Skip to content

Docker container networking modes

Docker provides several distinct networking modes to manage how containers interact with each other and the outside world. The selection of a specific network mode depends entirely on the business requirements and the desired level of isolation or connectivity^[400-devops__06-Kubernetes__k8s-paas__01.Docker(已熟悉的可以从第二章开始).md].

Network Modes

Docker primarily supports four standard networking drivers, often categorized by their level of isolation^[400-devops__06-Kubernetes__k8s-paas__01.Docker(已熟悉的可以从第二章开始).md]:

  • Bridge (NAT): This is the default networking mode. It creates a bridge network (typically docker0) on the host, allowing containers to communicate with each other as well as with the outside world through Network Address Translation (NAT)^[400-devops__06-Kubernetes__k8s-paas__01.Docker(已熟悉的可以从第二章开始).md].
  • Host (Open): In this mode, the container shares the host's network namespace. It does not have its own IP address; instead, it uses the IP address of the host machine. This eliminates the isolation between the container and the host network^[400-devops__06-Kubernetes__k8s-paas__01.Docker(已熟悉的可以从第二章开始).md].
  • None (Close): This mode disables all networking for the container. It is not configured with an IP address or network interfaces, ensuring it is completely isolated from external network traffic^[400-devops__06-Kubernetes__k8s-paas__01.Docker(已熟悉的可以从第二章开始).md].
  • Container (Join): This mode allows a new container to join the network namespace of an existing, running container. Both containers share the same network stack (IP address, ports, etc.), which is useful for tight coupling of processes^[400-devops__06-Kubernetes__k8s-paas__01.Docker(已熟悉的可以从第二章开始).md].

Configuration

Networking configuration can be managed via the /etc/docker/daemon.json file on the Docker daemon^[400-devops__06-Kubernetes__k8s-paas__01.Docker(已熟悉的可以从第二章开始).md]. Key configurations include:

  • bip: Specifies the bridge IP address for the default Docker bridge (e.g., "bip": "172.7.5.1/24").^[400-devops__06-Kubernetes__k8s-paas__01.Docker(已熟悉的可以从第二章开始).md]
  • Live Restore: The "live-restore": true setting ensures that containers remain running even if the Docker daemon crashes or is restarted^[400-devops__06-Kubernetes__k8s-paas__01.Docker(已熟悉的可以从第二章开始).md].

Sources

^[400-devops__06-Kubernetes__k8s-paas__01.Docker(已熟悉的可以从第二章开始).md]