Containers, port forwarding from internet, and security?

O

oguruma

Patron
Joined
Jan 2, 2016
Messages
226
I've never used Kubernetes before, and have only have used VMs to expose resources to the internet, so forgive me...

I want to build a new box for my office. It will have SMB shares for accessing on the LAN/via VPN, and then various apps that need to be exposed to the internet.

I use KVM/Proxmox now, and all of the internet-facing machines are put in VMs with a NIC that's in a DMZ.

I wouldn't mind doing this with containers in SCALE, for more efficiency. As I understand it, I'd have to port forward to truenas-scale-ip:9001. This sort of gives me heebie jeebies, since the TrueNAS interface would live on the LAN, but then I'm quite ignorant. Can I tell SCALE containers to only talk on certain interfaces (which would be in a DMZ)?
 
truecharts

truecharts

Guru
Joined
Aug 19, 2021
Messages
788
oguruma said:
I've never used Kubernetes before, and have only have used VMs to expose resources to the internet, so forgive me...

I want to build a new box for my office. It will have SMB shares for accessing on the LAN/via VPN, and then various apps that need to be exposed to the internet.

I use KVM/Proxmox now, and all of the internet-facing machines are put in VMs with a NIC that's in a DMZ.

I wouldn't mind doing this with containers in SCALE, for more efficiency. As I understand it, I'd have to port forward to truenas-scale-ip:9001. This sort of gives me heebie jeebies, since the TrueNAS interface would live on the LAN, but then I'm quite ignorant. Can I tell SCALE containers to only talk on certain interfaces (which would be in a DMZ)?
Click to expand...

First off: which port you use for your Apps/containers depends on the container/App. There is no "magic standard port".
But for all Apps globally, you can select the interface to listen on in the settings. Including the default route as well.

But it might be best to first play around with SCALE Apps a bit (in a VM for example), to get the hang of it and follow some tutorials/guides.
Because everything networking related depends a lot of which specific Apps you want to run and how you want to use them.
 
You must log in or register to reply here.

Important Announcement for the TrueNAS Community.

The TrueNAS Community has now been moved. This forum will now become READ-ONLY for historical purposes. Please feel free to join us on the new TrueNAS Community Forums.

Related topics on forums.truenas.com for thread: "Containers, port forwarding from internet, and security?"

Similar threads

O
Bridged network can't reach the internet?
Replies
2
Views
2K
brando56894
B
D
Docker Containers Have No Outbound Internet Connectivity?
2 3
Replies
44
Views
9K
Kieros
K
P
Communication Between Docker Containers - How?
Replies
4
Views
4K
paul56
P
K
Migrating to SCALE app subnet security
Replies
2
Views
2K
truecharts
truecharts
J
air gap network still access docker containers?
Replies
2
Views
869
JoeAtWork
J
Top