Hello Docker Community,
I am facing a networking issue with my application to run JupyterHub using Docker containers.
To give you a bit of context. I created a virtual machine, on it: port 2022 (ssh) served by my server, port 443 (https) served by nginx proxied to port 8080 served by jupyterhub. A docker container is generated for each user to access JupyterHub.
The problem: On JupyterHub, users can apparently access my server and use all features and services there.
Desired solution: I want to block all traffic from the containers ( -s ) to every other network. How can I filter traffic that originates from e.g. the docker bridge/task containers?
I am still new to dockers and a novice in networking. I would highly appreciate your opinions and advice to fix this issue.
Here is my docker-compose file for reference:
version: "3"
services:
jupyterhub:
restart: always
build: ./jupyterhub
hostname: jupyterhub
ports:
- "8080:8000"
volumes:
- "/var/run/docker.sock:/var/run/docker.sock"
environment:
DOCKER_NOTEBOOK_IMAGE: "exam-scipy-notebook"
DOCKER_NETWORK_NAME: "jupyterhub-network"
DOCKER_JUPYTER_IMAGE: "jupyterhub/singleuser:latest"
HUB_IP: "jupyterhub"
LTI_CLIENT_KEY: "${LTI_CLIENT_KEY}"
LTI_SHARED_SECRET: "${LTI_SHARED_SECRET}"
networks:
default:
external:
name: "jupyterhub-network"
Thank you
Read more here: Source link