Let’s say I have a Rancher agent with two network interfaces
- eth0: (public network interface)
- eth1: (private network interface)
I would like for the exposed port on the container to only be available in the private network interface. Currently I can accomplish this by setting --ip=$eth1 in the docker daemon and run the docker image in Rancher with network set to bridge.
Ex of what I want:
curl $eth0 <- doesn’t work
curl $eth1 <- works
Is it possible to accomplish the same thing with network set to managed? I tried but the container is accessible via both interfaces.
For a single container I guess I can put in the source ip address directly into docker-compose/ui, but how would I do that if I want to scale out the container across multiple hosts? Thanks