Zunayed Ali Morsalin home about travel resume

p6 - Docker networking

Aug 15, 2017

I spent some time learning a bit more about docker networking. My current workflow for inter-container communication, such as a web server communicating with a MySQL container involves exposing the port on one container. Then in the second container, you access that port via the host machine IP/name. This works well enough but what if you don’t want to expose the port to the public? Another issue is in your configuration you could be pointed to your host machine, for example, mymachine.ny but if you ever developed on another machine you would have to switch out the names to make sure the containers all communicate within the same host There is a solution built into docker that involves creating a network bridge.

Let’s create a bridge

zali@dockerub01:~$ docker network create -d bridge --subnet zali-bridge

zali@dockerub01:~$ docker network ls
NETWORK ID          NAME                DRIVER              SCOPE
ac1a0e81f881        bridge              bridge              local
db76ba37ae35        host                host                local
11a6bb3457d7        none                null                local
bccdf546312c        zali-bridge         bridge

and spin up some containers

zali@dockerub01:~$ docker run -dt --name node1 --network zali-bridge alpine sleep 1d
zali@dockerub01:~$ docker run -dt --name node2 --network zali-bridge alpine sleep 1d

zali@dockerub01:~$ docker network inspect zali-bridge
        "Name": "zali-bridge",
        "Id": "bccdf546312c188b709a97d42a191c981c2975d0b3cb62f1f0b7cac0f17e5489",
        "Scope": "local",
        "Driver": "bridge",
        "EnableIPv6": false,
        "IPAM": {
            "Driver": "default",
            "Options": {},
            "Config": [
                    "Subnet": ""
        "Internal": false,
        "Containers": {
            "5eba11d63c83e034864035a2af8b770776ee9c8ed8d0aa722cf13ae92ffc556b": {
                "Name": "node2",
                "EndpointID": "65893cf60ecf21de7f9eeef4da738820d0bc5d3a11165ec8420ece6d3a884eed",
                "MacAddress": "02:42:0a:00:00:03",
                "IPv4Address": "",
                "IPv6Address": ""
            "f87d023a8040654fa367353ba752580dc20ba67b5d58a616777a9aebd8e76658": {
                "Name": "node1",
                "EndpointID": "1ed062b67e08ba2d4613ad9b27a5365f956ef39c9224ac95a4da87bc7046756f",
                "MacAddress": "02:42:0a:00:00:02",
                "IPv4Address": "",
                "IPv6Address": ""
        "Options": {},
        "Labels": {}

Now lets hop into the containers and try to communicate between containers

/ # zali@dockerub01:~$ docker exec -it node1 sh
/ # ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
1286: eth0@if1287: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue state UP
    link/ether 02:42:0a:00:00:02 brd ff:ff:ff:ff:ff:ff
    inet scope global eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::42:aff:fe00:2/64 scope link
       valid_lft forever preferred_lft forever
/ # ping node2
PING node2 ( 56 data bytes
64 bytes from seq=0 ttl=64 time=0.075 ms
64 bytes from seq=1 ttl=64 time=0.094 ms
64 bytes from seq=2 ttl=64 time=0.084 ms
--- node2 ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max = 0.075/0.084/0.094 ms

And thats it!