Shulou(Shulou.com)05/31 Report--

This article will explain in detail the example analysis of bridge network in docker. The editor thinks it is very practical, so I share it for you as a reference. I hope you can get something after reading this article.

In terms of network, bridge network is a kind of link layer device, which can transmit traffic between network segments. The bridge can be either a hardware device or a host

A software device running in the kernel. In the case of Docker, the bridge network uses a software bridge that allows containers connected to the same bridge network to communicate while providing isolation from containers that are not connected to the bridge network. The Docker bridge driver automatically installs rules on the host, so containers on different bridging networks cannot communicate directly.

Bridging networks are suitable for containers running on the same Docker daemon host. For communication between containers running on different Docker daemon hosts, you can manage routing at the OS level, or you can use overlay networks. When you start Docker, a default bridge network (also known as bridge) is created automatically, and the newly launched container is connected to it unless otherwise specified. You can also create a user-defined custom bridge network. The user-defined bridging network is superior to the default bridging network.

The difference between user-defined bridges and default bridges

User-defined bridges provide better isolation and interoperability between containerized applications

Containers connected to the same user-defined bridged network automatically expose all ports together and have no ports to the outside world. This makes it easy for container applications to communicate without accidentally opening access to the outside world.

Suppose you have an application with a web front end and a database back end. The outside world needs access to the web front end (perhaps on port 80), but only the front end itself needs access to the database host and port. To use a user-defined bridge, you only need to open the web port, while the database application does not need to open any ports, because the web front end can reach it through the user-defined bridge.

If you are running the same application stack on the default bridged network, you need to open the web port and database port for each application stack using-p or-- publish.

User-defined bridges provide automatic DNS resolution between containers

Containers on the default bridged network can only be accessed through the IP address, unless you use the-- link option, which is considered legacy. In a user-defined bridging network, containers can resolve to each other by name or alias.

Imagine the same application as the previous point, with a web front end and a database back end. If you call your containers web and db, the web container can connect to the db container on db, regardless of which Docker host is running the application stack.

If you run the same application stack on the default bridged network, you need to manually create the link between containers (using the legacy-link flag). These links need to be created in both directions, so you can see that the process becomes complicated when more than two containers need to communicate. Alternatively, you can manipulate the / etc/hosts file in the container, but this can cause problems that are difficult to debug.

Containers can be connected and separated from a user-defined network

During the lifecycle of the container, you can dynamically connect or disconnect user-defined networks. To remove a container from the default bridged network, you need to stop the container and recreate it with different network options.

This is the end of this article on "sample Analysis of bridge Networks in docker". I hope the above content can be of some help to you, so that you can learn more knowledge. if you think the article is good, please share it for more people to see.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.