Skip to content
This repository has been archived by the owner on Jun 20, 2024. It is now read-only.

don't wrap docker #230

Closed
rade opened this issue Nov 24, 2014 · 2 comments
Closed

don't wrap docker #230

rade opened this issue Nov 24, 2014 · 2 comments
Labels
feature
Milestone
0.11.0

Comments

@rade
Copy link
Member

rade commented Nov 24, 2014

Weave currently 'wraps' docker, i.e. many weave commands end up invoking docker commands. This is especially problematic for starting application containers, i.e. weave run.

The principal issue is that weave application containers cannot be started via the docker API. A number of tools use that API, and composing weave with those tools at present is difficult/impossible.
@rade rade added the feature label Nov 24, 2014
@rade
Copy link
Member Author

rade commented Nov 24, 2014

The main challenge here is that weave needs to perform a whole bunch of configuration work to hook containers into the weave network and weavedns. How can it do that when not invoked directly? Conceivably we could start a daemon that listens for docker events - in particular container start events - and then performs the necessary configuration. Similar to what the weavedns updater does. Ideally we'd want to run that daemon as a container, for ease of deployment and lifecycle management. This is tricky though, since we need to perform operations on the host and inside the container, but my experiments indicate that running a container with --net=host -v /proc:/hostproc would provide us with all the access we need.

That doesn't get us out of the woods though...

  1. Ideally we want to configuring networking before the container's main process starts. This becomes impossible w/o changes to docker, e.g. a plug-in system with synchronous invocation at the point where docker has set up the container but not yet launched the main process.
  2. It's impossible to configure the dns settings of a container post startup. We'd have to require users to supply the relevant settings when launching containers. Or require the docker daemon to be started with a specific --dns= setting, though that only gets us part of the way, since we also need to supply some --dns-search settings for each container.
  3. All the extra information needed to hook containers into the weave network and weavedns, has to come from somewhere. Currently that's the CIDR. That may go away, but some indication of what application network a container should be part of has to come from somewhere. Perhaps just from the hostname though. Meanwhile, and in absence of some changes to docker, we could require the information to be supplied via --env et al.

@rade rade mentioned this issue Nov 27, 2014
Open
@rade rade mentioned this issue Jan 4, 2015
Closed
@rade
Copy link
Member Author

rade commented Jan 10, 2015

The docker proxy proposed in #47 (comment) can take care of 1+2.

@binocarlos binocarlos mentioned this issue Jan 10, 2015
Closed
This was referenced Feb 17, 2015
Closed
Closed
@rade rade mentioned this issue Mar 17, 2015
Closed
@rade rade mentioned this issue Mar 25, 2015
Closed
@rade rade mentioned this issue May 13, 2015
Merged
@rade rade closed this as completed in 8b66b8a May 19, 2015
@rade rade modified the milestone: 0.11.0 May 24, 2015
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
feature
Projects
None yet
Milestone
0.11.0
Development

No branches or pull requests
1 participant
@rade