top of page
Search

How to redirect traffic from the host machine to Docker containers without using an orchestration tool?



Docker, by default, isolates containers from the host and other containers. However, it offers several mechanisms for establishing communication, of which I would like to mention two of them:


  • Bridge network: Each container gets a private IP address on a Docker bridge network, where the host acts as a conduit, allowing containers to communicate with each other.

  • Port mapping: Exposes a container port to a host port, allowing access to container services from the outside.


However, the bridge network is a private network and IPs with range 172.17.xx are not accessible outside the host.


In Docker-contained projects in production, as a best practice, services are exposed to the host and to the outside world via a specific port, such as 7005.

Here is an example command:

docker run -d -p 7005:80 --name webserver nginx

  • 7005: Port exposed on host

  • 80: service port inside the container


In this case, just enter the IP address of the host with its port into the browser:

http://<host_ip_address>:7005

However, it is not a good practice to expose the dedicated port directly to the world.

It’s best to use a reverse proxy like Nginx or another web server and block the port to the outside using a firewall.

The reverse proxy is used to forward traffic from the source to the dedicated service. The dedicated service will be configured in the Nginx configuration file:

server {    
   listen 80;    
   server_name yourdomain.com;

   location / {        # Docker container 1 
       proxy_pass http://localhost:7005;
       ....    
   }
   location /blog/ {        # Docker container 2   
       proxy_pass http://localhost:7006;    
       .....
   }
}

Here are the steps of the traffic flow on the network:

  1. The user types https://yourdomain.com into the browser.

  2. DNS resolves yourdomain.com to the host’s IP address.

  3. The browser sends an HTTP request to the host’s IP address on port 80.

  4. The host’s firewall or routing mechanism forwards the request to port 80 of the host’s Nginx web server.

  5. Nginx, via reverse proxy, redirects traffic into the dedicated container.


Conclusion:

Using Docker in production without orchestration requires manual work. However, with the right knowledge, using manual work allows you to configure it in the best way without adding more complexity to the architecture.

The orchestration tool would be necessary if the containers, to be maintained manually, become too many.

cipiklevis@gmail.com

+355674907376

  • White LinkedIn Icon
  • White Twitter Icon

©2024 by Klevis Cipi.

Albania, Tirane

bottom of page