Network
Create multiple container app, each container should do one thing and do it well
By default, containers run in isolation and don’t know anything about other processes or containers on the same machine. Use networking allow one container to talk to another
Link
# Start a database
docker run -d --name db -e sourceVar=PostgreSQL training/postgres
# link container web to container db
# --link [source name]:[alias]
# source provides information to recipient with environment variables and /etc/hosts
# define three environment variables for each exposed port on source container
# [alias]_PORT_[port]_[protocol]
# WEBDB_PORT_5432_TCP_ADDR=172.17.0.82
# WEBDB_PORT_5432_TCP_PORT=5432
# WEBDB_PORT_5432_TCP_PROTO=tcp
# define the URL of the source container’s first exposed port
# [alias]_PORT
# pass environment variables on source to recipient
# [alias]_ENV_[name]
docker run -d -P --name web --link db:webdb training/webapp python app.py
# check environment variable on recipient
docker exec -it web bash
env
# test access from recipient to source
apt-get install -yqq inetutils-ping
# ping [alias]
ping webdb
# start MySQL server
docker run -d -v sandbox-home:/var/lib/mysql --name mysqlserver -e MYSQL_ROOT_PASSWORD=root -p 3306:3306 mysql:8.0.12
# start phpmyadmin
docker run -d --link mysqlserver -e PMA_HOST=mysqlserver -p 8080:80 phpmyadmin/phpmyadmin
# access phpmyadmin
http://localhost:8080/ #root, root
Networking
Docker automatically includes three default networks, bridge, host, and none
bridge
- Multiple containers to communicate on a single Docker host
- By default, a launched container is in bridge network. The default bridge network is considered a legacy detail of Docker and is not recommended for production use
- Containers on different bridge networks cannot communicate directly with each other using container IPs and container ports
- Default bridge network and user-defined bridge network
- User-defined bridges provide automatic DNS resolution between containers, default bridge can only access each other by IP unless using link option
- Be able to connect or disconnect a running container to a user-defined bridge network. Removing a container from default bridge network needs to stop the container
- Share environment variables by volume, compose file, or use swarm services
# default network
# start MySQL server
docker run -d -v sandbox-home:/var/lib/mysql --name mysqlserver -e MYSQL_ROOT_PASSWORD=root -p 3306:3306 mysql:8.0.12
# start phpmyadmin
# 172.17.0.2, ip of mysqlserver on host
# can ping 172.17.0.2 [ip], cannot ping mysqlserver [containerName] from phpmyadmin
docker run --name phpmyadmin -d -e PMA_HOST=172.17.0.2 -p 8080:80 phpmyadmin/phpmyadmin
# inspect default network
docker network inspect bridge
# access phpmyadmin
http://localhost:8080/ #root, root
# user defined network
# create a Docker network
docker network create asgard
# start MySQL server
docker volume create sandbox-home # ensure volume is empty
docker run -d -v sandbox-home:/var/lib/mysql --name mysqlserver --network asgard -e MYSQL_ROOT_PASSWORD=root -p 3306:3306 mysql:8.0.12
# start phpmyadmin
docker run -d --network asgard -e PMA_HOST=mysqlserver -p 8080:80 phpmyadmin/phpmyadmin
# inspect default network
docker network inspect asgard
# access phpmyadmin
http://localhost:8080/ #root, root
docker network create alpine-net
docker run -dit --name alpine1 --network alpine-net alpine ash
docker run -dit --name alpine2 --network alpine-net alpine ash
docker run -dit --name alpine3 alpine ash
docker run -dit --name alpine4 --network alpine-net alpine ash
docker network connect bridge alpine4
host, no isolation between host and containers on this network, to the outside world they are on the same network
overlay, need containers running on multiple Docker hosts to communicate
macvlan, need containers to look like physical hosts on your network, each with a unique MAC address
none, disable all networking
network plugins, install and use third-party network plugins
Reference
