Docker 101 : Limiting the communication between containers
"ContainerA":
We try to do the same from the "containerB":
As we can see, by default docker allows communication between its containers, we could disable that using the "--icc" flag in the default docker configuration file.
We can now check the iptables rules, to see if docker added any "DROP" rules to the host iptables to stop the communications between the containers:
And "containerB":
Lets see if our containers "containerA" and "containerB" can communicate.
We try to ping the "containerB" form the "containerA":
We can set the "--icc" flag to "false" along with setting the "--iptables" flag that lets docker manipulate the iptables.
To be able to modify these flags, we stop the docker service using the below command:
To be able to modify these flags, we stop the docker service using the below command:
Then we set the below parameters usually in the default docker file "/etc/default/docker":
We finally restart docker using the below command:
Comments