It’s time for Docker: 6 Docker networks

directory

• It’s time for Docker: 1 Docker tutorial
• It is time for Docker: 2 to install and cancel sudo execution Docker
• It is time for Docker: 3 Docker small instances
• Docker: 3.1 Docker19 command quick reference table
• It is time for Docker: 4 Dockerfile to create the image
• Docker: 5 Volume 3 types of container data space mount
• It’s time for Docker: 6 Docker networks

Introduction to the

Network is to realize communication between containers or between containers and external connections. Docker provides 6 network modes to solve connection schemes in different scenarios: Bridge, host, Overlay, MACVLAN, None and Network Plugin.

Select a network based on the scenario

• Host network best solution when Docker host isolation is required.
• Overwriting the network is the best choice when you need to achieve network interconnection across Docker hosts.
• The Macvlan network is the best choice when you work from high traffic and need performance like a physical nic, each host has a unique MAC address. Third-party networking plug-ins allow you to integrate Docker with a private network stack.

bridge

Bridge mode is used by the default container to start the default network allocation. The container uses an independent network namespace (namespace) and is connected to the Docker0 virtual network card.

host

In host mode, the container and Docker host share the same network namespace (namespace), and the network protocol stack, routing table, iptables rules, nic, IP, port and so on of Docker host are all shared. Both the container and the host are in the same network view. This mode solves the problem of communication address conversion between the container and the outside world, and can directly use the IP address of the host for communication. Therefore, the network traffic and pressure here go through the network adapter of the host, and the performance is relatively high. This is risky, however, because the container and the host share a network mechanism and are not isolated. It will cause competition and conflict between network resources and host computer. Small scale scenarios can use this pattern. The host network driver only applies to Linux hosts, not Windows and Mac platforms.

overlay

The Overlay pattern is a distributed networking solution between multiple Docker hosts. This network sits on a host-specific network and allows containers connected to it, including cluster service containers, to communicate securely. Docker transparently handles the correct route between each packet and the Docker daemon host and the correct target container.

macvlan

Macvlan, like overlay, is also a driver solution for interconnecting across hosts. In some high-traffic or performance-demanding scenarios where you want to connect directly to the physical network, you can use the MACVLAN network driver to assign MAC addresses to each container’s virtual network interface to make it look like a physical network interface directly connected to the physical network.

none

The None mode is used to completely disable the network stack on the container. The container uses a separate network namespace and only creates loopback devices. If the container needs to connect to other networks, network Settings need to be manually set up, which is the most flexible but also the most complex.

Plug-in network

The above five drivers are provided by Docker native. If the above five drivers can not meet your requirements, in addition to native provision, third-party driver mode access is also supported. Flannel, Pipework, Weave, Calico, etc.

Docker network management commands

Show network list

docker network ls

Create a network

docker network create

• –config-from Replicates other network configurations
• — Driver Specifies the network mode
• –gateway Specifies the gateway
• –internal Limits internal access only
• –ip-range Allocates container IP addresses from the subnet range
• –ipv6 Enables the ipv6 network
• –subnet Specifies the network segment
  

  

Configure the container to connect to the specified network

docker network connect

Unconnects the container to the specified network

docker network disconnect

Viewing Network Details

docker network inspect

Remove the network

docker network rm

Clear the unused network

docker network prune

Specify the network when starting the container

docker run -it –network=

Use the network name for communication

docker network create lamp-network

docker run -it –network lamp-network –network-alias apache centos:latest

docker run -it –network lamp-network –network-alias php centos:latest

docker run -it –network lamp-network –network-alias mysql centos:latest