DEV Community

Eray Ates
Eray Ates

Posted on

Share docker socket to http rest with some filtering

#docker #traefik #go

I will share socket files to http with forward tool, https://github.com/worldline-go/forward which I programmed.

This tool listening http request and forwarding to the socket with some method filtering.

So lets download or run in docker:

To download visit the release page

# scratch version
docker pull ghcr.io/worldline-go/forward:v0.1.2
# alpine version
docker pull ghcr.io/worldline-go/forward:v0.1.2-alpine
Enter fullscreen mode Exit fullscreen mode

This tool asking you a command parameter to show location of the socket file and redirection path and some filtering methods.

In here, I will redirect all /docker/* requests to the docker.sock file. And I will disabled some method, so without any filtering methods all methods is works.

Using - begining on the method name is disabling:

-s /docker.sock:/docker/:-POST,-PUT,-DELETE,-PATCH
Enter fullscreen mode Exit fullscreen mode 
export socket to HTTP
version: 0.1.2 commit: b8e86c7 buildDate:2022-06-29T10:46:25Z

Usage:
  forward [flags]

Flags:
  -h, --help                 help for forward
  -H, --host string          Host to listen on, default: 0.0.0.0:8080 (default "0.0.0.0:8080")
  -s, --socket stringArray   Socket to export: /var/run/docker.sock:/docker/:*,-POST,-PUT,-DELETE
  -v, --version              version for forward
Enter fullscreen mode Exit fullscreen mode

Lets run

docker run --rm -p 8080:8080 -v /var/run/docker.sock:/docker.sock ghcr.io/worldline-go/forward:v0.1.2 -s /docker.sock:/docker/:-POST,-PUT,-DELETE,-PATCH
Enter fullscreen mode Exit fullscreen mode

Now call http service, (check this document for detail)

curl http://localhost:8080/docker/containers/json
Enter fullscreen mode Exit fullscreen mode

I shared to the /docker path so I called with /docker prefix but this is for just demo not need to set any path.

Now, we can use this tool for in traefik.

Traefik is a proxy tool and in swarm mode it is need a docker.sock communication to find services's information.

We can mount docker.sock to Traefik and solve communication but there is one point. In the swarm's worker nodes docker.sock cannot reach to the swarm-api (default). We can fix this communication to run forward tool as service and set Traefik to the our service to communicate with docker socket.

Forward service

forward-docker:
  image: ghcr.io/worldline-go/forward:v0.1.2
  command: "-s /var/run/docker.sock::-POST,-PUT,-PATCH,-DELETE"
  deploy:
    mode: global
    # Just works in manager nodes for swarm API
    placement:
      constraints:
        - "node.role==manager"
  volumes:
    - /var/run/docker.sock:/var/run/docker.sock
  networks:
    - proxy
Enter fullscreen mode Exit fullscreen mode

In traefik's static configuration change enpoint

providers:
  docker:
    # endpoint: "unix///var/run/docker.sock"
    endpoint: "tcp://forward-docker:8080"
Enter fullscreen mode Exit fullscreen mode

Now you can replicate your Traefik in the all nodes of the swarm.

Top comments (0)

Read next

vgeruso profile image

Pare de instalar bancos de dados

Victor Geruso Gomes -

discoriver profile image

Dynamic construction without reflection.

Ben -

justinepdevasia profile image

Running Docker based web applications in Hashicorp Nomad with Traefik Load balancing

justinepdevasia -

stefanie-a profile image

Understanding The Basic Syntax Of A Dockerfile.

Stephanie Albert -