Docker Container Networking on AWS EC2 | Step-by-Step Guide

🐳 Networking Between Docker Containers on AWS EC2

Deploying Docker containers on AWS EC2 is a common strategy for hosting scalable and flexible applications. But ensuring smooth communication between those containers is just as critical as launching them. In this blog post, we’ll walk through how to set up and manage networking between Docker containers hosted on an AWS EC2 instance, using best practices and Docker-native tools.

🔹 Why Container Networking Matters

When working with microservices or multi-container applications, your containers often need to talk to each other. For example:

• A web frontend container needs to connect to a backend API container.
• A backend container connects to a database container.

If containers can’t discover or communicate with each other reliably, your application will fail—no matter how well it runs individually.

🔧 Prerequisites

Before you begin, ensure the following:

• You have an AWS EC2 instance running (Ubuntu preferred).
• Docker and Docker Compose are installed.
• You have SSH access to your EC2 instance.
• Security group rules allow necessary internal ports (e.g., 80, 3306, etc.)

🚀 Step-by-Step: Networking Docker Containers

1. Using Docker Bridge Network (Default)

By default, Docker uses a bridge network named bridge.

✅ To inspect:

bashCopyEditdocker network ls

✅ Example:

If you run containers like this:

bashCopyEditdocker run -d --name web nginx
docker run -d --name app myapp

You can connect to another container using the container name as hostname, e.g., app inside web.

But this works only if both containers are on the same custom bridge network.

2. Create a User-Defined Bridge Network

For containers to communicate easily:

✅ Create network:

bashCopyEditdocker network create mynetwork

✅ Run containers in the same network:

bashCopyEditdocker run -d --name web --network=mynetwork nginx
docker run -d --name app --network=mynetwork myapp

Now, web can reach app using the hostname app.

3. Using Docker Compose (Recommended)

Docker Compose simplifies multi-container setup.

✅ docker-compose.yml example:

yamlCopyEditversion: '3'
services:
  web:
    image: nginx
    ports:
      - "80:80"
  app:
    image: myapp

Run with:

bashCopyEditdocker-compose up -d

All services are automatically connected to a single network named after the project.

You can now access app from web using just the service name app.

4. Accessing Services Externally

If you want to access a container from the outside world (like your browser), ensure:

• EC2 security group allows incoming traffic on the relevant port.
• The container port is published to the host:

bashCopyEditdocker run -d -p 8080:80 myapp

5. Networking Across EC2 Instances (Bonus)

If containers are on different EC2 instances, you can:

• Use Docker Swarm for multi-host networking.
• Or set up a VPC peering and private DNS resolution.
• Tools like Weave or Calico can also help for advanced networking.

🛡️ Security Tip

Never expose internal service ports like databases (e.g., 3306 for MySQL) to the public internet. Keep such services internal to the Docker network and only expose frontend ports.

✅ Conclusion

Networking Docker containers on AWS EC2 is straightforward when using user-defined networks or Docker Compose. Whether you’re running a single-node setup or planning for multi-host orchestration, understanding container networking is key to building reliable, scalable systems.