Closed balk77 closed 2 years ago
niek1992
commented
2 years ago I would like to point out that simply exposing the Docker API over TCP itself by modifying the docker.service is sufficient as well. Don't know the resource utilization as simply proxy'ing would not need much, but not having an extra container running (which is going to be picked up by monitor_docker unless explicitly emitted) is something i'd prefer.
balk77
commented
2 years ago Interesting. What code is needed to get it working? Does it persist after reboots and upgrades of this addon and the OS? Not tested but I guess that proxy works after upgrades.
niek1992
commented
2 years ago There are numerous ways to modify docker.service. But the route i chose was to edit docker.service. The command i used was systemctl edit docker.service --full. This allows me to edit the full configuration of Docker (which afaik persists after upgrades, unless you completely remove it before upgrading).
The line you'd need to edit is the ExectStart line:
ExecStart=/usr/bin/dockerd -H fd:// -H tcp://127.0.0.1:2375 --containerd=/run/containerd/containerd.sock
This is enough to publish Docker API over TCP on IP 127.0.0.1. I've chosen localhost because i don't want HA Docker API exposed on my network. I have several Docker hosts which i configured with a seperate Portainer instance than the one in HA.
Other ways of doing this is to include a configuration file inside a specific folder (which isn't created by default) which if present will be slipstreamed into docker.service.
Added description to use this custom component with Supervised or HA OS. Thanks to this post: https://community.home-assistant.io/t/exposing-docker-sock-for-monitor-docker/265565/30