This is part one, so we're gonna look into docker network on a high level and understand some of the basics of how networks work in docker containers.
When you first start a docker container by providing the port option -p, you specify to which port the host machine needs to map to the port that is exposed from the docker container.
docker container run -p 80:80 — name webhost -d nginx
The docker container run command
The docker run command creates a container from a given image.
The above command will initially check if the Nginx image is available locally if not it will download the image from the docker registry (something similar to npm) and start the container.
Once you run this command. By default, a network is created called bridge or docker0. To explain how the network access works I'm gonna be drawing some sort of an okayish diagram to the best of my capability. Please do bear with my toddler style art form.
Let me walk you through this amazing diagram, yes thank you.
c1 is the container that we started previously by specifying port 80. It is in a separate virtual private network called a bridge or in some cases docker0 which is the default network unless specified.
The private virtual network (bridge) is connected to the ethernet interface in your host machine. so when we created the Nginx container we told the host machine's ethernet interface to open up the port 80 and forward anything coming into that port 80 through the virtual network to port 80 in the container.
So by default when we create another container it is created in the same default network and both the container can communicate with each other.
I can also create more networks say new_network as specified in the other big circle above and say that we got mysql(c3) and apache containers(c4). In mysql we did not open up any port as we did with c1(nginx). In apache (c4) image if we specified the port as 8080:80 that would mean the ethernet interface on the host will start to listen on port 8080 and as soon as traffic comes into the port 8080 it's gonna route it through the new virtual network created (new_network) and into that apache server (c4) on port 80.
In the virtual private network, the apache server is free to talk to mysql server.
Finally (Some stuff to keep in mind)
So when we think about virtual networks in docker and where containers belong think about how we would put diffrent containers in proximity to each other because they're related to each other. As you can see in the toddler diagram if container1(c1) and container2(c2) are not gonna be talking to the containers down below container3(c3) and container4(c4) then it would make sense to keep them on separate networks. If they ever want to talk to each other they would have to go through their published ports and all the way back in.
