Docker Networking Tutorial, ALL Network Types explained!
Vložit
- čas přidán 7. 06. 2024
- Docker Networking Tutorial where I explain all network types, that you need to know! I show you how and when you should use the different network types and what you need to consider.
Based on the official Documentation: docs.docker.com/network/ #Docker #DockerNetworking #HomeLab
Kubernetes Tutorial: • Kubernetes explained s...
Get started with Docker: • How to use Docker and ...
Teleport-*: goteleport.com/thedigitallife
Follow me:
TWITTER: / christianlempa
INSTAGRAM: / christianlempa
DISCORD: / discord
GITHUB: github.com/christianlempa
PATREON: / christianlempa
MY EQUIPMENT: kit.co/christianlempa
Timestamps:
00:00 - Introduction
01:02 - Why should you configure Docker Networks?
01:55 - The Default Bridge Network
04:20 - The Custom Bridge Network
08:52 - Bridge Networks and Container Isolation
09:52 - The Host Network
10:49 - When to use MACVLANs or IPVLAN?
12:38 - The MACVLAN Network
17:55 - The IPVLAN Network
19:05 - Summary and what about Overlay Networks?
________________
All links with "*" are affiliate links.
Okay, watching this at normal speed!
😂 I listened at 2x while vaccuming, but will definitely have to review again later for the mac/IP vlan stuff.
Totally 🤣
I thought I was in 2x speed lol.
This dude knows his stuff.
I nearly reach the speed of light when speeded to 2x
@@ivandrofly 🤣
Incredible video. I’m currently binge watching your channel and I’m amazed by the the quality of all your content. Keep it going man, you are great!
Your videos are absolutely fantastic!! I used some of your tutorials to stand up docker / portainer on my raspberry pi to self host some things without having a potentially power hungry and noisy desktop running 24/7. I greatly appreciate the time you take to provide these wonderful videos!
Thank you so much! I'm glad you like the videos :)
Yet another great video! I've recently been struggling setting up two piholes on the same host and your explanation of macvlan was 1000% times more concise than every other forum that I've read through over the past couple days. Keep up the great work! Liked and subscribed!
Thank you so much! Great to hear that :)
this guy knows his shiat. bravo !
This is exactly what I was looking for! Thank you for the clear and concise explanations for all the different network configs, and also for stepping through each.
Glad it was helpful!
i'll be completely honest, i was literally thinking about this and probably mentioned it out loud near my computer and "boom" this was in my homepage waiting. I was trying to figure out if I should build a lab using containers w/ static IP's or just use Virtualbox in bridged mode so this really helped me.
This is a great, clear and concise explanation of these different network types. :)
Thanks! 😀
Great job, Christian. Very clear and informative... as always. Thanks
Thank you! :)
This video was really helpful for me to get a nice quick understanding of docker networking, thank you!
Nice video cristian. The explanation was concise. Just learned about the macvlan through your video. Thanks.
Very clear and precise. All your videos are amazing. Thanks Cristian!
Thank you so much 😃
Excellent video. Great examples and explanations.
So amazing, this video saves me a lot of research 🧐. Well, thanks a lot bro!
Hello Christian,
your videos are great, from my side perfect to understand. Please stay tuned, I learned so much.
Thanks, I'm glad you like them:)
Awesome as always! Thanks for sharing
this is very good stuff, well explained. going to check that with dockerized pi-hole or adguard. thanks a bunch!
Thanks mate! ❤
Clear and too the point, that's what I was looking for !! Thank you so much
Glad it helped!
What a concise, well structured and informative video!
thank you so much!
Finally somebody who explains that stuff clearly and without jargon! Thank you so much for your contributation!
I spent probably 3h figuring out how to assign another external IP to a Bind9 container, doing a lot of research and trying with ChatGPT.
Found your video, solved in 5min !!!
Earned a subscriber with this one!! This helped me fix my Docker home assistant network problem!
Loved this, thank you. I now feel like I have the knowledge to solve my current Docker networking problem - excited to try!
Thanks for watching :)
simple explanation even with examples, great stuff!
Glad you liked it!
even if the video is 1 year old it made my day!!! Thanks Chris very clear and well done
Thank you :) I’m glad it helps you!
Really good video. Very well explained and well produced. You got yourself a new suscriber 👍🏽
Thanks and welcome
very useful video, I solved one of my docker issues right after watching this!
Thank you! :) Glad you could solve some issues with it!
Best docker video i've watched. Super informative.
I will say it would have been nice to see all these in compose also though.
Wow, thanks!
Thanks ! Great explanations. Have a nice day
Thx you too ;)
This was very helpful. Thank you!
Really informative. Just stumbled on to your channel. Fast paced and great information. Just managed to keep up as I'm completely new to docker. Subscribed to your channel. Thanks 🙂
Thank you! Hope you find some useful stuff here :)
Amazing explanation thanks
Thank You man! I was just randomly watching this video and figured out how to solve port 53 issue for pi-hole in docker
Thank you! I’m glad it helped you :)
Now I have watched your video - it was very informative. Thanks much for this. Much appreciated! 😎😎
Thank you ;)
This was very helpful - thank you!
Glad it was helpful!
Thank you for this refresher on docker networking. Has fixed my issue with trying to get HADR for Sql Server instances running in docker
You're welcome! Glad it helped you :)
wonderful work
Moin Moin,
Best explanation ever! keep up.
Moin moin! Danke :)
Thanks for this video and especially for the netshoot hint. This was something I missed a lot - until now ;-)
You're welcome! :)
VIelen Dank! Ich kann nicht verstehen, wie Menschen hier downvoten..
Very interesting! As a guy having a new job in IT as a career changer i need to close alot of knowledge gaps of stuff which seems to be common sense in IT. I like your style!
Vielen Dank! :)
Bro! Thanks for the video, but the biggest thanks for picture on your t-shirt! I had such poster on my wall in 90th! That's awsome))
Great video! You cleared up my confusion on docker network. BTW! What are you using to show the AD block statistics in your browser startpage?
"Who needs swarm?'" everyone who wants a simple cluster running one command "docker swarm init"
Indeed.
Thanks for the insight on the various network drivers on docker. I blindly used a macvlan from a tutorial for pihole but wanted to understand how it works.
short, useful , great, awesome thanks alot
I just started watching and I hope this lands nicely! You sound exactly like 'Klaus' on 'American Dad'
I love the show, by the way.
Now I'm going to watch your video!
lol
I created a docker instance in VMWare ESXi and proceeded to follow your instructions. I could not get past the part where I assigned the newly created macvlan to an nginx container for example. The fix was to configure "Promiscuous Mode set to Accept" in my VMWare network settings. In case anyone should run into the same issue. Thank you for sharing Christian. Much appreciated as always. All the best in 2024.
Excellent explanation
Thanks ❤
Great stuff! Thanks!
Glad you liked it!
Very nice video, THX.
Thanks! :)
Hi Cristian, this is a another great video. The Macvlan part is something I've been searching and searching for, always coming to a dead end. The way you have explained and demonstrated it is spot on and has solved my issues, and I've actually learned something! :)
Wow. Just wow. Thank you!
You're very welcome!
Awesome brother
Thx
Your video is fantastic
Thank you so much 😀
Great video.
Thanks!
great job.
You're wonderful 👍
Great video!
Thanks! :)
Nice video, TNX
this guy knows his shiat. bravo !
Great video! One thing I noticed is that in WSL2 with Docker Desktop the behavior is rather different - when you create a new bridge network there is no interface created. I wonder how it works in this case.
Thx macvlan is what i needed for some containers
👍
Thank you
Awesome video, really liking your content 🔥 I was wondering if you could help clear up something. In portainer I'm able to change the network of a container to 'container' mode that allows me to run containers through another containers network. In my case I run containers through a VPN container. However how is this done in a Docker compose file?
good stuff.. thnx
Thanks!
it would be helpful if you can make a dedicated video on overlay networks and try to install Traefik and Portainer in swarm mode.
Much appreciated, sir. Home Assistant and Plex containers conflict listening the same 1900 port while running on bridge connection fe
I am into 4 mins in the vid now, and I love it already, I am just learning docker and I never thought that docker could have a network(IP) since it runs on top of the OS. Gonna add this to my list of docker reference in the future.
Thank you mate!
Greetings from Argentina
Nice. Just a quick question, if we can ping a device (in a macvlan network) from another device in a spearate network, why is the scope local?
thanks helpful
Thanks!
Hey I I love your content and im learning a lot , can you please advise , How should the network from traefik be configured if i want it to also ping another internal server ?
It depends where the server is running, if it's on the same host you should be able to connect via bridge network, otherwise you might checkout host mode.
Hi Christian this has been excellent. When you created the macvlan why did you specify it on a different subnet '/32'?
thank you! :) subnet /32 basically means "1" address
Nice tutorial, I knew a lot about networks in docker but learnt a couple of things, including the netshoot container, very useful.
Something that was not mentioned: macvlan containers can't reach bridge containers with their internal IP address (172.16.x.x), they can only reach the host ip and port, is this correct?
I created a traefik container and bound it to macvlan to make it get a distinct IP address, but it was unable to reach any container until I added a second network for traefik on the bridge network.
Great videos dude! can i ask why Owasp says we should set ICC to false? I am guessing they just mean they want us to use custom networks?
Hello! awesome videos as always, I'm struggling to achieve two docker hosts on a physical server that has two ethernet ports, on of the hosts should expose a service in one of the ethernet ports and the other host should connect and receive data from services in the other port, this is an overlay network use case for what it looks like, or is there another way?
Or is the macvlan the key to attach some containers to a physical network and other containers to another physical network?
Great video, started watching network chucks got confused and came to your video. Makes a lot more sense. Couldn't find your cheat sheet in Github though :(
Thanks, mate! Sorry, the cheat-sheet is still a work in progress.
github.com/xcad2k/cheat-sheets
@@christianlempa All good thank you for putting the time to explain everything in this video. It was clear, concise and easy to follow. I literally spent my weekend going round in circles with Docker networking only to give up and delete everything and start again.
Hello, Your video is what i needed . But I woul dlik eto do the same on MAC OSX . what is the solution to have two static IP on my HOST OSX?
Just getting started with docker and loving it. One thing I am struggling with is getting IPvLAN L2 working with fixed IP addresses through compose when the ipvlan already exists on the host, jus seem to get one error after another when specifying the existing network. I've got multiple USB interfaces on a debian instance loaded on a PC and am using IPvLAN as alternative to macvlan and having to setup promiscuous mode although I have macvlan 802.1q working on another host so I have no issue with the concept and have a good understanding of networking as a whole. I've setup an ipvlan with fixed addresses for a ipam container with a separate container for the database and this works no problem but I had to setup the containers the old fashioned way.
Hello Christian,
Many thanks for the video
where is the cheat sheet located, I visited your github and I cant find it, seems you have changed the location since your video
hope you can share link
thanks
I have two docker machine on same host one on overlay network of swarm and another one is on bridge network so which rules for my iptables or route i should write that my both container can communicate each other?
I am a tech professional of over 35 years and I am learning Docker on my own. I understand networks well but in beginning to think about how I want networks deployed.
I would prefer having a subnet that is container only. If I did this would I still use bridge or macvlan driver?
1. Can you modify the default bridge (name, ip, subnet, type) ?
2. When you create a custom network, how do you tell it what type to create, ip-range, subnet, etc...
3. Type shown: Host, Bridge, Null?, macvlan, ipvlan. Are there more ?
4. Can you change the default bridge that docker use for new containers?
5. Can any of these network do dhcp ip reservation using mac-address, or support static ip-address?
6. Does any of the network support ipv6, default seems to be ipv4?
HI Always a big fan of your tuto, i´m wondering, can you advise me a good open source on-premise cloud ?
I've never considerd using this, but you might take a look at OpenStack.
How can I make my container use a specific interface on a host system i.e. I have one cable connection and two wlan interfaces and I've got 3 containers. I'd like each to use a dedicated interface. Which type of network will be best and how would I go about it?
Interesting! What type of network should I use for my home server setup and run containers behind wireguard client for my torrenting?
Depends on if the wireguard is in docker as well or not.
What ist your terminal you use in 17:19? I like it!
Hi, first I love this and the other videos. Just a question.
Is it possible to do this in docker-compose? And how do I do that?
I tryed it but it did not work for me.
Keep up the good work.
Sure, Docker-Compose offers the same features. Btw, when you create a docker-compose stack it will automateically create a new bridge network for your Docker compose, but you could also assign existing networks to your containers by defining it in the file.
I'm trying to figure out how to use my 5 external public ip addresses, and have my router see lets say 5 containers from docker. Which I would give each one its own external public ip address. Would you have any idea how to achieve this?
Great video! Thanks! I’m on a mac and have had a gard time getting ipvlan to work over the wifi. As for now, I just need some containers for development tools (web dev) and would really like to get their own ip-numbers rather than running them as localhost… seems like it’s not as easy on Mac OS as in Linux at the moment. Any ideas? Cheers!
hmm I've not tried it out unfortunately, only used it on linux
Thank you Christian for this great explanation. I do have a question is it possible to have a container in two networks? I'm trying to create a compose file with PiHole and Unbound. The Pihole has a macvlan for my network and also a bridge to communicate to unbound. But every time I want to compose it the bridge network on the PiHole gives an error Cannot start service pihole: No available addresses on this pool. IS it even possible to create a container in two different networks?
Thank you! :) It's possible to add a container to more networks, but I'm not sure how that works with a macvlan.
So how does mac vlan solve the port issue? Can I have multiple containers in macvlan network using same port?
That search-result seemed to be the answer to all my problems; I'm running PhotonOS ( docker environment for ) on my ESXi and just cannot figure that out. I cannot ping the host, nor does it seem like it got to talk to my router ( according to the devices list ).
How should I debug this?
I tried to enable promiscuous mode for the vmswitch but it is still not working.
@admin can you please upload a solution video for issue "use of closed network connection" while pushing large to docker hub.
setting up an reverse proxy is easy enough, but how do you setup "client-containers" behind the proxy that can only access the outside though the proxy?
I guess if you set up the other containers on the same network as the proxy or an vlan network, they have direct access to the outside network
If this was physical machines or VMs, I would just have put 2NICs on the proxy machine but no clue if this is possible on dockers or if that is how you do it
I have multiple public static ip on host interface but I can't figure out how to use each of them on separate containers for docker. When I run a container its assessable by every public ip I have
do you have a color preset? loving the purple on black.
Yes, I have it for Windows terminal on my github Repo dotfiles-win
- @3:41 what is the number in-front of the docker0: network?
"6: docker0: "
- the "###: vethxxx@if(###-1):" is virtual ethernet interface, can the route command work with them?
How about a video on Docker DNS? Seems to be biting me quite a bit lately. I can access other containers but fail when accessing external sites such as Let’s Encrypt.
Im having an issue with the macvlan. I can ping the containers from my home computer but i cant get a response from the gateway. I am running virtual box for my machine and i have promiscuous mode on. I have been troubleshooting but cant seem to get it to have connectivity to outside the network
Wow, didn't k ow about macvlan. So it's possible to run both Traefik (for docker apps) and Nginx (for non-docker apps to reverse proxy) at once so that both listen to port 80?
Absolutely!