Restrict outbound traffic from containers

anonymous1 · December 23, 2021, 9:54pm

We’re looking for recommendations on how to limit egress from our production network.

My overall goal is bigger than that – I’d like our Rails app to operate with no direct outbound network access. Instead, I’d like all outbound network access to go through a program/filter/proxy/etc so I can limit which hosts it can communicate with.

Do you have a recommendation for this? I can dream up some ideas, but figured I’d also ask you.

joshraker · December 23, 2021, 9:55pm

The Aptible platform currently doesn’t provide a way to do this. I don’t know of any way to restrict outbound traffic from a container without access the container’s host which isn’t an option on Aptible so I’d love to hear your ideas.

Topic		Replies	Views
Routing at the load balancer?	1	1602	June 22, 2016
Run ActionCable as a separate process from Passenger on a separate host + port deployment	1	1504	May 19, 2016
Aptible-nginx + SSL	3	1656	June 8, 2016
DB Tunnels within local containers? cli	7	2088	May 11, 2017
Application IP discovery How-Tos	3	1142	September 19, 2017

Restrict outbound traffic from containers

Related Topics