Understanding Communication Between Docker Containers – Cloudkul

In our earlier blogs, we have seen various architectures of docker containers to deploy Magento 2 server.

We have seen how to set up single container architecture that included a web server and database server inside the single container using Dockerfile.

We have also seen multi-container architectures having different services being run on different containers.

These containers were interlinked with each other and there configured by a docker-compose tool which uses a single configuration file docker-compose.yml file to deploy all the containers.

In between these setups, we have used various terms like container linking, port exposure, volume mapping, etc, but we had never discussed how containers are communicating with each other.

So let’s take a break from setting up docker architecture and understand communication between docker containers.

Docker Network

Docker utilizes three inbuilt networks that come with fresh docker installation. If you run,

1

docker

network

ls

you might see three networks:

  • Bridge
  • None
  • Host

Let’s take a brief overview of these networks

  • A bridge network is the default network that comes with all docker installations. It is also known as the docker0 network. If not mentioned otherwise, all docker containers are created within the docker0 network.
  • No network is generally known as a container-specific network. A container can be attached to none network. This is utilized for internal communication between containers being isolated to the outside network.
  • The host network adds a container to the host’s network stack. As far as the network is concerned, there is no isolation between the host machine and the container.
  • For instance, if you run a container that runs a web server on port 80 using host networking, the web server is available on port 80 of the host machine.

Apart from these built-in networks, there are also user-defined networks. We can create our own network and control which containers can communicate with each other, and also enable automatic DNS resolution of container names to IP addresses.

With the help of default network drivers being provided, we can create the following networks:

  • Bridge network
  • Overlay network
  • MACVLAN network

Although, here we will keep our discussion limited to the default bridge network.

Bridge Network

As mentioned earlier, docker containers are attached to a bridge or docker0 network by default if no other network is mentioned.

Take note that all containers within the same bridge network can communicate with each other via IP addresses.

However, they cannot resolve container names so communication via container names is not possible.

To ensure communication via container names, these containers are needed to link with each other in one way or another.

Docker0 bridge allows port mapping and linking to allow communication among containers or communication between container and host.

Communication between containers is managed at an operating system level and it depends on two factors:

  • By default Docker daemon attaches all containers to the docker0 bridge, providing network address translation for their communication. So it is mandatory that network topology can identify containers’ networks.
  • Connection establishing permissions from iptables

Also, for communication between the host and containers, it is mandatory that iptables settings and port mapping is done correctly to transfer packets between the docker container and hosts.

Understanding Docker containers Linking By Example:

Let us understand container linking and port exposure by an example. We will link apache2 and MySQL-server containers using docker command line tools.

First, we will need a mysql-server image,

1

2

3

docker

pull

mysql

/

mysql

server

:

5.6

 

 

Then we will launch a container from this image,

1

docker

run

p

3306

:

3306

name

mysql

e

MYSQL_ROOT_PASSWORD

=

rootpassword123

d

mysql

/

mysql

server

:

5.6

In the above command, the -p arguments map the host’s port with the container’s port, and the –name argument defines the container’s name.

We are mapping the 3306 port of the host with the 3306 port inside the container. All traffic to and from the MySQL server will be routed from these ports. Make sure ports on the host are available to be used.

After image and docker container creation, we can check their status as,

1

2

3

docker

images

 

docker

ps

Now, lets pull apache2 server with php5 image as,

1

2

3

docker

pull

nimmis

/

apache

php5

 

 

Now as we have MySQL container already running, we will launch the apache2 container being linked to MySQL container as,

1

docker

run

tid

p

80

:

80

name

apache2

link

mysql

nimmis

/

apache

php5

In the above command, we have launched a container named apache2 whose port 80 is mapped with the 80 port of the host, and this container is linked with our database container named mysql by –link

Check the networks of both containers as:

1

2

3

docker

inspect

mysql

 

docker

inspect

apache2

You will see the default bridge network for both containers.

We can check this connectivity by,

1

2

3

docker

exec

ti

apache2

bash

 

ping

mysql

and,

1

2

3

docker

exec

ti

mysql

bash

 

ping

apache2

If we get a response for both the pings, then the docker containers have been linked properly.

Conclusion

So far we have seen how to link to docker containers within the default bridge network from simple command-line docker commands.

In our later blogs, we will discuss more user-defined networks and container communication.

Need Support?

Thank You for reading this Blog!

For further more interesting blogs, keep in touch with us. If you need any kind of support, simply raise a ticket at https://webkul.uvdesk.com/en/.

For further help or query, please contact us or raise a ticket.