github.com/jiasir/docker@v1.3.3-0.20170609024000-252e610103e7/docs/reference/commandline/network_create.md (about) 1 --- 2 title: "network create" 3 description: "The network create command description and usage" 4 keywords: "network, create" 5 --- 6 7 <!-- This file is maintained within the docker/docker Github 8 repository at https://github.com/docker/docker/. Make all 9 pull requests against that repo. If you see this file in 10 another repository, consider it read-only there, as it will 11 periodically be overwritten by the definitive file. Pull 12 requests which include edits to this file in other repositories 13 will be rejected. 14 --> 15 16 # network create 17 18 ```markdown 19 Usage: docker network create [OPTIONS] NETWORK 20 21 Create a network 22 23 Options: 24 --attachable Enable manual container attachment 25 --ingress Specify the network provides the routing-mesh 26 --aux-address value Auxiliary IPv4 or IPv6 addresses used by Network 27 driver (default map[]) 28 -d, --driver string Driver to manage the Network (default "bridge") 29 --gateway value IPv4 or IPv6 Gateway for the master subnet (default []) 30 --help Print usage 31 --internal Restrict external access to the network 32 --ip-range value Allocate container ip from a sub-range (default []) 33 --ipam-driver string IP Address Management Driver (default "default") 34 --ipam-opt value Set IPAM driver specific options (default map[]) 35 --ipv6 Enable IPv6 networking 36 --label value Set metadata on a network (default []) 37 -o, --opt value Set driver specific options (default map[]) 38 --subnet value Subnet in CIDR format that represents a 39 network segment (default []) 40 --scope value Promote a network to swarm scope (value = [ local | swarm ]) 41 --config-only Creates a configuration only network 42 --config-from The name of the network from which copying the configuration 43 ``` 44 45 ## Description 46 47 Creates a new network. The `DRIVER` accepts `bridge` or `overlay` which are the 48 built-in network drivers. If you have installed a third party or your own custom 49 network driver you can specify that `DRIVER` here also. If you don't specify the 50 `--driver` option, the command automatically creates a `bridge` network for you. 51 When you install Docker Engine it creates a `bridge` network automatically. This 52 network corresponds to the `docker0` bridge that Engine has traditionally relied 53 on. When you launch a new container with `docker run` it automatically connects to 54 this bridge network. You cannot remove this default bridge network, but you can 55 create new ones using the `network create` command. 56 57 ```bash 58 $ docker network create -d bridge my-bridge-network 59 ``` 60 61 Bridge networks are isolated networks on a single Engine installation. If you 62 want to create a network that spans multiple Docker hosts each running an 63 Engine, you must create an `overlay` network. Unlike `bridge` networks, overlay 64 networks require some pre-existing conditions before you can create one. These 65 conditions are: 66 67 * Access to a key-value store. Engine supports Consul, Etcd, and ZooKeeper (Distributed store) key-value stores. 68 * A cluster of hosts with connectivity to the key-value store. 69 * A properly configured Engine `daemon` on each host in the cluster. 70 71 The `dockerd` options that support the `overlay` network are: 72 73 * `--cluster-store` 74 * `--cluster-store-opt` 75 * `--cluster-advertise` 76 77 To read more about these options and how to configure them, see ["*Get started 78 with multi-host network*"](https://docs.docker.com/engine/userguide/networking/get-started-overlay). 79 80 While not required, it is a good idea to install Docker Swarm to 81 manage the cluster that makes up your network. Swarm provides sophisticated 82 discovery and server management tools that can assist your implementation. 83 84 Once you have prepared the `overlay` network prerequisites you simply choose a 85 Docker host in the cluster and issue the following to create the network: 86 87 ```bash 88 $ docker network create -d overlay my-multihost-network 89 ``` 90 91 Network names must be unique. The Docker daemon attempts to identify naming 92 conflicts but this is not guaranteed. It is the user's responsibility to avoid 93 name conflicts. 94 95 ## Examples 96 97 ### Connect containers 98 99 When you start a container, use the `--network` flag to connect it to a network. 100 This example adds the `busybox` container to the `mynet` network: 101 102 ```bash 103 $ docker run -itd --network=mynet busybox 104 ``` 105 106 If you want to add a container to a network after the container is already 107 running, use the `docker network connect` subcommand. 108 109 You can connect multiple containers to the same network. Once connected, the 110 containers can communicate using only another container's IP address or name. 111 For `overlay` networks or custom plugins that support multi-host connectivity, 112 containers connected to the same multi-host network but launched from different 113 Engines can also communicate in this way. 114 115 You can disconnect a container from a network using the `docker network 116 disconnect` command. 117 118 ### Specify advanced options 119 120 When you create a network, Engine creates a non-overlapping subnetwork for the 121 network by default. This subnetwork is not a subdivision of an existing 122 network. It is purely for ip-addressing purposes. You can override this default 123 and specify subnetwork values directly using the `--subnet` option. On a 124 `bridge` network you can only create a single subnet: 125 126 ```bash 127 $ docker network create --driver=bridge --subnet=192.168.0.0/16 br0 128 ``` 129 130 Additionally, you also specify the `--gateway` `--ip-range` and `--aux-address` 131 options. 132 133 ```bash 134 $ docker network create \ 135 --driver=bridge \ 136 --subnet=172.28.0.0/16 \ 137 --ip-range=172.28.5.0/24 \ 138 --gateway=172.28.5.254 \ 139 br0 140 ``` 141 142 If you omit the `--gateway` flag the Engine selects one for you from inside a 143 preferred pool. For `overlay` networks and for network driver plugins that 144 support it you can create multiple subnetworks. 145 146 ```bash 147 $ docker network create -d overlay \ 148 --subnet=192.168.0.0/16 \ 149 --subnet=192.170.0.0/16 \ 150 --gateway=192.168.0.100 \ 151 --gateway=192.170.0.100 \ 152 --ip-range=192.168.1.0/24 \ 153 --aux-address="my-router=192.168.1.5" --aux-address="my-switch=192.168.1.6" \ 154 --aux-address="my-printer=192.170.1.5" --aux-address="my-nas=192.170.1.6" \ 155 my-multihost-network 156 ``` 157 158 Be sure that your subnetworks do not overlap. If they do, the network create 159 fails and Engine returns an error. 160 161 ### Bridge driver options 162 163 When creating a custom network, the default network driver (i.e. `bridge`) has 164 additional options that can be passed. The following are those options and the 165 equivalent docker daemon flags used for docker0 bridge: 166 167 | Option | Equivalent | Description | 168 |--------------------------------------------------|-------------|-------------------------------------------------------| 169 | `com.docker.network.bridge.name` | - | bridge name to be used when creating the Linux bridge | 170 | `com.docker.network.bridge.enable_ip_masquerade` | `--ip-masq` | Enable IP masquerading | 171 | `com.docker.network.bridge.enable_icc` | `--icc` | Enable or Disable Inter Container Connectivity | 172 | `com.docker.network.bridge.host_binding_ipv4` | `--ip` | Default IP when binding container ports | 173 | `com.docker.network.driver.mtu` | `--mtu` | Set the containers network MTU | 174 175 The following arguments can be passed to `docker network create` for any 176 network driver, again with their approximate equivalents to `docker daemon`. 177 178 | Argument | Equivalent | Description | 179 |--------------|----------------|--------------------------------------------| 180 | `--gateway` | - | IPv4 or IPv6 Gateway for the master subnet | 181 | `--ip-range` | `--fixed-cidr` | Allocate IPs from a range | 182 | `--internal` | - | Restrict external access to the network | 183 | `--ipv6` | `--ipv6` | Enable IPv6 networking | 184 | `--subnet` | `--bip` | Subnet for network | 185 186 For example, let's use `-o` or `--opt` options to specify an IP address binding 187 when publishing ports: 188 189 ```bash 190 $ docker network create \ 191 -o "com.docker.network.bridge.host_binding_ipv4"="172.19.0.1" \ 192 simple-network 193 ``` 194 195 ### Network internal mode 196 197 By default, when you connect a container to an `overlay` network, Docker also 198 connects a bridge network to it to provide external connectivity. If you want 199 to create an externally isolated `overlay` network, you can specify the 200 `--internal` option. 201 202 ### Network ingress mode 203 204 You can create the network which will be used to provide the routing-mesh in the 205 swarm cluster. You do so by specifying `--ingress` when creating the network. Only 206 one ingress network can be created at the time. The network can be removed only 207 if no services depend on it. Any option available when creating a overlay network 208 is also available when creating the ingress network, besides the `--attachable` option. 209 210 ```bash 211 $ docker network create -d overlay \ 212 --subnet=10.11.0.0/16 \ 213 --ingress \ 214 --opt com.docker.network.mtu=9216 \ 215 --opt encrypted=true \ 216 my-ingress-network 217 ``` 218 219 ## Related commands 220 221 * [network inspect](network_inspect.md) 222 * [network connect](network_connect.md) 223 * [network disconnect](network_disconnect.md) 224 * [network ls](network_ls.md) 225 * [network rm](network_rm.md) 226 * [network prune](network_prune.md) 227 * [Understand Docker container networks](https://docs.docker.com/engine/userguide/networking/)