elowy01 · April 15, 2020 14:54
diff --git a/docker_networks.txt b/docker_networks.txt
 ###### Create a bridge network and demonstrate that two containers can 
 ###### communicate using the network.
 # Create network named my-net
 $ docker network create my-net
 # Run container using my-net network . It will have curl installed
 # and will demonstrate that this container can access a different
 # container on the same network
 $ docker run -d --name my-net-busybox --network my-net radial/busyboxplus:curl sleep 3600
 # create a second container running the nginx image
 $ docker run -d --name my-net-nginx nginx
 # connect that containter to our network
 $ docker network connect my-net my-net-nginx
 # exec a curl in my first containter and access using curl
 # to a web served by the second container
 $ docker exec my-net-busybox curl my-net-nginx:80
 ###### Create a container with a network alias and communicate with 
 ###### it from another container using both the name and the alias.
 # create another container that can be accessed using a network alias
 $ docker run -d --name my-net-nginx2 --network my-net --network-alias my-nginx-alias nginx
 # now, we can exec a curl cmd on my first containter that access
 # my new container using its alias
 $ docker exec my-net-busybox curl my-nginx-alias:80
 ####### Create a container and provide a network alias with the docker network 
 ####### connect command.
 # here we will assign an alias using docker network connect
 $ docker run -d --name my-net-nginx3 nginx
 $ docker network connect --alias another-alias my-net my-net-nginx3
 $ docker exec my-net-busybox curl another-alias:80
 ##### Commands for Manage existing networks on a Docker host.
 $ docker network ls
 # get info on 'my-net' including the containers that are connected
 # to it
 $ docker network inspect my-net
 $ docker network disconnect my-net my-net-nginx
 $ docker network rm my-net
 ##### Overlay networks
 ##### 
 Overlay Networks

 You can create a network with the overlay
 driver to provide connectivity between
 services and containers in Docker swarm.

 By default, services are attached to a
 default overlay network called ingress.
 You can create your own networks to provide
 isolated communication between services
 and containers.
 # create an attachable overlay network.
 # 'attachable' means that containers can be attached to the network
 # later
 $ docker network create --driver overlay --attachable my-overlay
 # Create a service that uses that network, then test the network by 
 # attaching a container to it and using the container to communicate with the service.
 $ docker service create --name overlay-service --network my-overlay --replicas 3 nginx
 $ docker run --rm --network my-overlay radial/busyboxplus:curl curl overlay-service:80
 ###### Exposing containers externally:
 ###### You can expose them by publishing their ports. This map a port on the host (or all
 ###### swarm hosts in the case of a Docker swarm) to a port within the container
 # Run a container with a published port, then test
 $ docker run -d -p 8080:80 --name nginx_pub nginx
 $ curl localhost:8080
 # examine the published ports for the container
 $ docker port nginx_pub
 ###### Network troubleshooting
 ######
 # Accessing the container logs
 # Run a container and access the container logs
 $ docker run --name log-container busybox echo Here is my container log!
 $ docker logs log-container
 # Run a service and access the service logs
 $ docker service create --name log-svc --replicas 3 -p 8080:80 nginx
 # we need to use curl to record something on the log
 $ curl localhost:8080
 # we inspect the logs now
 $ docker service logs log-svc
 # Check the Docker daemon logs
 $ sudo journalctl -u docker
 ###### Another option is to use the container named 'Netshoot' , which
 contains a bundle of tools that can be used for troubleshooting.
 # Create a custom network with a container, and attach a netshoot container 
 # to the network for troubleshooting.
 $ docker network create custom-net
 $ docker run -d --name custom-net-nginx --network custom-net nginx
 # Inject a netshoot container into another container's network sandbox.
 $ docker run --rm --network custom-net nicolaka/netshoot curl custom-net-nginx:80
 $ docker run --rm --network container:custom-net-nginx nicolaka/netshoot curl localhost:80
 # Inject a netshoot container into the sandbox of a container that uses the none network.
 $ docker run -d --name none-net-nginx --network none nginx
 $ docker run --rm --network container:none-net-nginx nicolaka/netshoot curl localhost:80
 ####### Dealing with DNS:
 # Edit the Docker daemon config file to set a custom DNS for the host.
 sudo vi /etc/docker/daemon.json
 {
   "dns": ["8.8.8.8"]
 }
 # Restart Docker.
 $ sudo systemctl restart docker
 # Test your DNS by looking up an external domain.
 $ docker run nicolaka/netshoot nslookup google.com
 # Run a container with a custom DNS and test it by doing an nslookup.
 $ docker run --dns 8.8.4.4 nicolaka/netshoot nslookup google.com
	###### Create a bridge network and demonstrate that two containers can
	###### communicate using the network.
	# Create network named my-net
	$ docker network create my-net
	# Run container using my-net network . It will have curl installed
	# and will demonstrate that this container can access a different
	# container on the same network
	$ docker run -d --name my-net-busybox --network my-net radial/busyboxplus:curl sleep 3600
	# create a second container running the nginx image
	$ docker run -d --name my-net-nginx nginx
	# connect that containter to our network
	$ docker network connect my-net my-net-nginx
	# exec a curl in my first containter and access using curl
	# to a web served by the second container
	$ docker exec my-net-busybox curl my-net-nginx:80
	###### Create a container with a network alias and communicate with
	###### it from another container using both the name and the alias.
	# create another container that can be accessed using a network alias
	$ docker run -d --name my-net-nginx2 --network my-net --network-alias my-nginx-alias nginx
	# now, we can exec a curl cmd on my first containter that access
	# my new container using its alias
	$ docker exec my-net-busybox curl my-nginx-alias:80
	####### Create a container and provide a network alias with the docker network
	####### connect command.
	# here we will assign an alias using docker network connect
	$ docker run -d --name my-net-nginx3 nginx
	$ docker network connect --alias another-alias my-net my-net-nginx3
	$ docker exec my-net-busybox curl another-alias:80
	##### Commands for Manage existing networks on a Docker host.
	$ docker network ls
	# get info on 'my-net' including the containers that are connected
	# to it
	$ docker network inspect my-net
	$ docker network disconnect my-net my-net-nginx
	$ docker network rm my-net
	##### Overlay networks
	#####
	Overlay Networks

	You can create a network with the overlay
	driver to provide connectivity between
	services and containers in Docker swarm.

	By default, services are attached to a
	default overlay network called ingress.
	You can create your own networks to provide
	isolated communication between services
	and containers.
	# create an attachable overlay network.
	# 'attachable' means that containers can be attached to the network
	# later
	$ docker network create --driver overlay --attachable my-overlay
	# Create a service that uses that network, then test the network by
	# attaching a container to it and using the container to communicate with the service.
	$ docker service create --name overlay-service --network my-overlay --replicas 3 nginx
	$ docker run --rm --network my-overlay radial/busyboxplus:curl curl overlay-service:80
	###### Exposing containers externally:
	###### You can expose them by publishing their ports. This map a port on the host (or all
	###### swarm hosts in the case of a Docker swarm) to a port within the container
	# Run a container with a published port, then test
	$ docker run -d -p 8080:80 --name nginx_pub nginx
	$ curl localhost:8080
	# examine the published ports for the container
	$ docker port nginx_pub
	###### Network troubleshooting
	######
	# Accessing the container logs
	# Run a container and access the container logs
	$ docker run --name log-container busybox echo Here is my container log!
	$ docker logs log-container
	# Run a service and access the service logs
	$ docker service create --name log-svc --replicas 3 -p 8080:80 nginx
	# we need to use curl to record something on the log
	$ curl localhost:8080
	# we inspect the logs now
	$ docker service logs log-svc
	# Check the Docker daemon logs
	$ sudo journalctl -u docker
	###### Another option is to use the container named 'Netshoot' , which
	contains a bundle of tools that can be used for troubleshooting.
	# Create a custom network with a container, and attach a netshoot container
	# to the network for troubleshooting.
	$ docker network create custom-net
	$ docker run -d --name custom-net-nginx --network custom-net nginx
	# Inject a netshoot container into another container's network sandbox.
	$ docker run --rm --network custom-net nicolaka/netshoot curl custom-net-nginx:80
	$ docker run --rm --network container:custom-net-nginx nicolaka/netshoot curl localhost:80
	# Inject a netshoot container into the sandbox of a container that uses the none network.
	$ docker run -d --name none-net-nginx --network none nginx
	$ docker run --rm --network container:none-net-nginx nicolaka/netshoot curl localhost:80
	####### Dealing with DNS:
	# Edit the Docker daemon config file to set a custom DNS for the host.
	sudo vi /etc/docker/daemon.json
	{
	"dns": ["8.8.8.8"]
	}
	# Restart Docker.
	$ sudo systemctl restart docker
	# Test your DNS by looking up an external domain.
	$ docker run nicolaka/netshoot nslookup google.com
	# Run a container with a custom DNS and test it by doing an nslookup.
	$ docker run --dns 8.8.4.4 nicolaka/netshoot nslookup google.com