Skip to content

docker-with-tutorials/docker-network-basics

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
 
 
 
 
 
 

Repository files navigation

Built networks by developers, for developers.

image


📌 Table of Contents

Docker Network Basics

Docker networking is a fundamental concept for understanding how containers communicate with each other, with the host machine, and with external systems. By default, containers are isolated environments, and networking is the mechanism that allows them to interact in a controlled and predictable way. This document provides a clear and detailed explanation of how Docker networking works, the main network drivers, and common usage scenarios.

1. Why Docker Networking Matters

Containers are designed to be isolated, lightweight, and portable. However, real-world applications are rarely standalone. Most modern systems are composed of multiple services, such as web servers, application servers, databases, caches, and message brokers. These services must communicate reliably.

Docker networking provides:

  • Communication between containers
  • Communication between containers and the host
  • Communication between containers and external networks
  • Isolation between different groups of containers

Without networking, containers would not be able to expose APIs, connect to databases, or serve web traffic.

2. How Docker Networking Works

When Docker is installed, it automatically creates a default virtual network called bridge. Each container connected to this network receives:

  • An internal IP address
  • A virtual network interface
  • Access to other containers on the same network (depending on configuration)

Docker uses network namespaces (a Linux kernel feature) to isolate container networking stacks. Each container has its own:

  • Network interfaces
  • IP address
  • Routing table
  • Port configuration

Docker also manages virtual Ethernet interfaces (veth pairs) that connect containers to virtual bridges.

3. Docker Network Drivers

Docker supports multiple network drivers, each designed for specific use cases.

3.1 Bridge Network (Default)

The bridge driver is the default network type for containers running on a single host.

Characteristics:

  • Containers receive an internal IP address.
  • Containers on the same bridge network can communicate with each other.
  • External access requires port mapping.
  • Suitable for single-host deployments.

Example:

docker network create my-bridge-network
docker run -d --name container1 --network my-bridge-network nginx

3.2 Host Network

The host driver removes network isolation between the container and the host.

Characteristics:

  • The container shares the host’s network stack.
  • No port mapping is required.
  • Higher performance due to reduced abstraction.
  • Not recommended when isolation is required.

Example:

docker run -d --network host nginx

This mode is often used when performance is critical or when low-level networking tools are required.

3.3 None Network

The none driver disables networking entirely.

Characteristics:

  • The container has no network interface (except loopback).
  • No external or internal communication.
  • Maximum isolation.

Example:

docker run -d --network none nginx

This mode is useful for batch processing jobs or highly secure workloads that do not require network access.

3.4 Overlay Network

The overlay driver enables communication between containers running on multiple Docker hosts.

Characteristics:

  • Used in Docker Swarm or clustered environments.
  • Creates a distributed network across hosts.
  • Containers can communicate securely across nodes.

Overlay networks are essential in distributed systems and microservices architectures.

3.5 Macvlan Network

The macvlan driver assigns a MAC address to each container, making it appear as a physical device on the network.

Characteristics:

  • Containers receive IP addresses from the local network.
  • Containers behave like physical machines.
  • Useful when integrating with legacy systems.

This mode is typically used in advanced networking environments.

4. Port Mapping and Exposure

By default, containers are isolated from external access. To allow traffic from outside the host, ports must be published.

Example:

docker run -d -p 8080:80 nginx

In this example:

  • Port 80 inside the container
  • Is mapped to port 8080 on the host

Traffic sent to http://localhost:8080 is forwarded to the container. Port mapping is essential for web applications and APIs.

5. Container Communication by Name

When containers are attached to the same user-defined bridge network, Docker provides automatic DNS resolution.

Example:

docker network create app-network

docker run -d --name database --network app-network mysql
docker run -d --name backend --network app-network my-backend

The backend container can connect to the database using the hostname:

database:3306

This eliminates the need to manually manage IP addresses.

6. Inspecting Networks

Docker provides commands to inspect networks and understand their configuration.

List networks:

docker network ls

Inspect a network:

docker network inspect my-bridge-network

These commands help identify connected containers, subnet configuration, and driver details.

About

Understand Docker networking fundamentals with hands-on examples.

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published