Docker Community Forums

Share and learn in the Docker community.

Containers created by `docker service` of `docker run` can reach all docker endpoint TCP/2375

amazonwebservices
security

(Sawanoboly) #1

Expected behavior

I think it should block by default. Or should need an authentication.

Actual behavior

Can reach without any authentication and use all features.

Additional Information

Docker for AWS bata 5.

Steps to reproduce the behavior

  1. run some image.
  2. curl {NODE_IPADDRESS}:2375

(Michael Friis) #2

Thanks for reporting, this is mentioned in the errata: https://beta.docker.com/docs/aws/release-notes/#1-12-0-rc3-beta1

Note that the API is only available on the internal VPC network, and not publicly.

We’re working on locking this down, but having the engine APIs available is extremely practical for testing and debugging.