Overview
https://docs.docker.com/network/
docker强大之处在于实现资源隔离的同时,也可是构建容器连接,容器和容器(同主机),容器和容器(不同主机),或者容器和外部,
One of the reasons Docker containers and services are so powerful is that you can connect them together, or connect them to non-Docker workloads. Docker containers and services do not even need to be aware that they are deployed on Docker, or whether their peers are also Docker workloads or not. Whether your Docker hosts run Linux, Windows, or a mix of the two, you can use Docker to manage them in a platform-agnostic way.
This topic defines some basic Docker networking concepts and prepares you to design and deploy your applications to take full advantage of these capabilities.
三种模式:
网桥 -- 相同的docker deamon(主机)上,不同的容器之间通信。
主机 -- 共享主机网络资源。
overlay -- 构建虚拟网域,在不同主机上, 部署统一业务的不同组件。
bridge
: The default network driver. If you don’t specify a driver, this is the type of network you are creating. Bridge networks are usually used when your applications run in standalone containers that need to communicate. See bridge networks.
host
: For standalone containers, remove network isolation between the container and the Docker host, and use the host’s networking directly. See use the host network.
overlay
: Overlay networks connect multiple Docker daemons together and enable swarm services to communicate with each other. You can also use overlay networks to facilitate communication between a swarm service and a standalone container, or between two standalone containers on different Docker daemons. This strategy removes the need to do OS-level routing between these containers. See overlay networks.
bridge
https://docs.docker.com/network/bridge/
In terms of Docker, a bridge network uses a software bridge which allows containers connected to the same bridge network to communicate, while providing isolation from containers which are not connected to that bridge network. The Docker bridge driver automatically installs rules in the host machine so that containers on different bridge networks cannot communicate directly with each other.
docker network create my-net
docker create --name my-nginx \ --network my-net \ --publish 8080:80 \ nginx:latest
docker network connect my-net my-nginx
overlay
https://docs.docker.com/network/overlay/
The
overlay
network driver creates a distributed network among multiple Docker daemon hosts. This network sits on top of (overlays) the host-specific networks, allowing containers connected to it (including swarm service containers) to communicate securely when encryption is enabled. Docker transparently handles routing of each packet to and from the correct Docker daemon host and the correct destination container.
host
https://docs.docker.com/network/host/
If you use the
host
network mode for a container, that container’s network stack is not isolated from the Docker host (the container shares the host’s networking namespace), and the container does not get its own IP-address allocated. For instance, if you run a container which binds to port 80 and you usehost
networking, the container’s application is available on port 80 on the host’s IP address.
Command
https://docs.docker.com/engine/reference/commandline/network/
docker network connect Connect a container to a network docker network create Create a network docker network disconnect Disconnect a container from a network docker network inspect Display detailed information on one or more networks docker network ls List networks docker network prune Remove all unused networks docker network rm Remove one or more networks
Good Tutorial
https://www.cnblogs.com/qsing/p/15125319.html