[Docker] Container network models

Rex Chiang

·

Follow

2 min read

·

Mar 21, 2022

--

Listen

Share

None

docker container run --network=none alpine

• Docker engine will setup a network namespace, which don’t have the network.
• Can apply if your components in container no need to have network, or need to isolate from the network.

Host

docker container run --network=host alpine

• Docker engine will not setup a network namespace, and use the network same as the host.
• Can apply if your container need to have abilities to control the host network.

Bridge

docker container run --network=bridge alpine

• Docker engine will setup a network namespace, which can interact with host network through Linux Bridge.
• It is the default network driver in docker.
• Will connect network namespace of container and host through veth.
• When there have many containers, it will use same Linux Bridge with different veth to interact.
• Each containers can interact through the IP.

Container:$ID

docker container run --network=container:4a1a1b120ca8 alpine

• Docker engine will not setup a network namespace, and share the network of container that already exist.
• Since each containers share the same lo, they can interact through the localhost.
• More faster to use localhost to interact.
• Kubernetes pods use this kind of model as base.