[ How to execute host's Docker command from container? ]
I want to write Docker containers management script in Python. However, since I use CoreOS, Python is not included as standard command. So, I am thinking of using Python Docker container (https://registry.hub.docker.com/_/python/) to execute my script. However, in that case the script will be executed in container's VM which doesn't have access to the host's Docker CLI.
Is there a way to use Python (or other programming languages not packaged in CoreOS), to manage host environment without installing it on the host machine?
PS, the script will do something like:
docker run/rm/stop <another container>;
If you make the Docker daemon reachable via HTTPS then you can communicate with the daemon from remote machines, or from within Docker containers. The instructions for enabling HTTPS in the daemon are here https://docs.docker.com/articles/https/
In short it involves creating client and server certificates (for security) and running the Docker daemon with a command such as
docker -d --tlsverify --tlscacert=ca.pem \
--tlscert=server-cert.pem --tlskey=server-key.pem \
When running in this mode, you can use an appropriate client library for the programming language of your choice https://docs.docker.com/engine/reference/api/remote_api_client_libraries/
There is one for python
docker-py I haven't tried it but can say from experience this approach works using
docker-java client library, having a Java program inside a container stopping and starting other containers.
You can either mount the docker binary and socket into the container:
$ docker run -v $(which docker):/usr/bin/docker -v /var/run/docker.sock:/var/run/docker.sock debian docker --version
Docker version 1.7.0, build 0baf609
Or set up docker to allow remote access (I can't find a good reference for this at the minute).
A different way would be to use CoreOS toolbox to access python and exec docker. For example, my CoreOS machine running a simple python command from CoreOS to see docker process status":
core@zz1 ~ $ toolbox python -c 'import os;os.system("/media/root/usr/bin/docker -H unix:///media/root/var/run/docker.sock ps")'
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
2f5480ebc129 gcr.io/google_containers/etcd:2.0.12 "/usr/local/bin/etcd 47 minutes ago Up 46 minutes k8s_etcd.3a160ccf_kube-dns-184.108.40.206_kube-system_790a48cfb2e2a5ae0abfcb6e3221275f_9d4fc659
ddbbc5e5033c gcr.io/google_containers/skydns:2015-03-11-001 "/skydns -addr=0.0.0 47 minutes ago Up 47 minutes k8s_skydns.db942972_kube-dns-220.127.116.11_kube-system_790a48cfb2e2a5ae0abfcb6e3221275f_59835376