treechicken@lemmy.world to Programmer Humor@lemmy.ml · 11 months agoFirewalllemmy.worldimagemessage-square77fedilinkarrow-up1735arrow-down118
arrow-up1717arrow-down1imageFirewalllemmy.worldtreechicken@lemmy.world to Programmer Humor@lemmy.ml · 11 months agomessage-square77fedilink
minus-squarederpgonlinkfedilinkarrow-up2·10 months agoUFW does work with Docker, but requires some tweaking. IIRC you have to disallow Docker to modify IPTables and then add a rule to forward all traffic to the Docker network of your choice. It’s a little finicky but works.
minus-squarePlexSheep@feddit.delinkfedilinkarrow-up1·10 months agoInteresting, I might have to read up on that next time. Thanks
minus-squaretux7350@lemmy.worldlinkfedilinkarrow-up1·10 months agoI ran into this same situation, this repo helped me solve it. https://github.com/chaifeng/ufw-docker#solving-ufw-and-docker-issues
minus-squareJasonDJ@lemmy.ziplinkfedilinkarrow-up1·10 months agoBut…why? Project Calico is designed for segmenting network traffic between kubernetes workloads. Right tool for the job. Also if you are a Fortinet shop, supposedly you can manage rules with FortiManager. I haven’t tried that yet but it looks really cool.
minus-squarederpgonlinkfedilinkarrow-up1·10 months agoI was specifically talking about Docker+UFW. Of course the possibilities are endless.
UFW does work with Docker, but requires some tweaking. IIRC you have to disallow Docker to modify IPTables and then add a rule to forward all traffic to the Docker network of your choice. It’s a little finicky but works.
Interesting, I might have to read up on that next time. Thanks
I ran into this same situation, this repo helped me solve it.
https://github.com/chaifeng/ufw-docker#solving-ufw-and-docker-issues
But…why?
Project Calico is designed for segmenting network traffic between kubernetes workloads.
Right tool for the job.
Also if you are a Fortinet shop, supposedly you can manage rules with FortiManager. I haven’t tried that yet but it looks really cool.
I was specifically talking about Docker+UFW. Of course the possibilities are endless.