Scribd
Upload
7 views2 pages

docker_networking

Docker networking enables container communication within the same host, across multiple hosts, or with external networks through various drivers. The main types include Bridge, Host, Overlay, Macvlan, and None networks, each serving different use cases. Effective network configuration can enhance security and isolation, especially when separating database and web application communications.

Uploaded by

veeresh j u
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
7 views2 pages

docker_networking

Docker networking enables container communication within the same host, across multiple hosts, or with external networks through various drivers. The main types include Bridge, Host, Overlay, Macvlan, and None networks, each serving different use cases. Effective network configuration can enhance security and isolation, especially when separating database and web application communications.

Uploaded by

veeresh j u
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 2

Docker Networking Overview

Docker networking allows containers to communicate with each other, with the host, and
with external networks. Docker provides different networking drivers for various use cases.

### Types of Docker Networks


1. **Bridge Network (Default)** → Used for container communication on the same host.
2. **Host Network** → Removes network isolation; container uses host’s network.
3. **Overlay Network** → Used for communication between containers across multiple
hosts in a Docker Swarm.
4. **Macvlan Network** → Assigns containers unique MAC addresses on the host network.
5. **None Network** → No networking (isolated container).

---

## 1. Bridge Network (Default)


### What is a Bridge Network?
A **bridge network** is the default network created by Docker. It allows **containers on
the same host** to communicate **with each other** using an internal virtual network
while isolating them from the external network.

### Example: Running Two Containers on the Same Host in a Bridge Network
```sh
docker network create my_bridge_network
docker run -d --name container1 --network my_bridge_network nginx
docker run -d --name container2 --network my_bridge_network alpine sleep 3600
docker exec -it container2 ping container1
```

---

## 2. Overlay Network (For Multi-Host Communication)


### What is an Overlay Network?
An **overlay network** allows Docker containers on **different hosts** to communicate as
if they were on the same local network. It is used mainly in **Docker Swarm** mode.

### Example: Deploying Containers Across Multiple Hosts Using an Overlay Network
```sh
docker swarm init --advertise-addr <MANAGER-IP>
docker network create --driver overlay my_overlay_network
docker swarm join --token <SWARM-TOKEN> <MANAGER-IP>:2377
docker service create --name web --network my_overlay_network -p 80:80 nginx
docker network inspect my_overlay_network
docker service ls
docker service ps web
```

---

## Separating Database and Web in Docker Network with Isolation


To **isolate the database** and allow only the **web application to communicate** with it,
you can use **Docker networks** effectively.

### Solution: Use Two Separate Networks


- **`db_network`** → Private network for database (only web can access).
- **`web_network`** → Public network for web service (accessible by external users).

### Steps to Configure


```sh
docker network create db_network
docker network create web_network
docker run -d --name mydb --network db_network -e MYSQL_ROOT_PASSWORD=rootpass -
e MYSQL_DATABASE=mydb mysql:latest
docker run -d --name myweb --network db_network --network web_network -e
DB_HOST=mydb -p 8080:80 my-web-app
docker exec -it myweb ping mydb
```

This approach ensures **security and isolation**, preventing direct access to the database
from external sources while allowing the web service to communicate with it.

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy