logo
English

导航菜单

Docker 入门

06 - Docker Networking

Docker networking

Docker networking is key for multi-container apps and microservices.

Network model

Docker uses a pluggable Container Network Model (CNM), allowing different drivers for different needs.

Default networks

On install, Docker creates three networks:

docker network ls

Example:

NETWORK ID     NAME      DRIVER    SCOPE
9f6f3a1e85ff   bridge    bridge    local
95d96da43c2e   host      host      local
0ba0e9dcacf5   none      null      local

1) Bridge (default)

  • Containers on the same bridge can reach each other by IP.
  • Expose to host via port mapping.
  • Each container gets its own IP.
docker run -d --name web nginx

2) Host

  • Shares host network namespace—no isolation.
  • Better performance (no NAT), but port conflicts possible.
docker run -d --network host --name web nginx

3) None

  • No network interface except loopback.
  • Fully isolated—good for offline batch jobs.
docker run -d --network none --name batch-job alpine sleep 1000

Custom networks

Create networks to isolate groups of containers or shape topology.

docker network create --driver bridge my-network
docker network create --driver bridge --subnet 172.18.0.0/16 --gateway 172.18.0.1 my-network

Attach/detach:

docker run -d --network my-network --name web nginx
docker network connect my-network existing-container
docker network disconnect my-network existing-container

Container communication

1) By IP

docker inspect --format='{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' web

2) DNS/service discovery

Docker has built-in DNS; containers on the same user-defined network can reach each other by name.

docker network create app-network
docker run -d --network app-network --name web nginx
docker run -d --network app-network --name db postgres

web can reach db by name.

3) Expose to the outside

Use -p hostPort:containerPort on docker run or ports in Compose.

docker run -d -p 8080:80 --name web nginx

Compose networking quick notes

  • Compose creates an app-scoped network by default; services reach each other via service name.
  • You can define multiple networks in docker-compose.yml and attach services explicitly.

Summary

Bridge/host/none are built-in defaults; custom networks add isolation and naming. Use DNS-based service discovery on user-defined networks, and publish ports for external access. Next: Docker Compose to manage multi-container apps.***

Previous04 - Dockerfile BasicsLearn to build custom Docker images with Dockerfile Next07 - Docker ComposeLearn to manage multi-container applications with Docker Compose

搜索