Lessons
Start
Start learning
CodeGym /Courses /Docker SELF /Using custom networks

Using custom networks

Docker SELF
Level 17 , Lesson 4
Available

5.1 Main Types of Custom Networks

Custom networks in Docker provide flexible options for configuring and managing network interaction between containers. They allow you to isolate containers, organize their interaction, and create complex network topologies. In this lecture, we're going to look at how to create and set up custom networks in Docker, along with examples of their use.

Main Types of Custom Networks

Docker supports several types of custom networks, each with its own features and purposes for various use cases:

  1. Bridge (Bridge Networks): provide isolation and connection between containers on the same host. This type of network is the default for local applications that don't need to interact outside the host.
  2. Overlay (Overlay Networks): designed for connecting containers that run on different hosts in a Docker Swarm or Kubernetes cluster. They ensure high scalability and security for distributed applications.
  3. Macvlan: let containers directly use the host’s physical network interface. This is useful for network applications with high-performance requirements, as well as cases where binding to specific MAC addresses is required. Containers in a Macvlan network can interact with other devices in the physical network as separate nodes.
  4. Host (Host Networks): containers use the host’s network stack, eliminating the overhead of network virtualization but reducing isolation. This type of network is suitable for applications requiring maximum network performance.
C++

5.2 Creating and Using Bridge Networks

Bridge networks are the most common type of custom networks and are used for isolating containers on a single host. Containers connected to the same bridge network can interact with each other using IP addresses and hostnames.

Creating a custom bridge network

To create a custom bridge network, use the docker network create command:

Terminal 

docker network create --driver bridge my_bridge_network

Running containers in the custom network

Run the containers with a connection to the created network:

Terminal 

docker run -d --name container1 --network my_bridge_network nginx

docker run -d --name container2 --network my_bridge_network busybox sleep 1000

Checking connectivity between containers

You can use the ping command to check connectivity between containers:

Terminal 

docker exec container2 ping -c 4 container1

If the containers are properly connected to the my_bridge_network, the ping command will be successful.

5.3 Custom Networks in Docker Compose

Examples of using custom networks in Docker Compose

Docker Compose makes it easy to create and manage networks for multi-container apps. You can define custom networks in the docker-compose.yml file.

Example of a docker-compose.yml file:

Yaml 

version: '3.8'

services:
  web:
    image: nginx:latest
    networks:
      - my_bridge_network

  app:
    image: myapp:latest
    networks:
      - my_bridge_network

networks:
  my_bridge_network:
    driver: bridge

Run Docker Compose:

Terminal 

docker compose up -d

In this example, both services (web and app) are connected to the custom network my_bridge_network.

5.4 Configuring and using macvlan networks

macvlan networks let containers directly use the host's physical network interface, which can be useful for applications with high network performance requirements. Containers in this network get their own IP addresses within a specified subnet, making them visible in the same network as the host.

Creating a macvlan network

Terminal 

docker network create -d macvlan \
  --subnet=192.168.1.0/24 \
  --gateway=192.168.1.1 \
  -o parent=eth0 my_macvlan_network

In this command:

  • --subnet: defines the subnet where the containers will be located.
  • --gateway: sets the gateway for the containers.
  • -o parent: specifies the host network interface to which the network is bound.

Running containers in the macvlan network

Terminal 

docker run -d --name container1 --network my_macvlan_network nginx

docker run -d --name container2 --network my_macvlan_network busybox sleep 1000

In this example, both containers are connected to the my_macvlan_network and have access to the external network through the physical interface eth0.

5.5 Examples of Usage in Docker Compose

You can also use macvlan networks in Docker Compose. For example:

Yaml 

version: '3.8'

services:
  web:
    image: nginx:latest
    networks:
      - my_macvlan_network
        
networks:
  my_macvlan_network:
    driver: macvlan
    driver_opts:
      parent: eth0
    ipam:
      config:
        - subnet: 192.168.1.0/24
          gateway: 192.168.1.1

Run Docker Compose:

Terminal 

docker compose up -d

In this example, the network my_macvlan_network allows the service web to interact with devices in the subnet 192.168.1.0/24, including the host.

Practical tips:

  • Access Configuration: Make sure that your router or network administrator allows the use of the subnet specified in the macvlan settings.
  • Isolation: If security is important, use VLAN to segment the network so that containers have access only to the necessary resources.
  • Testing: After setup, check the connectivity between containers and the external network using commands like ping or curl.

5.6 Example of Using Networks for Microservices

Let’s go over an example where we have a frontend, a backend, and a database, all isolated into different networks but still able to interact through network overlaps.

File docker-compose.yml

Yaml 

version: '3.8'

services:
  frontend:
    image: myfrontend:latest
    networks:
      - front-tier
      - back-tier
        
  backend:
    image: mybackend:latest
    networks:
      - back-tier
      - db-tier
        
  database:
    image: postgres:latest
    environment:
      POSTGRES_USER: user
      POSTGRES_PASSWORD: password
    networks:
      - db-tier
        
networks:
  front-tier:
    driver: bridge
  back-tier:
    driver: bridge
  db-tier:
    driver: bridge

Run Docker Compose:

Terminal 

docker compose up -d

In this example:

  • The frontend service is connected to the front-tier and back-tier networks, allowing it to interact with both external clients and the backend.
  • The backend service is connected to the back-tier and db-tier networks, which lets it interact with the frontend and the database.
  • The database service is only connected to the db-tier network, ensuring that the database is isolated from external access.

Practical Tips:

  • Use Isolation: Separating networks helps you limit access to databases or other critical resources.
  • Check Connections: Make sure services can interact with each other through shared networks by using commands like ping or curl.
  • Optimization: Use the overlay network if your project needs to run in a cluster or across multiple hosts.

This example shows how to create network isolation while still enabling interaction between different layers of your app.

3
Task
Docker SELF, level 17, lesson 4
Locked
Creating and testing a bridge network
Creating and testing a bridge network
Open
3
Task
Docker SELF, level 17, lesson 4
Locked
Using networks in Docker Compose
Using networks in Docker Compose
Open
3
Task
Docker SELF, level 17, lesson 4
Locked
Creating a macvlan network
Creating a macvlan network
Open
3
Task
Docker SELF, level 17, lesson 4
Locked
Setting up networks for microservices
Setting up networks for microservices
Open
1
Survey/quiz
Docker Network Settings, level 17, lesson 4
Unavailable
Docker Network Settings
Docker Network Settings
Open
Comments
TO VIEW ALL COMMENTS OR TO MAKE A COMMENT,
GO TO FULL VERSION