Updated May 15, 2023
Introduction to Docker network host
Docker network host is a default network driver used in Docker when we don’t want to isolate the container’s network from the host, which means the container will share the host’s networking namespace. There is no IP-address assignment is made to the container in this network mode. In this mode, port-mapping options such as ‘-p’, ‘-publish’, ‘-P’ and ‘–publish-all’ is ignored, which means we cannot publish any port for the container or in other words, published ports are discarded by the Docker daemon when using host network mode.
Syntax:
$docker run -d --network host --name my_con nginx:alpine
How to work with network host in docker?
We have to use the ‘–network’ option and specify ‘host’ as an argument to use the host network driver while running a container. As we know now, the container does not get any IP address assigned when using the host network driver that means if we bind to port 80 to a running container and the container is using the host network, then the application running inside the container is available on port 80 on the host’s IP address, it also means we cannot bind the same port to two different containers. Host network mode is used to optimize performance as it does not require network address translation. This driver only works on Linux hosts, and it is not supported on Docker Desktop for Mac, Docker Desktop for Windows, or Docker EE for Windows Server.
We can use this network mode for a swarm service as well; however, it includes some extra limitations; for example, if we bind a service container to port 80, then Docker daemon only runs one service container on a given swarm mode.
Examples
Let’s understand it with a few examples: –
Example #1
To list the host network in Docker, we can use the below command: –
$docker network ls --filter driver=host
Explanation: In the above snapshot, we can see that we have a host network named ‘host’.
Example #2
We have to use the below command to connect the host network to a container while running: –
$docker run -d --network host --name my_con nginx:alpine
Explanation: In the above example, we have created a container named ‘my_con’ with the ‘nginx:alpine’ Docker image and used the host network.
Example #3
Let’s try to create a new host network using the below command and see what happens.
$docker network create host2 --driver=host
Explanation: In the above example, we have tried to create a host network named ‘host2’; however, it did not work as we can only create one host network locally.
Scenario: Create an nginx container and try to access it externally without exposing the port.
Step 1: First thing first, let’s create a container using the Docker image named ‘nginx:alpine’ as shown below:
$docker run -d --network host --name my_nginx nginx:alpine
Explanation: In the above example, we have created a container ‘my_nginx’ and attached the host network.
Step 2: Let’s try to access nginx on port 80 from the localhost.
$curl http://localhost:80
Explanation: In the above snapshot, we can see that the nginx server is easily accessible locally on port 80 without exposing any port from the host to the container. It is because the host network is directly shared with the container.
Step 3: Now, let’s create another nginx container and see if it is possible or not.
$docker run -d --network host --name my_nginx2 nginx:alpine
Explanation: In the above snapshot, we have tried to create another container named ‘my_nginx2’; however, if we check the container status, it is in exited status as shown in the below snapshot: –
Let’s check the logs to understand the reason. So, in the below snapshot, it says, ‘Address in use’ because port 80 is used by an already running container.
Note: We cannot run more than one container which is listening on the same port while using host network mode; however, we can run a container that is listening on a different port.
Advantages
- It is useful to improve the performance of the container as it bypasses network address translation.
- We can also use this network in Docker swarm as well by passing option ‘–network host’ to the ‘docker service create’.
- If we have to run a container that needs to handle a large range of ports because ‘userland-proxy’ is not created for each port.
Conclusion
Docker host network is a driver to remove isolation between container and host. It depends upon us when to use this network as per requirement. There are other network drivers as well, like the bridge, overlay, macvlan, and none.
Recommended Articles
This is a guide to the Docker network host. Here we discuss How to work with network host in docker along with the examples. You may also have a look at the following articles to learn more –