Difficulty: Beginner
Estimated Time: 10 minutes

Containers are about isolation. But services are useless if they can't be accessed from outside.

  • Port publishing
  • Network namespace

IV. Network: Service Publishing

Step 1 of 3

1. Network isolation

Start an HTTP server in a container docker run --rm -ti python:latest python -m http.server 80, and visit port 80 on the host (click here).

Note how Docker pulls an image when its not found locally.

It's no surprise that it failed because we know our HTTP server is running in a network namespace that is inaccessible from outside.

That sounds secure, very much. But wait, that also sounds a bit... useless. Why would I start a service no one can reach?