I am very new to using docker. I have been used to using dedicated VM’s and hosting the applications within the servers OS.
When hosting multiple applications/services that require the same port, is it best practice to spin up a whole new docker server or how should I go about the conflicts?
Ie. Hosting multiple web applications that utilize 443.
If the containers are all in the same network. You dont need to expose a port.
Lets assume you create a docker network called reverse_proxy and add all your contaiers that you want to be accessed by the reverse proxy to that network (including caddy).
Then you can address all containers through the hostname in you caddy file and the port would be the default configurated port from the container.
So in the end you just expose the caddy container and nothing more.
Yes, it’d work just fine because each container listens on port 8000 of their own IP address, not the docker server’s IP address. Caddy/Traefik just redirects traffic to that port.
In addition to Caddy being apart of the reverse_proxy network. Would I also have to add it to the Bridge network so that I can utilize the machine IP that docker is hosted on for port forwarding 443?
You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !selfhosted@lemmy.world
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.
Rules:
Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.
No spam posting.
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it’s not obvious why your post topic revolves around selfhosting, please include details to make it clear.
Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
No trolling.
Resources:
selfh.st Newsletter and index of selfhosted software and apps
If the containers are all in the same network. You dont need to expose a port.
Lets assume you create a docker network called
reverse_proxyand add all your contaiers that you want to be accessed by the reverse proxy to that network (including caddy).Then you can address all containers through the hostname in you caddy file and the port would be the default configurated port from the container.
So in the end you just expose the caddy container and nothing more.
That wouldn’t work if multiple containers use the same port (eg. 8000), right?
Without a docker network, I can just map
8001:8000and don’t have that issue.Yes, it’d work just fine because each container listens on port 8000 of their own IP address, not the docker server’s IP address. Caddy/Traefik just redirects traffic to that port.
Okay, thanks! Maybe I’ll try it in the future.
I’ve just posted a little example. I’d recommend doing it this way. No more thinking about what port is allready exposed etc
I didn’t know this, very handy thanks
In addition to Caddy being apart of the
reverse_proxynetwork. Would I also have to add it to theBridgenetwork so that I can utilize the machine IP that docker is hosted on for port forwarding 443?Caddy would have the bridge proxy network and the port 443 exposed.
Other services:
Caddy can now talk to the app with the apps container_name.
Caddyfile:
So the reverse proxy network is an extra network only for containers that need to be exposed.