It's how they can make containers feel like isolated little subnets without reso... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		qbasic_forever on June 24, 2021 \| parent \| context \| favorite \| on: Hacker deleted all of NewsBlur’s Mongo data and is... It's how they can make containers feel like isolated little subnets without resorting to vxlan or other kernel-level stuff. It's a great development experience and I'd be sad to see it go. But.... it really needs to proactively detect and warn users. The issue has been known for many years. A quick little check and error out on startup if you're running on Ubuntu or have ufw enabled would probably save 99% of the pain people have had with it over the years.

1337shadow on June 24, 2021 [–]

It works fine when users create docker networks for their containers to communicate, which docker-compose does by default, instead of publishing ports on 0.0.0.0 like yolo

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact