Docker part 3- Docker Networking

By Manish saini

 Subscribe YouTube Channel @devops-pathshala



                                              Docker Networking 

Docker networking is the way Docker containers communicate with each other, with the host system, and with the outside world (like the internet). Since containers are isolated by default, networking allows them to exchange data and services in a controlled and flexible manner.


1. Why Docker Networking is Needed

  • Each container has its own isolated environment, including its own network stack.

  • To allow communication between:

    • Containers on the same host

    • Containers across different hosts

    • Containers and the external world (internet)

  • Networking also allows services to be exposed securely to the outside.



2. Types of Docker Networks

Docker provides several built-in network types:

Network TypeDescriptionUse Case
BridgeDefault network for containers on a single host. Containers can talk to each other via IP.Ideal for standalone apps or local development.
HostContainers use the host’s network directly. No isolation.High performance networking; avoids network translation overhead.
NoneContainers have no network interface.For completely isolated containers.
OverlayAllows communication between containers on different Docker hosts (used in Swarm).Useful for multi-host setups in clusters.
MacvlanContainers get their own MAC addresses and appear as physical devices on the network.When you need containers to be treated like separate machines on the LAN.




3. Key Concepts

  • Container IP Address: Each container gets a unique IP within its network.

  • Port Mapping: Exposes container ports to host ports (e.g., -p 8080:80).

  • DNS in Docker: Containers can resolve each other by name using Docker’s internal DNS.

  • Networks Isolation: Containers on different networks cannot communicate unless connected to the same network.



Types of Docker Networking:-
1. Bridge Network
2. Host Network
3. None Network

1. Bridge Network:- The Bridge network is the default network type in Docker for containers running on a single host. It’s a virtual network that Docker automatically creates to allow containers to communicate with each other and with the host, while still keeping them isolated from the external network by default.


1. Key Features of Bridge Network:-

  • Default network: If you don’t specify a network when running a container, Docker connects it to the default bridge network.

  • Isolation: Containers on a bridge network are isolated from the host network and other networks unless explicitly connected.

  • Communication: Containers on the same bridge network can communicate with each other using IP addresses or container names.

  • Port Mapping: To make a container accessible from outside the host, you need to map container ports to host ports (e.g., -p 8080:80).


2. How It Works:-

  • Docker creates a virtual subnet and gateway for the bridge network.

  • Each container gets its own private IP in this subnet.

  • Containers use NAT (Network Address Translation) to access external networks like the internet.


3. Example Commands

Check existing networks:

docker network ls

docker network create my-bridge-network:- Create a custom bridge network



4. When to Use

  • For simple multi-container setups on a single host.

  • When you need container-to-container communication without exposing everything to the host network.


2. Host Network:-The Host network in Docker is a network mode where a container shares the host’s network stack directly, instead of getting its own isolated network namespace like in bridge mode.

This means the container does not get its own IP address; it uses the host machine’s IP and ports directly.

1. Key Features of Host Network

  • No isolation: The container shares the host’s network completely.

  • No NAT: Traffic goes directly through the host network without network address translation.

  • High performance: Since there’s no extra layer of virtual networking, it can be faster than bridge networks.

  • Port mapping not needed: You don’t need -p to expose container ports—they are already using the host’s ports.


2. How It Works

  • Normally, containers get a separate network namespace and IP via Docker’s bridge network.

  • In host mode, Docker skips creating a new namespace; the container sees the same network interfaces as the host.

  • Any service running inside the container binds directly to the host IP.





4. When to Use Host Network

  • When you need maximum network performance.

  • When you want the container to use host IP directly for communication.

  • Useful for monitoring or networking tools that require host network access.


⚠️ Caution

  • Less secure because the container is not isolated from the host network.

  • Port conflicts can occur if the host is already using the same ports.

Important Questions for the Interview:-

Difference between Bridge & Host Network.
Bridge network is default for containers on the same host and is isolated. 
Host network shares the hosts network stack and is faster but less secure.

What is Port Binding in Docker?
Port Binding in docker is mapping a containers internal port to a host port so that application inside the container can be accessed externally. 
For EX:- docker run -p 8080:80 nginx maps containers port to 80 to host port 8080.


 
 



Comments

Post a Comment

Popular posts from this blog

User Management in Linux – Complete Notes for Beginners

By Manish saini
Image
                                                                            USER MANAGEMENT • Types of USER 1.Root user ( UID = 0) (SHELL= Login shell /bin/bash)  2. Local user ( UID = 1000 TO 6000) (SHELL=Login shell)  3. System user ( UID = 1 TO 999) (SHELL= Nologin shell /sbin/nologin)  • Type of GROUPS  1. Primary group  2. Secondary group  /etc/passwd = A file that contains “user” information  /etc/group = A file that contains “group” information                                                  COMMANDS   1. useradd = crate a new user useradd username                       ...
Read more

DevOps Roadmap 2026 – Your Complete Beginner-to-Expert Guide

By Manish saini
Image
   Are you confused about where to start your DevOps journey? This post will help you understand the complete DevOps learning path step by step. The roadmap image below shows all the important tools and concepts you should learn to become a successful DevOps Engineer in 2025 and beyond. ✅ What this roadmap covers: The correct learning order – from basics to advanced Most essential tools every DevOps engineer must know Cloud, container, automation, and CI/CD topics Real-world skills needed for job readiness 📌 Key Learning Stages: Linux Fundamentals – The base of every DevOps journey Version Control – Git & GitHub Scripting – Shell scripting and Python basics Containers – Docker and containerization Orchestration – Kubernetes fundamentals Cloud – AWS (or any major cloud provider) Configuration Management – Ansible Infrastructure as Code – Terraform CI/CD – Jenkins, GitHub Actions Monitoring & Logging – Prometheus, Grafana, ELK stack 🎯 How to use this roadmap: Don’t try...
Read more

What is Public Subnet in AWS? Step-by-Step Explanation with Example

By Manish saini
Image
  VPC:-   A VPC (Virtual Private Cloud) in AWS is a private, isolated network you create in the AWS cloud to launch and manage your resources like EC2 instances, databases, etc.  Think of it as your own private data center inside AWS, where you have full control over:   • IP address ranges (CIDR blocks)  • Subnets (public & private)   • Routing (via route tables)  • Internet access (via Internet Gateway or NAT Gateway)   • Security (via security groups & network ACLs) Example    • Suppose you rent a building (AWS Cloud).   • Inside it, you design your own office layout (VPC).   • You decide rooms (subnets), doors (gateways), and locks (security groups). Key Features of VPC    1. Isolated Environment – Your VPC is separated from other AWS users’ networks.  2. Customizable IP Range – You choose IPv4/IPv6 address range.  3. Multiple Subnets – Create public and private subnets. ...
Read more