Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/lukasheinrich/remotedocker-demo

a webserver and client for interactive remote docker
https://github.com/lukasheinrich/remotedocker-demo

Last synced: 23 days ago
JSON representation

a webserver and client for interactive remote docker

Host: GitHub
URL: https://github.com/lukasheinrich/remotedocker-demo
Owner: lukasheinrich
Created: 2016-01-13T22:48:45.000Z (about 9 years ago)
Default Branch: master
Last Pushed: 2017-01-18T13:01:53.000Z (about 8 years ago)
Last Synced: 2024-12-27T03:42:18.084Z (about 1 month ago)
Language: Python
Size: 33.2 KB
Stars: 1
Watchers: 3
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

README

# remotedocker-demo

this is a proof-of-concept code for a remote interactive docker sessions for environments without a local docker installation and full access to a remote docker host. The client's TTY is connected to a `docker attach ...` process on the server via a ZeroMQ socket to a port that the server publishes. The client does not need to have any access to the machine running the server or the docker daemon, but just reads/writes to these ports.

On the server side, a webserver spawns interactive docker session for a specified container/command pair upon a corresponding HTTP request by the client. the interactive docker session is connected to a pseudo-terminal which itself talks to ZeroMQ on random ports to interact with the remote client.

client code:

remotedocker

since the demo machine is behind a cern firewall you need to setup a SSH tunnel to the webserver at 'localhost:3000', i.e.
ssh -fNL 3000::5000 lxplus

for the same reason the client will ask twice (once to get access to webserver and once to connect to the port received from the webserver) for the password for LXPLUS for now, but if the port range selected by the server (now: 5000,6000) should be accessible by the outside, this will not be needed.

this is also more restrictive than completely exposing the docker unix socket to the outside world. this only allows the remote client to connect to a 'docker run -it ' call and not to remove containers/images etc.

#### installing

git clone https://github.com/lukasheinrich/remotedocker-demo.git
cd remotedocker-demo
pip install -e .

#### screencast

from outside CERN (tunneling via `lxplus`)
[![asciicast](https://asciinema.org/a/9kkugc45wlz16sdivm5e20h6s.png)](https://asciinema.org/a/9kkugc45wlz16sdivm5e20h6s)

from inside CERN
[![asciicast](https://asciinema.org/a/4n7bjiffdn393m9t746rf1y6s.png)](https://asciinema.org/a/4n7bjiffdn393m9t746rf1y6s)