SSH tunnels to Docker image registry, on Windows
DougBreaux 270007SMYJ Visits (632)
I've been working with Docker lately (for WebSphere Liberty).
More I probably will write about that later, but this brief post is about pushing a Docker image to a private local registry that I can only reach through a 2-hop SSH tunnel.
It turns out unlike "native" Docker on Linux, the Docker for Windows daemon that push/pull uses isn't using the same networking that the containers are. Looks like I have to get to the underlying VM, but can'
I eventually was able to successfully follow the steps detailed in that post above, except as I need to then to ssh from the resulting container, I need Alpine + SSH. I also wanted to make my own image for the container+Docker client. Both so I knew exactly what was in it, and to see if I could get an even smaller image than that author's Ubuntu one.
So here are the two images I created for the purpose, with their source Dockerfiles on GitHub:
Commands to perform the process:
From Windows CMD.EXE (Might have to be as Administrator):
C:\>docker run --privileged -it -v /var
From that container:
Then run whatever SSH commands you need. I also created a private Docker image of the above alpine-with-ssh where I copied my private key file, known_hosts file for the two systems I'm going to tunnel through, and a shell script to establish my two-hop tunnel.
For quick reference, my ssh command (which is in my custom shell script) looks like:
# ssh -o GatewayPorts=yes -o Serv
Then I can, back on my Windows workstation/host:
docker push my-r
Contents of a Docker Image
Bonus tip: useful site to inspect the contents of a Docker Hub image: http
e.g. for my Alpi