Make container accessible only with localhost

Question

Make container accessible only with localhost

I have the Docker mechanism installed on Debian Jessie, and I run a container with nginx there. My run command looks like this:

docker run -p 1234:80 -d -v /var/www/:/usr/share/nginx/html nginx:1.9

It works fine, the problem is that the contents of this container are now accessible via http://{server_ip}:1234 . I want to run several containers (domains) on this server, so I want to configure reverse proxies for them.

How can I make sure that the container will be accessible only through the reverse proxy, and not directly from IP:port ? For instance:.

 http://{server_ip}:1234 # not found, connection refused, etc... http://localhost:1234 # works fine

// EDIT: Just to be clear - I am not asking how to configure the reverse proxy, but how to start the Docker container to access only from the local host.

+6

docker portforwarding

Pavel Štěrba Sep 09 '16 at 5:15

source share

2 answers

Well, the solution is pretty simple, you just need to specify 127.0.0.1 when displaying the port:

 docker run -p 127.0.0.1:1234:80 -d -v /var/www/:/usr/share/nginx/html nginx:1.9

+2

Pavel Štěrba Sep 09 '16 at 5:53

source share

Matt · Accepted Answer · 2016-09-09T05:54:08+0000

Specify the required host IP address in the port mapping

 docker run -p 127.0.0.1:1234:80 -d -v /var/www/:/usr/share/nginx/html nginx:1.9

If you are doing a reverse proxy, you can put everything on a user-defined network together with your reverse proxy, then everything is in the container and available on the internal network.

 docker network create net docker run -d --net=web -v /var/www/:/usr/share/nginx/html nginx:1.9 docker run -d -p 80:80 --net=web haproxy

Make container accessible only with localhost

More articles: