|
Accessing Docker daemon through remote CLI
|
July-9th-2018, 01:08 PM
Is there any way by which I might be able to access the docker daemon running on the NetPI through a remote Docker CLI. Secondly, Is there any way I can access the Netpi other than its standard web GUI; for instance through SSH?
Regards, Adeel Jamal 
July-9th-2018, 05:04 PM
(This post was last modified: August-30th-2018, 10:39 AM by Armin@netPI.)
Yes there is an alternative method to take control of the Docker Daemon. As you know we are using portainer.io as web front end for the user to take control of Docker on netPI. portainer.io offers a RESTful api to take control of Docker commands from remote. What is not allowed on netPI cause of security reason to login through a SSH connection.
These commands are described here: https://gist.github.com/deviantony/77026...8d41bc42f8. Those commands are valid for portainer.io in the version >= 1.18.0. Since we are curently using portainer.io in the version 1.12.x on netPI the interface is slightly different. For test purposes I made an Example using Node-RED to deploy a container on netPI from remote. I posted it here: https://forum.hilscher.com/Thread-Managi...ESTful-API
„You never fail until you stop trying.“, Albert Einstein (1879 - 1955)
August-30th-2018, 12:32 PM
(This post was last modified: August-30th-2018, 12:43 PM by Armin@netPI.)
I checked accessing the netPI's Docker Web GUI portainer.io from a standard Linux shell using the command http
I had to install the command first on my Linux using $ apt-get install httpie Afterwards I am able to call the RESTful API as described here (but adapted the documented interface to the portainer API V1.12.4 that is currently used on netPI. First I called the "login" command while replacing the IP address and the password with my physical settings of course. You should do the same. $ http --verify=no --json POST "https://<netPI's IP address>/portainer/api/auth" username=admin password=<your admin password> I got back a response { "jwt": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6MSwidXNlcm5hbWUiOiJhZG1pbiIsInJvbGUiOjEsImV4cCI6MTUzNTY1MzIyOH0.6qNXK3g5dNkXzf4a1_29i5m84Qs2zJerAcPQ1SzQMew" } The most important part is the value of 'jwt' being used for all ongoing commands as authentication token. As next I created an "Docker Socket" endpoint (others do not exist with V1.12.4) using $ http --verify=no --json POST "https://<netPI's IP address>/portainer/api/endpoints" name=myendpoint URL=unix:///var/run/docker.sock 'Authorization:Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6MSwidXNlcm5hbWUiOiJhZG1pbiIsInJvbGUiOjEsImV4cCI6MTUzNTY1MzIyOH0.6qNXK3g5dNkXzf4a1_29i5m84Qs2zJerAcPQ1SzQMew' I got back a response { "Id": 2 } This Id is used now for all ongoing instructions. See the red "2" to see where to position this ID in the next example where I am listing the images available on my netPI: http --verify=no --json GET "https://<netPI's IP address>/portainer/api/docker/2/images/json" 'Authorization:Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6MSwidXNlcm5hbWUiOiJhZG1pbiIsInJvbGUiOjEsImV4cCI6MTUzNTY1MzIyOH0.6qNXK3g5dNkXzf4a1_29i5m84Qs2zJerAcPQ1SzQMew' all==1 I got a response [ { "Containers": -1, "Created": 1535622420, "Id": "sha256:9ba50652894d963b79bd877983b7c9c36693f1cece972e274e12419f43d9bde7", "Labels": { "description": "Open-PLC - IEC 61131-3 compatible open source PLC", "io.resin.architecture": "armv7hf", "io.resin.qemu.version": "2.9.0.resin1-arm", "maintainer": "netpi@hilscher.com", "version": "V1.0.0" }, "ParentId": "", "RepoDigests": [ "hilschernetpi/netPI-openplc@sha256:e8df83fd4b0c20f7677ed699af02277d023ebd784a50f4f8f78fb3abbf355157" ], "RepoTags": [ "hilschernetpi/netPI-openplc:latest" ], "SharedSize": -1, "Size": 658380690, "VirtualSize": 658380690 } ] The rest of the API commands work in the same/similar way ... just continue to read the documentation. Thx Armin
„You never fail until you stop trying.“, Albert Einstein (1879 - 1955)
|
