Open advdv opened 10 years ago
:warning: This is probably a no-good-terrible-idea :warning:
If you mount your hosts docker.sock
(-v /var/run/docker.sock:/docker.sock
) you can run docker
commands against it (docker -H unix:///docker.sock <cmd>
).
This means you would have to install docker into the container. This is problematic if the host and client don't match in versions though:
root@268d6ac95059:/# docker -H unix:///docker.sock ps
2014/08/06 02:31:33 Error response from daemon: client and server don't have same version (client : 1.13, server: 1.12)
Example line:
docker run \
-e 'AUTODOCK_NBCACHE=rgbkrk/nbcache:docker -H unix:///docker.sock ps' \
--publish 8080:8080 \
-i -t \
-v /var/run/docker.sock:/docker.sock \
autodock2
I want the ability to relaunch containers to exist too, but I'm not sure of the right way to do it. For me, I actually want to interact with fleet on a CoreOS machine.
The reason why this is bad is that the client has to have root access to interact with the daemon.
With that out of the way, I started tinkering with the remote API. Don't need to install docker into the container then, just have to attach the docker sock.
$ echo -e "GET /images/json HTTP/1.0\r\n" | nc -U /docker.sock
HTTP/1.0 200 OK
Content-Type: application/json
Date: Wed, 06 Aug 2014 04:21:46 GMT
[{"Created":1407298467,"Id":"74b70b97805372836d783164c5947dff3f238b5e3b46ff485ff569db261f4821","ParentId":"63b78cfcec3505ae456951b715b884e97efc304b3eb1afaf71b291427e5cd67b","RepoTags":["autodock2:latest"],"Size":0,"VirtualSize":495318755}
,{"Created":1407298298,"Id":"b0010f8250b7f12c7711d9d0724159c20a8ab3cac656240b2b57de21f0212107","ParentId":"f73d70c059a3c2934d2a035e032e59410edfbe11adc8fb13613f4b69e45cec93","RepoTags":["\u003cnone\u003e:\u003cnone\u003e"],"Size":0,"VirtualSize":541988649}
,{"Created":1407298258,"Id":"26181c39799ac1448592cbe22e3c48871af7ad0fe7649ad0532c794a009575d1","ParentId":"fbee187b928e27969ddf1f1f6e8b104e2e3fc213ff85900e5625cbf5cecb35d7","RepoTags":["\u003cnone\u003e:\u003cnone\u003e"],"Size":46325,"VirtualSize":535817274}
,{"Created":1403960154,"Id":"3e43b1ff5f6126a82fb45874c27dd4a43242cf13f3d4c719c3641610e9f8838a","ParentId":"a6990e6d6fba450b02601343b4e3343eb30239c739a711edea42ad133da2ee55","RepoTags":["jpetazzo/dind:latest"],"Size":0,"VirtualSize":404036125}
Another example, this time pulling an image:
$ echo -e "POST /images/create?fromImage=ipython/notebook HTTP/1.0\r\n" | nc -U /docker.sock
Due to time constrains is settled on creating a quick version of my own: you can look at here if you're interested, it takes the basic idea of this repo and aims to "improve" it in some ways (but its mainly stylistic i admit).
I was also fiddling around with the remote api, but "updating" a container in-place would require the program to generate a new run command from inspecting a running container which seemed to fragile and difficult to implement (but probably not impossible)
This repos seems to be exactly the final chain in my minimalisitic continues deployment chain but i fail to see how this allows me to execute command on the docker daemon itself? Looking at the source it simply execs the commands in the container itself which is isolated from the docker daemon that is managing it right? so running something like:
wouldn't work right?