All geek questions in one place

`docker run` on the remote host

Is it possible (using the docker or the docker-py API) to start a container from a remote host?

Suppose I have two machines with different architectures: - A - this is an x86 machine - B - an ARM machine

I would like to run the container on machine B using my machine A. At first I thought it was possible with this command:

 [A]$> DOCKER_HOST=$MACHINE_B_IP:$MACHIN_B_PORT docker run hello-from-B

But this command actually pulls out the hello-from-B image and tries to run it on machine A, which ends on some exec format error , because you cannot run ARM specific images on the x86 machine.

The connection between machines A and B works well. I can run commands like images or ps , and this gives me the expected results:

 [A]$> DOCKER_HOST=$MACHINE_B_IP:$MACHIN_B_PORT docker images REPOSITORY TAG IMAGE ID CREATED SIZE hello-from-B <none> fd5059044831 13 hours ago 1.26GB

I heard about docker-machine and have not tried it yet, but in my opinion this will not solve my problem.

Is there any way to achieve this using docker directly. A workaround might be to use ssh to connect to the remote host and use the docker client directly from the remote host, but I would like to avoid this solution as much as possible.

Thanks in advance,

TL DR;

How DOCKER_HOST=... docker run something runs something on DOCKER_HOST , rather than running it on my local machine.

+5
source share
3 answers

if your target computer B can be created on one of this platform , then I think the docker machine will serve your needs. you create your machine using docker-machine create --driver <..driver setup..> MACHINE_B , then activate it with eval $(docker-machine env MACHINE_B) . docker-machine env MACHINE_B print several export instructions:

 export DOCKER_TLS_VERIFY="1" export DOCKER_HOST="tcp://...." export DOCKER_CERT_PATH="/..." export DOCKER_MACHINE_NAME="MACHINE_B"

Once your computer is active, you can use the docker , since you would act locally remotely on MACHINE_B.

+1
source

This concept explains the concept very well: https://docs.docker.com/engine/reference/commandline/dockerd/#bind-docker-to-another-hostport-or-a-unix-socket

Given the huge warning on the page, I suggest you use a secure connection via SSH, i.e. ssh user@host 'docker run hello-from-B'

A warning. Changing the default dock dock daemon binding to a TCP port or Unix dock user group will increase your security risks by allowing non-root users to gain root access to the host. Make sure you control access to the docker. If you bind to a TCP port, anyone with access to that port has full access to Docker; so it is not recommended for an open network.

With -H, you can make a Docker daemon to listen on a specific IP and port. By default, it will listen on unix:///var/run/docker.sock to allow only local connections by the root user. You can set it to 0.0.0.0:2375 or a specific host IP address to provide access to everyone, but this is not recommended, because then it is trivial for someone to gain root access to the host where daemon is running.

Similarly, the Docker client can use -H to connect to a custom port. By default, the Docker client connects to unix:///var/run/docker.sock on Linux and tcp://127.0.0.1:2376 on Windows.

-H accepts the destination host and port in the following format:

tcp://[host]:[port][path] or unix://path

You can use multiple -H, for example, if you want to listen on both TCP and Unix socket

 # Run docker in daemon mode $ sudo <path to>/dockerd -H tcp://127.0.0.1:2375 -H unix:///var/run/docker.sock & # Download an ubuntu image, use default Unix socket $ docker pull ubuntu # OR use the TCP port $ docker -H tcp://127.0.0.1:2375 pull ubuntu
+2
source

As you said, availability between servers is available, you can use the Docker rich API.

There are two ways to configure the docker daemon port.

1) Configuration in the file / etc / default / docker :

 DOCKER_OPTS="-H tcp://127.0.0.1:5000 -H unix:///var/run/docker.sock"

2) Configuration in /etc/docker/daemon.json :

 { "hosts": ["tcp://127.0.0.1:5000", "unix:///var/run/docker.sock"] }

For more information on configuring the docker daemon port, see docker-daemon port-file

After configuring the Docker ports, you can access the Docker APIs on the remote host.

JSON input file:

 #cat container_create.json { "AttachStdin": true, "AttachStdout": true, "AttachStderr": true, "ExposedPorts": { "property1": {}, "property2": {} }, "Tty": true, "OpenStdin": true, "StdinOnce": true, "Cmd": null, "Image": "ubuntu:14.04", "Volumes": { "additionalProperties": {} }, "Labels": { "property1": "string", "property2": "string" } }

API for creating a container:

 curl -X POST http://192.168.56.101:6000/containers/create -d @container_create.json --header "Content-Type: application/json" | jq . % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 602 100 90 100 512 1737 9883 --:--:-- --:--:-- --:--:-- 10039 { "Warnings": null, "Id": "f5d3273e48350d606bd8b9d2a5bd876dc5c2d1a73183f876a1dd56473cad8940" }

The ID is the container identifier and the status will not be active / running.

API for launching the created container.

 # curl -X POST http://192.168.56.101:6000/containers/f5d3273e48350/start | jq . % Total % Received % Xferd Average Speed Time Time Time Current

API for checking state / checking container:

 # curl -X GET http://192.168.56.101:6000/containers/f5d3273e48350/json | jq . % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 4076 0 4076 0 0 278k 0 --:--:-- --:--:-- --:--:-- 306k { "NetworkSettings": { "Networks": { "bridge": { "MacAddress": "02:42:ac:11:00:03", "GlobalIPv6PrefixLen": 0, "GlobalIPv6Address": "", "IPv6Gateway": "", "IPAMConfig": null, "Links": null, "Aliases": null, "NetworkID": "689d6b65ce1b06c93b2c70f41760a3e7fb2b50697d71cd9c1f39c64c865e5fa6", "EndpointID": "76bf1f8638d1ff0387e6c3fe89e8ccab1670c709ad550f9acc6f46e559654bee", "Gateway": "172.17.0.1", "IPAddress": "172.17.0.3", "IPPrefixLen": 16 } }, "MacAddress": "02:42:ac:11:00:03", "SecondaryIPAddresses": null, "SandboxKey": "/var/run/docker/netns/24a031d9dfda", "Ports": { "0/tcp": null }, "LinkLocalIPv6PrefixLen": 0, "LinkLocalIPv6Address": "", "HairpinMode": false, "SandboxID": "24a031d9dfda70026a875f4841269c5e790b12ccafcc11869111faa240020b99", "Bridge": "", "SecondaryIPv6Addresses": null, "EndpointID": "76bf1f8638d1ff0387e6c3fe89e8ccab1670c709ad550f9acc6f46e559654bee", "Gateway": "172.17.0.1", "GlobalIPv6Address": "", "GlobalIPv6PrefixLen": 0, "IPAddress": "172.17.0.3", "IPPrefixLen": 16, "IPv6Gateway": "" }, }, "AttachStderr": true, "AttachStdout": true, "AttachStdin": true, "User": "", "Domainname": "", "Hostname": "f5d3273e4835", "OpenStdin": true, "StdinOnce": true, "Env": [ "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" ], "Cmd": [ "/bin/bash" ], "ArgsEscaped": true, "Image": "ubuntu:14.04", <*************REMOVING THE OUTPUT CONTENT********> "ExecIDs": null, "HostnamePath": "/var/lib/docker/containers/f5d3273e48350d606bd8b9d2a5bd876dc5c2d1a73183f876a1dd56473cad8940/hostname", "ResolvConfPath": "/var/lib/docker/containers/f5d3273e48350d606bd8b9d2a5bd876dc5c2d1a73183f876a1dd56473cad8940/resolv.conf", "Image": "sha256:132b7427a3b40f958aaeae8716e0cbb2177658d2410554ed142e583ef522309f", "State": { "FinishedAt": "0001-01-01T00:00:00Z", "StartedAt": "2017-06-09T06:53:45.120357144Z", "Error": "", "Status": "running", "Running": true, "Paused": false, "Restarting": false, "Path": "/bin/bash", "Created": "2017-06-09T06:52:51.820429355Z", "Id": "f5d3273e48350d606bd8b9d2a5bd876dc5c2d1a73183f876a1dd56473cad8940", "HostsPath": "/var/lib/docker/containers/f5d3273e48350d606bd8b9d2a5bd876dc5c2d1a73183f876a1dd56473cad8940/hosts", "LogPath": "/var/lib/docker/containers/f5d3273e48350d606bd8b9d2a5bd876dc5c2d1a73183f876a1dd56473cad8940/f5d3273e48350d606bd8b9d2a5bd876dc5c2d1a73183f876a1dd56473cad8940-json.log", "Name": "/objective_bartik", "RestartCount": 0, "Driver": "aufs", "MountLabel": "", "ProcessLabel": "", "AppArmorProfile": "docker-default" }

Refer to this for more information:

API DOCKER

How to create an image using the Docker API?

How to execute Docker container using API

Hope this info helps.

0
source

Source: https://habr.com/ru/post/1268681/

More articles:


All Articles