Open lonix1 opened 1 year ago
lonix1
commented
1 year ago If not possible, a workaround is to have one tecnativa container for traefik and one for portainer.
But that feels like massive overkill. Running docker stats shows the tecnativa container takes only a few megs of RAM - which is impressive given there's an entire proxy embedded in there - but under load I doubt it would fare well. Anyone have any insights into this from a production system?
sammcj
commented
1 year ago This would be really useful, I have some containers where it's absolutely fine for anything to restart them, but others where I wouldn't want to allow that.
hell-g
commented
1 year ago I am in the same situation and am trying to solve this with several instances of the docker-socket-proxy. Unfortunately, I am only able to access the Docker socket with the original instance of docker-socket-proxy. All the other instances fail to access the socket and therefore, the containers behind it cannot fulfill their purpose. Can you give me a hint how to configure it to have several instances of the docker-socket-proxy running in parallel? Obviously, having the possibility to configure access to different endpoints for different containers within one proxy instance would be best. But for now a workaround would be great. Thanks a lot!
polarathene
commented
2 months ago For those asking for such feature, it'd probably be useful to suggest how that might look config wise if it existed.
I know how to use this with traefik. I've found some samples how to use it with portainer.
But on a single server I'm using both traefik and portainer. That means I must expose many endpoints (because portainer wants them), and traefik therefore sees them too. From the samples I've seen, that includes the very powerful
POST.Is this the correct approach - or can I set different permissions for different containers?
If not currently possible, please consider this a feature request?