Docker - Bridge Network
Continuation of previous post:Docker Networking
Run: docker network ls
$ docker network ls
NETWORK ID NAME DRIVER SCOPE
0cbe40bf4969 bridge bridge local
7361f58bf7ab host host local
6051f389c7f5 none null local
Have a look at what this default network bridge is providing.
Run: docker inspect <networkid>
Try to get an insight into it. Few elements to look for now:
- Gateway: To talk to outside world.
- Subnets: a range of IP which will be under its control.
- container{}: For now this section is empty because there are no containers running on my machine.it shows something like this
"Containers": {},
Let's run docker image. I will be using same image but will run it in two different containers. My images are simple hello world downloaded from docker hub.
Run: docker run -itd --name=<give_a_name> <image>
$ docker run -itd --name=hello1 tutum/hello-world
986feb83b2a711bb3ab2b0a78cd96b4d8f5e8d3f81bf06d1aac531673eaa0166
I am running a containers in interactive detachable mode. A unique containerID is displayed.
My other container using the same image
docker run -itd --name=hello2 tutum/hello-world
05a4d541e5edadf7cfd78182d3863aac01aa6bbd8bff301a5f5136e6fd212dc1
Try to inspect each container and get an insight into it. Such as IP address, which driver it is using, MAC address, Port detains, Container section, which networkID it belongs to, Subnet range...etc. Just have a look with a better understanding of docker better insights will be gained.
Run: `docker inspect <container_name>
For this Ill just display my containers IP address.
Run:docker exec -it <container_name> ip a
$ docker exec -it hello1 ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
56: eth0@if57: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue state UP
link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.2/16 brd 172.17.255.255 scope global eth0 ##hello1 ip
valid_lft forever preferred_lft forever
$ docker exec -it hello2 ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
58: eth0@if59: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue state UP
link/ether 02:42:ac:11:00:03 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.3/16 brd 172.17.255.255 scope global eth0 ##hello2 ip
valid_lft forever preferred_lft forever
Also now I will inspect bridge to see if my containers are added by default.
Run: docker inspect <network_id>
"Containers": {
"05a4d541e5edadf7cfd78182d3863aac01aa6bbd8bff301a5f5136e6fd212dc1": {
"Name": "hello2",
"EndpointID": "110d69bf2292853723e186204f70addbe82ebd737464a0568494427cdf044b82",
"MacAddress": "02:42:ac:11:00:03",
"IPv4Address": "172.17.0.3/16",
"IPv6Address": ""
},
"986feb83b2a711bb3ab2b0a78cd96b4d8f5e8d3f81bf06d1aac531673eaa0166": {
"Name": "hello1",
"EndpointID": "4d87e77704819c2c57aa27e2b88bcbc7392884bf76bb1902b17f59be4d905ccc",
"MacAddress": "02:42:ac:11:00:02",
"IPv4Address": "172.17.0.2/16",
"IPv6Address": ""
}
you see by default containers are added and its basic details too.
Now let's check if containers can communicate to each other since they are on same bridge.
First ill check from container hello2 is it able to ping outside world i.e. google.com
ashwini-gaddagi@ashwinigaddagi-Inspiron-5370:~/learnings/tfrm/tf-hello-ktor$ docker exec -t hello2 ping -w1 google.com
PING google.com (172.217.166.174): 56 data bytes
64 bytes from 172.217.166.174: seq=0 ttl=55 time=32.017 ms
--- google.com ping statistics ---
1 packets transmitted, 1 packets received, 0% packet loss
round-trip min/avg/max = 32.017/32.017/32.017 ms
Yes!
secondly now ill check if it is able to ping to my first container i.e. hello1 using it's ip address
$ docker exec -t hello2 ping -w3 172.17.0.2
PING 172.17.0.2 (172.17.0.2): 56 data bytes
64 bytes from 172.17.0.2: seq=0 ttl=64 time=0.034 ms
64 bytes from 172.17.0.2: seq=1 ttl=64 time=0.197 ms
64 bytes from 172.17.0.2: seq=2 ttl=64 time=0.271 ms
--- 172.17.0.2 ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max = 0.034/0.167/0.271 ms
Yes!
Thirdly ill check whats there in hello2's hosts list
ashwini-gaddagi@ashwinigaddagi-Inspiron-5370:~/learnings/tfrm/tf-hello-ktor$ docker exec -it hello2 cat /etc/hosts
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
172.17.0.2 46f1bce4ce34 ## Yes it has hello1 entry
So this is how it recogonises local containers.
Lastly
$ curl http://0.0.0.0:80
<html>
<head>
<title>Hello world!</title>
<link href='http://fonts.googleapis.com/css?family=Open+Sans:400,700' rel='stylesheet' type='text/css'>
<style>
body {
background-color: white;
text-align: center;
padding: 50px;
font-family: "Open Sans","Helvetica Neue",Helvetica,Arial,sans-serif;
}
#logo {
margin-bottom: 40px;
}
</style>
</head>
<body>
<img id="logo" src="logo.png" />
<h1>Hello world!</h1>
<h3>My hostname is 46f1bce4ce34</h3> </body>
</html>
Yes, containers can not ony talk to each other but see what it is....they can also recieve the external traffic
