Posted on by lakhera2019

21 Days of Docker-Day 9- Docker Networking – Part 1

Welcome to Day 9 of 21 Days of Docker, so far I discussed all the Docker basics, Building container, Images and your own customized image using Docker. Let shift gears and focus on networking.

  • Before going deeper into Docker Networking, have you ever think, how docker container talks to the internet or any user on the internet can talk back to these Docker containers
  • Let’ start with the absolute basics, when you install Docker on your system, did you notice that docker added a new interface in your system called docker0.
# ifconfig
docker0: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
inet 172.17.0.1  netmask 255.255.0.0  broadcast 172.17.255.255
ether 02:42:c8:e7:30:24  txqueuelen 0  (Ethernet)
RX packets 0  bytes 0 (0.0 B)
RX errors 0  dropped 0  overruns 0  frame 0
TX packets 0  bytes 0 (0.0 B)
TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
  • docker0 interface is the bridge device for Docker.  If you don’t specify a different network when starting a container, the container is connected to the bridge and all traffic coming from and going to the container flows over the bridge to the Docker daemon, which handles routing on behalf of the container.
  • If you want more information about Bridge network, run docker inspect
$ docker network inspect bridge
[
    {
        "Name": "bridge",
        "Id": "f5c120ec2b2d3838e797fe3d5ed3e7234e5aa35567ac0a12ba912b2b9acb4db1",
        "Created": "2019-10-15T15:02:40.83080346Z",
        "Scope": "local",
        "Driver": "bridge",
        "EnableIPv6": false,
        "IPAM": {
            "Driver": "default",
            "Options": null,
            "Config": [
                {
                    "Subnet": "172.17.0.0/16", <-----------------
                    "Gateway": "172.17.0.1"    <----------------- 
                }
            ]
        },
        "Internal": false,
        "Attachable": false,
        "Ingress": false,
        "ConfigFrom": {
            "Network": ""
        },
        "ConfigOnly": false,
        "Containers": {
            "51cf7e39240929c8748ba7d2f82424b6e79c18cd9a966fe6242fcf90fba73fc6": {
                "Name": "centosserv",
                "EndpointID": "8586b322c1f4e818590ab55a381d9a3d10d7588b6e24edfc31d0c589a6560187",
                "MacAddress": "02:42:ac:11:00:02",
                "IPv4Address": "172.17.0.2/16",
                "IPv6Address": ""
            }
        },
        "Options": {
            "com.docker.network.bridge.default_bridge": "true",
            "com.docker.network.bridge.enable_icc": "true",
            "com.docker.network.bridge.enable_ip_masquerade": "true",
            "com.docker.network.bridge.host_binding_ipv4": "0.0.0.0",
            "com.docker.network.bridge.name": "docker0",
            "com.docker.network.driver.mtu": "1500"
        },
        "Labels": {}
    }
]
  • As you can see this network picks the subnet range of Subnet”: “172.17.0.0/16 and Gateway”: “172.17.0.1” which is Docker0 bridge interface IP.
  • Containers which are connected to the default bridge are allocated IP addresses within this range
  • Try to spin one container and check its IP
$ docker container run -d centos:7
  • To check its IP
$ docker container inspect 51cf7e392409 |grep IPAddress
            "IPAddress": "172.17.0.2",
  • As you can see IP(172.17.0.2) is from the same subnet range as from docker0.
Pages: 1 2