offen/docker-volume-backup
2
0
Fork 0
mirror of https://github.com/offen/docker-volume-backup.git synced 2024-11-10 00:30:29 +01:00
Code Issues Packages Projects Releases Wiki Activity
7637975e3f
docker-volume-backup/docs/how-tos/use-custom-docker-host.md
Frederik Ring 0f224e4fb8
Document socket-proxy permissions, return early when update failed on scaling down (#343) 
* Do not await containers when there was an error on scaling

* Add test case for usage with socket proxy

* Add documentation on required permissions for docker-socket-proxy

* Add full list of used Docker APIs to doc

* CONTAINER_START and CONTAINER_STOP is not needed
2024-02-05 14:27:06 +01:00

1.6 KiB
Raw Blame History

title layout parent nav_order
Use a custom Docker host default How Tos 14

Use a custom Docker host

If you are interfacing with Docker via TCP, set DOCKER_HOST to the correct URL.

DOCKER_HOST=tcp://docker_socket_proxy:2375

If you do this as you seek to restrict access to the Docker socket, this tool is potentially calling the following Docker APIs:

API When
Info always
ContainerExecCreate running commands from exec-labels
ContainerExecAttach running commands from exec-labels
ContainerExecInspect running commands from exec-labels
ContainerList always
ServiceList Docker engine is running in Swarm mode
ServiceInspect Docker engine is running in Swarm mode
ServiceUpdate Docker engine is running in Swarm mode and stop-during-backup is used
ConatinerStop stop-during-backup labels are applied to containers
ContainerStart stop-during-backup labels are applied to container

In case you are using docker-socket-proxy, this means following permissions are required:

Permission When
INFO always required
CONTAINERS always required
POST required when using stop-during-backup or exec labels
EXEC required when using exec-labeled commands
SERVICES required when Docker Engine is running in Swarm mode
NODES required when labeling services stop-during-backup
TASKS required when labeling services stop-during-backup