Skip to content

[DOCS] Add Docker port warning from #48142 #50169

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Dec 18, 2019
Merged

[DOCS] Add Docker port warning from #48142 #50169

merged 3 commits into from
Dec 18, 2019

Conversation

@Kovah
Copy link
Contributor

@Kovah Kovah commented Dec 13, 2019

@jrodewig @pugnascotia

This is the new pull request pushing changes from the original pull request #48142 to master. Please see the original pull request for more details.

PS: CLA is already signed.

@pugnascotia
Copy link
Contributor

pugnascotia commented Dec 13, 2019

Thanks for redoing this on master. What did you think about my suggested wording?

Please note that this configuration exposes port 9200 on all network
interfaces, and given how Docker manipulates `iptables` on Linux, this
means that your {es} cluster is publically accessible, potentially ignoring
any firewall settings.  If you don't want to expose port 9200 and instead
use a reverse proxy, replace `9200:9200` with `127.0.0.1:9200:9200` in the
docker-compose.yml file. {es} will then only be accessible from the host
machine itself.

At a minimum, the text should use "{es}" instead of "Elasticsearch", to match the rest of the docs.

@pugnascotia
Copy link
Contributor

pugnascotia commented Dec 13, 2019

@elasticmachine test this please

@pugnascotia pugnascotia mentioned this pull request Dec 13, 2019
Closed
@jrodewig jrodewig added the :Delivery/Packaging RPM and deb packaging, tar and zip archives, shell and batch scripts label Dec 13, 2019
@elasticmachine
Copy link
Collaborator

elasticmachine commented Dec 13, 2019

Pinging @elastic/es-core-infra (:Core/Infra/Packaging)

@jrodewig jrodewig added the >docs General docs changes label Dec 13, 2019
@elasticmachine
Copy link
Collaborator

elasticmachine commented Dec 13, 2019

Pinging @elastic/es-docs (>docs)

@jrodewig jrodewig changed the title Add Docker port warning from #48142 [DOCS] Add Docker port warning from #48142 Dec 13, 2019
@pugnascotia pugnascotia requested a review from jrodewig December 18, 2019 09:35
jrodewig
jrodewig approved these changes Dec 18, 2019
View reviewed changes
Copy link
Contributor

@jrodewig jrodewig left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. I'll merge these changes. Thanks @Kovah.

@Kovah
Copy link
Contributor Author

Kovah commented Dec 18, 2019

Great, thank you all for the support with this!

@jrodewig jrodewig merged commit 77d94ca into elastic:master Dec 18, 2019
jrodewig pushed a commit that referenced this pull request Dec 18, 2019
@Kovah @jrodewig
[DOCS] Add warning about Docker port exposure (#50169)
cbffd12 
Docker bypasses the Uncomplicated Firewall (UFW) on Linux by editing the `iptables` config directly, which leads to the exposure of port 9200, even if you blocked it via UFW.

This adds a warning along with work-arounds to the docs.

Signed-off-by: Kovah <[email protected]>
jrodewig pushed a commit that referenced this pull request Dec 18, 2019
@Kovah @jrodewig
[DOCS] Add warning about Docker port exposure (#50169)
1aa983a 
Docker bypasses the Uncomplicated Firewall (UFW) on Linux by editing the `iptables` config directly, which leads to the exposure of port 9200, even if you blocked it via UFW.

This adds a warning along with work-arounds to the docs.

Signed-off-by: Kovah <[email protected]>
SivagurunathanV pushed a commit to SivagurunathanV/elasticsearch that referenced this pull request Jan 23, 2020
@Kovah @SivagurunathanV
[DOCS] Add warning about Docker port exposure (elastic#50169)
36dccaa 
Docker bypasses the Uncomplicated Firewall (UFW) on Linux by editing the `iptables` config directly, which leads to the exposure of port 9200, even if you blocked it via UFW.

This adds a warning along with work-arounds to the docs.

Signed-off-by: Kovah <[email protected]>
@mark-vieira mark-vieira added the Team:Delivery Meta label for Delivery team label Nov 11, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@pugnascotia pugnascotia pugnascotia approved these changes

+1 more reviewer

@jrodewig jrodewig jrodewig approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

:Delivery/Packaging RPM and deb packaging, tar and zip archives, shell and batch scripts >docs General docs changes Team:Delivery Meta label for Delivery team v7.5.2 v7.6.0 v8.0.0-alpha1

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

6 participants

@Kovah @pugnascotia @elasticmachine @jrodewig @jakelandis @mark-vieira