Docker Networking
Understanding Bridge, Host, and Overlay Networks | Enhancing Container Security with Custom Bridge Networks.
Published Feb 8, 2024
In Docker, networking is a crucial aspect that determines how containers communicate with each other and with external systems. Docker provides several networking options, including bridge, host, and overlay networks, each serving different purposes.
Let’s discuss these networking options and how to secure containers with a custom bridge network:
Bridge Network
Description: The bridge network is the default networking mode in Docker. It creates an internal network on the Docker host, allowing containers to communicate with each other and with external networks via NAT (Network Address Translation).
Use Cases: Bridge networks are suitable for standalone containers running on a single Docker host, providing isolation and allowing multiple containers to run on the same host without conflicting with each other.
Host Network:
Description: The host network mode removes network isolation between the container and the Docker host, allowing the container to use the host’s network stack directly. This means the container shares the host’s network namespace and can access network interfaces and ports directly without NAT.
Use Cases: Host network mode is suitable for scenarios where maximum network performance is required and network isolation is not a concern. It’s commonly used for high-performance applications or when the container needs to bind to specific network interfaces on the host.
Overlay Network:
Description: Overlay networks enable communication between containers across multiple Docker hosts or nodes in a Docker Swarm cluster. They use VXLAN (Virtual Extensible LAN) encapsulation to encapsulate and route traffic between containers running on different hosts.
Use Cases: Overlay networks are ideal for distributed applications deployed across multiple Docker hosts or nodes, providing seamless communication between containers regardless of their physical location.
First Run the docker login and log out of containers:
docker run -d — name login nginx: latest
docker run -d — name logout nginx: latest
docker inspect 8365029c0fb5 and docker inspect 6dd651363699
Install the ping command on the containers and check the ping status :
apt-get update and apt-get install iputils-ping
apt-get update and apt-get install iputils-ping
check the docker networks available: docker network ls
Create secure network command: docker network create secure-network.
Add payment container in new secure-network :
check the docker running containers :