Docker Bridge (user defined) network allows containers connected to the same bridge network to communicate with each other. This is single host networking, meaning it applies to containers running on the same Docker daemon host. Even if we create bridge network with same name on another host, we will have two distinct network and container on one host will not be able to talk to container on other host. For communication among containers running on different Docker daemon hosts, you can use an overlay network.
When you start Docker, a default bridge network (also called bridge) is created automatically, and newly-started containers connect to it unless otherwise specified. Run following command to get all the networks
docker network ls
You can create an user defined network with the following command and then create containers on that bridge network. The container will get IP from the subnet specified while creating bridge network
docker network create -d bridge --subnet 10.0.0.1/24 my-bridge
If you create any container on this bridge network, it will get IP from the subnet you specified above
docker run -dt --name c1 --network my-bridge alpine sleep 1d
docker run -dt --name c2 --network my-bridge alpine sleep 1d
In the above example I am creating two containers on my user defined network. Now run following command to inspect the network
docker network inspect my-bridge
Output of above command will show details of my-bridge, some of them are subnet ip, containers in the network and its ip.
Now since the two containers are running on the same user defined network, it will automatically exposes all ports to each other and no port to the outside work. This makes containerized applications to communicate with each other easily. So now try the following command, which will execute sh command on the container c1
docker exec -it c1 sh
Now from c1 you should be able to ping c2, try following
ping c2
So the user defined bridge provides automatic DNS resolution between the container, as in case above, we were able to ping c2 with its name without IP. Every docker engine has embedded DNS service, meaning anytime we create container with name flag, an entry for that container will get added to DNS server, then any other container on the same network can talk to it by its name. Every container gets a DNS resolver, not a full blown DNS server, just a small resolver that can trap and forward name based query. It listens on standard DNS port 53 at 127.0.0.11 on every container. The resolver intercepts all DNS requests from the container and it forwards them to a DNS server service running on the local Docker host. Then the DNS server on the Docker host either resolves the name or sends it off to the big wide world public DNS.
On the other hand if we want a container on bridge network to be accessible from outside that network (container from another host or network, client outside host ), you need to publish container service on a host port. In the following command we are publishing container's port 8091-8094 through host port 8091-8094
docker run -d --name couchbase -p 8091-8094:8091-8094 -p 11210:11210 couchbase
