How to make docker container to be accessed only in intranet

I want to run a docker container in my server, and expose a specific port to other server in the same intranet. But I don’t want my container can be accessed by internet outside.

Is there any solution for my situation?

  • How to deploy a full (web) application using Docker, if each process must be a container?
  • Docker Postgres - PDO exception get
  • Make Docker4Mac and vagrant see each others network
  • How to set Puma workers, threads for Rails in Docker
  • Cron and Crontab files not executed in Docker
  • Docker build command with --tag unable to tag images
  • Any help will be appreciated.

  • Forward host port to docker container
  • Expose environment variables to Apache and PHP
  • How to ship java based web application in AWS cloud using docker
  • MobileFirst Container CLI Extensions are not installed
  • Postgres in Docker; two instances clashing ports
  • Why does bash script work depend on the size of the terminal window?
  • One Solution collect form web for “How to make docker container to be accessed only in intranet”

    If your host computer is running on Windows, you can configure firewall to allow that specific port to be accessed only from that machine.
    Another option is to configure boot2docker (via iptables) to restrict access only to specific IP address. But I think it works only for the current session: you have to edit boot2docker image and add it to be used permanently. And the drawback is that all docker images running in docker inside boot2docker would be affected with this change.

    So, my suggestion is to restrict access on host computer side, such as:

    c:\>boot2docker init
    c:\>boot2docker up
    c:\>boot2docker ssh -L
    docker@boot2docker:~$ docker run -p 8080:8080 myContainer

    And restrict port 8080 on firewall level of your host computer.

    Docker will be the best open platform for developers and sysadmins to build, ship, and run distributed applications.