Expose Docker Container Ports

Emmanuel Oyibo
Published: March 25, 2024
About Terminus

In Docker, publishing and exposing ports have different meanings.

Publishing a port refers to making the services running inside a container accessible to the outside world by mapping a container port to a host port

Exposing a port, on the other hand, simply informs Docker that the port is available for communication between containers, but does not make it accessible from outside the Docker network unless it is also published.

The short answer

To map a host port to a container port, you can use the docker run  command with the -p  flag (short for --publish ) as follows:

Bash
$ docker run -p <host_port>:<container_port> <image>

Where:

  • host\_port  specifies the port on the host.
  • container\_port  specifies the port on the container.

For example, the following command will start a new container based on the nginx  image and map the port 8080  of the host to the port 80 of the container:

Bash
$ docker run -p 8080:80 nginx

This way, all the traffic coming on the port 8080  of the host will be automatically forwarded to the port 80  of the container.

Easily retrieve this command using Warp’s AI Command Suggestion

If you’re using Warp as your terminal, you can easily retrieve this command using the Warp AI Command Suggestion feature:

Entering docker publish port  in the AI command search will prompt a docker  command that can then be quickly inserted into your shell by doing CMD+ENTER .

Publishing multiple ports at once

In Docker, it is quite common for a single container to run multiple services that require different ports to listen for incoming requests.

To publish multiple ports at once, you can repeat the -p  flag several times using the following syntax:

Bash
$ docker run -p <host_port>:<container_port> [-p <host_port>:<container_port>] <image>

For example, the following command will start a new container based on the nginx  image and map the ports 80 , 443 , and 22  on both the host and the container:

Bash
$ docker run -p 80:80 -p 443:443 -p 22:22 nginx

Publishing port ranges

As an alternative, instead of repeating the -p  flag multiple times, you can publish port ranges using the following syntax:

Bash
$ docker run -p <start_port_host>-<end_port_host>:<container_start_port>-<container_end_port> <image>

For example, the following command will map all the ports ranging from 8000  to 8002  on the host to each of the ports ranging from 3000 to 3002 on the container:

Bash
$ docker run -p 8000-8002:3000-3002 my-api

Note that this command is equivalent to the following one:

Bash
$ docker run -p 8000:3000 -p 8001:3001 -p 8002:3002 my-api

Publishing the first available host port

Port ranges can also be used to assign the first port available on the host to a specific port on the container using the following syntax:

Bash
$ docker run -p <start_port_host>-<end_port_host>:<container_port> <image>

For example, the following command will test all the ports ranging from 8000 to 8010 on the host and map the first available one to the port 3000 on the container:

Bash
$ docker run -p 8000-8010:3000 my-api

Publishing ports with TCP and UDP

By default, all the ports published through the -p  flag use the TCP protocol, which provides a reliable and ordered delivery of data.

To publish a port with a different network communication protocol such as UDP, which prioritizes speed over perfect reliability, you can use the following syntax:

Bash
$ docker run -p <host_port>:<container_port>/<protocol> <image>

For example, the following command will publish the port 80 using the UDP protocol and the port 443 using the TCP protocol:

Bash
$ docker run -p 80:80/udp -p 443:443/tcp node-server

Exposing ports in a Dockerfile

To expose one or more ports in a Dockerfile, you can use the EXPOSE  instruction as follows:

Bash
EXPOSE <port> [<port>/<protocol> …]

Where:

  • port  is the port number.
  • port;/protocol] is an optional list of ports and protocols, where protocol  is one of tcp  or udp .

For example, the following Dockerfile exposes the UDP port 80 and the TCP port 443 :

Bash
EXPOSE 80/udp 443

Note that, by default, the TCP protocol is assumed if unspecified.

Exposing port ranges via a Dockerfile

To expose a port range in a Dockerfile, you can use the EXPOSE  instruction as follows:

Bash
EXPOSE <start_port>-<end_port>/[protocol]

For example, the following Dockerfile exposes the TCP ports 8000 , 8001  and 8002 :

Bash
EXPOSE 8000-8002

Exposing ports at runtime

To expose one or more port at runtime, you can use the docker run  command with the --expose  flag as follows:

Bash
$ docker run --expose <port> [--expose <port> …] <image>

For example, the following command will start a new container based on the postgres  image and expose the port 5432 :

Bash
$ docker run --expose 5432 postgres

Mapping exposed ports to random host ports

When launching a container, you can map the ports exposed through the EXPOSE  property or the --expose  flag to random ports on the host machine using the docker run  command with the -P  flag (short for --publish-all ) as follows:

Bash
$ docker run -P <image>

Once launched, you can find out the port mapping of your container using the docker port  command as follows:

Bash
$ docker port <container>

Where:

  • container  is the name or ID of the container.

You can learn more about networks and ports in Docker Compose by reading our other article on understanding port mapping in Docker Compose and creating networks in Docker Compose.

Written by
Emmanuel Oyibo
Filed under

Related articles

Learning Docker (The Easy Way) Using LazyDocker & Warp

A concise guide to learning Docker using Lazydocker. Highlights Docker’s benefits and takes advantage of Warp's AI features for a quick setup.

Jessica Wang

Run SSH In Docker

Learn how to launch and connect to a containerized SSH server in Docker using password-based authentication and SSH keys.

Gabriel Manricks

Remove a Docker Image

Learn how to remove a Docker image locally, on a Docker registry, and on Artifactory.

Razvan Ludosanu

Override the Container Entrypoint With docker run

Learn how to override and customize the entrypoint of a Docker container using the docker run command.

The Dockerfile ARG Instruction

Learn how to define and set build-time variables for Docker images using the ARG instruction and the --build-arg flag.

Razvan Ludosanu

Start a Docker Container

Learn how to start a new Docker container from an image in both the foreground and the background using the docker-run command.

Razvan Ludosanu

Stop All Docker Containers

How to gracefully shutdown running containers and forcefully kill unresponsive containers with signals in Docker using the docker-stop and docker-kill commands.

Razvan Ludosanu

Set Docker Container Hostname

Learn how to set, change and match a docker container hostname.

Utsav Poudel

How To Use An .env File In Docker Compose

Learn how define and pass environment variables to Docker containers using an .env file in Docker Compose.

Mansi Manhas

Use An .env File In Docker

Learn how to write and use .env files in Docker to populate the environment of containers on startup.

Restart Docker Containers

Learn how to restart Docker containers automatically with restart policies and manually using the docker restart, docker start, docker stop and docker kill commands.

Mansi Manhas

Run Bash Shell In Docker

Start an interactive shell in Docker container

Razvan Ludosanu
All Downloads

Get Warp today

Get early access to unreleased and experimental features with Warp Preview

Mac

macOSVersion 10.14+
$
brew install --cask warp

Linux

.debDebian, Ubuntu.rpmRed Hat, Fedora, SUSE
.deb
x64ARM64
.rpm
x64ARM64
.tar.zstArch Linux
x64ARM64
AppImage
x64ARM64

Windows

.exeWindows 11/10 x64.exeWindows 11/10 ARM64
$
winget install Warp.Warp
.exe
x64ARM64