Hackernoon logoLearning Docker Networking — Part 1 by@eon01

Learning Docker Networking — Part 1

Aymen Hacker Noon profile picture


Photo by Matt Hardy on Unsplash

This is part 1 of a number of blog posts about Docker networking.

I’ll be updating this post with the links of the other parts as soon as I publish them.

Networking is probably one of the most challenging skills you will confront in your Docker learning path. I tried to make my explanations simple while giving practical examples like I already did in Painless Docker Course.

Single Host Vs Multi-Host Networking

There two different ways of doing networking in Docker:

  • Networking in a single host
  • Networking in a cluster of two or more hosts

Single Host Networking

By default, any Docker container or host will get an IP address that will give it the possibility to communicate with other containers in the same host or with the host machine.

It is possible — as we are going to see — that a Docker container finds another container by its name since the IP address could be assigned dynamically at the container startup, a name is more efficient to find a running container.

Containers in a single host could also communicate and reach the outside world.

Create a simple container:

docker run -it -d  --name my_container  busybox

And test if you can ping Google:

docker exec -it my_container ping -w3 google.com  
PING google.com ( 56 data bytes 64 bytes from seq=1 ttl=48 time=2.811 ms  
--- google.com ping statistics --- 
3 packets transmitted, 1 packets received, 66% packet loss round-trip min/avg/max = 2.811/2.811/2.811 ms

Now if you inspect the container using docker inspect my_container you will be able to see its network configuration and its IP address:

"NetworkSettings": {
"Bridge": "",
"SandboxID": "555a60eaffdb4b740f7b869bac61859ecca1e39be95ee5856ca28019509e4255",
"HairpinMode": false,
"LinkLocalIPv6Address": "",
"LinkLocalIPv6PrefixLen": 0,
"Ports": {},
"SandboxKey": "/var/run/docker/netns/555a60eaffdb",
"SecondaryIPAddresses": null,
"SecondaryIPv6Addresses": null,
"EndpointID": "20b1b218462e6771155de75788f53b731bbff12019d977aefa7094f57275887d",
"Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"IPAddress": "",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"MacAddress": "02:42:ac:11:00:02",
"Networks": {
"bridge": {
"IPAMConfig": null,
"Links": null,
"Aliases": null,
"NetworkID": "2094b393faacbb1cc049f1f136437b1cce6fc41abc304cf2c1ae558a62c5ee2e",
"EndpointID": "20b1b218462e6771155de75788f53b731bbff12019d977aefa7094f57275887d",
"Gateway": "",
"IPAddress": "",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "02:42:ac:11:00:02"

my_container has the IP address that the host could reach:

ping -w1  
PING ( 56(84) bytes of data. 
64 bytes from icmp_seq=1 ttl=64 time=0.050 ms
64 bytes from icmp_seq=2 ttl=64 time=0.045 ms
--- ping statistics --- 
2 packets transmitted, 2 received, 0% packet loss, time 999ms rtt min/avg/max/mdev = 0.045/0.047/0.050/0.007 ms

If you run a web server, your users must reach the port 80 (or 443) of your server, in this case an nginx container, for example, should be reached at its port 80 (or 443) and it is done through port forwarding that connects it to the host machine and then an external network (Internet in our case).

Let’s create the web server container, forward the port host port 8080 to the container port 80 and test how it responds:

docker run -d -p 8080:80 --name my_web_server nginx

Nginx should reply if your port 8080 is not used by other applications:

<!DOCTYPE html>
<title>Welcome to nginx!</title>
body {
width: 35em;
margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif;
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>

In a single host, containers are able to see each other, to see the external world (if they are not running in isolated networks) and they can receive traffic from an external network.

What’s Next

This was an introduction to single host networking. In the next blog post, I’ll tell you more about the multi-host networking.

Connect Deeper

This blog post is inspired by my course Painless Docker.

If you liked this article or want to discover similar tutorials, you will enjoy reading Painless Docker course.

You can join our community board and slack channel by joining DevOpsLinks, a DevOps newsletter, Shipped Newsletter, an independent newsletter focused on containers & orchestration and/or Kaptain, our Kubernetes focused newsletter.

Happy hacking :-)


Join Hacker Noon

Create your free account to unlock your custom reading experience.