Closed ziyunxiao closed 1 year ago
@LEDfan could you please take a look if this feature/update can be merged into future releases? I need this feature but don't want to maintain a copy of the code.
Hi @ziyunxiao
Thank you for your contribution! I understand the use-case and see the value. However, it will take some time for me to get though your PR and merge it. For example, I have to think about the bigger picture of this feature. When using plain Docker, there is also the issue that ShinyProxy doesn't automatically pull docker images. Maybe we should fix these two issues at the same time?
For plain Docker it can be fixed by adding pull image logic, there is a way to get it to work.
In file DockerEngineBackend.java around line 90, add logic to pull the image if the image does not exist.
ContainerConfig containerConfig = ContainerConfig.builder()
.hostConfig(hostConfigBuilder.build())
.image(spec.getImage())
.labels(labels)
.exposedPorts(portBindings.keySet())
.cmd(spec.getCmd())
.env(buildEnv(spec, proxy))
.build();
List<Image> images = dockerClient.listImages(com.spotify.docker.client.DockerClient.ListImagesParam.byName(spec.getImage()));
if (images.size() == 0){
dockerClient.pull(spec.getImage());
}
ContainerCreation containerCreation = dockerClient.createContainer(containerConfig);
While this requires the user(admin) to do docker login
first on the private repo. It differently requires either document or a better logic to handle this.
Regards,
For me, this is also a key topic.
Could it be merged in order to fetch Docker images from private Docker Hub repos?
This is now part of ShinyProxy 3.0.0!
Hello,
When using docker swarm, docker swarm itself will download the image when an image is not available on a node. While the Shinyproxy current behaviour is that an image on a public repo(no auth) will succeed but when on a private repo(need auth) will fail.
I will create a Pull Request for this feature. Please review and see if it can be accepted. The code need be changed on both containerproxy and shinyproxy.
Pull request
TL;DR in containerproxy source code, it creates a service without authentication, and it is the root cause.
to fix that, it needs to pass authentication info like this
To better function for shinyproxy, I am using three new container settings(container-auth-domain, container-auth-user and container-auth-password) in application.xml to give users more flexibility and fewer steps compare to use docker default configuration ~/.docker/config.json. (It will hit a bug if use docker default configuration which jersey-common version is not the same as the docker-client's dependency. org.glassfish.jersey.internal.util.Base64 package is removed from version 2.30 which the end output from shinyproxy jar)
For testing if you want to skip java building phase, the jar file can be downloaded from here the application.xml can be something like this.
And to deploy shiny on docker swarm, the docker-compose.yml can be something like this
For test deploy shiny
docker stack deploy -c docker-compose.yml shiny
Thanks,
Robin