Docker Community Forums

Share and learn in the Docker community.

Docker questions, how to create docker containers with own network bridge NIC


(Magicmouse) #1

I am newbie in Docker world. I have been using VirtualBox a lot before and understand everything from its perspective, but now I want to switch to Docker containers instead.

I would be grateful if you could answer my questions.

  1. Is it possible to configure separate network adapter for each container. For example as analogy to VMs. For instance first container would have 2 network interfaces first is local network between container, second is bridge network. Second containe would have only one local network adapter ?

  2. Is it possible to have two containers bridge adapters, so each of container will request my DHCP server to lease IP address the same as bridge adapter in Virtual Box. One container runs Apache2 web server and gets IP from router, another one runs Nginx server and gets IP from router. Than I can forward ports to this IP on my router ?

  3. As I’ve understood, docker just creates new process group isolated by kernel, and uses chroot to create own working directory from existing root one, so all installed software will be available in container, but when I install new software it will be installed in chrooted directory which is really located somewhere in real root directory but has symbolic links to previously installed software ?

I would be grateful for any answer or help.

Thank you.

(David Maze) #2

As a general rule, containers start up with IP addresses preassigned and don’t run their own DHCP clients. Other configurations are certainly possible, but standard images won’t expect them.

The other corollary to this is that it’s unusual to need containers’ IP addresses. When you need to access services running in containers, use the docker run -p option to expose a port from the container via a port on the host system.

I think you’re asking, “can software in a container access the host filesystem directly”, and the answer is “no”. Whatever software you need to run within a container needs to already be installed in that container’s image before you can run it. You can’t directly access the host’s filesystem or other containers’ filesystems. (Connect containers together via TCP sockets.)