ISLE icon indicating copy to clipboard operation
ISLE copied to clipboard

Published 20 hours ago verified publisher icon Islandora-Collaboration-Group

Docker and iptables section

Open g7morris opened this issue 6 years ago • 2 comments

Hello all,

I'd like to request a section to be added for Docker and iptables

We should refer to this when setting up a new host or migrating a server.

https://docs.docker.com/network/iptables/

When setting up a firewall on the ISLE host server, there are several areas that we should highlight specifically how to make admins aware of when creating iptables rules, how Docker interacts with firewalls and how to limit access. That link above covers most if not all but I recently had an issue where Docker was manipulating firewall rules and allowing a container access to the world. This was previously not found to be a challenge.

Lastly, this is an ongoing source of debate with the Docker community as this Github bug / issue report is still as of yet unresolved. https://github.com/moby/moby/issues/22054

Thanks, Gavin

g7morris avatar Jul 17 '18 15:07 g7morris

This issue is going to apply regardless of which server environment you choose right? So would you add this section to 01_Installation_Host_server?

bookishgirl avatar Aug 07 '18 16:08 bookishgirl

This is a serious pain point for me, specifically, as I am struggling to understand how docker is overriding my firewall rules (ufw, Ubuntu 18.04). A documentation section on firewalls for production use is critical here.

wpwentzell avatar May 22 '19 17:05 wpwentzell