A tutorial of configuring network connection between docker containers under Linux

Time:2020-1-16

Docker containers are all independent and isolated environments. However, they usually work only when they communicate with each other.
Although there are many ways to connect containers, I will not try to discuss them all. But in this series of methods, we’ll look at the common ones.
Although it seems very simple, it is very important for the friends who deal with docker all day long to understand these technologies and the underlying design concept.

To configure
Before we can show how containers are connected, we need to create a pair of containers as an example.
The first image will come from a simple Ubuntu operating system installation. It will act as a client container.
First, we create the container and connect to it.

Copy code

The code is as follows:

$ sudo docker run -itd –name=client_setup ubuntu /bin/bash
$ sudo docker attach client_setup

Next, once we have the shell program in the container, we can run the following command:

Copy code

The code is as follows:

$ apt-get install curl

If you can’t see the shell command prompt, click the up arrow in the keyboard direction area.
When the container is installed, execute Ctrl + P and Ctrl + Q to exit the container.
Then we stop and submit the container.

Copy code

The code is as follows:

$ sudo docker stop client_setup
$ sudo docker commit client_setup client_img

Now we can use the container named client? Img that we just created.
The second container is from the previous installation of Ubuntu operating system. But this time, we will change it to a server container running Apache http.
First, we build and connect to it as before:

Copy code

The code is as follows:

$ sudo docker run -itd –name=server_setup ubuntu /bin/bash
$ sudo docker attach server_setup

Then, once we can use the shell program in the container, we can install Apache’s HTTP service.

Copy code

The code is as follows:

$ apt-get install apache2

When the container is installed, execute Ctrl + P and Ctrl + Q to exit the container.
Now we stop and commit the container:

Copy code

The code is as follows:

$ sudo docker stop server_setup
$ sudo docker commit server_setup server_img

Now we have two images: client img and server img.
When these settings are set up, we can explore the possibility of multiple connections between containers.

Docker Bridge
A single docker container is isolated from other containers and external networks by default. Docker provides a bridge interface called docker0, which is actually established when docker engine is installed.
It allows communication between containers and between containers and hosts through docker’s bridge interface.
We can view a docker bridge on the docker host through the following command:

Copy code

The code is as follows:

$ ifconfig docker0

You can see output similar to the following:

Copy code

The code is as follows:

docker0 Link encap:Ethernet HWaddr 02:42:a2:dc:0f:a8
inet addr:172.17.0.1 Bcast:0.0.0.0 Mask:255.255.0.0
inet6 addr: fe80::42:a2ff:fedc:fa8/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1477 errors:0 dropped:0 overruns:0 frame:0
TX packets:2436 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:83901 (83.9 KB) TX bytes:3606039 (3.6 MB)

The bridge interface runs on a separate local docker host, and it is the connection mechanism behind all three methods mentioned in this article. In the next chapter, we will turn to the overlay interface, which allows network containers to be deployed on multiple docker hosts.

Opening ports
First, let’s look at how to run a container service and expose its 80 port (HTTP) to other containers.
To do this, I run the container through the expose command, which tells the docker to expose a specific port when running the container. Of course, the exposed port can be accessed by other containers.
Let’s run server? Img and name the container Server1, exposing its 80 port:

Copy code

The code is as follows:

$ sudo docker run -itd –expose=80 –name=server1 server_img /bin/bash

Next we will name these containers in order (Server1, server2, and others).
Then, connect to the container:

Copy code

The code is as follows:

$ sudo docker attach server1

Again, if you can’t see the shell command prompt, use the up arrow for the arrow keys.
Start the Apache HTTP service in this container:

Copy code

The code is as follows:

$ /etc/init.d/apache2 start

Let’s look at the IP address obtained:

Copy code

The code is as follows:

$ ifconfig
eth0 Link encap:Ethernet HWaddr 02:42:ac:11:00:03
inet addr:172.17.0.3 Bcast:0.0.0.0 Mask:255.255.0.0

Then, we have the IP address of 172.17.0.3. Let’s try to see this information from a client container.
Open the second terminal.
Start the container named client1:

Copy code

The code is as follows:

$ sudo docker run -itd –name=client1 client_img /bin/bash

Take a look in the container:

Copy code

The code is as follows:

$ sudo docker attach client1

If you can’t see the shell command prompt, use the up arrow for the arrow keys.
Let’s test the connectivity to Server1:

Copy code

The code is as follows:

$ curl 172.17.0.3

If all goes well, you should see the default page based on the Apache HTTP service. This indicates that the client1 container can establish a correct connection with the HTTP port of the Server1 container.
Port binding
What if we want our HTTP server to be exposed on the host network, including applications on the host and other machines on the host network? In this scheme, we need to bind the host port to the container port.
In order for the Apache based HTTP server to be exposed to the host’s network, we need to bind port 80 of the container to port 8080 on the host.
We can do this as follows:

Copy code

The code is as follows:

$ sudo docker run -itd -p 8080:80 –name=server2 server_img /bin/bash

Note the – P 8080:80 option here.
Now, look in the container:

Copy code

The code is as follows:

$ sudo docker attach server2

If you can’t see the shell prompt, as before, press the up arrow in the direction area, and then we start the HTTP service:

Copy code

The code is as follows:

$ /etc/init.d/apache2 start

Now, we can visit http: / / localhost: 8080 / from the host system, and we should be able to see the default page based on the Apache HTTP service.
201656113218607.png (1366×768)

Any machine in your host network can access port 8080 published by your host.

Linking containers
Docker refers to another method of connecting containers as linking.
When you link one container to another, docker will associate information between these containers through some environment variables.
We can have a look.
First, start the server container.

Copy code

The code is as follows:

$ sudo docker run -itd –name=server3 server_img /bin/bash

Then start the client container and link to the server container as follows.

Copy code

The code is as follows:

$ sudo docker run -itd –link server3 –name=client3 client_img /bin/bash

Note that we use the — link Server3 option here.
Then we log in to the client container and have a look:

Copy code

The code is as follows:

$ sudo docker attach client3

Then we examine the available environment variables:

Copy code

The code is as follows:

$ env | grep SERVER3
SERVER3_PORT_80_TCP_PROTO=tcp
SERVER3_PORT=tcp://172.17.0.2:80
SERVER3_PORT_80_TCP_PORT=80
SERVER3_NAME=/client3/server3
SERVER3_PORT_80_TCP=tcp://172.17.0.2:80
SERVER3_PORT_80_TCP_ADDR=172.17.0.2

Docker also updates the / etc / hosts file in the client container and points Server3 to the server container as a local host.
To demonstrate this, let’s run the following command:

Copy code

The code is as follows:

$ curl server3

You should be able to see the same default HTML page again.

summary
In the first part of this series, we introduced the docker bridge interface, which allows us to connect containers on the same host.
We also talked about the following three connection methods:
1. Expose the exposure connection through the port
2. Bind the host port to the container port
3. Connect two containers through the link option