Guest24897
/
DockerCLI
mirror of https://github.com/docker/cli.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #4931 from robmry/internal_network 

Add a description of '--internal' to the docs
This commit is contained in:
Sebastiaan van Stijn 2024-03-11 12:41:29 +01:00 committed by GitHub
parent 412d6fca9c 617377c045
commit b55cf2f71f
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
docs/reference/commandline/network_create.md
View File

@ -162,7 +162,8 @@ equivalent Docker daemon flags used for docker0 bridge:
| `com.docker.network.container_iface_prefix` | - | Set a custom prefix for container interfaces | | `com.docker.network.container_iface_prefix` | - | Set a custom prefix for container interfaces |
The following arguments can be passed to `docker network create` for any The following arguments can be passed to `docker network create` for any
network driver, again with their approximate equivalents to `docker daemon`. network driver, again with their approximate equivalents to Docker daemon
flags used for the docker0 bridge:
| Argument | Equivalent | Description | | Argument | Equivalent | Description |
|--------------|----------------|--------------------------------------------| |--------------|----------------|--------------------------------------------|
@ -183,6 +184,12 @@ $ docker network create \
### <a name="internal"></a> Network internal mode (--internal) ### <a name="internal"></a> Network internal mode (--internal)
Containers on an internal network may communicate between each other, but not
with any other network, as no default route is configured and firewall rules
are set up to drop all traffic to or from other networks. Communication with
the gateway IP address (and thus appropriately configured host services) is
possible, and the host may communicate with any container IP directly.
By default, when you connect a container to an `overlay` network, Docker also By default, when you connect a container to an `overlay` network, Docker also
connects a bridge network to it to provide external connectivity. If you want connects a bridge network to it to provide external connectivity. If you want
to create an externally isolated `overlay` network, you can specify the to create an externally isolated `overlay` network, you can specify the