Question 81717 in Docker Question posted in
The official documentation can be found here.

how to delete a exposed port from a docker image?

I need to delete a port from the image and for some reason I can’t recreate the image frome base image. How can I remove a port that exposes?

I took this image where a port was exposed

docker ps:

beddbd08c417   new:new   "/bin/sh"   4 seconds ago   Up 2 seconds   9010/tcp   dazzling_pike

Dockerfile:

FROM gitlabregistry.isaco.ir/elyas/oicnode16
ENTRYPOINT [ "/bin/sh" ]
Tags:

2

Answers


  1. 0

    There’s no way to cancel an EXPOSE directive once it’s been set, whether in the base image or earlier in the same image. Further EXPOSE lines will just expose more ports. (VOLUME and LABEL also add values to lists and work the same way.)

    On the other hand, in modern Docker, "exposing a port" means almost nothing. Ports that are exposed but not published show up in docker ps output, and the unusual docker run -P option (capital P) publishes all exposed ports on arbitrary host ports, but that’s about it.

    So practically, I’d just ignore this; let your derived container include the base image’s port in docker ps even if nothing is actually running there.

    Login or Signup to reply.
  2. 0

    There are a few options for removing an exposed port:

    1. Ignore it. It’s documentation and doesn’t affect container networking unless you run a specific command that uses this metadata.

    2. Create a new base image without this exposed port. If they are exposing ports that you don’t want exposed in your image, then there may be functionality in the base image you don’t want. If you are changing configuration from the base image, evaluate if that makes more sense to happen in the base image.

    3. Mutate the image after it’s been created. I’m not a huge fan of that for this scenario, but if neither of the above options works, you can save the image from docker and change the json configuration. In my own project, regctl has an image mod command that does this for images in a registry (or you can import an image from docker save to an ocidir):

    $ regctl image copy nginx:latest localhost:5000/library/nginx:latest

$ regctl image config localhost:5000/library/nginx:latest --format '{{jsonPretty .Config.ExposedPorts}}'
{
  "80/tcp": {}
}

$ regctl image mod --expose-rm "80/tcp" localhost:5000/library/nginx:latest --create no-expose
localhost:5000/library/nginx:no-expose

$ regctl image config localhost:5000/library/nginx:no-expose --format '{{jsonPretty .Config.ExposedPorts}}'
null
    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search