When I use docker-machine in a Windows environment (installed with docker-toolbox), every docker run command uses that docker-machine as the docker daemon.
However, when I use docker-machine in a Linux environment, which has native docker daemon installed along with docker-machine, docker run command uses native docker daemon even if there is a running docker-machine instance.
Questions are:
How does docker run command decide which daemon to use?
Are there any method to list running containers on a docker-machine instance?
For the second one, I know I can SSH to the docker-machine instance and query docker ps in it, but I want check it from outside the instance.
Thanks in advance.
The Docker Machine stack works by firing up a VM, and then setting the DOCKER_HOST environment variable to point at it. In particular, it also does the required setup to TLS-encrypt the connection and to set up a TLS client certificate to authenticate the caller. (Without this setup, a remote DOCKER_HOST is extremely dangerous.)
So: docker run and every other Docker command uses the DOCKER_HOST environment variable to decide where to run things. If DOCKER_HOST points at a Docker Machine VM, docker ps will list the containers there; you won’t usually need to docker-machine ssh (though it’s a useful tool when you really need it).
On a native Linux host it’s far easier to just directly use a local Docker daemon. If you do have both a local daemon and a docker-machine VM, you can
# switch to the Docker Machine VM
eval $(docker-machine env default)
# switch back to the host Docker
eval $(docker-machine env -u)
Related
I have installed minikube on my laptop, I see that minikube uses docker daemon running within cluster.
Is it possible to run minikube to use the host machine docker daemon?
I tried using
export DOCKER_HOST="tcp://localhost:2376"
ran, minikube start
and, minikube start --docker-env=DOCKER_HOST="tcp://localhost:2376"
Both did not work.
Is it possible to run minikube to use the host machine docker daemon?
No. Minikube runs in a VM, and can't connect to the host's /var/run/docker.sock file. (The setup you show requires a non-default host Docker configuration with significant risk of just outright getting the host rooted, and from the VM's point of view, localhost is the VM.)
You can do the opposite, though, set your local Docker daemon to talk to minikube's Docker daemon
eval $(minikube docker-env)
(Also remember that Kubernetes is designed for multi-host deployments based around immutable images. If you're trying to do live development inside a Kubernetes pod, it is rather complicated and translates poorly to production environments. Use plain Docker, or better still, install a development environment directly on your host. If you're just trying to test out deployment wiring, minikube, or the Kubernetes included in Docker Desktop, or other tools like kind work just fine.)
#David Maze, it's not completely true what you wrote in your answer:
No. Minikube runs in a VM, and can't connect to the host's
/var/run/docker.sock file.
Let's say it can be true only in particular case, so the following question:
Is it possible to run minikube to use the host machine docker daemon?
I would answer: Yes, it is. However typical Minikube instance runs on a separate VM, it is still possible to run it directly on the host. More on that you can read in minikube installation guide in official Kubernetes documentation:
Note: Minikube also supports a --vm-driver=none option that runs the
Kubernetes components on the host and not in a VM. Using this driver
requires Docker and a Linux environment but not a hypervisor. It is
recommended to use the apt installation of docker from Docker, when
using the none driver. The snap installation of docker does not work
with minikube.
#Sunil Gajula, adding following flag:
--vm-driver=none
when running your Minikube instance should actually resolve your problem as it is not set by default to none and it seems the missing element in your attempts to run Minikube on your local machine. So by default it runs in a VM, using one of the available hypervisors ( if you don't specify above mentioned flag).
I got this working on my mac OS.
And I use fish:
##install docker-cli
#brew install docker
#brew install minikube hyperkit
## run minikube without kubernetes enabled
#minikube start --memory 6144 --cpus 4 --docker-opt=bip=172.17.42.1/16 --no-kubernetes
# minikube -p minikube docker-env | source (put the result into config and source it)for bash/zsh: minikube docker-env
And if you want to run minikube k8s cluster:
you can:
# minikube start --addons=registry --cni=calico --driver=hyperkit --cpus=8 --memory=8g (or some simple command)
You may need to install docker-machine-driver-hyperkit with install command.
With everything ok, you can use docker-cli to interact docer daemon in minikube.
I used docker with docker-machine ( can access container server by 192.168.99.100 ). I would like not to use docker-machine. so I can directly access my container by localhost (127.0.0.1). I shut down docker-machine (docker-machine stop) and tried to build image and container, but It said 'no daemon'. how should I completely shut down docker-machine and use local docker?
I think what you want is unset all docker-machine environment variables to use you host Docker daemon. This can be achieved with this command.
eval $(docker-machine env -u)
There are two different installs for docker on Mac. Both use a VM running Linux under the covers.
The older method includes docker toolbox and docker machine to manage the VM in virtualbox. When you use docker machine to stop this VM, the docker commands have no host to run on and will error out as you've seen.
The newer install uses xhyve to run the VM and various other tricks to make it appear seamless. This is a completely different install that you download and run from Docker, and it requires your Mac be at least version 10.10.3 with Yosemite.
See this install page for more details: https://store.docker.com/editions/community/docker-ce-desktop-mac?tab=description
I have an image that I'm using to run my CI/CD builds (using GitLab CE). I'd like to deploy my app doing something like this from within the container:
eval "$(docker-machine env manager)"
sudo docker stack deploy --compose-file docker-stack.yml web
However, I'd like the docker-machine to access machines defined on the host system since the container will be destroyed and I don't want to include access details in the image.
I've tried a few things
Accessing the Remote Host via docker-machine
Create the docker-machine on the host and mount the MACHINE_STORAGE_PATH so that it is available to the container
Connect to the remote docker-machine manually from within the container and setting the MACHINE_STORAGE_PATH equal to a mounted volume
Mounting the docker socket
In both cases, I can see the machine storage is persisted, but whenever I create a new container and run docker-machine ls none of the machines are listed.
Accessing the Remote Host via DOCKER_HOST
Forward the remote machine docker port to the host docker port docker-machine ssh manager-1 -N -L 2376:localhost:2376
export DOCKER_HOST=:2376
Tell docker to use the same certs that are used by docker-machine: export DOCKER_TLS_VERIFY=1 and export DOCKER_CERT_PATH=/Users/me/.docker/machine/machines/manager-1
Test with docker info
This gives me error during connect: Get https://localhost:2376/v1.26/info: x509: certificate signed by unknown authority
Any ideas on how I can perform a remote deployment from within a container?
Thanks
EDIT
Here is a diagram to try and help better communicate the scenario.
Don't use docker-machine for this.
Docker-machine stores files in $HOME/.docker/machine, so when you restart with a fresh copy of this folder, all previously defined machines will be removed. You could store this folder as a volume, but there's a much easier way for your purposes.
The solution is to mount the docker socket, and either as root or from a user with the same gid as the docker socket (note that group names themselves inside and outside the container may not match, so gid is important), run your docker ... commands as normal. You can skip the docker-machine eval completely since you are running the commands against the local docker socket.
If you need to run commands remotely, I find it easier to define the DOCKER_HOST and DOCKER_TLS_VERIFY variables manually rather than using docker-machine.
In case you want to communicate from your CI container to the Docker host you can simply mount the Docker socket when starting the CI container:
docker run -v /var/run/docker.sock:/var/run/docker.sock <gitlab-image>
Now you can run docker commands on the host from within the CI container.
I am window user and working fine with the docker on default machine. I can build images and run it perfectly. But now I have scenario where I have to run two docker-machine parallel.
I have created new docker machine from following command:
docker-machine create --driver virtualbox NAMEOFNEWMACHINE
Now when I run docker-machine ls I can see there is two docker machine running.
Then I run docker-machine ip so it gives me the IP of default machine so basically I am not able to switch from default to new dev machine on docker.
I have read docker docs & I run commands which they mentioned to switch the machine
eval "$(docker-machine env NAMEOFNEWMACHINE)"
docker-machine env NAMEOFNEWMACHINE
but after running above command it still shows me default machine ip, Therefor I cannot build my image on new machine
I am pretty new to docker so is there anyone who can help me in how to run two docker machine parallel?
Thanks
Just had the same problem on windows 7. Solved it by setting the windows DOCKER_HOST environment variable. Check your machine ip (docker-machine ls) and use the complete ip in the command:
SET DOCKER_HOST=
I just recently started using Docker. I'm able to run my servers, and communicate between them.
What I don't understand is: why do I need to run Docker commands, like $ docker run somerepo/image from the window opened by Docker Quickstart Terminal.
Running it from "regular" Terminal windows returns
$ docker run dockerinaction/hello_world
docker: Cannot connect to the Docker daemon. Is the docker daemon running on this host?. See 'docker run --help'.
I understand that on OS X and Windows, Docker needs to start one virtual machine with Linux 2.6 (in my case), and that all containers are run within that VM.
I thought docker CLI was connecting to a docker deamon that runs inside that VM - and then I don't understand what happens in the Quickstart Terminal.
I don't understand what does happen in the Quickstart Terminal.
You can use a regular terminal, provided by docker-machine env, and do operations similar to osx/mpkg/quickstart.app/Contents/Resources/Scripts/start.sh:
dockerm-machine start dev
eval "$(docker-machine env dev)"
(replace 'dev' with the name of your docker machine. By default, it is named... "default")
Once those environment variables for the Docker client are set, you can execute docker command directly from your shell.
A Quickstart Terminal would set those same variable for you.
You can see what it does by watching the terminal output. In my case it ran bash --login '/Applications/Docker/Docker Quickstart Terminal.app/Contents/Resources/Scripts/start.sh' attempting to start the virtual machine. Once it's running it uses the equivalent of eval "$(docker-machine env default)" to set some environment variables so your terminal is ready to access the Docker VM.
If you need more information have a look at that script start.sh.
What does docker quickstart terminal do?
From Docker docs:
It will create and start a VirtualBox VM running Docker Engine, then
configure the command-line environment so that you can talk to it
In other words it sets some environment variables so your terminal is ready to access the Docker VM. - (thanks to #Nauraushaun)