Develop Reference

Can't connect to the container neither by alias nor by name on the bridge network

All examples I found online when demonstrating how to connect to another container through alias/name create their own network.
# create the network
$ docker network create my-network
# create the containers and connect them to the network
$ docker run --name service-one --network my-network ...
$ docker run --name service-two --network my-network ...
Now within the service-one container we can connect to service-two by
its by its container name service-two (instead of localhost)! The same
is true from service-two to service-one using the latter’s alias.
I wanted to do the same without creating my own network, using the default bridge network. Is it possible? If not, why?
I started a container with --net-alias and --name on the default bridge network:
docker run --rm --name=wa -dti -p 80:80 --net-alias=webapp docker/getting-started
Now from inside the other container I try to connect to it through the default bridge network that both containers are part of:
docker run --rm curlimages/curl https://webapp
curl: (6) Could not resolve host: webapp
docker run --rm curlimages/curl https://wa
curl: (6) Could not resolve host: wa
No luck. But it works perfectly fine when connecting through IP address.

I wanted to do the same without creating my own network, using the
default bridge network. Is it possible? If not, why?
Unfortunately, it is not possible quotting from the docker docs: https://docs.docker.com/network/bridge/#differences-between-user-defined-bridges-and-the-default-bridge
User-defined bridges provide automatic DNS resolution between containers.
Containers on the default bridge network can only access each other by IP addresses, unless you use the --link option, which is considered legacy. On a user-defined bridge network, containers can resolve each other by name or alias.
Also from: https://docs.docker.com/config/containers/container-networking/#dns-services
DNS Services
By default, a container inherits the DNS settings of the host, as defined in the /etc/resolv.conf configuration file. Containers that use the default bridge network get a copy of this file, whereas containers that use a custom network use Docker’s embedded DNS server

Accessing Database on Host network from docker web container on overlay network

I have a network 10.0.0.0/24 with 1 Oracle db-host01 ip address 10.0.0.100 and 2 docker hosts Docker01 10.0.0.15 and Docker02 10.0.0.16 and swarm is configured. I have configured a overlay network "overnet" with network address 192.168.6.0/24.
I have executed the below cmd to run a web container on overlay network.
docker run -i -t -d -p 9090:6000 --name portal --network overnet portal:1.0
but the web container is ip address 192.168.6.2 is not communicating with Oracale DB 10.0.0.100.
I can ping DB ip 10.0.0.100 from web container.
how I can make communication possible and can run this container as service as well.
regards
Sohail

Overlay networks are not attachable by default, which means that standalone containers cannot use them.
You can specify that a network should be attachable using the --attachable flag, such as
$ docker network create -d overlay --attachable overnet
If you are unable to modify the network, create a service for your container using
docker service create --network overnet --publish 9090:6000 --name portal portal:1.0
at which point it will be able to use the overlay network.

How to change the network of a running docker container?

I'm trying to update the network of a running docker container.
Note: I didn't attach any network while running the container.
[root#stagingrbt ~]# docker network connect host cdf8d6e3013d
Error response from daemon: container sharing network namespace with another container or host cannot be connected to any other network
[root#stagingrbt ~]# docker network connect docker_gwbridge cdf8d6e3013d
error during connect: Post http://%2Fvar%2Frun%2Fdocker.sock/v1.39/networks/docker_gwbridge/connect: EOF
[root#stagingrbt ~]# docker network create -d host my-host-network
Error response from daemon: only one instance of "host" network is allowed
[root#stagingrbt ~]# docker network ls
NETWORK ID NAME DRIVER SCOPE
495080cf93e3 bridge bridge local
cf0408d6f13f docker_gwbridge bridge local
2c5461835eaf host host local
87e9cohcbogh ingress overlay swarm
84dbd78101e3 none null local
774882ac9b09 sudhirnetwork bridge local

When you start a container, such as:
docker run -d --name alpine1 alpine
It is by default connected to the bridge network, check it with:
docker container inspect alpine1
If you try to connect it to host network with:
docker network connect host alpine1
you obtain an error:
Error response from daemon: container cannot be disconnected from host network or connected to host network
you have to delete the container and run it again on the host network:
docker stop alpine1
docker rm alpine1
docker run -d --network host --name alpine1 alpine
This limitation is not present on bridge networks. You can start a container:
docker run -d --name alpine2 alpine
disconnect it from the bridge network and reconnect it to another bridge network.
docker network disconnect bridge alpine2
docker network create --driver bridge alpine-net
docker network connect alpine-net alpine2
Note also that according to the documentation:
The host networking driver only works on Linux hosts, and is not supported on Docker Desktop for Mac, Docker Desktop for Windows, or Docker EE for Windows Server.

If you want to circumvent the command line and change the network of your docker container via portainer, you can do so. I'm not sure exactly which is the best way of doing this, but the steps below worked for me (changing a container that was running on the bridge network by default into the host network):
In the Container list, click on the container name (emby, in my case)
Stop the container
Click on Duplicate/Edit
Scroll down to Advanced container settings and select the Network tab
Change the Network to host (or whatever you want to set it to)
Click on Deploy the container right above.
Confirm that you want to replace the old container (or deploy it under a new name if you want to be on the save side and keep the old one).
Done!

Run or connect a container to a specific network: Note first of all, the network must exist already on the host. Either specify the network at container creation/startup time (docker create or docker run) with the --net option; or attach an existing container by using the docker network connect command. For example:
docker network connect my-network my-container

I am not sure if we can change the container network while running, however, assuming that the new docker network already exists, you can run the following commands to update your container network.
Executed on Version: 20.10.21 Community Edition
# docker stop <container-name>
# docker network disconnect <old-network-id> <container-name>
# docker network connect <new-network-id> <container-name>
# docker start <container-name>
Note: you won't be able to switch to host network from other network

Can I connect directly to a docker swarm network?

I want a shell inside a Docker Service / Swarm network. Specifically, I want to be able to connect to a database that's inside the network.
From the manager node, I tried:
# docker network ls
NETWORK ID NAME DRIVER SCOPE
481c20b4039a bridge bridge local
2fhe9rtim9mz my-network overlay swarm
Then
docker run -it --network my-network alpine sh
But I get the error:
docker: Error response from daemon: swarm-scoped network (event-data-core-prod) is not compatible with docker create or docker run. This network can only be used by a docker service.
Is it possible to somehow start an interactive session that can connect to a network service?

Since Docker Engine v1.13 (like already mentioned by johnharris85) it is possible for non-service container to attach to a swarm-mode overlay networks using the --attachable commandline parameter when creating the network:
docker network create --driver overlay --attachable my-attachable-overlay-network
Regarding your followup question:
Is there a way to change this for an extant network?
Yes and no, like I already described in another question you can make use of the docker service update feature:
To update an already running docker service:
Create an attachable overlay network:
docker network create --driver overlay --attachable my-attachable-overlay-network
Remove the network stack with a disabled "attachable" overlay network (in this example called: my-non-attachable-overlay-network):
docker service update --network-rm my-non-attachable-overlay-network myservice
Add the network stack with an enabled "attachable" overlay network:
docker service update --network-add my-attachable-overlay-network myservice

run docker on overlay network failed

I create an overlay network successfully, but when I create a docker container using this network it fails:
docker run --net my_overlay --name test -it centos6 bash
docker: Error response from daemon: could not add veth pair inside the network sandbox: could not find an appropriate master "ov-000100-00d00" for "vethdee0c9b".
The node's ip address is 10.16.26.118 and the original start daemon command is:
/usr/bin/docker daemon \
--insecure-registry dockerhub.xxx.com \
--cluster-store=etcd://10.16.24.153:2379,10.16.24.152:2379,10.16.25.54:2379 \
--cluster-advertise=10.16.26.118:2379
The output from docker network ls is:
[root#sa-docker-test1.db01:~]# docker network ls
NETWORK ID NAME DRIVER SCOPE
30244c91aa3a bridge bridge local
1bbaecaa70af host host local
00d00c478d12 my_overlay overlay global
a112d2eb8504 net1 calico global
32a81070bb49 none null local

without use docker machine,I can't use the overlay network.
So,I turn to use calico network,this is easy to configure and easy to understand.