I'm having a docker image based on
rabbitmq.Nothing in my Dockerfile specifies anything about ports.
I bind the usual rabbitmq ports (5671, 5672 and 15672) to my custom ports by running my instance as follows:
docker run -d -p $someport:5671 -p 127.0.0.1::5672 -p $somemgtport:15672 myimageThere is nothing in my iptables INPUT chain, and the FORWARD chain is filled with the usual docker stuff.
The problem
When $somemgtport is different from 15672 I can't access to it (the rabbitmq management interface via HTTP) from the outside world.
But it seems that I used the -p flag correctly because curl https://localhost:$somemgtport works as expected (as well as the amqp calls to $someport).
When running, the iptables DOCKER chain is the following:
Chain DOCKER (1 references)
target prot opt in out source destination
ACCEPT tcp -- !docker0 docker0 anywhere xyz tcp dpt:15672
ACCEPT tcp -- !docker0 docker0 anywhere xyz tcp dpt:5671
ACCEPT tcp -- !docker0 docker0 anywhere xyz tcp dpt:amqp
So it doesn't open the ports $someport and $somemgtport but rather the ports that are correspond to the "inside" of the container: 5671 and 15672 (the ones from rabbitmq).
=> it seems to me that it's doing exactly the contrary to what I would expect...!
What did I do wrong with the docker run command?
NB: I want other ports than the default ones because I'm running 2 instances of rabbitmq on the same machine.
Update - Here's a partial output of netstat -pln (with someport=55001 and somemgtport=65002):
tcp6 0 0 :::55001 :::* LISTEN 29613/docker-proxy
tcp6 0 0 :::65002 :::* LISTEN 29622/docker-proxy
netstat -pln | grep 15672 has no output
