DEV Community

Discussion on: Be careful with Docker ports!

Collapse
 
kovah profile image
Kevin Woblick • Edited

In your case the container wouldn't be able to be accessed from the outside anyway, because you specified the publiched ports as 127.0.0.1:5433:5432. However, if you publish the ports globally, you would still be able to access the container from the outside, like docker run -d —network custom_net —publish 5433:5432 postgres.
The thing is that Docker networks are public by default and connected to the host network. You would have to create your network with the --internal flag. But this would make it impossible to access Postgres even while you are on your host, because it now runs in a completely isolated network.

So, specifying your ports with 127.0.0.1:5432 is the most reliable and secure way.

Collapse
 
raiandian profile image
Ryan Jan Borja

(If I get it right), If I only want PostgreSQL to be accessible from the host machine I should not include a custom network and my docker run command should look like this.
docker run -d --publish 127.0.0.1:5433:5432. If I want it to be accessible within the network or even outside, I should remove 127.0.0.1.

Thread Thread
 
kovah profile image
Kevin Woblick

Yes, that's correct.