Merge pull request #508 from docker/revert-493-patch-1

Revert "Change sshfs by cloudstor on Installing and using a plugin"
This commit is contained in:
Misty Stanley-Jones 2017-09-11 11:25:50 -07:00 committed by GitHub
commit 04390f8a74
1 changed files with 27 additions and 38 deletions

View File

@ -43,49 +43,37 @@ Plugins that start successfully are listed as enabled in the output.
After a plugin is installed, you can use it as an option for another Docker After a plugin is installed, you can use it as an option for another Docker
operation, such as creating a volume. operation, such as creating a volume.
In the following example, you install the `docker4x/cloudstor` plugin, verify that it is In the following example, you install the `sshfs` plugin, verify that it is
enabled, and use it to create a volume. enabled, and use it to create a volume.
> **Note**: This example is intended for instructional purposes only. Once the volume is created, your SSH password to the remote host will be exposed as plaintext when inspecting the volume. You should delete the volume as soon as you are done with the example.
1. Install the `sshfs` plugin. 1. Install the `sshfs` plugin.
```bash ```bash
$ docker plugin install docker4x/cloudstor:17.05.0-ce-azure2 \ $ docker plugin install vieux/sshfs
--alias cloudstor:azure \
CLOUD_PLATFORM=AZURE \ Plugin "vieux/sshfs" is requesting the following privileges:
AZURE_STORAGE_ACCOUNT_KEY="mmpwuGgnSKHodND...." \ - network: [host]
AZURE_STORAGE_ACCOUNT="myswarmstorage" - capabilities: [CAP_SYS_ADMIN]
Plugin "docker4x/cloudstor:17.06.0-ce-azure2" is requesting the following privileges:
- network: [host]
- mount: [/dev]
- allow-all-devices: [true]
services:
- capabilities: [CAP_SYS_ADMIN CAP_DAC_OVERRIDE CAP_DAC_READ_SEARCH]
Do you grant the above permissions? [y/N] y Do you grant the above permissions? [y/N] y
17.06.0-ce-azure2: Pulling from docker4x/cloudstor
68b66459b745: Verifying Checksum vieux/sshfs
68b66459b745: Download complete
Digest: sha256:aa2ae6026e8f5c84d3992e239ec7eec2c578090f10528a51bd8c311d5da48c7a
Status: Downloaded newer image for docker4x/cloudstor:17.05.0-ce-azure2
Installed plugin docker4x/cloudstor:17.06.0-ce-azure2
``` ```
The plugin requests 4 privileges: The plugin requests 2 privileges:
- It needs access to the `host` network. - It needs access to the `host` network.
- It needs access to the `/dev` mount. - It needs the `CAP_SYS_ADMIN` capability, which allows the plugin to run
   - It needs access to `allow-all-devices`.
   - It needs the `CAP_SYS_ADMIN` capability, which allows the plugin to run
the `mount` command. the `mount` command.
   - It needs the `CAP_DAC_OVERRIDE CAP_DAC_READ_SEARCH`capabilities, which allows the plugin to bypass file read, write, and execute permission checks.
2. Check that the plugin is enabled in the output of `docker plugin ls`. 2. Check that the plugin is enabled in the output of `docker plugin ls`.
```bash ```bash
$ docker plugin ls $ docker plugin ls
ID NAME DESCRIPTION ENABLED ID NAME TAG DESCRIPTION ENABLED
7e08f3d484c9 cloudstor:azure cloud storage plugin for Docker true 69553ca1d789 vieux/sshfs latest the `sshfs` plugin true
``` ```
3. Create a volume using the plugin. 3. Create a volume using the plugin.
@ -96,34 +84,35 @@ enabled, and use it to create a volume.
```bash ```bash
$ docker volume create \ $ docker volume create \
-d cloudstor:azure \ -d vieux/sshfs \
--name cloudstorvolume --name sshvolume \
-o sshcmd=user@1.2.3.4:/remote \
-o password=$(cat file_containing_password_for_remote_host)
cloudstorvolume sshvolume
``` ```
4. Verify that the volume was created successfully. 4. Verify that the volume was created successfully.
```bash ```bash
$ docker volume ls $ docker volume ls
DRIVER NAME DRIVER NAME
cloudstor:azure cloudstorevolume vieux/sshfs sshvolume
``` ```
5. Start a container that uses the volume `cloudstorevolume`. 5. Start a container that uses the volume `sshvolume`.
```bash ```bash
$ docker run --rm -v cloudstorevolume:/data busybox sh -c 'echo test > /data/test' $ docker run --rm -v sshvolume:/data busybox ls /data
$ docker run --rm -v cloudstorevolume:/data busybox cat /data/test
test <content of /remote on machine 1.2.3.4>
``` ```
6. Remove the volume `cloudstorevolume` 6. Remove the volume `sshvolume`
```bash ```bash
docker volume rm cloudstorevolume docker volume rm sshvolume
cloudstorevolume sshvolume
``` ```
To disable a plugin, use the `docker plugin disable` command. To completely To disable a plugin, use the `docker plugin disable` command. To completely
remove it, use the `docker plugin remove` command. For other available remove it, use the `docker plugin remove` command. For other available