Restrict outbound traffic from containers

anonymous1 · December 23, 2021, 9:54pm

We’re looking for recommendations on how to limit egress from our production network.

My overall goal is bigger than that – I’d like our Rails app to operate with no direct outbound network access. Instead, I’d like all outbound network access to go through a program/filter/proxy/etc so I can limit which hosts it can communicate with.

Do you have a recommendation for this? I can dream up some ideas, but figured I’d also ask you.

joshraker · December 23, 2021, 9:55pm

The Aptible platform currently doesn’t provide a way to do this. I don’t know of any way to restrict outbound traffic from a container without access the container’s host which isn’t an option on Aptible so I’d love to hear your ideas.

Topic		Replies	Views
Routing at the load balancer?	1	1536	June 22, 2016
Run ActionCable as a separate process from Passenger on a separate host + port deployment	1	1452	May 19, 2016
Aptible-nginx + SSL	3	1606	June 8, 2016
Application IP discovery How-Tos	3	1100	September 19, 2017
Deploy React and Rails in the same subdomain How-Tos	1	619	March 21, 2023

Restrict outbound traffic from containers

Related Topics