This repository is deprecated. As of Docker 18.09, connecting to Docker daemon over SSH is built-in, so this helper script is no longer necessary.
Remote Docker is a small wrapper around the docker
client that
extends it with support for securely connecting to a remote dockerd
daemon
via SSH.
In short, it implements the ssh://
protocol for the --host
parameter in the
Docker CLI.
Why? Because I use a MacBook 12" which is essentially a tablet in laptop form,
so offloading the dockerd
daemon to a more powerful machine makes development
a lot faster. This also allows for an easy way to share running docker
containers between teammates for collaboration, or if you develop on more than
one machine.
Aims to support all docker features, in particular:
-p
) by SSH local port forwarding.-v
) by a reverse sshfs
from the server to local.One-time with -H
/--host
:
$ docker -H ssh://user@myserver.com run --rm -p 80:80 nginx
Make it permanent by setting DOCKER_HOST
:
$ export DOCKER_HOST=ssh://user@myserver.com
$ docker run --rm -p 80:80 nginx
docker
client (Docker for Mac for MacOS).sshfs
mount to work.~/.ssh/authorized_keys
../install.sh
from this repo to install /usr/local/bin/docker
and
friends.DOCKER_HOST
env var or use docker -H
with an ssh://
protocol to
invoke "rocker".Password:
prompt every time you invoke docker
, you
must add to the end of your /etc/sudoers
file:
# Make `sudo -E rockerd` work without a password
YOUR_USERNAME ALL=(root) NOPASSWD:SETENV: /usr/local/bin/rockerd
Be sure to replace YOUR_USERNAME
with your actual username, and update the
file location if you installed it to a non-default location.
Instructions are for an Ubuntu server:
docker
.sshfs
:
$ sudo apt-get install sshfs
/mnt/sshfs
with full permissions for the user you will log in as.
$ sudo mkdir -p /mnt/sshfs
$ sudo chmod 777 /mnt/sshfs
All rockerd
commands expect either the DOCKER_HOST
environment variable to be
set, or for the --host
/-H
CLI argument to be specified.
$ rockerd ssh
Invokes ssh
with the configured docker host. The ssh connection uses the
control socket that the rockerd
daemon creates, so it does not need to perform
a new handshake, etc.
Publish port 80 from the remote docker machine to localhost:
$ rockerd port publish 80
When using docker run --net=host
, the ports that the container binds to are
not known. In this case, it can be useful to manually publish the desired port
by running the rockerd port publish
command.
When you no longer want to have the port being forwarded, use unpublish
:
$ rockerd port unpublish 80