Bobcares

Docker-compose bridge network subnet | More About

by | Nov 1, 2022

Bobcares, with the support of our Docker Hosting Support Services has created a Docker-compose bridge network subnet article and its configuration steps.

Docker Compose Bridge Networking subnet

 

Docker Compose is one of the easy ways for deploying multi-container applications. It automates a lot of the booking keeping, networking, and resource management of applications in a single docker-compose.yml file. You can get the application up by running docker-compose up and turning it back down using docker-compose down.

Docker-compose bridge network subnet

The one of most important objects is a Bridge network. This is where we shall be focusing on. More precisely, bridge networking.

 

Docker Bridge Network

 

Docker has many networking related drivers. The two most important ones are the Bridge networking driver and the Overlay. The latter is used for docker swarm mode, where containers running over different nodes can still be a part of a single abstract subnet.

 

To create a new Docker Network “my-network” and inspect it, by running:

 
$ docker network create -d bridge my-network
$ docker inspect my-network
 

You will get other things like a subnet mask and a default gateway.

 

"Config": [
{
"Subnet": "172.18.0.0/16",
"Gateway": "172.18.0.1"
}
 

Any container that connects to this network will get a default IP in the range of 172.18.0.2 to  172.18.255.254. Let’s try creating a couple of containers from this network:

 
$ docker run -dit--name container1 --network my-network ubuntu:latest
$ docker run -dit--name container2 --network my-network ubuntu:latest
 

If you run a command, inspect my-network. You will see that individual containers with their proper name and corresponding IP addresses will show in the containers field of the JSON output.

 
$ docker inspect my-network
...
"Containers": {
"8ce5cd67e6aed180b5d0b6b0fcd597175d6154c9208daa9de304aec94757e99b": {
"Name": "container1",
"EndpointID": "93d020d22172d6c98a0b88e78a7a01f6d1a3d44b983e7454fba7c1f1be5fae9d",
"MacAddress": "02:42:ac:12:00:02",
"IPv4Address": "172.18.0.2/16",
"IPv6Address": ""
},
"af1434df6f86d2df96aca1d7348dd6c815a4989ec07fb0f3cfea95d4a38b4f74": {
"Name": "container2",
"EndpointID": "3a5f57639c71685a10584fd392c20abc5ae693684860bef486404d26b332395a",
"MacAddress": "02:42:ac:12:00:03",
"IPv4Address": "172.18.0.3/16",
"IPv6Address": ""
}
 

If you create one more network “my-network2”, then it will have a different subnet mask like “172.19.0.0/16”. The containers on it will be isolated from containers of other networks. So, preferably, you want one network per application. Hence every application is secure and isolated from one other.

 

How Compose Creates a Network

 

Docker Compose understands the idea of active services for one application on a single network. When you deploy an application using a Docker Compose file, even though when there’s no mention of specific networking parameters. Docker Compose creates a new bridge network and starts to deploy the container over the network.

 

If the docker-compose.yml is in the directory my-app, the directory’s name is used to name the network and the containers mounted on it. Take an example by creating a directory:

 
$ mkdir my-app
$ cd my-app
$ vim docker-compose.yml
 

Next, add the following contents to the docker-compose.yml file:

 
version: '3'
services:
my-nginx:
image: nginx:latest
 

Notice, how we didn’t expose any ports. Let’s deploy this app:

 
$ docker-compose up -d
 

This creates a new network called “my-app_default” using the bridge network driver. You can further list all the networks on your personal setup using the list command “docker network ls” and then pick the network interface that matches your directory’s name. Once you get the name of the network, you can docker inspect to see all the containers that are attached to that network along with their individual IP addresses and subnet mask.

 

If we create another container, using directly the CLI on the same network, then we can actually connect to my-nginx service.

 
$ docker run -dit--name container4 --network my-app_default ubuntu:latest
$ docker exec-it container4 bashaa
# curl http://my-app_my-nginx_1
 

It will print an HTML file with a familiar quote like “Welcome to Nginx” visible on it. The Nginx web server is reachable within the network without us having to publish any ports. You don’t have to reach using its private IP, you can simply call with a hostname.

 

You won’t have to publish the Database port at all when running a database from the frontend. Instead, reach the Database from the web server by calling its hostname. Even when docker-compose is running somewhere and the IP, and subnet may now differ. The containers will still available to talk to one another.

 

To publish a port to the outside world we can write as follow:

 
version: '3'
services:
my-nginx:
image: nginx:latest
port:
- “8080:80”
 

Now users can use the web server with port 8080 at the IP of your Docker Host. This can be the public IP of your VPS or just localhost if running Docker on a desktop. The web server can talk directly and thus this reduces the risk of databases being exposed to the Internet.

 

When you bring your application down, use:

 
$ docker-compose down
 

This custom bridge network along with all the containers that were created, using the docker-compose.yml file, will get deleted. Leaving the Docker environment in a clean state.

 

Defining your own network

 

Compose allows you to define your own network, including subnet mask, IPv6 addresses. We have top-level networks like services or versions with top level keys. This key has no indendentation. Under the network’s key, we can define various attributes of the network. For now, we will keep it simple and mention that it ought to use a bridge driver.

 
version: ‘3’
networks:
my-network:
driver: bridge
 

Now each container can connect to multiple networks. So under the services section, we mention this custom network’s name. The network’s key here expects a list of networks.

 
version: '3'
services:
my-nginx:
image: nginx:latest
networks:
- my-network
- some-other-network # This is another network that you might have created.
 

Finally, the order of the network will define and then used inside a service that is relevant. So the whole .yml file will look like this:

 
version: '3'
services:
my-nginx:
image: nginx:latest
networks:
- my-network
networks:
my-network:
driver: bridge
 

[Looking for a solution to another query? We are just a click away.]

 

Conclusion

 

To conclude, from the Docker-compose bridge network subnet article we have configured a custom bridge network along with the containers. And checked how Docker compose Creates a Network.

 

PREVENT YOUR SERVER FROM CRASHING!

Never again lose customers to poor server speed! Let us help you.

Our server experts will monitor & maintain your server 24/7 so that it remains lightning fast and secure.

GET STARTED

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

Never again lose customers to poor
server speed! Let us help you.

Privacy Preference Center

Necessary

Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.

PHPSESSID - Preserves user session state across page requests.

gdpr[consent_types] - Used to store user consents.

gdpr[allowed_cookies] - Used to store user allowed cookies.

PHPSESSID, gdpr[consent_types], gdpr[allowed_cookies]
PHPSESSID
WHMCSpKDlPzh2chML

Statistics

Statistic cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.

_ga - Preserves user session state across page requests.

_gat - Used by Google Analytics to throttle request rate

_gid - Registers a unique ID that is used to generate statistical data on how you use the website.

smartlookCookie - Used to collect user device and location information of the site visitors to improve the websites User Experience.

_ga, _gat, _gid
_ga, _gat, _gid
smartlookCookie
_clck, _clsk, CLID, ANONCHK, MR, MUID, SM

Marketing

Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third party advertisers.

IDE - Used by Google DoubleClick to register and report the website user's actions after viewing or clicking one of the advertiser's ads with the purpose of measuring the efficacy of an ad and to present targeted ads to the user.

test_cookie - Used to check if the user's browser supports cookies.

1P_JAR - Google cookie. These cookies are used to collect website statistics and track conversion rates.

NID - Registers a unique ID that identifies a returning user's device. The ID is used for serving ads that are most relevant to the user.

DV - Google ad personalisation

_reb2bgeo - The visitor's geographical location

_reb2bloaded - Whether or not the script loaded for the visitor

_reb2bref - The referring URL for the visit

_reb2bsessionID - The visitor's RB2B session ID

_reb2buid - The visitor's RB2B user ID

IDE, test_cookie, 1P_JAR, NID, DV, NID
IDE, test_cookie
1P_JAR, NID, DV
NID
hblid
_reb2bgeo, _reb2bloaded, _reb2bref, _reb2bsessionID, _reb2buid

Security

These are essential site cookies, used by the google reCAPTCHA. These cookies use an unique identifier to verify if a visitor is human or a bot.

SID, APISID, HSID, NID, PREF
SID, APISID, HSID, NID, PREF