New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

EXPOSE 8888 on Base Images #13

Closed
modius opened this Issue Oct 28, 2015 · 7 comments

Comments

Projects
None yet
4 participants
@modius
Copy link
Member

modius commented Oct 28, 2015

Might improve the self documenting nature of the images to EXPOSE 8888 by default now that we have determined 8888 will be the defacto standard for Tomcat for Lucee installations.

Note, it is still not possible to UNEXPOSE 8080 -- exposed by the official Tomcat base image.

@modius

This comment has been minimized.

Copy link
Member

modius commented Feb 22, 2016

Advantages:

  • less confusing for folks new to Docker who see only port 8080 exposed by the underlying Tomcat base image

Disadvantages:

  • can't be unexposed
  • any compound image that includes a web server (eg. lucee/lucee4-nginx) will also have 8888 exposed but never used

Note, you have to have a project Dockerfile that extends the base image, and any port is easily exposed in that Dockerfile. Am leaning towards NOT exposing 8888 as it's only an issue for new users, and exposing makes it an issue for more experienced users.

There was some hope for the introduction of UNEXPOSE as a command in Docker, but increasingly it looks like the powers that be do not consider it a problem: moby/moby#3465 moby/moby#8177

@DominicWatson

This comment has been minimized.

Copy link

DominicWatson commented Apr 16, 2016

Given that the tomcat image has exposed 8080 - I thought this was an unintentional bug and was about to make a PR.

What's the reasoning behind setting the port to 8888? I'd personally prefer to see a cleaner image without the redundant exposed 8080 that is misleading.

@modius

This comment has been minimized.

Copy link
Member

modius commented Apr 18, 2016

We started with 8080 but all other Lucee installations are 8888 by default. It was argued that it would be more confusing to have a different default port from the norm, and at the time it seemed reasonable to expect UNEXPOSE would soon be part of Docker.

I don't believe base images should expose and impose any ports or volumes. The official Tomcat base image exposes port 8080; I wish that it didn't but there it is. It's there if you create a compound Lucee/NGINX image even though that only wants ports 80/443.

In truth, once you are familiar with Lucee and Docker in general it matters not. Exposed ports are not published ports.

I made the argument in the Docker issues listed above, but it fell on deaf ears.. in summary:

These are real problems as evidenced by the fact I have to keep explaining things to developers in our community despite very specific documentation; who needs documentation when you can just look at the image? <-- everyone when the image is self-documenting the wrong thing.

@jjannek

This comment has been minimized.

Copy link

jjannek commented May 5, 2016

+1 to EXPOSE 8888 in the lucee dockerfile

@modius

This comment has been minimized.

Copy link
Member

modius commented Jun 18, 2016

Hope lives eternal. Docker have re-opened UNSET and related (ie. UNEXPOSE) as options for consideration.

The more we work in production environments, the more I'm convinced that exposing ports in base images is a BAD idea. At this point, we won't be exposing any additional ports in the Dockerfile until such time as Docker supports some form of UNEXPOSE.

@modius

This comment has been minimized.

Copy link
Member

modius commented Jul 12, 2016

Still no word from Docker central on this issue; you may be able to help by commenting or "reacting" positively to this issue moby/moby#3465

@justincarter

This comment has been minimized.

Copy link
Contributor

justincarter commented Oct 11, 2018

Closing this issue since port 8888 is exposed quite a long time ago. There is also no resolution to unsetting exposed ports yet in the moby repo, given the length of time it's unlikely to be resolved soon.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment