When I run docker on a image it does not work unless I have run docker-machine to create VM. So looking at the diagram it seems that the machine I use to create the VM is the client and VM or droplet I create is the host, is that correct?
I am having some trouble getting a container to connect to the machine I ran the docker-machine to create and type docker run commands on, which has a mysql db running.
I have to use its specific IP address to connect which seems odd as it has a secure connection already.
I have tried many things but nothing is working except the specific IP and a port opened.
I hope I have figured this out now, for anyone else confused and not reading the docs:-)
Without running docker-machine, then running docker, your machine is the host.
If you run docker-machine to create VM/droplet then run a container then your VM is the host. So if you want to mount files/directories from your local machine you must use docker-machine scp to copy over the files/directory to the VM then -v mount the files/dirs on the VM to a container.
To connect to your container back to your local machine which executed the docker-machine VM command, use the IP addr returned when running route to get the gateway of the VM !
from local host use
docker-machine ssh dev route | awk ‘/default/ { print $2 }’
But not working on the droplet VM I guess you still need to open up the ports for that.
Kinda makes sense once I worked it out but there must be a better way:-)
I think you pretty much found out the answer by yourself. In that diagram you mention a ‘docker host’ is any machine that is running the Docker daemon. This means that you’re either running Docker natively in your operating system, or a virtual machine that has Docker installed.
Docker machine is basically the second option. When you do a docker-machine create it creates a new virtual machine with Docker already installed. This means that to access any containers running on this machine you’ll have to use the IP address of the virtual machine. Also, to give Docker access to a file you’ll either have to copy it to the VM that’s running Docker, or share a directory between your OS and the VM that’s running Docker.
Can you also explain the ‘private network’ between my local machine and the
host/container running after creating it with docker-machine.
I can find info on networks between containers but nothing on the
tunnel/link between the local machine I ran the docker-machine command to
create the container and the actual container.
Can I run a service on the container and use the link I have through
docker-machine to use that service from my local machine, say something
like a proxy server running on a droplet on digitalocean?
Would using Swarm be more suited for this type of task?
I’m not sure I understand your question, so I apologize if I’m completely off on this one.
Docker has essentially two components:
The Docker daemon: This takes care of running containers, and has a REST API that you can you
The Docker CLI client: Allows you to send commands to the Docker daemon. As you might have guessed, under the hood it makes HTTP calls to the docker daemon
This is cool, because it allows you to use the Docker CLI client to run Docker commands on a remote machine that has the Docker daemon running. That machine can be in AWS, Digital Ocean, or a VM running in your computer.
So in your case, you’re using:
docker-machine create to create new VMs that have the Docker daemon already installed. These machines are also configured to make the daemon listen on port 2376 for incoming requests
The Docker cli client. On its own it can’t do much, but when you run docker-machine env <machine-name> you’re configuring the CLI client to talk to the VM you’ve created.
I’m not sure you know this, but if you have Mac, Windows, or Linux you can install Docker natively. This way you’ll have both the Docker daemon and the cli installed in your own machine. This is waaaaaaay easier to manage and configure.
" When you invoke docker run you can use either -p
IP:host_port:container_port or -p IP::port to specify the external
interface for one particular binding"
I can explicitly link my local machine directly to the container with this
command.
