Hey @Ali, I'll just combine @Eric, @Jackie and @Fez's answers to make it easier for others readers.
What is Network Namespace and why does Docker use it?
Docker uses Network namespace Technology for network isolation purposes which means each docker container has its own network namespace i.e. each container has its own IP address, own routing table, etc.
Let's first understand what network namespaces are. So basically, when you install Linux, by default the entire OS share the same routing table and the same IP address. The namespace forms a cluster of all global system resources which can only be used by the processes within the namespace, providing resource isolation.
Docker containers use this technology to form their own cluster of resources which would be used only by that namespace, i.e. that container. Hence every container has its own IP address and work in isolation without facing resource sharing conflicts with other containers running on the same system.
Run a docker container on a specific node in docker swarm:
To run a container on a specific node, you can use something called filters. There are two types of filters available in docker- node filters and container filters. In this case, you need to use the node filters. In node filters, you have three types of filters - constraint, health, and containerslots. For your requirement, you'll only have to use the constraint filter and add a constraint mentioning you need to deploy the container only on a specific node.
Use the following syntax:
docker run ... -e constraint:node==node_name ...
Where node_name is the name of that specific node on which you want to deploy the container.
How to link two containers over docker swarm:
You can use the concept of port mapping to link two containers. You use the -p flag in your docker run command to achieve port mapping.
example:
docker run -p 8080:8080 -td container_id2
When the container is created using the -p flag, it maps the internal port 8080 to a higher external port 8080. So now the port 8080 of the host is mapped to the containers port 8080 and hence they are connected.