Right now, when I bind a docker container port to a port on my computer, it can be accessed through every IP address belonging to my computer.
I know this since I tried connecting to the port through another computer using my Docker host's static LAN ip address.
I want to restrict that specific container to be accessible exclusively by my docker host (127.0.0.1 or localhost). When I change my web server's IP to localhost, it becomes inaccessible from my docker host (probably because that makes it local to the container, not the host).
How can I make a docker container local to the host?
If you run the container like this it will be accesable only from 127.0.0.1
docker run --rm -it -p 127.0.0.1:3333:80 httpd
--rm: I use it for testing it removing the container after exit.
-it: interactive tty.
-p: port mapping, map 3333 on the host to 80 in the container and restrict access only from localhost.
The docker-compose equivalent would be:
services:
db:
ports:
- "127.0.0.1:80:80"