Dockerdevops~5 mins

Why container networking matters in Docker - Why It Works

Choose your learning style9 modes available

Learn Why Deep Visual Try Challenge Project Recall Time

Introduction

Containers run applications in isolated environments. Networking connects these containers so they can talk to each other and the outside world. Without networking, containers would be isolated and unable to share data or services.

When you want your web app container to communicate with a database container on the same host.

When you need to expose a containerized service to users outside your server.

When multiple containers need to work together as parts of a bigger application.

When you want to control which containers can access each other for security.

When you want to assign fixed IP addresses or hostnames to containers for easier management.

Commands

This command creates a new user-defined network called 'my-network' so containers can connect and communicate on it.

Terminal

docker network create my-network

Expected OutputExpected

my-network

Runs a PostgreSQL database container named 'db' attached to 'my-network' so it can communicate with other containers on the same network.

Terminal

docker run -d --name db --network my-network postgres:15

Expected OutputExpected

a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6q7r8s9t0u1v2w3x4y5z6a7b8c9d0e1f2

→

--network - Connects the container to the specified network

→

-d - Runs the container in detached mode (in the background)

Runs an Nginx web server container named 'web' on 'my-network' and maps port 8080 on the host to port 80 in the container, making it accessible from outside.

Terminal

docker run -d --name web --network my-network -p 8080:80 nginx:1.25

Expected OutputExpected

f1e2d3c4b5a697887766554433221100ffeeddccbbaa99887766554433221100

→

--network - Connects the container to the specified network

→

-p - Publishes container port to the host

→

-d - Runs the container in detached mode

Shows details about 'my-network', including connected containers and their IP addresses, helping verify network setup.

Terminal

docker network inspect my-network

Expected OutputExpected

[ { "Name": "my-network", "Id": "e1f2d3c4b5a697887766554433221100ffeeddccbbaa99887766554433221100", "Created": "2024-06-01T12:00:00.000000000Z", "Scope": "local", "Driver": "bridge", "EnableIPv6": false, "IPAM": { "Driver": "default", "Config": [ { "Subnet": "172.18.0.0/16", "Gateway": "172.18.0.1" } ] }, "Containers": { "a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6q7r8s9t0u1v2w3x4y5z6a7b8c9d0e1f2": { "Name": "db", "EndpointID": "1234567890abcdef", "MacAddress": "02:42:ac:12:00:02", "IPv4Address": "172.18.0.2/16", "IPv6Address": "" }, "f1e2d3c4b5a697887766554433221100ffeeddccbbaa99887766554433221100": { "Name": "web", "EndpointID": "abcdef1234567890", "MacAddress": "02:42:ac:12:00:03", "IPv4Address": "172.18.0.3/16", "IPv6Address": "" } }, "Options": {}, "Labels": {} } ]

Key Concept

Containers need networks to communicate with each other and the outside world, making container networking essential for multi-container apps and external access.

Common Mistakes

Running containers without specifying a user-defined network and expecting them to communicate.

By default, containers on the default bridge network cannot resolve each other by name, causing communication failures.

Create and use a user-defined network so containers can find each other by name and communicate easily.

Not publishing container ports to the host when external access is needed.

Without port mapping, services inside containers are not reachable from outside the host machine.

Use the -p flag to map container ports to host ports for external access.

Assuming containers on different networks can communicate without extra setup.

Docker isolates networks; containers on separate networks cannot talk unless connected to both or bridged.

Connect containers to the same network or configure network bridging to enable communication.

Summary

Create a user-defined Docker network to allow containers to communicate by name.

Run containers attached to this network so they can find and talk to each other.

Publish container ports to the host to allow external access to container services.

Inspect the network to verify which containers are connected and their IP addresses.