Question posted in 
services:
demoapi:
container_name: demoapi
image: demoapi:latest
volumes:
- ./demoapi:/app/demoapi
environment:
- TZ=Asia/Taipei
ports:
- "8090:8090"
demoDB:
image: mcr.microsoft.com/mssql/server:2022-latest
container_name: demoDB
user: root
networks:
- demonetwork
ports:
- "1433:1433"
environment:
- ACCEPT_EULA=Y
- SA_PASSWORD=P@ssword
- TZ=Asia/Taipei
volumes:
- /mnt/c/dbdata:/var/opt/mssql/data
# - C:/dbdata:/var/opt/mssql/data
deploy:
resources:
limits:
memory: 2GB
networks:
demonetwork:
driver: bridge
I use this docker-compose.yml deploy on GCP VM.
And I have created two VPC FireWall rule for TCP 1443 and 8090,the Destination filters IP ranges set the VM External IP.
The applicable to instances in FireWall rule contains VM instance.
Both external IP,1443 and 8090 can’t connect. In ssh VM, the two container status is up.
How could I fix it?
I expect to connect the external IP on particular port.
2
Answers
I finally set the FireWall rule [Destination filters IP] to None. And do that
Since you have already created a firewall rule, it seems like your network configuration is already set-up properly. To be able to connect to your external IPs over specific ports and allow ingress ssh connections to your VMs, you might just need to double check on the following:
Ensure that the firewall rule is applied to your VM instances by selecting Targets > “Specified target tags”, then enter the name of the (network) tag into the “Target tags” field.
For ingress rule and egress rule, set Source Filter(inbound) and Destination Filter(outbound) to use 0.0.0.0/0 to allow traffic from and to any network.
To allow incoming TCP connections to ports 1443 and 8090, in "Protocols and Ports", check “tcp” and enter 1443,8090.