stackoom
  简体   繁体   中英

How do I connect to a docker container running Apache Drill remotely

 原文  2018-11-01 23:26:38       apache/ docker/ apache-drill

Question

On Machine A , I run 

 $ docker run -i --name drill-1.14.0 -p 8047:8047 
   --detach -t drill/apache-drill:1.14.0 /bin/bash
   <displays container ID>

 $ docker exec -it drill-1.14.0 bash
   <connects to container>

 $ /opt/drill/bin/drill-localhost

My question is, how do I, from Machine B run 

docker exec -it drill-1.14.0 bash

on Machine A - I've looked trough the help pages, but nothing is clicking.

Both machines are Windows (10 x64) machines.

1 answers

solution1
 1 ACCPTED  2018-11-01 23:45:26

You need to ssh or otherwise securely connect from machine B to machine A, and then run the relevant Docker command there. There isn't a safe shortcut around this.

Remember that being able to run any Docker command at all implies root-level access over the system (you can docker run -u root -v /:/host ... and see or change any host-system files you want). Usually there's some control over who exactly can run Docker commands because of this. It's possible to open up a networked Docker socket, but extremely dangerous: now anyone who can reach that socket over the network can, say, change the host's password and sudoers files to allow a passwordless root-equivalent ssh login. (Google News brought me an article a week or two ago about attackers looking for open Docker network sockets and using them to turn machines into cryptocurrency miners, for instance.)

If you're building a service, and you expect users to interact with it remotely, then you probably need to make whatever interfaces available as network requests and not by running local shell commands. For instance, it's common for HTTP-based services to have a /admin set of URL paths that require a separate password authentication or otherwise different privileges.

If you're trying to administer a service via its local config files, often the best path is to store the config files on the host system, use docker run -v to inject them into the container, and when you need to change them, docker stop; docker rm; docker run docker stop; docker rm; docker run docker stop; docker rm; docker run the container to get a new copy of it with a new config file.

If you're packaging some application, but the primary way to interact with it is via CLI tools and local files, consider whether you actually want to use a tool that isolates the application's filesystem from the host's and requires root-level access to interact with it at all. The tooling for installing semi-isolated tools in your choice of scripting language is pretty mature, and for compiled languages quite well-established; there's nothing wrong with installing software on your host system.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Unable to Connect to Apache Docker Container How to cure 503 Service Unavailable in Apache running in Docker Container? How can I use sysdate in apache drill Apache is running on Port 80 but can't connect remotely In my Apache Docker container, how do I set up a Proxy to route everything not handled by other proxys? enable gzip compression for Apache running in docker container Running apache in an ubuntu Docker container on a RedHat machine Running virtual hosts in apache docker container How I can connect Apache server remotely (http://149.4.223.238:8080) through my local machine Connect Docker Container port to server's apache port (odoo Container)
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM