
sudo ip link set enp0s3 promisc on
  • no DHCP
  • The macVLAN 802.1q mode

5. The IPvlan (L2 / L3)

docker network create -a ipvlan --subnet 10.7.1.0/24 --gateway 10.7.1.3 -o parent enp0s3 myipvlan

L2:

  • Mac
  • ARP

L3 (ipvlan_mode=l3):

  • turn the host is a router
  • no broadcast

6. The Overlay network

7. The None network

Category: Container