docker-networking
Compare original and translation side by side
🇺🇸
Original
English🇨🇳
Translation
ChineseDocker Networking Skill
Docker 网络技能
Master Docker networking concepts and configuration for container communication, service discovery, and network isolation.
掌握Docker网络的概念与配置,实现容器通信、服务发现和网络隔离。
Purpose
用途
Configure and troubleshoot Docker networks for development and production environments with proper isolation and service discovery.
为开发和生产环境配置并排查Docker网络问题,实现合理的网络隔离与服务发现。
Parameters
参数
| Parameter | Type | Required | Default | Description |
|---|---|---|---|---|
| driver | enum | No | bridge | bridge/overlay/host/macvlan |
| subnet | string | No | - | Custom subnet CIDR |
| internal | boolean | No | false | Internal-only network |
| 参数 | 类型 | 是否必填 | 默认值 | 说明 |
|---|---|---|---|---|
| driver | 枚举 | 否 | bridge | bridge/overlay/host/macvlan |
| subnet | 字符串 | 否 | - | 自定义子网CIDR |
| internal | 布尔值 | 否 | false | 仅内部访问网络 |
Network Drivers
网络驱动
| Driver | Use Case | Multi-Host | Encryption |
|---|---|---|---|
| bridge | Single host, default | No | No |
| overlay | Swarm, multi-host | Yes | Optional |
| host | Max performance | No | N/A |
| macvlan | Physical network | No | No |
| none | Disable networking | No | N/A |
| 驱动 | 适用场景 | 多主机支持 | 加密支持 |
|---|---|---|---|
| bridge | 单主机(默认) | 否 | 否 |
| overlay | Swarm集群、多主机 | 是 | 可选 |
| host | 极致性能 | 否 | 不适用 |
| macvlan | 物理网络接入 | 否 | 否 |
| none | 禁用网络 | 否 | 不适用 |
Configuration Examples
配置示例
Custom Bridge Network
自定义桥接网络
bash
undefinedbash
undefinedCreate network with custom subnet
Create network with custom subnet
docker network create
--driver bridge
--subnet 172.28.0.0/16
--gateway 172.28.0.1
my_network
--driver bridge
--subnet 172.28.0.0/16
--gateway 172.28.0.1
my_network
docker network create
--driver bridge
--subnet 172.28.0.0/16
--gateway 172.28.0.1
my_network
--driver bridge
--subnet 172.28.0.0/16
--gateway 172.28.0.1
my_network
Run container on network
Run container on network
docker run -d --name app
--network my_network
nginx:alpine
--network my_network
nginx:alpine
undefineddocker run -d --name app
--network my_network
nginx:alpine
--network my_network
nginx:alpine
undefinedDocker Compose Networking
Docker Compose 网络配置
yaml
services:
frontend:
image: nginx:alpine
networks:
- public
ports:
- "80:80"
backend:
image: node:20-alpine
networks:
- public
- private
expose:
- "3000"
database:
image: postgres:16-alpine
networks:
- private # Internal only
networks:
public:
driver: bridge
private:
driver: bridge
internal: true # No external accessyaml
services:
frontend:
image: nginx:alpine
networks:
- public
ports:
- "80:80"
backend:
image: node:20-alpine
networks:
- public
- private
expose:
- "3000"
database:
image: postgres:16-alpine
networks:
- private # Internal only
networks:
public:
driver: bridge
private:
driver: bridge
internal: true # No external accessService Discovery
服务发现
yaml
undefinedyaml
undefinedContainers can reach each other by service name
Containers can reach each other by service name
services:
app:
image: myapp
environment:
# Use service name as hostname
DATABASE_HOST: database
CACHE_HOST: redis
database:
image: postgres:16-alpine
redis:
image: redis:alpine
undefinedservices:
app:
image: myapp
environment:
# Use service name as hostname
DATABASE_HOST: database
CACHE_HOST: redis
database:
image: postgres:16-alpine
redis:
image: redis:alpine
undefinedOverlay Network (Swarm)
覆盖网络(Swarm)
bash
undefinedbash
undefinedCreate encrypted overlay
Create encrypted overlay
docker network create
--driver overlay
--attachable
--opt encrypted
my_overlay
--driver overlay
--attachable
--opt encrypted
my_overlay
undefineddocker network create
--driver overlay
--attachable
--opt encrypted
my_overlay
--driver overlay
--attachable
--opt encrypted
my_overlay
undefinedPort Mapping
端口映射
bash
undefinedbash
undefinedMap host:container
Map host:container
docker run -p 8080:80 nginx
docker run -p 8080:80 nginx
Bind to specific interface
Bind to specific interface
docker run -p 127.0.0.1:8080:80 nginx
docker run -p 127.0.0.1:8080:80 nginx
Random host port
Random host port
docker run -P nginx
docker run -P nginx
UDP port
UDP port
docker run -p 53:53/udp dnsserver
undefineddocker run -p 53:53/udp dnsserver
undefinedError Handling
错误处理
Common Errors
常见错误
| Error | Cause | Solution |
|---|---|---|
| Typo or deleted | Create network |
| Port conflict | Change port |
| Wrong network | Check network membership |
| Service not ready | Add health checks |
| 错误信息 | 原因 | 解决方法 |
|---|---|---|
| 名称拼写错误或网络已被删除 | 创建对应网络 |
| 端口冲突 | 修改端口 |
| 网络归属错误 | 检查容器所属网络 |
| 服务未就绪 | 添加健康检查 |
Fallback Strategy
回退策略
- Verify network exists:
docker network ls - Check container membership:
docker network inspect <net> - Test DNS:
docker exec app nslookup backend
- 验证网络是否存在:
docker network ls - 检查容器网络归属:
docker network inspect <net> - 测试DNS解析:
docker exec app nslookup backend
Troubleshooting
故障排查
Debug Checklist
调试检查清单
- Network created?
docker network ls - Container connected?
docker inspect <container> - DNS resolving? from container
nslookup - Port mapped?
docker port <container>
- 网络已创建?
docker network ls - 容器已连接网络?
docker inspect <container> - DNS解析正常?在容器内执行
nslookup - 端口已映射?
docker port <container>
Diagnostic Commands
诊断命令
bash
undefinedbash
undefinedList networks
List networks
docker network ls
docker network ls
Inspect network
Inspect network
docker network inspect my_network
docker network inspect my_network
Test connectivity
Test connectivity
docker exec app ping -c 3 database
docker exec app ping -c 3 database
Check DNS
Check DNS
docker exec app nslookup backend
docker exec app nslookup backend
View port mappings
View port mappings
docker port container_name
undefineddocker port container_name
undefinedNetwork Debugging
网络调试
bash
undefinedbash
undefinedEnter container network namespace
Enter container network namespace
docker exec -it app sh
docker exec -it app sh
Check DNS resolution
Check DNS resolution
cat /etc/resolv.conf
nslookup database
cat /etc/resolv.conf
nslookup database
Check connectivity
Check connectivity
ping -c 3 backend
curl http://backend:3000/health
undefinedping -c 3 backend
curl http://backend:3000/health
undefinedUsage
使用方式
Skill("docker-networking")Skill("docker-networking")Related Skills
相关技能
- docker-compose-setup
- docker-swarm
- docker-compose-setup
- docker-swarm