Hello everyone!
If you don’t want to mess with the firewall rules and security of your server, you can configure your Docker multiple container setup with just links and no exposed ports!
This way you can share your data container (postgres/redis) with other containers without exposing it to the internet.
How to:
-
Edit your
data.yml
file commenting all theexpose
section:
>#expose:
># - “5432:5432”
># - “6379:6379”
># - “2221:22” -
Edit your
web_only.yml
file uncommenting thelinks
section:
>links:
>- link:
>name: data
>alias: data(remeber to use the name of your data container here)
-
The trick! Also on
web_only.yml
file, use your data container’s name to connect to the database:
> DISCOURSE_DB_HOST: data
> DISCOURSE_REDIS_HOST: data
####The Docker’s Magic:
As explained on Docker Container Linking documentation, when you --link
containers:
> Docker adds a host entry for the source container to the /etc/hosts file
So now the containers can communicate locally! Also:
> If you restart the source container, the linked containers /etc/hosts files will be automatically updated with the source container’s new IP address, allowing linked communication to continue.
Source: https://meta.discourse.org/t/how-to-use-docker-multiple-containers-without-exposing-ports/22283