Docker Networking
To connect a running container to an existing network:
docker network connect <network-name> <conatainer name or id>
docker network ls:list the networks.
Types:
Default Bridge
Custom Bridge
Host Network
Mac VLan Network
None
Overlay
IP VLan Network
Default Bridge-->Default Networking to communicate with outside world.
To show the ip address of the Instance:
#ip address show
ubuntu@ip-172-31-31-147:~$ ip address show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9001 qdisc fq_codel state UP group default qlen 1000
link/ether 0a:d1:ce:1c:50:ad brd ff:ff:ff:ff:ff:ff
inet 172.31.31.147/20 metric 100 brd 172.31.31.255 scope global dynamic eth0
valid_lft 3322sec preferred_lft 3322sec
inet6 fe80::8d1:ceff:fe1c:50ad/64 scope link
valid_lft forever preferred_lft forever
3: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default
link/ether 02:42:79:91:85:d8 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
ubuntu@ip-172-31-31-147:~$ ^C
ubuntu@ip-172-31-31-147:~$
"docker0 " is the networking part used by the conatiner to communicate with the outside world.
ubuntu@ip-172-31-31-147:~$ docker network ls
ubuntu@ip-172-31-31-147:~$ docker network ls
NETWORK ID NAME DRIVER SCOPE
c66a88365f17 bridge bridge local
a65b809be99e host host local
551a5511f44c none null local
by default we having:bridge,host and none rest we have to create.
To create a container of Ngnix.
docker run -d --name nginx_cont nginx
ubuntu@ip-172-31-31-147:~$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
93ccd47cfd9f nginx "/docker-entrypoint.…" 22 seconds ago Up 20 seconds 80/tcp nginx_cont
Container is Created.
To enter into the container:
docker exec -it <cont_id> sh
ubuntu@ip-172-31-31-147:~$ docker exec -it 93ccd47cfd9f sh
# ping google.com
sh: 1: ping: not found
#exit
ping is not found.
To enable the networking the container should go through the Network Layer i.e. docker 0
#docker inspect bridge
"ConfigOnly": false,
"Containers": {
"93ccd47cfd9f9318b11ecb0c6fd710dea7482850cdd9c3471a5e274e44340416": {
"Name": "nginx_cont",
"EndpointID": "6ddcedd9ec2be257ede90aedeb173ba00826cb899393e7c82686b72e002e4683",
"MacAddress": "02:42:ac:11:00:02",
"IPv4Address": "172.17.0.2/16",
"IPv6Address": ""
}
Description of Container written over there having container name and IP address through which it can communicate with out-side world.
To do so we need to Expose the port to communicate with out-side world .
Kill the old Container and remove it:
ubuntu@ip-172-31-31-147:~$ docker kill 93ccd47cfd9f <--Cid>
93ccd47cfd9f
ubuntu@ip-172-31-31-147:~$ docker rm 93ccd47cfd9f
93ccd47cfd9f
Port Mapping: Mapping with Docker:80 to Host:80 called bindation.
ubuntu@ip-172-31-31-147:~$ docker run -d --name nginx_cont -p 80:80 nginx
33fab6635c8c1e739f771345c18256775882f661d5c6f5b261c6311669174586
Host Networking:
docker kill <cid>
docker rm <cid>
If you assign networking as host then no requirement of Bridge it directly run in the host.
No need to publish.
ubuntu@ip-172-31-31-147:~$ docker run -d --name nginx_cont2 --network host nginx
The Nginx is run on the Public Ip.
Custom Bridge:
We are gone a create a User-Defined or Custom Bridge where each container communicate with each other it is come into a shell.
ubuntu@ip-172-31-31-147:~$ docker network create my_shell
0c94bb03cfa7464f8c39c5a34b161f57084cee2a021d289bfc378c7b5271dd0a
ubuntu@ip-172-31-31-147:~$ docker network ls
NETWORK ID NAME DRIVER SCOPE
c66a88365f17 bridge bridge local
a65b809be99e host host local
0c94bb03cfa7 my_shell bridge local
551a5511f44c none null local
ubuntu@ip-172-31-31-147:~$ docker kill 70b538c877ba
70b538c877ba
ubuntu@ip-172-31-31-147:~$ docker rm 70b538c877ba
70b538c877ba
ubuntu@ip-172-31-31-147:~$ docker run -d --name nginx-default nginx
886d56933ea5dfcee498e402a6a77cf339f161df5b36fa2fe0759afcfe33b290
Creating two containers using the Network my_shell.
ubuntu@ip-172-31-31-147:~$ docker run -d --name nginx-custom-1 --network my_shell nginx
431e5f9ee0701387f741d9216f106a1636ab08b206762216d0c44a72a8a6c86a
ubuntu@ip-172-31-31-147:~$ docker run -d --name nginx-custom-2 --network my_shell nginx
8052135aa2fef330a30a57a931059a6e9153d2d07297449c76fde645d0270f88
ubuntu@ip-172-31-31-147:~$docker inspect my_shell
"ConfigOnly": false,
"Containers": {
"431e5f9ee0701387f741d9216f106a1636ab08b206762216d0c44a72a8a6c86a": {
"Name": "nginx-custom-1",
"EndpointID": "cbb8843fd96113cdfad6fff2eecfe143d6a801daf83f02269c84f808472b873c",
"MacAddress": "02:42:ac:12:00:02",
"IPv4Address": "172.18.0.2/16",
"IPv6Address": ""
},
"8052135aa2fef330a30a57a931059a6e9153d2d07297449c76fde645d0270f88": {
"Name": "nginx-custom-2",
"EndpointID": "dc655f4a211510b1bc8b784462fd08b3c0439c8287139eb8f09273588bca5e05",
"MacAddress": "02:42:ac:12:00:03",
"IPv4Address": "172.18.0.3/16",
"IPv6Address": ""
}
},
They can communicate with each other as they are using the same network e.g.my_shell.
Projects with Microservices.(Custom Bridge)
ubuntu@ip-172-31-31-147:~$ git clone https://github.com/devkrgoutam/microservices-k8s.git
ubuntu@ip-172-31-31-147:~$cd microservices-k8s/
ubuntu@ip-172-31-31-147:~/microservices-k8s$ cd flask-api/
ubuntu@ip-172-31-31-147:~/microservices-k8s/flask-api$ docker build -t my-app .
Here we got images of docker
ubuntu@ip-172-31-31-147:~/microservices-k8s/flask-api$ docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
my-app latest 55326f26c9c6 30 seconds ago 98.4MB
nginx latest 021283c8eb95 9 days ago 187MB
busybox latest 5242710cbd55 2 weeks ago 4.26MB
python alpine3.7 00be2573e9f7 4 years ago 81.3MB
Creating the app under the network of my_shell
ubuntu@ip-172-31-31-147:~/microservices-k8s/flask-api$ docker run -d -p 5000:5000 --name my-app-container --network my_shell my-app:latest
e597aad3892c71190de301bc6c3998903e142fcee8808bccaeec0139e023e33b
Open the port 5000 in EC2 Instance.
ip address show
10: veth23f4982@if9: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default
link/ether 8e:8e:4a:a0:6d:37 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet6 fe80::8c8e:4aff:fea0:6d37/64 scope link
valid_lft forever preferred_lft forever
12: veth50ffeea@if11: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-0c94bb03cfa7 state UP group default
link/ether ea:7d:23:2a:ba:93 brd ff:ff:ff:ff:ff:ff link-netnsid 1
inet6 fe80::e87d:23ff:fe2a:ba93/64 scope link
valid_lft forever preferred_lft forever
14: vethffcdb6b@if13: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-0c94bb03cfa7 state UP group default
link/ether 02:67:0c:b4:d5:ed brd ff:ff:ff:ff:ff:ff link-netnsid 2
inet6 fe80::67:cff:feb4:d5ed/64 scope link
valid_lft forever preferred_lft forever
20: vethf3af614@if19: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-0c94bb03cfa7 state UP group default
link/ether c2:61:0f:fc:bc:47 brd ff:ff:ff:ff:ff:ff link-netnsid 3
inet6 fe80::c061:fff:fefc:bc47/64 scope link
valid_lft forever preferred_lft forever
Docker :virtual Ethernet
ubuntu@ip-172-31-31-147:~$ docker exec 431e5f9ee070 sh
ping nginx-custom-2 -t
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
e597aad3892c my-app:latest "python app.py" 16 minutes ago Up 2 mi nutes 0.0.0.0:5000->5000/tcp, :::5000->5000/tcp my-app-container
8052135aa2fe nginx "/docker-entrypoint.…" 2 hours ago Up 2 ho urs 80/tcp nginx-custom-2
431e5f9ee070 nginx "/docker-entrypoint.…" 2 hours ago Up 2 ho urs 80/tcp nginx-custom-1
886d56933ea5 nginx "/docker-entrypoint.…" 2 hours ago Up 2 ho urs 80/tcp nginx-default
But not able to ping nginx-default due to network isolation.
nginx-custom-1,nginx-custom-2 are using the same network of my_shell (using sam subnet)
Attaching the mongo DB to our network my_shell.
ubuntu@ip-172-31-31-147:~/microservices-k8s/flask-api$ docker run -d
--name mongo(container name) mongo(image name)
docker kill a640e14da09b(kill mongo container)
docker rm a640e14da09b
Adding the mongo db to the same network of python i.e. my_shell
ubuntu@ip-172-31-31-147:~$ docker run -d --name mongo --network my_shell mongo
39bf6796afdd1bfb375265b71474bdea760635cb8bcd8bef5f1b7cfa76964ce0
docker inspect my_shell
Brouse to "http://54.226.119.14:5000/tasks"
None Networking:(No incoming outgoing,igress outflow)
Not able to access internet.
docker run -d -p 5000:5000 --name my-app-container --network none my-app:latest
overlay network(work with multiple hosts)
An overlay network is a virtual or logical network that is created on top of an existing physical network. The internet, which connects many nodes via circuit switching, is an example of an overlay network. An overlay network is any virtual layer on top of physical network infrastructure.
When you initialize a swarm or join a Docker host to an existing swarm, two new networks are created on that Docker host:
an overlay network called
ingress, which handles the control and data traffic related to swarm services. When you create a swarm service and do not connect it to a user-defined overlay network, it connects to theingressnetwork by default.a bridge network called
docker_gwbridge, which connects the individual Docker daemon to the other daemons participating in the swarm.
Mac VLan:
If you want to connect your docker network with mac address.