Skip to main content
HashnodeDocker Chronicles Docker Chronicles

Command Palette

Search for a command to run...

Episode 6: The Invisible City (Port Mapping)

Updated
3 min read
F
Fjr
Learner by morning, philosophical writer by night. I’m a CS grad from a remote mountain village, now navigating the digital peaks of Docker, Python, and FastAPI. My process is simple: I break things, I build them back, and I turn the struggle into a story. I’m a self-learner who believes the best way to master a concept is to teach it. If you want to see how the chaos of software turns into a narrative, you’re in the right place.
Part of seriesDocker Chronicles: The Quest for the Universal Environment

Jack finally did it. He followed the "Secret Scroll," built the room, and moved his app inside. He can see the app running on the terminal screen inside the room. He’s proud.

Rose is standing outside in the hallway (your laptop's OS) with her phone out, trying to access the app's website. "Jack, it’s not working," she shouts. "The building exists, the room is running, but I can't see the site!"

Jack realizes the problem: He built a room with no doors and no windows. The app is alive, but it’s trapped in an Invisible City.

The Tech: Network Isolation & The Portal

By default, Docker is obsessed with security. When a container starts, it gets its own private IP address and its own set of "ports" (think of these as specific mail slots for data).

  • The Container Port: The mail slot inside the room (e.g., Port 80 for a web server).

  • The Host Port: The mail slot on your laptop (the "Apartment Building" exterior).

If you don't explicitly connect them, they stay isolated. Your browser on the laptop has no idea how to find Port 80 inside that specific container. To fix this, we use Port Mapping— which is essentially drilling a hole through the wall to create a Portal.

How the Portal Works (-p)

When we run the container, we use a special flag: -p. I used to get the order of these numbers mixed up all the time. The secret is to remember: Host : Container (Outside : Inside).

docker run -p 8080:80 my-fastapi-app

  • 8080 (The Outside Door): This is what you type into your browser (localhost:8080).

  • 80 (The Inside Door): This is where the app is actually listening inside the container.

Docker acts like a bridge. When a request hits your laptop at 8080, Docker grabs it and throws it through the portal into the container's Port 80.

Why I used to fail at this (The 0.0.0.0 Trap)

In Episode 3, we added a weird command to our start-up: --host 0.0.0.0.

I used to think 127.0.0.1 (localhost) was enough. But here’s the technical catch: inside a container, localhost means "only look inside this room." By setting it to 0.0.0.0, you are telling the app: "Listen to any traffic coming through the walls from the outside world."

Without 0.0.0.0 inside and -p outside, your app remains an island.

The Quest: Bridge the Gap

Your Mission: It’s time to actually see your FastAPI app live in your browser.

  1. The Run: Open your terminal and run your image from Episode 5, but add the portal flag. docker run -p 8000:80 my-hero-app (Note: If your FastAPI is set to port 80 inside the Dockerfile, use 80. If it's 8000, use 8000:8000).

  2. The Test: Open Chrome or Firefox and go to http://localhost:8000.

  3. The Verification: If you see your "Hello World" or your FastAPI docs, the portal is open.

The Challenge: Open a second terminal window while the app is running and type docker ps. Look at the column labeled PORTS.

  • What does it show? You should see something like 0.0.0.0:8000->80/tcp.

  • The Question: If you stop this container and try to run a second one on the same port 8000, what happens? (Spoiler: The "Apartment Building" doesn't like two rooms sharing the same mailbox!)

#docker#docker-network#devops#backend

Comments

Join the discussion

No comments yet. Be the first to comment.

Docker Chronicles: The Quest for the Universal Environment

Part 6 of 7

In a world cursed by 'It works on my machine,' one hero emerges. Join Jack and Rose as they navigate the chaotic seas of deployment, fight the VM giants, and master the art of the Great Docker. A humorous guide to mastering Docker from scratch.

Up next

Episode 7: The Eternal Memory (Volumes & Persistence)

I used to make a massive mistake here. I thought that because I was "inside" the container, it was like a normal computer. I’d set up a database, save some user profiles, or write a log file, and thin

More from this blog

D

Docker Chronicles

7 posts

Docker doesn't have to be a nightmare of environment errors and 'Whale' jokes you don't understand. The Docker Chronicles breaks down the complex world of Containers into simple, building-block logic. No boring manuals just clear analogies, deep dives, and a bit of drama