stackoom
  简体   繁体   中英

Access host docker-machine from within container

 原文  2017-02-14 22:25:29       docker/ continuous-integration/ docker-machine

Question

I have an image that I'm using to run my CI/CD builds (using GitLab CE). I'd like to deploy my app doing something like this from within the container: 

eval "$(docker-machine env manager)"
sudo docker stack deploy --compose-file docker-stack.yml web

However, I'd like the docker-machine to access machines defined on the host system since the container will be destroyed and I don't want to include access details in the image.

I've tried a few things

Accessing the Remote Host via docker-machine

  • Create the docker-machine on the host and mount the MACHINE_STORAGE_PATH so that it is available to the container
  • Connect to the remote docker-machine manually from within the container and setting the MACHINE_STORAGE_PATH equal to a mounted volume
  • Mounting the docker socket

In both cases, I can see the machine storage is persisted, but whenever I create a new container and run docker-machine ls none of the machines are listed.

Accessing the Remote Host via DOCKER_HOST

  • Forward the remote machine docker port to the host docker port docker-machine ssh manager-1 -N -L 2376:localhost:2376
  • export DOCKER_HOST=:2376
  • Tell docker to use the same certs that are used by docker-machine: export DOCKER_TLS_VERIFY=1 and export DOCKER_CERT_PATH=/Users/me/.docker/machine/machines/manager-‌​1
  • Test with docker info

This gives me error during connect: Get https://localhost:2376/v1.26/info: x509: certificate signed by unknown authority

Any ideas on how I can perform a remote deployment from within a container?

Thanks

EDIT

Here is a diagram to try and help better communicate the scenario.

建筑设计师

2 answers

solution1
 0  2017-02-15 14:22:44

Don't use docker-machine for this.

Docker-machine stores files in $HOME/.docker/machine, so when you restart with a fresh copy of this folder, all previously defined machines will be removed. You could store this folder as a volume, but there's a much easier way for your purposes.

The solution is to mount the docker socket, and either as root or from a user with the same gid as the docker socket (note that group names themselves inside and outside the container may not match, so gid is important), run your docker ... commands as normal. You can skip the docker-machine eval completely since you are running the commands against the local docker socket.

If you need to run commands remotely, I find it easier to define the DOCKER_HOST and DOCKER_TLS_VERIFY variables manually rather than using docker-machine .

solution2
 -1  2017-02-15 00:01:34

In case you want to communicate from your CI container to the Docker host you can simply mount the Docker socket when starting the CI container: 

docker run -v /var/run/docker.sock:/var/run/docker.sock <gitlab-image>

Now you can run docker commands on the host from within the CI container.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Enter docker container from host using docker-machine docker-machine: Can't access container's web server from host how to access a path of a container from `docker-machine ` How to copy files from docker container to host using docker-compose in docker-machine Access host machine dns from a docker container Cannot access host machine from docker container Docker access container logs from the host machine Access host machine scanners from docker container Docker-machine's container contact application on Mac host How to show a gui view from a docker container within a docker-machine on OSX?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM