![]() I know it has something to do with the binding of 127.0.0.1 to port 80, but I’d like to know if there’s a way to access it via it’s localhost & via the tunnel, but not via the local IP (for security reasons). ![]() However, if I tunnel port 80 via balena tunnel, I get the errors as shown in my previous post. I can’t access it via the local IP, because it’s bound to 127.0.0.1. So I SSH into the host and, without entering the container, I can curl to 127.0.0.1, which gives me a fine response. Port attached to the containers binding instead of its inner network IP/Port. This way, I can access the webserver from within the host machine. mode (in your docker compose file) version: 3 services: my-container. I just want to have the HTTP webserver available when I tunnel the device’s port using balena tunnel, but not when I access it directly via it’s local IP (e.g. This is fixed by using the bind 127.0.0.1 in the config of Redis. I’d just like to express that this seconds question has nothing to do with the network_mode: host anymore. My current service in docker-compose: proxy: networkmode: host build: context. I already use docker-compose to launch the other services I use for development (postgres, redis, etc). I’m happy to share the docker-compose file. Now I am trying to include this proxy/port forwarding setup in my docker-compose environment. If you choose to run the application over 0.0.0.0 you may again consider using iptables to filter out access through eth0 or wlan0. Then you can reach this application from the bridged container through the 172.17.0.1 address, which happens to be the gateway of that container. The application running in the host network container needs to listen either on the 172.17.0.1 address (the br-xxxxxxxxxxxx interface), or on all addresses ( 0.0.0.0). If you have the opposite use-case where you would like to reach a container with host network mode from a container using bridge network mode - this is also possible. You may apply those from the container running in host network mode. Once you map the internal redis port like that you may also consider applying some iptables firewall rules to deny access to this port from the external network/Internet (e.g. The solution is to define ports in the docker-compose.yml file for the redis container and expose the redis port to the host’s network namespace. So you would like to put a container in host network mode and be able to access a redis instance running in a container that is using bridge network mode.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |