One Container To Control Them All

In most circumstances isolation between containers is a good thing allowing you to expose only the services you need.
There maybe times you want to do something like running docker in docker which has it’s own problems. However you can probably achieve what you want to do by connecting to docker on the host from inside a container letting you run commands inside other containers or start/stopping sibling containers etc.

Warning, think hard before doing this as it allows anyone with access to run commands inside the container to access other containers on the host.

How to do it

Map the docker socket from the host to the container, an example snippet taken from a docker-compose file below:
        build: .
            - "5000"
            - /var/run/docker.sock:/var/run/docker.sock
Example running commands on the app container to access docker on the host.
// download docker-compose to the container and make it executable
docker exec test_webapptest_1 curl -L$(uname -s)-$(uname -m) -o /usr/local/bin/docker-compose
docker exec test_webapptest_1  chmod +x /usr/local/bin/docker-compose

// executing commands inside test_webapptest_1 that will connect to docker on the host using docker-compose
docker exec test_webapptest_1 docker-compose kill test_sibling_container_1
docker exec test_webapptest_1 docker-compose up -d database_container

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.