Understanding Network Seggregation in Docker-Compose
Did you ever wonder why use different networks in docker-compose?
There are a number of reasons. I think the most important one is to test how proxies etc work. And this is exactly what we try now in this lecture - create two different networks and see how seggregation really works.
Using networks in docker-compose for better segregation
Letās use this docker-compose.yml file:
version: "3.7"
services:
web:
image: nginx:alpine
volumes:
- ./nginx.conf:/etc/nginx/nginx.conf
ports:
- 8080:80
networks:
- app1_net
- app2_net
app1:
image: httpd:latest
networks:
- app1_net
app2:
image: httpd:latest
networks:
- app2_net
networks:
app1_net:
app2_net:
And the following nginx.conf configuration file in the same directory:
events {}
http {
server {
listen 80;
listen [::]:80;
server_name example.com;
location / {
proxy_pass http://app1:80/;
}
location /app2 {
proxy_pass http://app2:80/;
}
}
}
- It will create two apache containers, āapp1ā and āapp2ā
- The apache containers wonāt be reachable from the host
- āapp1ā cannot reach āapp2ā (thatās the important part š)
- Both āapp1ā and āapp2ā can be reached from the reverse nginx proxy
Now go to the terminal and type in:
docker-compose upAnd wait for the services to come up and shows the log-output.
Go to http://localhost:8080ā and observer the command line
- It will show you the nignx-container web_1 container (reverse_proxy) was requested
- And forwarded the request to āapp1ā container
- Reload a few times to make this more obvious
Go to http://localhost:8080/app2ā and observe the command line
- It will show you again that nginx-container web_1 container (reverse_proxy) was requested
- And now forwards to āapp2ā container
- Reload a few times to make this more obvious
With this, you can see that network seggregation works fine.
And with this, the course is also complete. This is an introduction course to Docker and you are now equipped with all you need to get started using Docker and Docker-Compose!