Docker networking: bridge, host, and overlay networks

9463 views

                  #!/usr/bin/env bash
# Docker Networking Modes & Configuration

# === List networks ===
docker network ls
docker network inspect bridge

# === Create custom bridge network ===
# Containers on the same custom bridge can resolve each other by name
docker network create \
  --driver bridge \
  --subnet 172.20.0.0/16 \
  --gateway 172.20.0.1 \
  --opt com.docker.network.bridge.name=br-myapp \
  myapp-network

# Run containers on the custom network
docker run -d \
  --name api \
  --network myapp-network \
  --network-alias api-service \
  -e DATABASE_URL="postgres://db:5432/myapp" \
  myapp-api:latest

docker run -d \
  --name db \
  --network myapp-network \
  --network-alias db-service \
  -v pgdata:/var/lib/postgresql/data \
  postgres:16-alpine

# The 'api' container can reach 'db' by name:
# postgres://db:5432/myapp  ← Docker DNS resolves this

# === Connect a running container to another network ===
docker network create monitoring-network
docker network connect monitoring-network api
# Now 'api' is on both myapp-network and monitoring-network

docker network disconnect monitoring-network api

# === Host networking (Linux only) ===
# Container shares the host's network stack directly
# No port mapping needed — container binds directly to host ports
docker run -d \
  --name nginx-host \
  --network host \
  nginx:alpine

# === Overlay network for Docker Swarm ===
# Multi-host networking for Swarm services
docker network create \
  --driver overlay \
  --attachable \
  --subnet 10.10.0.0/16 \
  swarm-overlay

docker service create \
  --name web \
  --network swarm-overlay \
  --replicas 3 \
  -p 80:80 \
  nginx:alpine

# === Macvlan network ===
# Assign MAC addresses to containers — appear as physical devices
docker network create \
  --driver macvlan \
  --subnet 192.168.1.0/24 \
  --gateway 192.168.1.1 \
  -o parent=eth0 \
  macvlan-net

docker run -d \
  --name legacy-app \
  --network macvlan-net \
  --ip 192.168.1.100 \
  legacy-app:latest

# === Debugging network issues ===
# Inspect container network settings
docker inspect --format='{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' api

# Check DNS resolution from inside a container
docker exec api nslookup db
docker exec api ping -c 3 db

# Run a temporary debug container on the same network
docker run --rm -it \
  --network myapp-network \
  nicolaka/netshoot \
  bash

# Inside netshoot:
# dig db-service
# tcpdump -i eth0 port 5432
# curl -v http://api-service:3000/health

Master Docker networking modes and custom network creation. Understand bridge networks for container isolation, host mode for direct host networking, and overlay networks for multi-host Swarm communication. Configure DNS resolution, port mapping, and inter-container connectivity.

Ryan Nakamura

More from Ryan Nakamura

Docker networking: bridge, host, and overlay networks

0 Comments

More from Ryan Nakamura