Ports are exposed to enable communication between the host machine and docker container in which application is running.

Exposing a port in Docker means making a port on a docker container accessible from the host machine or other containers.

When you expose a port in Docker, you are mapping a port inside the container to a port on the host machine.
This allows communication between the container and the host machine, as well as other containers.

Example, if you have a web application running inside a Docker container on port 9090, you can expose this port to the host machine so that the web application can be accessed from a web browser.
The web browser may be running on the host machine or any external system as well.
Without exposing the port, the web application would only be accessible within the container.
Below illustration will make it more clear.

exposing ports in docker container
Now, we will take a look at the methods to expose a port from a docker container.

Using -p option

The simplest way to expose a port in Docker is to use the -p or --publish flag when starting a container. This flag maps a port on the host machine to a port inside the container.

docker run -p 9090:8080 <imageid>

Above command maps port 9090 on the host to port 8080 inside the container. This means that an application running inside container on port 8080 will be accessible on port 9090 outside it.

Exposing multiple ports

It might happen that your application uses multiple ports and all these must be accessible from outside the container.
So, you will have to expose all those ports.
To expose multiple ports, simply add multiple -p flags to the docker run command. Example,

docker run -p 9090:8080 -p 9000:8000 <imageid>

This will expose both ports 8080 and 7000 from the docker container and map them to ports 9090 and 9000 respectively.

Exposing dynamic ports

If you don’t want to specify a specific port on the host, you can use the -P flag or --publish-all flag to expose all ports of the container. Example,

docker run -P <imageid>

Docker documentation for -P flag states

Publish all exposed ports to random ports.

With -p flag, docker will automatically assign a free port on the host machine for each exposed port in the container.
The specific port numbers assigned by docker can be determined by using the docker container ls command.

The docker container ls command will display a list of running containers, including the exposed ports and the corresponding host port numbers assigned by docker. Example,

CONTAINER ID    IMAGE     COMMAND                  CREATED       STATUS       PORTS                     NAMES
7a4b2345b8ce    1b34342d  "docker-entrypoint..."   25 hours ago  Up 25 hours  0.0.0.0:3463->3405/tcp    myapp

Here, docker has assigned port 3463 on the host machine to port 3405 in the container.
Port 3463 can now be used access the exposed port from outside the host machine.

Exposing a range of ports

Your application might require a reserved range of ports on which some services of the application might run.
To expose a range of ports from docker container, we need to provide port range separated by a hyphen(-) with -p or –publish flag.
Example, to expose a range of ports from 5000 to 5010 in docker container, following command should be used.

docker run -p 8080-8100:5000-5010 <imageid>

Conclusion

In conclusion, exposing ports in Docker is a crucial aspect of containerization that allows us to connect to our containers from the host machine or other containers.
By using the -p option, we can easily map ports from the host machine to the container, enabling communication between the two.
Additionally, we can expose multiple ports by simply specifying them in the -p option, separated by a colon.
This flexibility allows us to run applications that require multiple ports to be open simultaneously.

By leveraging the -p option, exposing multiple ports, dynamic ports, and port ranges, we can create robust and secure containerized environments for our applications.