Secure Docker with iptables firewall and Ansible

Out of the box, security with Docker (and Docker Swarm) over the network is bad. Okay, that’s not entirely true. Out of the box when you have no containers started, it’s fine. But after you start a container, and if you publish a port, they are exposed to the outside world by default. And it’s not easy to fix. You need to create a custom Docker firewall with iptables.

How to fix Ubuntu 20.04 in 1 step

There’s not a lot wrong with Ubuntu 20.04. So it’s pretty easy to fix the one thing that’s missing! Hint: Install the Cinnamon Desktop.

Docker and the iptables INPUT chain

When testing Docker and iptables I stumbled upon something interesting. It appears Docker uses the iptables INPUT chain in an undocumented way. Well that’s interesting..