I have a debian server with docker 1.6.0
on it with a running official mysql container (https://registry.hub.docker.com/_/mysql/).
I use a fairly basic firewall configuration in which all ports are closed except SSH, HTTP and NTP (http://pastebin.com/raw.php?i=dFUcJWxy).
When I try to connect to my mysql database:
mysql -u root -h 172.17.0.3 -p
I get the following error message:
ERROR 2003 (HY000): Can't connect to MySQL server on '172.17.0.3' (110)
Port 3306 is filtered on it :
nmap -p 3306 172.17.0.3
PORT STATE SERVICE
3306/tcp filtered mysql
… and when I open port 3306 on the host i can access to the mysql server.
How to access the mysql server container without opening port 3306 of the host machine ?
Further information than can help:
The ansible task to launch the container :
- name: Mysql container
docker:
name: mysql
image: mysql:5.7
state: started
volumes:
- /var/container_data/mysql:/var/lib/mysql
ports:
- "127.0.0.1:3306:3306"
env:
MYSQL_ROOT_PASSWORD: my-root-password
docker inspect mysql
-> pastebin.com/raw.php?i=uhXEhuXJ
iptables -L
-> pastebin.com/raw.php?i=18fkgktF
ifconfig
-> pastebin.com/raw.php?i=YJs2JnQx
If you need more information don't hesitate to ask me.
Best regards
Best Answer
Finally, opening port
3306
on thedocker0
interface solved my issue :