Containers created by `docker service` of `docker run` can reach all docker endpoint TCP/2375

Expected behavior

I think it should block by default. Or should need an authentication.

Actual behavior

Can reach without any authentication and use all features.

Additional Information

Docker for AWS bata 5.

Steps to reproduce the behavior

  1. run some image.
  2. curl {NODE_IPADDRESS}:2375

Thanks for reporting, this is mentioned in the errata:

Note that the API is only available on the internal VPC network, and not publicly.

We’re working on locking this down, but having the engine APIs available is extremely practical for testing and debugging.

1 Like