bob
Reputation: 95
How to isolate docker container from the host network (docker-compose)
I have a container that running a simple socket python script that listen on his ip address. I made a network for that container with the bridge as the driver. But when I am running the container I can access it from outside of his network using the localhost:port address. I want to isolate the container from anyone that is outside of his network. Can someone help me with that?.
This is my docker-compose file:*
version: '3.5'
services:
relayG1_1:
container_name: relayG1_1
image: image
command: python3 server.py 10.1.0.5
ports:
- 4000:4000/tcp
networks:
first_network:
ipv4_address: 10.1.0.5
networks:
first_network:
name: first_network
driver: bridge
ipam:
config:
- subnet: 10.1.0.0/24
gateway: 10.1.0.1
Upvotes: 2
Views: 1973
Answers (1)
Alexandre LEROY
Reputation: 2310
When you want to expose port on network, without being accessible from localhost you should use property expose instead of ports.
An example :
version: '3.5'
services:
relayG1_1:
container_name: relayG1_1
image: image
command: python3 server.py 10.1.0.5
expose:
- "4000"
networks:
first_network:
ipv4_address: 10.1.0.5
networks:
first_network:
name: first_network
driver: bridge
ipam:
config:
- subnet: 10.1.0.0/24
gateway: 10.1.0.1
Upvotes: 2
Related Questions
- Make containers inside network unroutable from the host
- Forbid docker to use specific network
- Isolating certain Docker containers from one another
- How to prevent internet access in Docker containers
- Make docker container only accessible from a certain IP
- How to expose host network to docker container in docker-compose?
- How to make container visible only to other containers within the same network
- Host-only network for Docker container
- Suppress docker networking with docker compose for test execution isolation
- Docker: How to prevent outgoing traffic from a docker's network using docker-compose and no iptables?