youhoc
Pages
Docker

icon picker
Container Networking

Each container connect to a private virtual network → NAT firewall (of host)
All containers on a virtual network can talk to each other (without -p)
Best practice is to create new virtual network for each app cluster
“my_web_app” for php/apache and mysql
“my_api” for mongo and nodejs
You can:
make new virtual network
attach container to more than 1 virtual network
skip virtual and use host IP ( --net=host )
use different Docket network tools, drivers to gain new abilities
Networking Commands
# default host:container ports
docker container run -p 80:80 --name webhost -d nginx

# check ports
docker container port webhost

# check ip of a container
docker container inspect --format '{{ .NetworkSettings.IPAddress }}' webhost

# container is not in the same network with host
ifconfig en0
How network packet move in and out
0C2FBBD1-2E1B-4E12-9299-6BD3A3AB083B_4_5005_c.jpeg
Networking commands
# list all docker network
docker network ls

# will return 3 default network & drivers
bridge # (default docker network, routed through NAT)
host # use host as default network
none # no networking for container

# check how many containers connect to bridge network
docker network inspect

# check IPAM (subnet x.x.x.x/16 of all available IP)
# check containers (id and name and IP of each container)

# create a new nerwork
network create my_app_net # it use default driver like 'bridge'
--driver

# attach a container to new network
docker network connect webhost1 my_app_net
docker container run -d --name webhost2 --network my_app_net nginx

# 2 containers run same my_app_net network
DNS
use DNS to inter-com between containers
# run ping inside webhost1 to ping to webhost 2
docker container exec -it webhost ping webhost2

# create a default network named 'roundrobin'
docker network create roundrobin

# create 2 containers, both DNS named 'search', connect to roundrobin, from image 'elasticsearch' (it will have different id and names)
docker container run -d --net roundrobin --net-alias search elasticsearch

# run a container from image 'aline', remove when exit
# run on 'roundrobin' network
# execute shell: nslookup on that container, look for 'search' DNS
docker container run --rm --net roundrobin alpine nslookup search

# if you keep pinging that 'search' DNS, it will randomly use 2 containers
docker container run --rm --net roundrobin centos curl -s search:9200
Want to print your doc?
This is not the way.
Try clicking the ⋯ next to your doc name or using a keyboard shortcut (
CtrlP
) instead.