🔌 How to Bridge Networks in Docker Compose (`docker-compose.yml`)

🔌 How to Bridge Networks in Docker Compose (docker-compose.yml)

Docker Compose makes it super easy to define and run multi-container applications. But when it comes to networking, things can get a bit confusing — especially if you want your containers to talk across different custom networks.

In this guide, we'll dive into bridging networks in Docker Compose — what it means, how to do it, and some real-world tips.

🧠 What Does "Bridging Networks" Mean?

In Docker, each container is attached to a network. By default, Docker Compose creates a network for each Compose project. Sometimes, though, you want containers to talk across different networks — maybe even across different Compose files or services in isolated environments.

Bridging networks means:

• Creating multiple custom networks
• Attaching a container to more than one network
• Allowing selective cross-communication between services

🏗️ Example: Bridge Two Services Across Networks

Let’s say you have a web service and a db service, and you want to isolate them in different networks but still allow controlled communication.

📄 docker-compose.yml

version: '3.9' services: web: image: nginx networks: - frontnet - backnet # 👈 This allows it to talk to the db db: image: mysql environment: MYSQL_ROOT_PASSWORD: example networks: - backnet networks: frontnet: driver: bridge backnet: driver: bridge 

🧪 What Just Happened?

• web is attached to both frontnet and backnet
• db is attached only to backnet
• This allows the web container to:
  • Communicate with other front-facing containers via frontnet
  • Access the database via backnet
• The db container cannot reach services on frontnet, which is great for security.

📌 Use Case: Multi-Compose Setup

Let’s say you have multiple Docker Compose files:

• frontend/docker-compose.yml
• backend/docker-compose.yml

You want the frontend to talk to the backend over a shared network.

Step 1: Create a shared network manually

docker network create sharednet 

Step 2: In both Compose files, use external: true

networks: sharednet: external: true 

Then attach services to sharednet in both Compose files:

services: frontend-app: networks: - sharednet 

services: backend-api: networks: - sharednet 

Now both services, managed separately, can talk to each other over the shared network.

🔒 Security Tips

• Use multiple networks to segment services (e.g., frontend/backend/db).
• Avoid exposing sensitive services (like db or redis) to the public or shared networks.
• Use aliases to control how services are addressed.

networks: backnet: aliases: - internal-db 

👀 Debugging Tips

• Use docker network inspect <network_name> to see what's connected.
• docker exec -it <container> sh into containers to ping or curl test others.
• Try using hostnames instead of IPs (e.g., http://db:3306).

🧰 Tools & Tricks

• netshoot: A Docker image with networking tools.

docker run -it --rm --network=backnet nicolaka/netshoot 

• dig, nslookup, traceroute and ip a will become your best friends.

🚀 Summary

✅ You can bridge Docker networks in Compose by:

• Attaching services to multiple networks
• Creating shared external networks
• Managing cross-service communication precisely

🤔 TL;DR

“With great networks comes great responsibility.”

— Uncle Compose 🧓🐳

Now go forth and connect your containers like a pro!