You are currently viewing Docker Port Mapping: What, Why, and How Does it Work?

Docker Port Mapping: What, Why, and How Does it Work?

Docker has made containerization a standard practice guiding developers and administrators through the complexities of deploying applications seamlessly. One of the fundamental concepts that every Docker enthusiast must grasp is port mapping. Connectivity issues between containers and external networks are eliminated by Docker Port Mapping. In order to facilitate communication between the host machine and the containers, we must first map the appropriate ports. 

In order to improve the networking capabilities of your Dockerized apps, this article will lay the groundwork for doing so with port mapping.

We also offer Docker Consulting services for those who are using Docker or are planning to use it. You can visit our website to know more about it.

What is Docker port mapping?

Docker Port mapping is a fundamental networking concept that allows containers to communicate with the outside world. When a Docker container runs, it’s isolated from the host system and other containers by default. Port mapping enables specific ports on the host machine to be linked to ports within the container, allowing external communication with processes running inside the container.

To put it simply, it’s similar to opening specific doors (ports) in your house (host machine) that lead to different rooms (containers). These ports act as endpoints, enabling external services or applications to interact with processes inside the container.

For instance, if your web application inside a Docker container is running a web server on port 5000, you can map port 80 on your host machine to port 5000 in the container. Now, when someone accesses your host machine’s IP address on port 80, the request is automatically redirected to the web server running inside the container on port 5000.

Why Use Docker Port Mapping?

Using Docker port mapping is essential for several reasons, each contributing to the efficient and secure functioning of containerized applications:

1. Isolation and Security

By default, containers are isolated from external networks. Port mapping allows you to expose only specific ports to the host system, enhancing security. You can control which services are accessible from the outside world, reducing the attack surface and securing sensitive data and applications within the container.

2. Running Multiple Instances

In a host machine, different applications often need to use the same port. With Docker port mapping, you can run multiple instances of the same application on different ports. This ability is invaluable for development, testing, and deployment scenarios where various versions or configurations of an application need to run simultaneously.

3. Network Flexibility

Docker’s port mapping provides unparalleled flexibility in networking configurations. It allows containers to communicate with each other or with external systems using well-defined ports. This flexibility simplifies complex network setups, making it easier to integrate Docker containers into existing network architectures.

4. Facilitating Load Balancing

In production environments, Docker containers are often deployed in clusters. Port mapping enables load balancers to distribute incoming requests across multiple containers efficiently. By exposing specific ports on the host machine, load balancers can route traffic to the appropriate containers, ensuring optimal resource utilization and high availability.

5. Simplifying Deployment

Docker containers encapsulate applications and their dependencies, making deployment consistent across various environments. Port mapping ensures that regardless of the host machine’s configuration, the application inside the container can always be accessed on the defined port. This consistency simplifies the deployment process and ensures uniform behavior in different environments.

6. Easing Development Workflow

During the development phase, developers need to access services within containers for debugging or testing. Port mapping provides an easy way to expose specific services without compromising the security of the entire application. Developers can focus on their work without worrying about complex network setups, enhancing productivity.

Enabling Microservices Architecture

In microservices architectures, applications are broken down into smaller, manageable services. Port mapping allows these services to communicate with each other seamlessly. By exposing specific ports, microservices can interact while remaining isolated, enabling the construction of complex, modular applications.

Also Read: Our blog post on how to delete docker images

How Docker Port Mapping Works?

Docker port mapping works by allowing you to map specific ports on your host machine to ports inside a Docker container. This mapping enables external communication with processes running inside the container. It establishes a bridge between the host’s network interface and the network namespace of the container, ensuring that network traffic directed at specific ports on the host machine is forwarded to the corresponding ports inside the container.

Here’s how Docker port mapping works step by step:

1. Specifying Port Mapping

When you run a Docker container, you can use the -p (or –publish) option to specify port mappings. The basic syntax is:

Docker port mapping explained

In this command, <host_port> represents the port on your host machine that you want to map, and <container_port> is the port on which your application is running inside the container.

2. Network Address Translation (NAT)

When you specify a port mapping, Docker sets up Network Address Translation (NAT) rules on the host machine. When traffic arrives at the specified host port, the host’s NAT table forwards this traffic to the mapped container port. This translation ensures that the internal IP addresses and ports of the container are hidden from the external network.

3. IP Tables and Routing

Under the hood, Docker uses Linux’s iptables and routing capabilities to implement port mapping. iptables is a powerful firewall tool that allows you to configure NAT rules and packet filtering. Docker dynamically configures iptables rules to intercept incoming traffic on the specified host port and redirect it to the container’s IP address and port.

4. Bridged Networking

By default, Docker containers use bridged networking, where each container is connected to a private virtual bridge. The bridge acts as a virtual switch, allowing containers to communicate with each other. When port mapping is used, the bridge is connected to the host machine’s network interface, enabling external communication through the mapped ports.

5. Binding to Specific IP Addresses

Docker also allows you to bind containers to specific IP addresses on the host machine. By specifying the host’s IP address along with the port during port mapping, you can ensure that traffic is only accepted from that specific address, enhancing security.

Also Check: Our blog post on how to install docker on mac

Host Network Mode (Optional)

In certain scenarios, like when performance is critical, Docker provides an option called the host network mode. Using this mode, containers share the network namespace with the host, eliminating the need for port mapping. However, it sacrifices the isolation between containers, making it suitable for specific use cases where performance takes precedence over isolation.

Methods for Assigning a New Port Mapping to an Existing Container

Assigning a new port mapping to a running Docker container is a common scenario, especially when you want to expose additional services or change the external access points of your containerized applications. Here are a few ways to assign a new port mapping to a running container:

Method 1: Using the docker run Command with –publish or -p Flag:

If you’ve already created a container without specifying port mapping or need to modify existing mappings, you can use the docker run command with the -p or –publish flag. This method allows you to add new port mappings and override existing ones.

docker run -p <new_host_port>:<container_port> –name <container_name_or_id> -d <image_name>

Replace <new_host_port> with the new port on your host machine, <container_port> with the port inside the container, <container_name_or_id> with the name or ID of your running container, and <image_name> with the name of the Docker image.

Method 2: Using the docker commit and docker run Commands:

If your container is running and you need to modify the port mapping permanently, you can create a new image from the existing container and run a new container from that image with the desired port mapping.

Commit the Running Container to a New Image:

Docker port mapping explained

Run a New Container from the New Image with the Updated Port Mapping:

docker run -p <new_host_port>:<container_port> –name <new_container_name> -d <new_image_name>

Replace <container_name_or_id> with the name or ID of your running container, <new_image_name> with the name you want for your new image, <new_host_port> with the new port on your host machine, <container_port> with the port inside the container, and <new_container_name> with the name for your new container.

Method 3: Using Docker Compose:

If you manage your containers with Docker Compose, you can modify the docker-compose.yml file to update the port mapping configuration. Change the ports under the desired service to update the port mapping, and then run docker-compose up to apply the changes.

Example docker-compose.yml:

Docker port mapping explained

Replace <new_host_port> with the new port on your host machine and <container_port> with the port inside the container.

Method 4: Using docker update Command (For Existing Containers):

If your container is already running, you can use the docker update command to change the port mapping without recreating the container.

docker update –publish-add <new_host_port>:<container_port> <container_name_or_id>

Replace <new_host_port> with the new port on your host machine, <container_port> with the port inside the container, and <container_name_or_id> with the name or ID of your running container.

These methods provide flexibility in updating port mappings for your running Docker containers, allowing you to adapt your applications to changing requirements or network configurations.

Wrapping Up

Containerization is useless without properly mapping ports in Docker. Through the process of Docker port mapping, it facilitates communication between containers and their host machines. Accessing containerized programs and interacting with the host system and other containers is made possible by Docker port mapping. 

Docker Port mapping has been shown to be useful in several contexts, such as service exposure, load balancing, and network segmentation. For efficient management and networking of containers, familiarity with Docker port mapping is a necessity. 

Still having doubts? Contact our 24×7 support team to get answers to all your questions.