You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/userguide/networking/default_network/container-basics.md
+4-2Lines changed: 4 additions & 2 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -15,7 +15,7 @@ DRAFT to prevent building. Keeping for one cycle before deleting.
15
15
16
16
# How the default network
17
17
18
-
The information in this section explains configuring container DNS within tthe Docker default bridge. This is a `bridge` network named `bridge` created
18
+
The information in this section explains configuring container networks within the Docker default bridge. This is a `bridge` network named `bridge` created
19
19
automatically when you install Docker.
20
20
21
21
**Note**: The [Docker networks feature](../dockernetworks.md) allows you to create user-defined networks in addition to the default bridge network.
@@ -40,7 +40,7 @@ The steps with which Docker configures a container are:
40
40
41
41
With these steps complete, the container now possesses an `eth0` (virtual) network card and will find itself able to communicate with other containers and the rest of the Internet.
42
42
43
-
You can opt out of the above process for a particular container by giving the `--net=` option to `docker run`, which takes four possible values.
43
+
You can opt out of the above process for a particular container by giving the `--net=` option to `docker run`, which takes these possible values.
44
44
-`--net=bridge` -- The default action, that connects the container to the Docker bridge as described above.
45
45
46
46
-`--net=host` -- Tells Docker to skip placing the container inside of a separate network stack. In essence, this choice tells Docker to **not containerize the container's networking**! While container processes will still be confined to their own filesystem and process list and resource limits, a quick `ip addr` command will show you that, network-wise, they live "outside" in the main Docker host and have full access to its network interfaces. Note that this does **not** let the container reconfigure the host network stack -- that would require `--privileged=true` -- but it does let container processes open low-numbered ports like any other root process. It also allows the container to access local network services like D-bus. This can lead to processes in the container being able to do unexpected things like [restart your computer](https://github.com/docker/docker/issues/6401). You should use this option with caution.
@@ -49,6 +49,8 @@ You can opt out of the above process for a particular container by giving the `-
49
49
50
50
-`--net=none` -- Tells Docker to put the container inside of its own network stack but not to take any steps to configure its network, leaving you free to build any of the custom configurations explored in the last few sections of this document.
51
51
52
+
-`--net=<network-name>|<network-id>` -- Tells Docker to connect the container to a user-defined network.
53
+
52
54
## Manually network
53
55
54
56
To get an idea of the steps that are necessary if you use `--net=none` as described in that last bullet point, here are the commands that you would run to reach roughly the same configuration as if you had let Docker do all of the configuration:
Copy file name to clipboardExpand all lines: man/docker-create.1.md
+5-4Lines changed: 5 additions & 4 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -227,10 +227,11 @@ This value should always larger than **-m**, so you should always use this with
227
227
228
228
**--net**="*bridge*"
229
229
Set the Network mode for the container
230
-
'bridge': creates a new network stack for the container on the docker bridge
231
-
'none': no networking for this container
232
-
'container:<name|id>': reuses another container network stack
233
-
'host': use the host network stack inside the container. Note: the host mode gives the container full access to local system services such as D-bus and is therefore considered insecure.
230
+
'bridge': create a network stack on the default Docker bridge
231
+
'none': no networking
232
+
'container:<name|id>': reuse another container's network stack
233
+
'host': use the Docker host network stack. Note: the host mode gives the container full access to local system services such as D-bus and is therefore considered insecure.
234
+
'<network-name>|<network-id>': connect to a user-defined network
234
235
235
236
**--oom-kill-disable**=*true*|*false*
236
237
Whether to disable OOM Killer for the container or not.
Copy file name to clipboardExpand all lines: man/docker-run.1.md
+5-4Lines changed: 5 additions & 4 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -339,10 +339,11 @@ and foreground Docker containers.
339
339
340
340
**--net**="*bridge*"
341
341
Set the Network mode for the container
342
-
'bridge': creates a new network stack for the container on the docker bridge
343
-
'none': no networking for this container
344
-
'container:<name|id>': reuses another container network stack
345
-
'host': use the host network stack inside the container. Note: the host mode gives the container full access to local system services such as D-bus and is therefore considered insecure.
342
+
'bridge': create a network stack on the default Docker bridge
343
+
'none': no networking
344
+
'container:<name|id>': reuse another container's network stack
345
+
'host': use the Docker host network stack. Note: the host mode gives the container full access to local system services such as D-bus and is therefore considered insecure.
346
+
'<network-name>|<network-id>': connect to a user-defined network
346
347
347
348
**--oom-kill-disable**=*true*|*false*
348
349
Whether to disable OOM Killer for the container or not.
0 commit comments