Basic networking example on how to connect docker containers

One of the many desirable features built directly into Docker is networking. Docker’s networking feature can be accessed by using a --link flag which allows to connect any number of Docker containers without the need to expose a container’s internal ports to the outside world.

In this guide, you will learn how to network two or more Docker containers together on a Linux system through command line instructions. This will work on any Linux distribution. Check out the step by step instructions below to find out how.

In this tutorial you will learn:

  • How to network Docker containers together

Linking two Docker containers together through networking on Linux

Linking two Docker containers together through networking on Linux

Software Requirements and Linux Command Line Conventions
Category Requirements, Conventions or Software Version Used
System Any Linux distro
Software Docker
Other Privileged access to your Linux system as root or via the sudo command.
Conventions # – requires given linux commands to be executed with root privileges either directly as a root user or by use of sudo command
$ – requires given linux commands to be executed as a regular non-privileged user

Connecting Docker containers through networking

 



  1. In this config you will learn how to link two or more Docker containers together using a simple Docker networking technique. We can start by the deployment of our first Docker container, named sanbox1, to which we’ll later create a network link:
    # docker run -it --name sandbox1 -h sanbox1 linuxconfig/sandbox /bin/bash
    

    There is nothing new about the above command except to note that we are not exposing any network ports even though our intention is to access services (SSH, database connection, etc.) via their relevant port numbers.

  2. The following Linux command will deploy a second and this time a parent docker container named sandbox2. We will also use a --link flag which will create a so called parent-child relationship with previously deployed container sandbox1. Furthermore, the --link flag will enable the parent container to access any services running on sandbox1 container via its corresponding ports numbers without the child container’s need to expose any ports to outside world.
    # docker run -it --name sandbox2 -h sandbox2 --link sandbox1:sandbox1 linuxconfig/sandbox /bin/bash
    

    The above docker command used the --link flag which expects two arguments separated by a colon. The first argument is expected to be a container ID or as in our case a supplied sandbox1 container name we would like to link to. The second argument, also sandbox1, is an internal alias used by sandbox2 to resolve sandbox1‘s network configuration using the /etc/hosts configuration file:
     



    # grep sandbox1 /etc/hosts
    172.17.0.41     sandbox1
    
  3. Depending on your child container’s ports configuration in use you can also extract sandbox1‘s configuration from system environment variables. For example:
    # env
    HOSTNAME=sandbox2
    TERM=xterm
    SANDBOX1_PORT=tcp://172.17.0.37:7555
    SANDBOX1_PORT_7555_TCP=tcp://172.17.0.37:7555
    PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
    PWD=/
    SANDBOX1_PORT_7555_TCP_ADDR=172.17.0.37
    SANDBOX1_PORT_7555_TCP_PROTO=tcp
    SHLVL=1
    HOME=/root
    SANDBOX1_NAME=/sandbox2/sandbox1
    SANDBOX1_PORT_7555_TCP_PORT=7555
    _=/usr/bin/env
    
  4. This way we can simply use our child container’s alias to connect to it from a parent container sandbox2 without the need to hardcode its IP address:
    # ping -c 1 sandbox1
    PING sandbox1 (172.17.0.41): 56 data bytes
    64 bytes from 172.17.0.41: icmp_seq=0 ttl=64 time=0.071 ms
    --- sandbox1 ping statistics ---
    1 packets transmitted, 1 packets received, 0% packet loss
    round-trip min/avg/max/stddev = 0.071/0.071/0.071/0.000 ms
    

     



    and also access any ports ports and services:

    # nmap -p 22 sandbox1
    
    Starting Nmap 6.47 ( http://nmap.org ) at 2015-05-18 08:58 UTC
    Nmap scan report for sandbox1 (172.17.0.41)
    Host is up (0.000090s latency).
    PORT   STATE SERVICE
    22/tcp open  ssh
    MAC Address: 02:42:AC:11:00:29 (Unknown)
    
    Nmap done: 1 IP address (1 host up) scanned in 0.50 seconds
    
We are able to communicate from sandbox1 container to sandbox2, as evidenced by the ping command

We are able to communicate from sandbox1 container to sandbox2, as evidenced by the ping command

That’s all there is to it. Our two containers can now communicate with each other and services like SSH work between them. You can apply this same configuration to any two or more Docker containers that you need to network together.

Closing Thoughts

In this guide, we saw how to link Docker containers together on a Linux system. This is a relatively basic task that is facilitated through Docker’s --link option. Having the ability to network two or more Docker containers together increases the power and usefulness of Docker substantially.



Comments and Discussions
Linux Forum