How to make docker container to be accessed only in intranet

I want to run a docker container in my server, and expose a specific port to other server in the same intranet. But I don’t want my container can be accessed by internet outside.

Is there any solution for my situation?

  • Expose my docker container to my external IP on GCP
  • Docker: ping: unknown host yahoo.com
  • Dockerfile vs docker-compose.yml
  • Cannot create and run Bluemix container, Unathorized
  • What tool can manage Docker container to start in order?
  • When pushing an image in GitLab registry using jenkins, the error fails: Invalid repository name
  • Any help will be appreciated.

  • How to verify locally built docker images?
  • Docker didn't forward the port from web service
  • How to delegate Kubernetes scheduler to Yarn
  • vagrant variables in Dockerfile
  • Issue while indexing data in solr in docker cluster setup
  • In virtual-machine Docker push to private registry failed under proxy
  • One Solution collect form web for “How to make docker container to be accessed only in intranet”

    If your host computer is running on Windows, you can configure firewall to allow that specific port to be accessed only from that machine.
    Another option is to configure boot2docker (via iptables) to restrict access only to specific IP address. But I think it works only for the current session: you have to edit boot2docker image and add it to be used permanently. And the drawback is that all docker images running in docker inside boot2docker would be affected with this change.

    So, my suggestion is to restrict access on host computer side, such as:

    c:\>boot2docker init
    c:\>boot2docker up
    c:\>boot2docker ssh -L 0.0.0.0:8080:localhost:8080
    docker@boot2docker:~$ docker run -p 8080:8080 myContainer
    

    And restrict port 8080 on firewall level of your host computer.

    Docker will be the best open platform for developers and sysadmins to build, ship, and run distributed applications.