Isolating networks

User-defined networks can support what's referred to as internal mode. We saw this option in the earlier recipe about creating user-defined networks, but didn't spend much time discussing it. Using the --internal flag when creating a network prevents containers connected to the network from talking to any outside networks.

Getting ready

The docker network subcommand was introduced in Docker 1.9, so you'll need a Docker host running at least that version. In our examples, we'll be using Docker version 1.12. You'll also want to have a good understanding of your current network layout so that you can follow along as we inspect the current configuration. It is assumed that each Docker host is in its native configuration.

How to do ...

Get Docker Networking Cookbook now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Docker Networking Cookbook by Jon Langemak

Isolating networks

Getting ready

How to do ...

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly