A solid understanding of container networking is necessary in order to understand the Docker Ecosystem. Let's talk about it in more detail in this blog.
A container has no information about what kind of network it’s attached to, whether it’s a bridge, an overlay, a macvlan network, or a custom network plugin. A container only sees a network interface with an IP address, a gateway, a routing table, DNS services, and other networking details. That is, unless the container uses the none network driver.
Published ports -
By default, when you create or run a container using docker create or docker run, the container doesn’t expose any of its ports to the outside world. To make a port available to services outside of Docker, or to Docker containers running on a different network, use the --publish or -p flag. This creates a firewall rule in the container, mapping a container port to a port on the Docker host to the outside world. Here are some examples:
IP address and hostname -
By default, the container gets an IP address for every Docker network it attaches to. A container receives an IP address out of the IP pool of the network it attaches to. The Docker daemon effectively acts as a DHCP server for each container. Each network also has a default subnet mask and gateway.
When a container starts, it can only attach to a single network, using the --network flag. You can connect a running container to multiple networks using the docker network connect command. When you start a container using the --network flag, you can specify the IP address for the container on that network using the --ip or --ip6 flags.
When you connect an existing container to a different network using docker network connect, you can use the --ip or --ip6 flags on that command to specify the container’s IP address on the additional network.
In the same way, a container’s hostname defaults to be the container’s ID in Docker. You can override the hostname using --hostname. When connecting to an existing network using docker network connect, you can use the --alias flag to specify an additional network alias for the container on that network.
DNS services -
By default, containers inherit the DNS settings of the host, as defined in the /etc/resolv.conf configuration file. Containers that attach to the default bridge network receive a copy of this file. Containers that attach to a custom network use Docker’s embedded DNS server. The embedded DNS server forwards external DNS lookups to the DNS servers configured on the host.
Custom hosts, defined in /etc/hosts on the host machine, aren’t inherited by containers. To pass additional hosts into container, refer to add entries to container hosts file in the docker run reference documentation. You can override these settings on a per-container basis.
With this, I'll conclude the post here.
Thank you for reading!
*** Explore | Share | Grow ***
Comments