NAJA2/docker-socket-forwarding
NAJA2
/
docker-socket-forwarding
5
0
Fork 0
Code Issues Pull Requests Projects Releases Activity
Forward a Docker API socket through SSH
3 Commits 1 Branch 0 Tags 31 KiB
desktop 100%
Go to file
Theo Technicguy 6be001e530
project(feat) create files 		2023-09-05 16:31:17 +02:00
.ssh project(feat) create files 2023-09-05 16:31:17 +02:00
LICENSE Initial commit 2023-09-05 15:56:14 +02:00
README.md readme(feat) fill readme 2023-09-05 16:30:54 +02:00
docker@.service project(feat) create files 2023-09-05 16:31:17 +02:00

README.md

NAJA2 Docker Socket Forwarding

I wanted to federate my two docker hosts so I can manage them from one interface (portainer, watchtower...), but without exposing the HTTP socket.

This project creates the infrastructure to forward a socket from a host locally.

Requirements

On the local machine (the one wanding to access the remote socket)

  • (A service account)
  • A folder socks in /etc/docker 
    sudo mkdir /etc/docker

On the remote machine

  • Docker (duh)
  • A normal user account (it needs to be able to accept SSH connections)
  • Permission to access the docker socket

Usage

On the local machine

  • Copy and paste and fill .ssh/config with the host and the hostname.
  • Set up the remote machine's host key in .ssh/known_hosts
  • Generate an identity file with ssh-keygen 
    ssh-keygen -b 256 -C "docker@$(hostname)" -f ~/.ssh/id_ecdsa -t ecdsa
  • Create a (sym)link to the docker@.service to /lib/systemd/system/ and reload systemd 
    sudo ln -s docker@.service /lib/systemd/system/
sudo systemctl daemon-reload

On the remote machine

  • Copy and paste .ssh/authorized_keys, then fill with the public part of the key.

On the local machine

  • Start the service