Custom Docker bridge configuration¶
Custom Docker bridge configuration involves creating and managing a user-defined network bridge to facilitate container communication across different hosts or specific network segments, often replacing the default docker0 bridge.^[600-developer-docker-docker-bridge.md]
This approach allows containers to reside on the same network segment as the host or specific physical interfaces, rather than being isolated behind NAT.^[600-developer-docker-docker-bridge.md]
Overview¶
In a standard setup, Docker creates a default bridge named docker0. However, for more complex networking requirements—such as connecting containers across multiple physical hosts or assigning IPs from the local subnet—administrators can create a custom bridge device (e.g., br1) and configure the Docker daemon to use it.^[600-developer-docker-docker-bridge.md]
Because all network interfaces connected via a bridge must exist in the same network segment, it is necessary to explicitly restrict the IP address range allocated to containers on each host to prevent conflicts.^[600-developer-docker-docker-bridge.md]
Configuration Steps¶
1. Create and configure the virtual bridge¶
First, install the necessary utilities and create the bridge interface.^[600-developer-docker-docker-bridge.md]
# Install utilities
yum install bridge-utils
# Create the bridge (e.g., br1)
brctl addbr br1
# Assign an IP address to the bridge in the same subnet as your network
# Example for Host1 (192.168.2.1)
ifconfig br1 192.168.2.1 netmask 255.255.255.0
2. Bridge the physical network interface¶
Connect the physical network interface (e.g., eth0) to the new virtual bridge.^[600-developer-docker-docker-bridge.md]
brctl addif br1 eth0
3. Configure the Docker daemon¶
Modify the Docker daemon configuration (typically /etc/sysconfig/docker on older systems) to use the new bridge and define a specific IP range for containers using the --fixed-cidr flag.^[600-developer-docker-docker-bridge.md]
Example configuration for Host1:
DOCKER_OPTS="-b=br1 --fixed-cidr='192.168.2.64/26' "
Example configuration for Host2:
DOCKER_OPTS="-b=br1 --fixed-cidr='192.168.2.128/26' "
-b=br1: Specifies the bridge device to be used.--fixed-cidr: Limits the IP allocation range for containers on that specific host to avoid overlaps.
4. Restart and verify¶
After saving the configuration, restart the Docker service and launch a container to verify connectivity.^[600-developer-docker-docker-bridge.md]
systemctl restart docker
docker run -it <image_name>
ping <target_container_ip>
Bridge management commands¶
The brctl utility is used to manage bridge devices.^[600-developer-docker-docker-bridge.md]
| Command | Description |
|---|---|
brctl addbr <name> |
Creates a new bridge device (e.g., brctl addbr br0). |
brctl addif <bridge> <device> |
Adds a physical interface to the bridge (e.g., brctl addif br0 eth0). |
brctl delif <bridge> <device> |
Removes a physical interface from the bridge. |
brctl delbr <name> |
Deletes a bridge device. |
brctl show |
Displays the current bridge configuration and status. |
Static network configuration¶
To make the bridge configuration persistent across reboots, network scripts (e.g., in /etc/sysconfig/network-scripts/) should be created for both the bridge (ifcfg-br0) and the physical interface.^[600-developer-docker-docker-bridge.md]
Key configuration parameters for the physical interface:
* BRIDGE=br0: This directive is required to attach the physical device to the bridge.
Related Concepts¶
- [[Docker Networking]]
- [[Network namespaces]]
Sources¶
^[600-developer-docker-docker-bridge.md]