Microservice architecture with isolated Docker containers is an ideal solution for any modern application development. One of the challenges is how to access some of the system services, like databases, remotely as nobody wants to expose such services directly to Internet. There are several options how this could be done securely.

SSH Tunnels

You might try SSH port forwarding on Docker host but not every Docker image contains SSH service. And even if you create your own Docker image with SSH daemon built-in, it is still unreliable since Docker container ports will change on every deploy.

Network Overlay with VPN

Instead, you should consider taking advantage of network overlay technologies with VPN access. Network overlay technologies can create a virtual LAN composed of your containers running your software. With VPN access, you can have secure remote connection to any of your services from your local environment; run database maintenance operations or host a private version control. You can even host your own private Docker image registry in a container!

With Kontena it is very easy to create VPN connection as described above since network overlay and VPN support is built-in: Just enable the VPN for a selected grid and use any OpenVPN client to access the virtual LAN. See the demo below:


We hope you enjoy the built-in network overlay and VPN features! Get started with Kontena today!