Which statement best describes how container networking isolates containers from the host system?
Think about how containers keep their network separate but still lightweight compared to virtual machines.
Containers use network namespaces to create isolated network environments. This means each container has its own network stack, IP addresses, and routing tables separate from the host and other containers.
What is a key characteristic of the default bridge network created by Docker for containers?
Consider how containers communicate with each other and the host when using the default network.
The default Docker bridge network creates a private subnet for containers. Containers get private IPs and can talk to each other, but they are isolated from the host's physical network unless ports are explicitly published.
Given a container running a web server on port 80, which Docker command option correctly maps the container's port 80 to port 8080 on the host?
Remember the syntax for Docker port mapping is hostPort:containerPort.
The correct syntax is -p hostPort:containerPort. To expose container port 80 on host port 8080, use -p 8080:80.
Which container network driver allows containers to be directly connected to the host's network stack, sharing the host's IP address?
Think about which driver removes network isolation between container and host.
The host network driver makes the container use the host's network stack directly, sharing the host's IP address and ports.
A container cannot reach an external website, but the host machine can. The container uses the default bridge network. What is the most likely cause?
Consider what is needed for a container to translate website names into IP addresses.
Containers on the default bridge network rely on DNS to resolve domain names. If DNS settings are missing or incorrect, the container cannot reach external websites even if the host can.