Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Proper way to automatically start and expose ssh when running my app container

Tags:

docker

ssh

I have containers with python apps and I need them to automatically start and expose ssh when running them. I know it's against Docker's best practices, but right now I don't have any other solution. I'd be interested to know the best way to automatically run an additionnal service in a docker container anyway.

Since Docker will only start one process, installing sshd isn't enough. There are apparently multiple options to deal with it:

  1. use a process manager like Monit or Supervisor
  2. use the ENTRYPOINT option
  3. append a command (service sshd start, for instance) at the end of /etc/bash.bashrc (see this answer)

Option 1 seems overkill to me. Also I suppose I'll have to run the container with a cmd calling the process manager instead of bash or my python app: not exactly what I want.

I don't know how to use Option 2 for such a case. Should I write a custom script starting sshd and then running the provided command if any ? How should this script look like ?

Option 3 is very straightforward but quite dirty. Also it won't work if I run the container with another command than /bin/bash.

What's the best solution and how to set it up ?

like image 999
Anto Avatar asked Feb 25 '15 11:02

Anto

People also ask

Can we ssh into docker container?

The SSH method works fine for Docker containers, too. That said, you can SSH into a Docker container using Docker's built-in docker exec . If you do not need an interactive shell, you can also use the docker attach command to connect the host's stdin and stdout to the running container and execute remote commands.

1 Answers

You mention that option 1 seems like overkill. Why is it overkill? Supervisor is very simple to configure and will basically do what you want.

First, write supervisor config files that starts your python app and sshd:

[supervisord]
nodaemon=true

[program:sshd]
command=/usr/sbin/sshd -D

[program:pythonapp]
command=/path/to/python myapp.py -x args etc etc

Call that file supervisord.conf and commit it somewhere in your repo. In your Dockerfile, copy that file to the container as one of the container build steps, expose the ports for SSH and your app (if needed) and set the CMD to start supervisord:

COPY supervisord.conf /etc/supervisor/conf.d/supervisord.conf
EXPOSE 22 80
CMD ["/usr/bin/supervisord"]

This is clean and easy to understand. It's how I run multiple processes in a container when needed. It is even suggested in the Docker docs as a nice solution.

like image 179
Ben Whaley Avatar answered Sep 22 '22 18:09

Ben Whaley
Sign in to Comment

Related questions

SSH authentication in Artifactory
Cloning a Git repo from VSTS over SSH asks a password! Unexpected
Get Visual Studio 2017 to work with ssh-agent / ssh-add for git
wget not available on AWS EC2 (Bitnami)
Python Paramiko directory walk over SFTP
Error loading key "(stdin)": invalid format Gitlab CI
ssh in vscode error: Permission denied (publickey,password)
How do i use same ssh key across multiple machines?
Inter-convertability of asymmetric key containers (eg: X.509, PGP, OpenSSH)
Why does Fabric display the disconnect from server message for almost 2 minutes?
Knowing if a remote port forward was successful?
How to connect MySQL database through two SSH hosts
Net-ssh timeout for execution?
Access Virtual Machine via PuTTY Using Built-in Command "vagrant ssh"
How do I verify that a specific public key file is used with git?
ssh remote command does not return
How execute multiple commands on SSH2 using NodeJS
Deploy JavaFX on Ubuntu server without display
ffmpeg Unknown input format: 'lavfi'
Quoting in bash and perl in recursive ssh command

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!