164

Is docker capable of exposing a port only to the host and not to the outside.

I need to put a docker running with a mongo database, and I wanted that it was only accessible from the host, but I need to link the host port 27017.

Is this possible, or do the only possible way is to change firewall definitions?

Improve this question

1 Answer 1

Reset to default
243

Sure, just bind it to localhost, like this:

docker run -p 127.0.0.1:27017:27017

Also: Your host can also talk to each container normally over its IP. Use docker inspect $ID to get a json dump (beside other stuff) containing the network IP.

Improve this answer
Sign up to request clarification or add additional context in comments.

7 Comments

So is it something like [1] docker run -p 27017:27017 -v /var/lib/mongodb/master:/data mongo:storage_test /usr/bin/start-mongo [2] docker run -p 127.0.0.1:27017:27017 ...?
The second option binds to localhost, yes. The first one makes the port publicly available. If you don't want a static port, use 127.0.0.1::27017.
This solution does not appear to work for swarm mode see this github issue
is the equivalent docker-compose simply service-name: { ... ports: [ "127.0.0.1:27017:27017" ] }?
What is the problem in my docker-compose though bind to localhost only but It is publicly accessible. stackoverflow.com/questions/50621936/…
|

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.