Running containers on distant host: docker contexts

camarm

camarm

Posted on January 6, 2024

Running containers on distant host: docker contexts

Cover from Ruan Bekker blog

Hi, today I will introduce you a docker functionnality I discovered 6 months ago: docker contexts 🐳.

It allows you to build and run your containers on a distant host.

Please note I'm only a docker user, for further informations about contexts visit the official documentation

🧠 Understand contexts

Actually, docker contexts let you manage multiple docker daemons from a single client.

A context has two major informations:

  • Its name and description
  • Its endpoint

By default, a default context is created and used. Its endpoint is the local docker sock.

NAME         DESCRIPTION                               DOCKER ENDPOINT               ERROR
default                                                unix:///var/run/docker.sock
Enter fullscreen mode Exit fullscreen mode

The strength of contexts is that you can change from one host to another in only one command !

⚡ Get started with contexts

⚙️ Sever configuration

First, you need to configure your server to enable remote access to your docker daemon.

⚠️ Remote access permit anyone in a network to connect to your docker daemon and, potentially have root access to your server ⚠️

See official documentation

Two methods to enable remote access:

  • With systemd
  • With daemons.json

With systemd

1.) Edit the docker.service file and put your own values.

sudo systemctl edit docker.service
Enter fullscreen mode Exit fullscreen mode
[Service]
ExecStart=/usr/bin/dockerd -H fd:// -H tcp://0.0.0.0:2375
Enter fullscreen mode Exit fullscreen mode

2.) Reload changes and restart docker daemon

sudo systemctl daemon-reload && sudo systemctl restart docker.service
Enter fullscreen mode Exit fullscreen mode

With daemons.json

1.) Add the folowing to /etc/docker/daemons.json

{
  "hosts": ["unix:///var/run/docker.sock", "tcp://0.0.0.0:2375"]
}
Enter fullscreen mode Exit fullscreen mode

2.) Restart docker

You should now have remote access enabled. You can verify docker is binding on port 2375 using netstat:

$ sudo netstat -lntp | grep dockerd
tcp        0      0 127.0.0.1:2375          0.0.0.0:*               LISTEN      3758/dockerd
Enter fullscreen mode Exit fullscreen mode

💻 Client configuration & examples

First, you need to ensure that your docker cli supports the context command:

docker context
Enter fullscreen mode Exit fullscreen mode

It should show you a help about contexts

Next, let's create a context

docker context create <context> --docker host=tcp://host:2375
Enter fullscreen mode Exit fullscreen mode

Replace <context> with its name and host by the docker daemons IP.

It should be in the list of contexts outputted by

docker context ls
Enter fullscreen mode Exit fullscreen mode
NAME         DESCRIPTION                               DOCKER ENDPOINT               ERROR
default *                                              unix:///var/run/docker.sock   
<context>                                              tcp://<context-ip>:2375 
Enter fullscreen mode Exit fullscreen mode

Default as an asterisk after its name (default *) because it's the currently used context.

To change to the newly created one, just type.

docker context use <context-name>
Enter fullscreen mode Exit fullscreen mode

Now you can run any docker container in the distant docker daemon

docker run -d -it busybox /bin/sh
Enter fullscreen mode Exit fullscreen mode

This execute a shell in an empty container

You should see it in docker ps

docker ps
Enter fullscreen mode Exit fullscreen mode
CONTAINER ID   IMAGE               COMMAND                CREATED         STATUS                          PORTS     NAMES
f4d3674af80a   busybox             "/bin/sh"              2 seconds ago   Up 1 second                               focused_ramanujan
Enter fullscreen mode Exit fullscreen mode

You can verify that it's been running on the distant host by passing which context to use directly in the command:

docker --context default ps
Enter fullscreen mode Exit fullscreen mode

Should not output busybox container
Whereas docker --context <context> ps should !

You have know the rudiments about docker context. Consider referring to the Docker documentation for further informations and explanations.

📈 How I use it ?

Discovering this feature was very helpful in my workflow: I don't need to use ssh to deploy latest versions of my apps anymore.

I just change context, to choose the right server (like databases, microservices, web-prod) and fire docker run -d ....

In parallel i use Portainer, a powerful web UI for docker. It allows me to manage my running containers and check their health right in my browser !

Here are some screenshots of my portainer:

List of connected daemons
Connected Daemons
Lists of containers
Containers

I hope you discovered something new,
Have nice deployments,
See you later 👋 !

💖 💪 🙅 🚩
camarm
camarm

Posted on January 6, 2024

Join Our Newsletter. No Spam, Only the good stuff.

Sign up to receive the latest update from our blog.

Related

What was your win this week?
weeklyretro What was your win this week?

November 29, 2024

Where GitOps Meets ClickOps
devops Where GitOps Meets ClickOps

November 29, 2024

How to Use KitOps with MLflow
beginners How to Use KitOps with MLflow

November 29, 2024