Skip to main content

Network management

Overview

Networking is a fundamental aspect of Docker, allowing containers to communicate with each other and the outside world. Docker provides different types of networks, each suited for specific use cases. In this tutorial, we will explore how to configure networks in a docker-compose.yaml file, discuss the available network types, and go through a hands-on practice to demonstrate their usage.

Videotutorial

See also...

Watch this tutorial on Using and Configuring Networks.

Types of Docker Networks

Docker supports several network types, each with its own characteristics:

Network TypeFeaturesDifferences
bridge (default)- Default network for standalone containers.
- Containers can communicate with each other using container names.
- Containers can access external networks via NAT.
- Supports port mapping (-p or --publish).		- Isolated from the host unless ports are exposed.
- Suitable for single-host deployments.
host- Removes network isolation between container and host.
- Uses the host’s network stack directly (no separate IP for the container).
- No need for port mapping.		- No isolation between container and host.
- Can cause port conflicts with host applications.
- Only works on Linux.
overlay- Enables multi-host networking across a Swarm cluster.
- Allows services to communicate securely over an encrypted network.
- Works across multiple Docker hosts.		- Requires Docker Swarm mode.
- Needs a key-value store for multi-host networking (e.g., Consul, etcd, or built-in Swarm).
macvlan- Assigns a unique MAC address to each container.
- Containers appear as physical devices on the network.
- Provides direct Layer 2 (Ethernet) access.		- Requires configuration with the physical network.
- Suitable for scenarios where containers need to be on the same network as other devices.
none- No networking is assigned to the container.
- Completely isolated from any network.		- Used for security-sensitive workloads where network access is not required.
ipvlan- Similar to macvlan, but allows multiple containers to share the same MAC address while using different IPs.
- Works well in large-scale deployments with VLANs.		- Requires more configuration than macvlan.
- Better suited for environments with strict MAC address policies.

Configuring Networks in docker-compose.yaml

To define a custom network in a docker-compose.yaml file, use the networks directive. Below is an example configuration where two services communicate using a custom bridge network:

version: '3.8'

services:
  filebrowser:
    image: filebrowser/filebrowser:latest
    networks:
      - my_custom_network
    ports:
      - "8080:80"

  app:
    image: my_app:latest
    networks:
      - my_custom_network
    depends_on:
      - filebrowser

networks:
  my_custom_network:
    driver: bridge

Explanation:

  • The filebrowser and app services are connected to my_custom_network.
  • my_custom_network is explicitly defined using the bridge driver.
  • Containers in the same network can communicate using their service names (e.g., app can reach filebrowser at http://filebrowser).
tip

The barbaraServices network is consistently available on Barbara Edge Nodes. Marketplace applications utilize this network for inter-application communication. To resolve service names instead of IP addresses, connect to this network.

Hands-on Practice: Using Networks in Docker-Compose

Let's go through a practical example to see how networks work in an application deployed to a Barbara Edge node. We will deploy an application that connects to the MQTT broker available in marketplace using the service name instead its IP.

Step 1: Create a docker-compose.yaml File

Create a file named docker-compose.yaml with the following content:

version: '3.8'

services:
  testapp:
    build: ./imageSource
    networks:
      barbaraServices:

networks:
  barbaraServices:
    driver: bridge
    name: barbaraServices

Step 2: Create the dockerfile to build the image in the "imageSource" folder

Create the imageSource folder:

mkdir imageSource

Create the Dockerfile inside the folder with the following content:

FROM python:alpine
RUN pip install paho-mqtt
COPY src /app
WORKDIR /app

CMD ["python", "-u", "test.py"]

Step 3: Create the app's python file inside the "src" folder

Create the src folder:

mkdir src

Create the test.py file inside with the following content:

import json
import os
import time   
import paho.mqtt.client as mqtt
import logging

# Configure logging
logging.basicConfig(
    format="%(asctime)s [%(levelname)s] %(message)s",
    level=logging.INFO,
    datefmt="%Y-%m-%d %H:%M:%S",
)

# MQTT Broker Configuration
BROKER = "mqttbbr"  # Change to your broker's address
PORT = 8883  # Default MQTT port (use 8883 for TLS)
TOPIC = "test/topic"  # Change to your topic
USERNAME = "bbruser"  # Replace with your username
PASSWORD = "bbrpassword"  # Replace with your password

# Callback when the client receives a CONNACK response from the broker
def on_connect(client, userdata, flags, rc):
    if rc == 0:
        logging.info("✅ Connected to MQTT broker!")
        client.subscribe(TOPIC)
        logging.info(f"📡 Subscribed to topic: {TOPIC}")
    else:
        logging.error(f"⚠️ Connection failed with code {rc}")

# Callback when a message is received
def on_message(client, userdata, msg):
    logging.info(f"📩 Message received on '{msg.topic}': {msg.payload.decode()}")

# Create MQTT client
client = mqtt.Client()

# Set authentication credentials
client.username_pw_set(USERNAME, PASSWORD)

# Assign callbacks
client.on_connect = on_connect
client.on_message = on_message

# Connect to broker
logging.info(f"🔌 Connecting to MQTT broker at {BROKER} with authentication...")
client.connect(BROKER, PORT, 60)

# Loop forever, waiting for messages
client.loop_forever()
warning

Check that we use the MQTT Broker service name (mqttbbr) instead of the IP for connection:

BROKER = "mqttbbr"

Step 4: Zip all the contents and upload them to Panel's library

Compress all the contents in an mqtt.zip file.

Then, create a new application in your library titled mqtt_client. Create the first version and upload the file.

Step 5: Deploy the "MQTT Broker" available in Marketplace to your Edge node

If you still have not the "MQTT Broker" application in your library, go to the Marketplace and add it to your library.

Then, deploy the application in your edge node using default parameters.

Step 6: Deploy the "mqtt_client" library to your Edge node

Finally, deploy your application to your Edge node. Check that it will connect successfully to your MQTT Broker when you see in the logs the message:✅ Connected to MQTT broker!.

Summary

You've now explored the diverse network configurations available in Docker Compose. As a practical example, we deployed a service on the barbaraServices network, demonstrating how it facilitates service-to-service communication using names, simplifying IP address management.