multi tenant - manage containers from another container, docker -
i need able deploy new container or manage docker containers running in coreos running docker container.
docker version 1.5.0 coreos version 647.2.0
right process deploying new instance of application using shell script.
it does:
- duplicate source code of node.js application new folder
- cd it
- deploy new docker container in detached mode setting 'pwd' -v work directory application runs
i thinking, if possible execute shell script inside container deploys new container in coreos or there alternatives method.
another objective able stop running container.
any comments or suggestions appreciated.
run controlling container docker client & socket mounted , able control docker daemon within containers (run docker client within docker container)
edit: note root access required docker socket, means container able control docker daemon , launch containter root on host, use containers trust , need access.
$ docker run \ -v /var/run/docker.sock:/var/run/docker.sock \ -v /usr/bin/docker:/usr/bin/docker \ -v /usr/lib/libdevmapper.so.1.02:/usr/lib/libdevmapper.so.1.02 \ ubuntu docker --version docker version 1.1.2, build d84a070 also tested on latest coreos / docker:
core@coreos2 /usr/lib $ docker run -it --name=test --rm -h=dod -v /var/run/docker.sock:/var/run/docker.sock -v `which docker`:/usr/bin/docker -v /usr/lib/libdevmapper.so.1.02:/usr/lib/libdevmapper.so.1.02 ubuntu bash root@dod:/# docker ps -a container id image command created status ports names 6746d8cd1c8d ubuntu:latest "bash" 3 seconds ago 2 seconds test root@dod:/# docker --version docker version 1.6.2, build 7c8fca2-dirty root@dod:/# edit: debian:jessie wouldn't work without libsqlite3-0, can mount form host or search package:
root@066bf3df3f2e:/# ldd `which docker` linux-vdso.so.1 (0x00007ffdb7dc8000) libpthread.so.0 => /lib/x86_64-linux-gnu/libpthread.so.0 (0x00007fe8a77df000) libsqlite3.so.0 => not found libdevmapper.so.1.02 => /usr/lib/libdevmapper.so.1.02 (0x00007fe8a7593000) libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007fe8a71ea000) /lib64/ld-linux-x86-64.so.2 (0x00007fe8a79fc000) libudev.so.1 => /lib/x86_64-linux-gnu/libudev.so.1 (0x00007fe8a6fdb000) librt.so.1 => /lib/x86_64-linux-gnu/librt.so.1 (0x00007fe8a6dd3000) libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007fe8a6bcf000) to find out package provides file debian:jessie use packages.debian.org/search
edit: user within container need have permission read docker socket host, if non-root user, try have docker group within container, group gid should match host docker group (unconfirmed if works).
alternatively apt-get install sudo ,
echo "<user_name> all=(all) nopasswd:all" >> /etc/sudoers.d/90-custom && \ chmod 0440 /etc/sudoers.d/90-custom at point can write scripts user sudo docker .. control host docker daemon.
Comments
Post a Comment