I’m relatively new to the world of Docker, but am quickly coming up to speed as a matter of necessity!
I’ve built several images and run successfully - I’m basically building these and deploying them to VM Ware hosts in our cloud platform.
The most recent of these is an image for Memcached, which in itself is a very simple image based on an Ubuntu image. I’ve run the container, specifically exposing the internal port - default of 11211 - using the -p : option, to the same port on the host platform.
When the memcache service is started within the container, connection to that port can be done within the container, but fails when you try and do it from the host platform.
However, for a laugh, I tried replacing the -p flag with -P when using docker run to create a new container. What I discovered is that this takes the internal port (or any internal service port) from the container - 11211 - and randomly assigns a port on the host platform - e.g. 49150. That’s fine, but then I can actually connect to the service on that port!
Why is it I can connect to this randomised port (using -P) but not when I specify the exposed port (using -p) in the run command?
I’ve checked both the container and the host for firewall weirdness…nothing I can see really. The Ubuntu image that my image is based on has no firewall active, and I run iptables -F and ip6tables -F on the host platform before starting any Docker images.
Explicitly exposing ports using -p has worked fine on other images I’ve created, e.g. Tomcat, so I know it can work
Can anybody help me with this head-scratching problem?!!