Docker-compose bridge network subnet | More About
Bobcares, with the support of our Docker Hosting Support Services has created a Docker-compose bridge network subnet article and its configuration steps.
Mục Lục
Docker Compose Bridge Networking subnet
Docker Compose is one of the easy ways for deploying multi-container applications. It automates a lot of the booking keeping, networking, and resource management of applications in a single docker-compose.yml file. You can get the application up by running docker-compose up and turning it back down using docker-compose down.
The one of most important objects is a Bridge network. This is where we shall be focusing on. More precisely, bridge networking.
Docker Bridge Network
Docker has many networking related drivers. The two most important ones are the Bridge networking driver and the Overlay. The latter is used for docker swarm mode, where containers running over different nodes can still be a part of a single abstract subnet.
To create a new Docker Network “my-network” and inspect it, by running:
$ docker network create -d bridge my-network
$ docker inspect my-network
You will get other things like a subnet mask and a default gateway.
…
"Config": [
{
"Subnet": "172.18.0.0/16",
"Gateway": "172.18.0.1"
}
…
Any container that connects to this network will get a default IP in the range of 172.18.0.2 to 172.18.255.254. Let’s try creating a couple of containers from this network:
$ docker run -dit--name container1 --network my-network ubuntu:latest
$ docker run -dit--name container2 --network my-network ubuntu:latest
If you run a command, inspect my-network. You will see that individual containers with their proper name and corresponding IP addresses will show in the containers field of the JSON output.
$ docker inspect my-network
...
"Containers": {
"8ce5cd67e6aed180b5d0b6b0fcd597175d6154c9208daa9de304aec94757e99b": {
"Name": "container1",
"EndpointID": "93d020d22172d6c98a0b88e78a7a01f6d1a3d44b983e7454fba7c1f1be5fae9d",
"MacAddress": "02:42:ac:12:00:02",
"IPv4Address": "172.18.0.2/16",
"IPv6Address": ""
},
"af1434df6f86d2df96aca1d7348dd6c815a4989ec07fb0f3cfea95d4a38b4f74": {
"Name": "container2",
"EndpointID": "3a5f57639c71685a10584fd392c20abc5ae693684860bef486404d26b332395a",
"MacAddress": "02:42:ac:12:00:03",
"IPv4Address": "172.18.0.3/16",
"IPv6Address": ""
}
…
If you create one more network “my-network2”, then it will have a different subnet mask like “172.19.0.0/16”. The containers on it will be isolated from containers of other networks. So, preferably, you want one network per application. Hence every application is secure and isolated from one other.
How Compose Creates a Network
Docker Compose understands the idea of active services for one application on a single network. When you deploy an application using a Docker Compose file, even though when there’s no mention of specific networking parameters. Docker Compose creates a new bridge network and starts to deploy the container over the network.
If the docker-compose.yml is in the directory my-app, the directory’s name is used to name the network and the containers mounted on it. Take an example by creating a directory:
$ mkdir my-app
$ cd my-app
$ vim docker-compose.yml
Next, add the following contents to the docker-compose.yml file:
version: '3'
services:
my-nginx:
image: nginx:latest
Notice, how we didn’t expose any ports. Let’s deploy this app:
$ docker-compose up -d
This creates a new network called “my-app_default” using the bridge network driver. You can further list all the networks on your personal setup using the list command “docker network ls” and then pick the network interface that matches your directory’s name. Once you get the name of the network, you can docker inspect to see all the containers that are attached to that network along with their individual IP addresses and subnet mask.
If we create another container, using directly the CLI on the same network, then we can actually connect to my-nginx service.
$ docker run -dit--name container4 --network my-app_default ubuntu:latest
$ docker exec-it container4 bashaa
# curl http://my-app_my-nginx_1
It will print an HTML file with a familiar quote like “Welcome to Nginx” visible on it. The Nginx web server is reachable within the network without us having to publish any ports. You don’t have to reach using its private IP, you can simply call with a hostname.
You won’t have to publish the Database port at all when running a database from the frontend. Instead, reach the Database from the web server by calling its hostname. Even when docker-compose is running somewhere and the IP, and subnet may now differ. The containers will still available to talk to one another.
To publish a port to the outside world we can write as follow:
version: '3'
services:
my-nginx:
image: nginx:latest
port:
- “8080:80”
Now users can use the web server with port 8080 at the IP of your Docker Host. This can be the public IP of your VPS or just localhost if running Docker on a desktop. The web server can talk directly and thus this reduces the risk of databases being exposed to the Internet.
When you bring your application down, use:
$ docker-compose down
This custom bridge network along with all the containers that were created, using the docker-compose.yml file, will get deleted. Leaving the Docker environment in a clean state.
Defining your own network
Compose allows you to define your own network, including subnet mask, IPv6 addresses. We have top-level networks like services or versions with top level keys. This key has no indendentation. Under the network’s key, we can define various attributes of the network. For now, we will keep it simple and mention that it ought to use a bridge driver.
version: ‘3’
networks:
my-network:
driver: bridge
Now each container can connect to multiple networks. So under the services section, we mention this custom network’s name. The network’s key here expects a list of networks.
version: '3'
services:
my-nginx:
image: nginx:latest
networks:
- my-network
- some-other-network # This is another network that you might have created.
Finally, the order of the network will define and then used inside a service that is relevant. So the whole .yml file will look like this:
version: '3'
services:
my-nginx:
image: nginx:latest
networks:
- my-network
networks:
my-network:
driver: bridge
[Looking for a solution to another query? We are just a click away.]
Conclusion
To conclude, from the Docker-compose bridge network subnet article we have configured a custom bridge network along with the containers. And checked how Docker compose Creates a Network.
PREVENT YOUR SERVER FROM CRASHING!
Never again lose customers to poor server speed! Let us help you.
Our server experts will monitor & maintain your server 24/7 so that it remains lightning fast and secure.
GET STARTED