Docker expands the concept of Linux Container, adding to such mechanism an high-level API, used for isolation of processes via CGROPS.

Another important function, added since version 0.4, allows the access to its features via some REST API's.

By default, this function is only available via a linux socket; to change this setting, you need to update as shown below the configuration file, under Ubuntu to be found in “/etc/default/docker”:

DOCKER_OPTS="-H unix:///var/run/docker.sock -H tcp://127.0.0.1:2375"

using "-H" switches, you need to setup Docker so that it is always listening to the unix socket, and is answering on 2315 port too.

Once reactivated the service, you can verify the correct operation with the following call:

curl -S http://localhost:2375/version

the output call will give a result like this

Docker API's provide all the main functions.

Now let's have a look at some basic operations you can do with them, to get an idea of their power.

Searching an image on Docker public hub

curl -s -XGET http://localhost:2375/images/search?term=ab load tests

After a call to the public hub, the system will return through this API all the images matching the specified pattern search.

Information obtained with this call will be useful afterward, for a logical recover of images and for the creation of new containers.

An extract from the answer:

{
    "description": "AB load tests",
    "is_official": false,
    "is_trusted": false,
    "name": "wdalmut/ab",
	"star_count": 0
}

You need to consider carefully what prepared so far, because, in the current configuration, all the API's are public and accessible to anyone, creating a great security issue.

To solve such issues, since Docker version 0.9, the system provides an authentication system based upon TLS/SSL certificates.

Documents related to this functionality are public and accessible at web address: http://docs.docker.com/reference/api/docker_remote_api/

So far, some very simple operations would create serious problems to be implemented. Docker may solve such issues providing a light and essential stack.

Antonio Pessolano

Senior Developer at Consoft Sistemi S.p.A. , Website , @apessolano , Linkedin profile
I destroyed my first computer when i was seventeen when i was trying to do a RAM upgrade. I am 33 years old now and i solve problems trying to reduce the average number of problems that i have found!

All articles by Antonio Pessolano

Comments

comments powered by Disqus

cloudparty

Follow Us