run docker-daemon with --iptables=false

+4 votes

I want to set up a static firewall and network configuration, so that I can run docker-daemon with --iptables=false (i.e. not having Docker modifying the firewall), in a way that containers should not exposed to the external world, but it's still possible to have containers connected to services when using docker-compose

Mar 26, 2018 in DevOps & Agile by Atul
• 10,220 points

edited Oct 12, 2018 by Kalgi 251 views

2 answers to this question.

Your answer

Your name to display (optional):
Privacy: Your email address will only be used for sending these notifications.
+2 votes
Best answer
The docker network model uses iptables to set up internet connectivity for your containers. Only set iptables=false if you explicitly do not want your containers that are using bridge or overlay network drivers to have any network connectivity at all.

When you start the daemon with iptables=true, it will set up the required rules in your firewall. When docker shuts down, I don't believe it tears those rules down, so they stick around. This is why you get internet connectivity after starting docker back up with iptables=false. If you want to preserve those rules on the next docker startup after a reboot, the best way is to keep iptables=true.
answered Aug 2, 2018 by Kalgi
• 36,260 points

selected Oct 12, 2018 by Omkar
+1 vote

I agree with @Kalgi, iptables=false is necessary to setup the firewall but also make sure docker shouldn't overrides the firewall configuration.

answered Oct 12, 2018 by Hannah
• 14,080 points

Related Questions In DevOps & Agile

+1 vote
2 answers

How do I run Apache server from Docker without mapping to a location?

If you're seeing a 500 error, that's ...READ MORE

answered Oct 18, 2018 in DevOps & Agile by lina
• 8,100 points
53 views
+1 vote
1 answer

Isolate PHP applications with Docker

That is the idea: you can make ...READ MORE

answered Jul 12, 2018 in DevOps & Agile by Kalgi
• 2,620 points
17 views
0 votes
1 answer

How does Docker for Windows run Linux containers?

Docker for Windows still uses a Linux ...READ MORE

answered Aug 24, 2018 in DevOps & Agile by Tyrion anex
• 8,280 points
44 views
0 votes
1 answer

How to a run deployed app in Docker for Windows?

To deploy an ASP.NET web application to ...READ MORE

answered Aug 29, 2018 in DevOps & Agile by Tyrion anex
• 8,280 points
103 views
0 votes
1 answer
0 votes
1 answer

Deploy Docker Containers from Docker Cloud

To solve this problem, I followed advice ...READ MORE

answered Sep 3, 2018 in AWS by Priyaj
• 56,140 points
79 views
+13 votes
5 answers

How do I run a cron job inside a docker container

If you can SSH into your server ...READ MORE

answered Jul 27, 2018 in DevOps & Agile by Kalgi
• 36,260 points
1,341 views
+5 votes
3 answers

Error while trying to install postgis extension with greenplum

Try re downloading the package and installing ...READ MORE

answered Mar 27, 2018 in DevOps & Agile by DragonLord999
• 8,360 points
62 views

© 2018 Brain4ce Education Solutions Pvt. Ltd. All rights Reserved.
"PMP®","PMI®", "PMI-ACP®" and "PMBOK®" are registered marks of the Project Management Institute, Inc. MongoDB®, Mongo and the leaf logo are the registered trademarks of MongoDB, Inc.