mirrors/dozzle
1
0
Fork 0
mirror of https://github.com/amir20/dozzle.git synced 2025-12-24 06:28:42 +01:00
Code Issues Projects Releases Wiki Activity
Files
d340e07d8a6e3ba5db62800a14e7650aec9fabcf
dozzle/docs/guide/remote-hosts.md
Amir Raminfar 70acaa64d8 feat: adds ability to support labels with | delimeter (#2276) 
* feat: adds ability to support labels with | delimeter

* fixes tests

* updates docs
2023-06-28 12:14:17 -07:00

2.9 KiB
Raw Blame History

title
title
Remote Host Setup

Remote Host Setup

Dozzle supports connecting to multiple remote hosts via tcp:// using TLS and non-secured connections. Dozzle will need to have appropriate certs mounted to use secured connection. ssh:// is not supported because Dozzle docker image does not ship with any ssh clients.

Connecting to remote hosts

Remote hosts can be configured with --remote-host or DOZZLE_REMOTE_HOST. All certs must be mounted to /certs directory. The /cert directory expects to have /certs/{ca,cert,key}.pem or /certs/{host}/{ca,cert,key}.pem in case of multiple hosts.

Multiple --remote-host flags can be used to specify multiple hosts. However, using DOZZLE_REMOTE_HOST the value should be comma separated.

::: code-group

$ docker run -v /var/run/docker.sock:/var/run/docker.sock -v /path/to/certs:/certs -p 8080:8080 amir20/dozzle --remote-host tcp://167.99.1.1:2376 --remote-host tcp://167.99.1.2:2376

version: "3"
services:
  dozzle:
    image: amir20/dozzle:latest
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - /path/to/certs:/certs
    ports:
      - 8080:8080
    environment:
      DOZZLE_REMOTE_HOST: tcp://167.99.1.1:2376,tcp://167.99.1.2:2376

:::

Connecting with a socket proxy

If you are in a private network then you can use Docker Socket Proxy which expose docker.sock file without the need of TLS. Dozzle will never try to write to Docker but it will need access to list APIs. The following command will start a proxy with minimal access.

docker container run --privileged -e CONTAINERS=1 -v /var/run/docker.sock:/var/run/docker.sock -p 2375:2375 tecnativa/docker-socket-proxy

Note that CONTAINERS=1 is required to list running containers. EVENTS is also needed but it is enabled by default.

Running Dozzle without any certs should work. Here is an example:

docker run --volume=/var/run/docker.sock:/var/run/docker.sock -p 8080:8080 amir20/dozzle --remote-host tcp://123.1.1.1:2375

::: warning Exposing docker.sock publicly is not safe. Only use a proxy for an internal network where all clients are trusted. :::

Adding labels to hosts

--remote-host supports host labels by appending them to the connection string with |. For example, --remote-host tcp://123.1.1.1:2375|foobar.com will use foobar.com as the label in the UI. A full example of this using the CLI or compose are:

::: code-group

docker run --volume=/var/run/docker.sock:/var/run/docker.sock -p 8080:8080 amir20/dozzle --remote-host tcp://123.1.1.1:2375|foobar.com

version: "3"
services:
  dozzle:
    image: amir20/dozzle:latest
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - /path/to/certs:/certs
    ports:
      - 8080:8080
    environment:
      DOZZLE_REMOTE_HOST: tcp://167.99.1.1:2376|foo.com,tcp://167.99.1.2:2376|bar.com

:::