Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Network freshness part one #18533

Merged
merged 1 commit into from
Oct 26, 2023
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
14 changes: 7 additions & 7 deletions content/network/_index.md
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
---
title: Networking overview
description: How networking works from the container's point of view
keywords: networking, container, standalone
description: Learn how networking works from the container's point of view
keywords: networking, container, standalone, IP address, DNS resolution
aliases:
- /articles/networking/
- /config/containers/container-networking/
Expand Down Expand Up @@ -69,7 +69,7 @@ Here are some examples:

If you want to make a container accessible to other containers,
it isn't necessary to publish the container's ports.
Inter-container communication is enabled by connecting the containers to the
You can enable inter-container communication by connecting the containers to the
same network, usually a [bridge network](./drivers/bridge.md).

## IP address and hostname
Expand All @@ -79,7 +79,7 @@ A container receives an IP address out of the IP subnet of the network.
The Docker daemon performs dynamic subnetting and IP address allocation for containers.
Each network also has a default subnet mask and gateway.

When a container starts, it can only attaches to a single network, using the `--network` flag.
When a container starts, it can only attach to a single network, using the `--network` flag.
You can connect a running container to additional networks using the `docker network connect` command.
In both cases, you can use the `--ip` or `--ip6` flags to specify the container's IP address on that particular network.

Expand All @@ -106,7 +106,7 @@ configuration.
| Flag | Description |
| -------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| `--dns` | The IP address of a DNS server. To specify multiple DNS servers, use multiple `--dns` flags. If the container can't reach any of the IP addresses you specify, it uses Google's public DNS server at `8.8.8.8`. This allows containers to resolve internet domains. |
| `--dns-search` | A DNS search domain to search non-fully-qualified hostnames. To specify multiple DNS search prefixes, use multiple `--dns-search` flags. |
| `--dns-search` | A DNS search domain to search non-fully qualified hostnames. To specify multiple DNS search prefixes, use multiple `--dns-search` flags. |
| `--dns-opt` | A key-value pair representing a DNS option and its value. See your operating system's documentation for `resolv.conf` for valid options. |
| `--hostname` | The hostname a container uses for itself. Defaults to the container's ID if not specified. |

Expand All @@ -123,8 +123,8 @@ against the embedded DNS server.

It's rare that the external DNS server is faster than the embedded one. But
things like garbage collection, or large numbers of concurrent DNS requests,
can result in a roundtrip to the external server being faster than local
resolution, on some occasions.
can sometimes result in a round trip to the external server being faster than local
resolution.

### Custom hosts

Expand Down
2 changes: 1 addition & 1 deletion content/network/drivers/_index.md
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
---
title: Network drivers overview
description: Overview of Docker network drivers and related concepts
description: Learn the basics of Docker network drivers
keywords: networking, drivers, bridge, routing, routing mesh, overlay, ports
---

Expand Down
14 changes: 7 additions & 7 deletions content/network/drivers/bridge.md
Original file line number Diff line number Diff line change
Expand Up @@ -15,14 +15,14 @@ In terms of networking, a bridge network is a Link Layer device
which forwards traffic between network segments. A bridge can be a hardware
device or a software device running within a host machine's kernel.

In terms of Docker, a bridge network uses a software bridge which allows
containers connected to the same bridge network to communicate, while providing
isolation from containers which are not connected to that bridge network. The
In terms of Docker, a bridge network uses a software bridge which lets
containers connected to the same bridge network communicate, while providing
isolation from containers that aren't connected to that bridge network. The
Docker bridge driver automatically installs rules in the host machine so that
containers on different bridge networks cannot communicate directly with each
containers on different bridge networks can't communicate directly with each
other.

Bridge networks apply to containers running on the **same** Docker daemon host.
Bridge networks apply to containers running on the same Docker daemon host.
For communication among containers running on different Docker daemon hosts, you
can either manage routing at the OS level, or you can use an
[overlay network](overlay.md).
Expand Down Expand Up @@ -82,7 +82,7 @@ network.**

Originally, the only way to share environment variables between two containers
was to link them using the [`--link` flag](../links.md). This type of
variable sharing is not possible with user-defined networks. However, there
variable sharing isn't possible with user-defined networks. However, there
are superior ways to share environment variables. A few ideas:

- Multiple containers can mount a file or directory containing the shared
Expand Down Expand Up @@ -219,7 +219,7 @@ recommended for production use. Configuring it is a manual operation, and it has
If you do not specify a network using the `--network` flag, and you do specify a
network driver, your container is connected to the default `bridge` network by
default. Containers connected to the default `bridge` network can communicate,
but only by IP address, unless they are linked using the
but only by IP address, unless they're linked using the
[legacy `--link` flag](../links.md).

### Configure the default bridge network
Expand Down
17 changes: 10 additions & 7 deletions content/network/drivers/host.md
Original file line number Diff line number Diff line change
@@ -1,32 +1,35 @@
---
title: Host network driver
description: All about exposing containers on the Docker host's network
keywords: network, host, standalone
keywords: network, host, standalone, host mode networking
aliases:
- /network/host/
---

If you use the `host` network mode for a container, that container's network
stack is not isolated from the Docker host (the container shares the host's
networking namespace), and the container does not get its own IP-address allocated.
stack isn't isolated from the Docker host (the container shares the host's
networking namespace), and the container doesn't get its own IP-address allocated.
For instance, if you run a container which binds to port 80 and you use `host`
networking, the container's application is available on port 80 on the host's IP
address.

> **Note**
>
> Given that the container does not have its own IP-address when using
> `host` mode networking, [port-mapping](overlay.md#publish-ports) does not
> `host` mode networking, [port-mapping](overlay.md#publish-ports) doesn't
> take effect, and the `-p`, `--publish`, `-P`, and `--publish-all` option are
> ignored, producing a warning instead:
>
> ```console
> WARNING: Published ports are discarded when using host network mode
> ```

Host mode networking can be useful to optimize performance, and in situations where
a container needs to handle a large range of ports, as it does not require network
address translation (NAT), and no "userland-proxy" is created for each port.
Host mode networking can be useful for the following use cases:

- To optimize performance
- In situations where a container needs to handle a large range of ports

This is because it doesn't require network address translation (NAT), and no "userland-proxy" is created for each port.

The host networking driver only works on Linux hosts, and is not supported on
Docker Desktop for Mac, Docker Desktop for Windows, or Docker EE for Windows Server.
Expand Down