How To Create a Bridge Network with Docker

devop |

This post is more or less my protocol of trying to Understand Docker container networks...

Create a bridge network

Create,

$ docker network create --driver bridge isolated_nw

inspect,

$ docker network inspect isolated_nw


::::json
[
    {
        "Name": "isolated_nw",
        "Id": "44118af91447ef610df526f82b38c0f8d1d7c578ef7b1ce6cb4e94a0f8572a72",
        "Scope": "local",
        "Driver": "bridge",
....
]

list

$ docker network ls
NETWORK ID          NAME                DRIVER
e9ecbcb115b0        none                null
0c53b92d82b3        host                host
44118af91447        isolated_nw         bridge
b1b07f040fd9        bridge              bridge

and finally remove docker networks:

$ docker network rm isolated_nw

Testing the bridge network

Let's explore the possibilities of isolated networks:

Start two containers in the default bridge network and two in the freshly created isolated network:

$ docker run -itd --name=container1 busybox
$ docker run -itd --name=container2 busybox
$ docker run --net=isolated_nw -itd --name=container3 busybox
$ docker run --net=isolated_nw -itd --name=container4 busybox

At first sight nothing special:

$ docker ps
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES
71fa13ff62f0        busybox             "sh"                4 seconds ago       Up 3 seconds                            container3
25c8ada52d48        busybox             "sh"                23 seconds ago      Up 22 seconds                           container2
71ff7b36f24b        busybox             "sh"                24 seconds ago      Up 24 seconds                           container1
5aff3578a1aa        busybox             "sh"                2 minutes ago       Up 2 minutes                            container4

The difference shows up immediately once you try to ping another container via it's name. Let's start with container1 living in the default network:

$ docker attach container1
# ping -w1 container2
ping: bad address 'container2'
# ping -w1 container3
ping: bad address 'container3'
# ping -w1 container4
ping: bad address 'container4'

None of the other containers is reachable out-of-the-box. Let's try with container3 running in the isolated_nw. Note: To detach from a container and leave it running use <CTRL>-<p> <CTRL>-<q>.

$ docker attach container3
# ping -w1 container1
ping: bad address 'container1'
# ping -w1 container2
ping: bad address 'container2'
# ping -w1 container4
PING container4 (172.18.0.3): 56 data bytes
64 bytes from 172.18.0.3: seq=0 ttl=64 time=0.162 ms

--- container4 ping statistics ---
1 packets transmitted, 1 packets received, 0% packet loss
round-trip min/avg/max = 0.162/0.162/0.162 ms

The container living inside the same bridged network is reachable via it's name. Heureka!