Hello everyone!
If you don’t want to mess with the firewall rules and security of your server, you can configure your Docker multiple container setup with just links and no exposed ports!
This way you can share your data container (postgres/redis) with other containers without exposing it to the internet.
How to:
-
Edit your
data.ymlfile commenting all theexposesection:
>#expose:
># - “5432:5432”
># - “6379:6379”
># - “2221:22” -
Edit your
web_only.ymlfile uncommenting thelinkssection:
>links:
>- link:
>name: data
>alias: data(remeber to use the name of your data container here)
-
The trick! Also on
web_only.ymlfile, use your data container’s name to connect to the database:
> DISCOURSE_DB_HOST: data
> DISCOURSE_REDIS_HOST: data
####The Docker’s Magic:
As explained on Docker Container Linking documentation, when you --link containers:
> Docker adds a host entry for the source container to the /etc/hosts file
So now the containers can communicate locally! Also:
> If you restart the source container, the linked containers /etc/hosts files will be automatically updated with the source container’s new IP address, allowing linked communication to continue.
Source: https://meta.discourse.org/t/how-to-use-docker-multiple-containers-without-exposing-ports/22283