Docker Network Operations

From NovaOrdis Knowledge Base
Jump to navigation Jump to search

Internal

Overview

List Networks

docker network ls

Create a New User-Defined Bridge Network

https://docs.docker.com/engine/reference/commandline/network_create/#specify-advanced-options

Command creates a user-defined bridge network: 

docker network create \
   [--driver=bridge] \
   [--subnet=172.29.0.0/16] \
   [--ip-range=172.28.5.0/24 ] \
   [--gateway=172.29.5.253] \
 <user-defined-bridge-network-name>

Remove a User-Defined Bridge Network

docker network rm <user-defined-bridge-network-name>

Note that containers need to be disconnected first from the network being removed.

Connect a Container to a Network

At Container Creation Phase

When a container is created with docker create, one more more --network flags can be specified. Docker will use this information to connect the container to the specified network(s). 

 docker create --name <container-name> \
   --network <network-name> \
   --publish <host-port>:<container-port> \
 ...

When the Container is Running

The container can be connected dynamically to a network while it is running: 

docker network connect <network-name> <container-name>

Disconnect a Container from a Network

docker network disconnect <network-name> <container-name>

Enable IP Forwarding from Containers on the Default Bridge

By default, IP forwarding from containers connected to the default bridge is not enabled. To enabled it:

1. Configure the Linux kernel on the Docker host to allow forwarding.

2. Change the iptables FORWARD policy from DROP to ACCEPT: 

sudo iptables -P FORWARD ACCEPT

These settings do not persist across a reboot, so in order to survive, they need to be added to a script.

Retrieved from "https://kb.novaordis.com/index.php?title=Docker_Network_Operations&oldid=41884"