I am a Developer Advocate for Security in Mobile Apps and APIs at approov.io.
Another passion is the Elixir programming language that was designed to be concurrent, distributed and fault tolerant.
Location
Scotland
Education
Self teached Developer
Work
Developer Advocate for Mobile and API Security at approov.io
When you use 9200:9200 you are indeed using 0.0.0.0:9200:127.0.1:9200 and this a design flaw in docker, because 0.0.0.0 will expose you to the host and to world.
Regarding expose I think is only their for backward compatibility with the deprecated option --links in order to allow inter container communication inside the docker network, not for communication with the machine hosting the docker engine.
Here the use case is to really expose to the host what its running inside the container, thus it really need to use ports, but always with the prefix 127.0.0.1.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
When you use
9200:9200you are indeed using0.0.0.0:9200:127.0.1:9200and this a design flaw in docker, because0.0.0.0will expose you to the host and to world.Regarding
exposeI think is only their for backward compatibility with the deprecated option--linksin order to allow inter container communication inside the docker network, not for communication with the machine hosting the docker engine.Here the use case is to really expose to the host what its running inside the container, thus it really need to use ports, but always with the prefix
127.0.0.1.