search

jeroenpeeters / docker-ssh

SSH Server for Docker containers ~ Because every container should be accessible
GNU General Public License v2.0
638 stars 89 forks source link

Is it possible to connect from one container to another? #24

Closed dwenzel closed 7 years ago

dwenzel commented 7 years ago

I'm trying to ssh from one container into another using docker-ssh.

Currently only ssh-ing from host to container works:

$ ssh -p 2222 localhost

 ###############################################################
 ## Docker SSH ~ Because every container should be accessible ##
 ###############################################################
 ## container | jenkinsdocker_dev_1                           ##
 ###############################################################

/app $

From within the jenkins container connection is refused:

$ docker exec -it -u jenkins $(docker-compose ps -q jenkins) /bin/bash
jenkins@67eaa071cc04:/tmp/files$ ssh -p 2222 dev
ssh: connect to host dev port 2222: Connection refused

The containers are set up using docker-compose:

#######################################
# Jenkins CI Docker container
#######################################
jenkins:
  build: docker/jenkins
  links:
    - dev
  volumes:
    - ./docker/jenkins/JENKINS_HOME/:/usr/share/jenkins/ref/
    - ./docker/jenkins/plugins/:/usr/share/jenkins/ref/plugins/
    - ./:/docker/
  ports:
    - "8080:8080"
    - "9418:9418"
  # cap and privileged needed for slowlog
  cap_add:
    - SYS_PTRACE
  privileged: true
  env_file:
    - etc/environment.yml
    - etc/environment.development.yml
######################################
# ssh service for dev container
######################################
sshdev:
  image: jeroenpeeters/docker-ssh
  environment:
    #todo: replace jenkinsdocker with variable
    - CONTAINER=jenkinsdocker_dev_1
    - AUTH_MECHANISM=noAuth
  ports:
    - "2222:22"
  volumes:
    - /var/run/docker.sock:/var/run/docker.sock
    - /Applications/Docker.app/Contents/Resources/bin/docker:/usr/bin/docker
#######################################
# dev - mock dev server
#######################################
dev:
  build: docker/web
  volumes:
    - ./app/dev/:/app/
    - ./:/docker/
  ports:
    - "8081:80"

Do I miss something or is it impossible?

jeroenpeeters commented 7 years ago

I think it should work, but, from jenkins, you are connecting to the wrong container.

try ssh -p 2222 sshdev

dwenzel commented 7 years ago

Thank you very much!

Additionally I had to link my sshdev container to the ci container

#######################################
# Jenkins CI Docker container
#######################################
ci:
  build: docker/jenkins
  links:
    - dev
    - sshdev
  volumes:
    - ./docker/jenkins/JENKINS_HOME/:/usr/share/jenkins/ref/
    - ./docker/jenkins/plugins/:/usr/share/jenkins/ref/plugins/
    - ./:/docker/
  ports:
    - "8080:8080"
    - "9418:9418"
  cap_add:
    - SYS_PTRACE
  privileged: true
  env_file:
    - etc/environment.yml
    - etc/environment.development.yml
######################################
# ssh service for dev container
######################################
sshdev:
  image: jeroenpeeters/docker-ssh
  environment:
    #todo: replace jenkinsdocker with variable
    - CONTAINER=jenkinsdocker_dev_1
    - AUTH_MECHANISM=noAuth
  ports:
    - "2222:22"
  volumes:
    - /var/run/docker.sock:/var/run/docker.sock
    - /Applications/Docker.app/Contents/Resources/bin/docker:/usr/bin/docker
#######################################
# dev - mock dev server
#######################################
dev:
  build: docker/web
  volumes:
    - ./app/dev/:/app/
    - ./:/docker/
  ports:
    - "8081:80"

Than I could ssh from ci to dev (using the default! port):

jenkins@26b7c4a623a3:/tmp/files$ ssh sshdev
The authenticity of host 'sshdev (172.17.0.2)' can't be established.
RSA key fingerprint is 36:e1:fc:d8:be:10:8a:26:d9:d1:e6:1f:aa:78:cf:93.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'sshdev,172.17.0.2' (RSA) to the list of known hosts.

 ###############################################################
 ## Docker SSH ~ Because every container should be accessible ##
 ###############################################################
 ## container | jenkinsdocker_dev_1                           ##
 ###############################################################

/app $
jeroenpeeters commented 7 years ago

ah yes, indeed. Between linked containers ports aren't mapped. Ports are only mapped between containers and the host.