Getting Started with Docker¶
To use a Docker based application, you have to create a website on your server. The website will act as environment which will hold your Docker configurations and also as reverse proxy in front of your application.
Access with SSH¶
Once the new website was created sucessfulyl, you can log into the server through SSH. For details, see Means to Access Your Server.
Run Docker Container¶
# run your docker container (nginx as example) $ docker run --detach --restart always --publish 127.0.0.1:8080:80 nginx
You can use any free port. In this example we expose our docker container at 127.0.0.1.8080.
For the container to be accessible from the outside via reverse proxy, the selected port must match the one configured in Proxy pass.
Expose Port Externally¶
In general, we do not recommend to expose Docker ports to the world for security reasons, but use a proxy website in front instead. Still, there are use cases which this is required tough:
by default, exposed ports are bound to 127.0.0.1
bind your port to the desired interface explicitly:
allow external access to the port with a custom firewall rule (see Custom Rule)
User Namespace Isolation¶
For security reasons, we run Docker in a isolated namespace (Details within the Docker manual).
user and group IDs within the container are mapped to non-existing IDs on the host
direct bind mounts are not allowed
use volumes instead
We know of certain setups where it is not possible to have userns remapping enabled. If you encounter this problem, please contact us and we will disable userns remap for your system after we checked your requirements.