mirror of https://github.com/offen/docker-volume-backup.git synced 2025-10-26 15:06:04 +08:00

Document socket-proxy permissions, return early when update failed on scaling down (#343 )

* Do not await containers when there was an error on scaling

* Add test case for usage with socket proxy

* Add documentation on required permissions for docker-socket-proxy

* Add full list of used Docker APIs to doc

* CONTAINER_START and CONTAINER_STOP is not needed

2024-02-05 14:27:06 +01:00

1.6 KiB

Raw Blame History

title	layout	parent	nav_order
Use a custom Docker host	default	How Tos	14

Use a custom Docker host

If you are interfacing with Docker via TCP, set DOCKER_HOST to the correct URL.

DOCKER_HOST=tcp://docker_socket_proxy:2375

If you do this as you seek to restrict access to the Docker socket, this tool is potentially calling the following Docker APIs:

API	When
`Info`	always
`ContainerExecCreate`	running commands from `exec-labels`
`ContainerExecAttach`	running commands from `exec-labels`
`ContainerExecInspect`	running commands from `exec-labels`
`ContainerList`	always
`ServiceList`	Docker engine is running in Swarm mode
`ServiceInspect`	Docker engine is running in Swarm mode
`ServiceUpdate`	Docker engine is running in Swarm mode and `stop-during-backup` is used
`ConatinerStop`	`stop-during-backup` labels are applied to containers
`ContainerStart`	`stop-during-backup` labels are applied to container

In case you are using docker-socket-proxy, this means following permissions are required:

Permission	When
INFO	always required
CONTAINERS	always required
POST	required when using `stop-during-backup` or `exec` labels
EXEC	required when using `exec`-labeled commands
SERVICES	required when Docker Engine is running in Swarm mode
NODES	required when labeling services `stop-during-backup`
TASKS	required when labeling services `stop-during-backup`

1.6 KiB Raw Blame History

Use a custom Docker host

1.6 KiB

Raw Blame History