Internal network between containers without external network access

dannchurch · November 27, 2017, 5:57pm

To create a network that doesn’t allow access to communicating with external networks, use the ‘internal: true’ configuration on an Overlay network. Your config would thus be:

version: "3"
services:

  proxy:
    build: ./proxy
    networks:
      - network2
      - network1

  app:
    build: ./app
    networks:
      - network1

networks:
  network1:
    driver: overlay
    internal: true
  network2:
    driver: custom-driver-2

Containers that are only on network1 won’t be able to communicate with the “outside” world. In your case, the app service won’t be able to access google.com but proxy will (since it’s also on a non-internal network).

Topic		Replies	Views
Simulating on and offline networks with Docker Compose Compose	2	2159	April 23, 2018
Docker-compose internal network without swarm General	0	750	October 18, 2018
Start a container with a public ip for incoming connections but also let it connected to internal network General	1	434	March 6, 2023
My own networking nightmare General docker	0	708	March 29, 2017
Network creation for internal-containers and host, without internet access Docker Desktop	0	1914	March 9, 2018

Internal network between containers without external network access

Related topics