Skip to content

Multi-host Docker container networking

Multi-host Docker container networking enables containers running on different physical servers to communicate directly as if they were on the same local network segment. This setup typically involves replacing the default Docker bridge with a custom network configuration that spans across hosts^[600-developer__docker__docker-bridge.md].

Implementation Strategy

To achieve connectivity between multiple hosts, the physical network interfaces on each server are added to a virtual bridge. This requires all network interfaces involved to reside within the same network segment^[600-developer__docker__docker-bridge.md].

Configuration Steps

  1. Create and Assign Bridge: Instead of using the default docker0 bridge, a new virtual bridge (e.g., br1) is created on each host^[600-developer__docker__docker-bridge.md].
    • Example command: brctl addbr br1^[600-developer__docker__docker-bridge.md]
    • Assign an IP address from the shared subnet to the bridge (e.g., ifconfig br1 192.168.2.1 netmask 255.255.255.0)^[600-developer__docker__docker-bridge.md].
  2. Bridge Physical Interfaces: The host's physical ethernet interface (e.g., eth0) is added to the new bridge^[600-developer__docker__docker-bridge.md].
    • Example command: brctl addif br1 eth0^[600-developer__docker__docker-bridge.md].
  3. Configure Docker Daemon: The Docker daemon is configured to use the new bridge and restrict IP allocation to prevent conflicts^[600-developer__docker__docker-bridge.md].
    • Modify /etc/sysconfig/docker to set the bridge (-b=br1) and define a fixed CIDR range for container IPs (--fixed-cidr=...)^[600-developer__docker__docker-bridge.md].
    • Each host must be assigned a unique subset of the IP range (e.g., Host 1 uses 192.168.2.64/26, Host 2 uses 192.168.2.128/26)^[600-developer__docker__docker-bridge.md].
  4. Restart Service: The Docker service must be restarted for these changes to take effect^[600-developer__docker__docker-bridge.md].

Verification

After configuration, containers can be started on the respective hosts. Connectivity is verified by executing a ping command from one container to an IP address assigned to a container on the remote host^[600-developer__docker__docker-bridge.md].

Network Utilities

The bridge-utils package (installed via yum install bridge-utils) provides the brctl tool used to manage these configurations^[600-developer__docker__docker-bridge.md].

  • [[Docker]]
  • [[Linux Bridge]]

Sources

^[600-developer__docker__docker-bridge.md]