Docker Community Forums

Share and learn in the Docker community.

Subnets, firewalls etc

(Czechjiri) #1

Based on the docs, it seems docker cloud creates one giant subnet for all my containers. Why is the design done like this? I would certainly think its more intuitive to create subnets based on stacks or at least let me shape the network a bit.

How do people expose ports just to certain hosts? for example if I have DB in stackA and DB in stackB, how can I prevent any service from StackA to reach DB in stackB? Do you always handle it on lower level meaning nodes e.g. AWS VPC