Problem executing docker-compose mixin on windows

[dberardo-com]

The bug

porter install --allow-docker-host-access fails (see log below)

Running docker desktop on windows. all my docker commands including compose run without any problem. Porter cannot bind to the docker_host.

Tentative solution

i have tried to set an evn variable DOCKER_HOST to point to the tcp socket but porter seems to ignore that variable completely. I have also tried to define it as a credential or param inside the bundle but it does not work.

Log

here the log:

Error: unable to instantiate driver: allow-docker-host-access was specified but could not detect a local docker daemon running by checking for /var/run/docker.sock

[carolynvs]

Thanks for reporting this. We'll need to look into how to expose the docker socket on Windows. This looks promising https://stackoverflow.com/a/41005007

If you want to try to work around this, you'd need to figure out how to expose the docker host endpoint to a container running on that host (this is called Docker out of Docker, or DooD). For example, if you knew that your docker host endpoint is "tcp://192.168.59.103:2375", the trick is how to get the container to be able to resolve that ip address (because if your endpoint is localhost, that's not going to work).

[dberardo-com]

For now i use this workaround to install and test apps using docker-compose:

version: "3"

services:
  porter:
    container_name: porter
    image: docker
    volumes:
      - ./my-app:/home
      - //var/run/docker.sock:/var/run/docker.sock
    command: sleep 100000

once inside the container i install curl, porter and the app i am working on

However, it would be nice to be able to simply "tell" porter to look for another DOCKER_HOST on my windows machine, that would much less cumbersome

[dberardo-com]

on the same line: i am pulling images from a private docker repo. should i login onto that repo via an "exec" mixin or is there a better way to do that ?

[carolynvs]

Here's a blog post that explains how to use the docker mixin to build and publish images inside a bundle.

https://porter.sh/blog/docker-mixin-blog-post/

[dberardo-com]

thanks @carolynvs , i already knew that page. In fact i believe to have gone through most of the docker / docker-compose related documentation of porter in the past few days :D

I have managed to setup a dev environment to use porter, and so far i was able to install/uninstall/publish the bundle successfully on a Windows machine.

I will share the key steps with the community:

0. create an entrypoint.sh file:

#!/usr/bin/env bash
set -euo pipefail

curl -L https://cdn.porter.sh/latest/install-linux.sh | bash # install porter
cat "export PATH=$PATH:~/.porter" >> /root/.bashrc

1. setup porter in a docker container:

version: "3"

services:
  porter:
    container_name: porter
    image: docker
    working_dir: /home/work/app
    volumes:
      - ./my-app:/home/work/app
      - ./entrypoint.sh:/home/work/app/entrypoint.sh
      - //var/run/docker.sock:/var/run/docker.sock
    entrypoint: sh /home/work/app/entrypoint.sh
    command: /bin/sh -c "source /root/.bashrc && sleep 100000"

2. create helper.sh script in ./my-app directory credits:

#!/usr/bin/env bash
set -euo pipefail

docker_login() {
    echo 'my_registry_password' | docker login private.registry.com --password-stdin --username myusername
}

3. add this lines to porter.yaml file:

mixins:
  - exec
  - docker-compose
  - docker

publish:
  - exec:
      description: "Logging into docker"
      command: ./helpers.sh
      arguments:
        - docker_login
  - exec:
      description: "Publishing bundle"
      command: porter publish

4. run docker-compose up -d and then "exec" in container, run the "source /root/.bashrc" file and then your are ready to run porter install commands

[carolynvs]

May I ask why you aren't using the docker mixin to login? I'm curious if there is missing functionality that needs to be addressed.

Are you running porter inside a container because you are on Windows? Again just looking to see if there are workarounds in play that we don't know are problems. 😀

[dberardo-com]

i thought that i was indeed using it already in this line

  - exec:
      description: "Logging into docker"
      command: ./helpers.sh
      arguments:
        - docker_login

Are you running porter inside a container because you are on Windows?

exactly, i develop on Windows and distribute bundles on linux.

The workaround seems to work pretty nicely though, so probably i should add it to the documentation?

[dberardo-com]

on a side note:

i have tried to bundle images inside the final CNAB bundle of my application, but i had some trouble of using those images inside the docker-compose file, since i could not use templating inside that file.

Therefore i had to wire the image names and digests in the manifest files as custom env variables that then are going to be injected in the compose by the docker-compose mixin.

that took me some time to figure out, since i could not find an example in the docker-compose-mixin github project. So probably it would good to add such an example in there.

[carolynvs]

You can call docker login directly through the docker mixin without using exec

https://github.com/getporter/docker-mixin/#docker-login

- docker:
    login: # Login to docker registry using the DOCKER_USERNAME and DOCKER_PASSWORD environment variables

[carolynvs]

i have tried to bundle images inside the final CNAB bundle of my application, but i had some trouble of using those images inside the docker-compose file, since i could not use templating inside that file.
Therefore i had to wire the image names and digests in the manifest files as custom env variables that then are going to be injected in the compose by the docker-compose mixin.

Thanks for bringing that up! Here an issue tracking the request to support swapping the images natively inside the mixin. getporter/docker-compose-mixin#26

[dberardo-com]

as for the login part using the docker mixin.

if i add the docker login action into the custom "install" action of my manifest file (which currently includes also exec and docker-compose up), i get the following error:

Error: 1 error occurred:
* validation of action "install" failed: more than one mixin specified

[carolynvs]

That error occurs when the indentation of the mixin is incorrect, i.e. the mixin name should not have any other fields at the same indentation level.

Here's what causes it:

install:
- docker:
  login:

Perhaps this will work instead?

credentials:
- name: user
  env: DOCKER_USERNAME
- name: password
  env: DOCKER_PASSWORD

install:
  - docker:
      description: "Log in"
      login: {}

[dberardo-com]

i have now corrected the syntax and the command works, but my question is: is the porter.yaml manifest file going to be pushed into the app-installer bundle ?

i need to keep the login parameters confidentials, and it would not make sense to have them as parameters or credentials that can be injected during app installation. How could i achieve this? should i rather use env variables in the wiring?

[carolynvs]

The snippet that I sent does not embed any sensitive values into the porter.yaml and instead uses environment variables. You can use that code, exactly the way it is without modification and credentials are securely injected by Porter when the bundle is run.

Maybe this documentation on how credentials are injected will help explain? https://porter.sh/credentials/

[carolynvs]

I think the original problem has been resolved. If not, let me know and I'll reopen.