I’ve got a question that I haven’t been able to find an answer for on the net so far.
I have a host machine that provides a service (say MySQL) on port 9001. When I run my container, I want to be able to access this service as
localhost:9001 in the app running on the container. I want to do this without using
--net host and instead have a whitelisted approach.
I’m guessing that I’ll have to do this via IPTables, but I wanted to get a second opinion before I continue. Having the bridge adapter is something that I want to maintain for network isolation.
My goal is to firewall off the Docker container from the rest of the network, with the exception of the port that I whitelist that the Host controls.
For additional context, I might have many services all accessing the same host port (MySQL example) so binding the container’s port the host won’t work (as far as I understand).
Thanks for the help!