manage containers from another container, docker

I need to be able to deploy a new container or manage docker containers running in CoreOS from another running docker container.

docker version is 1.5.0
coreos version is 647.2.0

  • docker-compose v3 share the same volume mount locations between multiple containers
  • Docker private registry with multiple registry urls using nginx
  • How to link two containers using docker-compose
  • Update Jupyter to Python 3.4 in default Tensorflow docker container
  • Rails Puma inside of Docker Instance stops responding from inactivity
  • MySQL in Docker on Windows: World-writable files ignored
  • Right now my process for deploying a new instance of my application is using a shell script.

    It basically does:

    1. duplicate the source code of the node.js application to a new folder
    2. cd into it
    3. deploy a new docker container in detached mode setting ‘pwd’ as -v to the work directory then the application runs

    I was thinking, if its possible to execute the shell script from inside the container so that it deploys a new container in coreos or are there any alternatives for this method.

    Another objective is to be able to stop a running container.

    Any comments or suggestions would be greatly appreciated.

  • Add a volume to Docker, but exclude a sub-folder
  • Docker base image state replication
  • How to import an unpopular package to Docker using the GOLang official image?
  • how do i backup a database in docker
  • How many docker containers can i run simultaneously on single host?
  • Bluemix: service bound to container does not appear in VCAP_SERVICES
  • One Solution collect form web for “manage containers from another container, docker”

    run the controlling container with the Docker client & socket mounted and you will be able to control the docker daemon from within your containers (run docker client within docker container)

    EDIT: DO note root access is required to the docker socket, this means the container is able to control the docker daemon and launch a containter to get root on the host, so use this with containers you trust and only you need to access.

    $ docker run \ 
      -v /var/run/docker.sock:/var/run/docker.sock \   
      -v /usr/bin/docker:/usr/bin/docker \ 
      -v /usr/lib/libdevmapper.so.1.02:/usr/lib/libdevmapper.so.1.02 \
      ubuntu docker --version
    
    Docker version 1.1.2, build d84a070
    

    also tested on latest coreOS / Docker:

    core@coreos2 /usr/lib $ docker run -it --name=test --rm -h=dod -v /var/run/docker.sock:/var/run/docker.sock -v `which docker`:/usr/bin/docker -v /usr/lib/libdevmapper.so.1.02:/usr/lib/libdevmapper.so.1.02 ubuntu bash
    root@dod:/# docker ps -a
    CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES
    6746d8cd1c8d        ubuntu:latest       "bash"              3 seconds ago       Up 2 seconds                            test
    root@dod:/# docker --version
    Docker version 1.6.2, build 7c8fca2-dirty
    root@dod:/#
    

    EDIT: for debian:jessie this wouldn’t work without libsqlite3-0, we can mount it form the host or search for the package:

    root@066bf3df3f2e:/# ldd `which docker`
            linux-vdso.so.1 (0x00007ffdb7dc8000)
            libpthread.so.0 => /lib/x86_64-linux-gnu/libpthread.so.0 (0x00007fe8a77df000)
            libsqlite3.so.0 => not found
            libdevmapper.so.1.02 => /usr/lib/libdevmapper.so.1.02 (0x00007fe8a7593000)
            libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007fe8a71ea000)
            /lib64/ld-linux-x86-64.so.2 (0x00007fe8a79fc000)
            libudev.so.1 => /lib/x86_64-linux-gnu/libudev.so.1 (0x00007fe8a6fdb000)
            librt.so.1 => /lib/x86_64-linux-gnu/librt.so.1 (0x00007fe8a6dd3000)
            libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007fe8a6bcf000)
    

    to find out which package provides this file for debian:jessie use packages.debian.org/search

    EDIT: the user within the container will need to have permission to read the docker socket from the host, if it is a non-root user, you could try to have a docker group within the container, but the group gid should match to host docker group (unconfirmed if this actually works).

    Alternatively you could apt-get install sudo and

    echo "<user_name> ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers.d/90-custom && \
    chmod 0440 /etc/sudoers.d/90-custom
    

    at which point you can write scripts for that user to sudo docker .. control the host docker daemon.

    Docker will be the best open platform for developers and sysadmins to build, ship, and run distributed applications.