prevent Docker from exposing port on host

If i start a container using -p 80 for example, docker will assign a random outbound port.

Everytime Docker assign a port, it also add an iptable rule to open this port to the world, is it possible to prevent this behaviour ?

  • Why some entries are missing in Perl ENV hash
  • How do I point a docker image to my .m2 directory for running maven in docker on a mac?
  • How to get total size of a docker image by docker API properly?
  • Link Docker Container across the Host
  • Docker Akka-Http application endpoint not reachable
  • How to idiomatically access sensitive data when building a Docker image?
  • Note : I am using a nginx load balancer to get the content, I really don’t need to have my application associated with two different port.

  • Docker - Creating base image with RHEL iso
  • How to make docker only use a eth1 interface to communicate with other hosts?
  • using XDebug in a Dockerized PHP on mac OS
  • How to run AWS ECS Task overriding environment variables
  • Spring boot with docker unable to find valid certification path to requested target error
  • How to backspace or delete?
  • 2 Solutions collect form web for “prevent Docker from exposing port on host”

    You can specify both interface and port as follows:

    -p ip:hostPort:containerPort


    -p ip::containerPort

    Another solution is to run nginx inside container and to use conteiner linking without exposing other services whatsoever.

    The iptable feature is a startup parameter for the docker demon. Look for the docker demon conf file in your docker installation. Add –iptables=false and docker never touches your iptables.

    Docker will be the best open platform for developers and sysadmins to build, ship, and run distributed applications.