Remote access to webserver in docker container

Question 1

I figured out what I missed, so here's a simple flow for accessing docker containers webapps from remote machines:

Step #1 : Bind physical host ports (e.g. 22, 443, 80, ...) to container's virtual ports. possible syntax:

    docker run -p 127.0.0.1:443:3444 -d <docker-image-name>

(see docker docs for port redirection with all options)

Step #2 : Redirect host's physical port to container's allocated virtual port. possible (linux) syntax:

    iptables -t nat -A PREROUTING -i <host-interface-device> -p tcp --dport <host-physical-port> -j REDIRECT --to-port <container-virtual-port>

That should cover the basic use case.

Good luck!

Question 2

Correct me if I'm wrong but as far as I'm aware docker host creates a private network for it's containers which is inaccessible from the outside. That said your best bet would probably be to access the container at {host_IP}:{mapped_port}.

Question 3

If your container was built with a Dockerfile that has an EXPOSE statement, e.g. EXPOSE 443, then you can start the container with the -P option (as in "publish" or "public"). The port will be made available to connections from remote machines:

$ docker run -d -P mywebservice

If you didn't use a Dockerfile, or if it didn't have an EXPOSE statement (it should!), then you can also do an explicit port mapping:

$ docker run -d -p 80 mywebservice

In both cases, the result will be a publicly-accessible port:

$ docker ps
9bcb… mywebservice:latest … 0.0.0.0:49153->80/tcp …

Last but not least, you can force the port number if you need to:

$ docker run -d -p 8442:80 mywebservice

In that case, connecting to your Docker host IP address on port 8442 will reach the container.

Question 4

There are some alternatives of how to access docker containers from an external device (in the same network), check out this post for more information http://blog.nunes.io/2015/05/02/how-to-access-docker-containers-from-external-devices.html