5b2c8c37aa
Implement Lab 02 with Docker bridge networks simulating VPC/Subnets. Test Infrastructure (RED phase): - 6 bash test scripts for network creation, isolation, INF-02 compliance - Fail-fast orchestration with run-all-tests.sh - Quick validation script for development Documentation (Diátaxis framework): - 3 tutorials: VPC creation, container deployment, isolation verification - 4 how-to guides: create network, inspect config, test isolation, cleanup - 3 reference docs: Docker network commands, Compose syntax, VPC mapping - 1 explanation: Docker ↔ VPC parallels (PARA-01/02/03/04) Infrastructure (GREEN phase): - docker-compose.yml with VPC networks (10.0.1.0/24, 10.0.2.0/24) - 5 services: web, app, db, test-public, test-private - INF-02 compliant: 127.0.0.1 bindings only, no 0.0.0.0 - Private network with --internal flag - Multi-homed app container (public + private networks) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
4.1 KiB
4.1 KiB
Reference: Comandi Docker Network
Riferimento rapido per i comandi Docker network.
Comandi Principali
Creare una Rete
docker network create [OPTIONS] NETWORK
# Sintassi base
docker network create my-network
# Con subnet personalizzata
docker network create --subnet 10.0.1.0/24 --gateway 10.0.1.1 my-network
# Rete interna (isolata)
docker network create --internal my-internal-network
# Specifica driver
docker network create --driver bridge my-bridge-network
Lista Reti
# Tutte le reti
docker network ls
# Con dettagli
docker network ls --no-trunc
# Solo reti custom
docker network ls --filter 'type=custom'
# Format output
docker network ls --format "table {{.Name}}\t{{.Driver}}\t{{.Scope}}"
Ispezionare una Rete
# Output JSON completo
docker network inspect NETWORK
# Output specifico
docker network inspect NETWORK --format '{{.IPAM.Config}}'
docker network inspect NETWORK --format '{{.Driver}}'
docker network inspect NETWORK --format '{{.Containers}}'
Collegare Container a Rete
# Collega container a rete
docker network connect NETWORK CONTAINER
# Con IP specifico
docker network connect NETWORK CONTAINER --ip 10.0.1.100
# Con alias DNS
docker network connect NETWORK CONTAINER --alias my-service
Scollegare Container da Rete
# Scollega container
docker network disconnect NETWORK CONTAINER
# Forza (se in uso)
docker network disconnect -f NETWORK CONTAINER
Rimuovere Reti
# Rimuovi rete specifica
docker network rm NETWORK
# Rimuovi piu reti
docker network rm NETWORK1 NETWORK2 NETWORK3
# Rimuovi reti non usate
docker network prune
# Rimuovi tutte le reti custom (attenzione!)
docker network ls -q | xargs docker network rm
Opzioni Comuni
| Opzione | Descrizione | Esempio |
|---|---|---|
--driver |
Driver di rete | --driver bridge |
--subnet |
CIDR subnet | --subnet 10.0.1.0/24 |
--gateway |
Gateway IP | --gateway 10.0.1.1 |
--internal |
Isola rete | --internal |
--attachable |
Permette container stand-alone | --attachable |
--ip-range |
Range IP per container | --ip-range 10.0.1.128/25 |
Driver di Rete
| Driver | Descrizione | Uso |
|---|---|---|
bridge |
Bridge Linux (default) | Reti isolate su singolo host |
overlay |
Overlay Swarm | Multi-host networking |
host |
Host networking | Nessuna isolamento |
macvlan |
MACVLAN | MAC address univoco per container |
none |
Nessuna rete | Container senza rete |
Output Format
Template Format
# Nome e driver
docker network ls --format '{{.Name}}: {{.Driver}}'
# Subnet
docker network inspect NETWORK --format '{{range .IPAM.Config}}{{.Subnet}}{{end}}'
# Container con IP
docker network inspect NETWORK --format '{{range .Containers}}{{.Name}}: {{.IPv4Address}}{{end}}'
# JSON completo
docker network inspect NETWORK --format '{{json}}'
Placeholder Disponibili
| Placeholder | Descrizione |
|---|---|
{{.Name}} |
Nome rete |
{{.Id}} |
ID rete |
{{.Driver}} |
Driver |
{{.Scope}} |
Scope (local/swarm) |
{{.Internal}} |
Flag internal |
{{.IPAM.Config}} |
Configurazione IPAM |
{{.Containers}} |
Container collegati |
{{.Options}} |
Opzioni rete |
Esempi Pratici
Creare VPC con Subnets
# Public subnet
docker network create --driver bridge \
--subnet 10.0.1.0/24 \
--gateway 10.0.1.1 \
vpc-public
# Private subnet
docker network create --driver bridge \
--subnet 10.0.2.0/24 \
--gateway 10.0.2.1 \
--internal \
vpc-private
Debug Reti
# Mostra container in una rete
docker network inspect vpc-public --format '{{json .Containers}}' | jq -r '.[] | .Name'
# Verifica IP di container
docker inspect container --format '{{range $n, $c := .NetworkSettings.Networks}}{{$n}}: {{$c.IPAddress}}{{end}}'
# Trova reti di un container
docker inspect container --format '{{range .NetworkSettings.Networks}}{{$}}{{end}}'