Docker Networking
Docker networking allows containers to communicate with each other and the outside world. Docker supports different network types to accommodate various use cases. This article will explain the main Docker networking types with examples:
Bridge networks
Host networks
Overlay networks
Macvlan networks
None networks
Bridge Networks
Bridge networks are the default Docker network type. They create a software bridge on the Docker host that connects containers to each other and the outside network.
Containers in a bridge network have their own IP addresses and can communicate using DNS names or IPs. They can also access the internet and your host's network.
docker network create demo-network
docker run --network demo-network --name container1 busybox
docker run --network demo-network --name container2 busybox
This creates a demo-network
bridge network and two containers connected to it. The containers can ping each other using their names
Host Networks
When a container uses the host
network mode, it shares the Docker host's network stack and is not allocated a separate IP address.
docker run --network host --name nginx nginx
This connects the Nginx container directly to the host's network. Ports exposed in the container will be published directly on the host's IP address.
Host networks are useful for applications that should function similarly to services running directly on the Docker host. They provide no network isolation, however.
Overlay Networks
Overlay networks allow containers running on different Docker hosts to communicate directly. They implement the networking for Docker Swarm clusters.
docker network create -d overlay demo-overlay
This creates an overlay network named demo-overlay
. Containers connected to this network across different Docker hosts will be able to communicate.
Macvlan Networks
Macvlan networks assign each container a unique MAC address, allowing them to appear as physical devices on the host's network.
docker network create -d macvlan --subnet=192.168.0.0/24 --gateway=192.168.0.1 macvlan-net
This creates a Macvlan network named macvlan-net
. Containers connected to this network will have unique MAC addresses in the given subnet.
None Networks
The none
network mode completely disables a container's networking stack. The container will have no network connectivity at all.
docker run --network none --name isolated busybox
This container will not be able to communicate with any other containers or the outside world.