Docker Community Forums

Share and learn in the Docker community.

Haproxy bind error to port 443 in docker-ce version less than 20.10.0

I am running my docker container using the security option

--security-opt=no-new-privileges:true

I see that my haproxy cannot bind to the privileged port 443 in my docker container although I have done so in my docker file

RUN setcap CAP_NET_BIND_SERVICE=+eip /path/to/program

I get the the following error

[ALERT] 211/191324 (21) : Starting frontend application_traffic: cannot bind socket [0.0.0.0:443]

However if I upgrade this to docker version 20.10.0 and above I do not see any such error. Why is that ? is this a security issue in current docker version or is this a fix ?

I am able to bind to higher number ports if I change the haproxy config to point to something like 8443 as against 443. My issue is resolved but I want to know what is going on ?

I have asked this question even on stackoverflow here

@avbentem would you know the answer to above question. Would I need to provide more details on this question ?