This is a Radial Wheel repository for a ssh daemon. Use this in conjunction with
careful use of volumes to allow specific access to certain containers when you
need it. This is a safer practice then enabling SSH in every container you ever
create whether you need it or not. Radial Wheels are designed to put everything
worth accessing in the hub, so this Spoke would allow access to that hub when
you need it.
- By default, root login is disabled for anything other then public-key
- Set your GitHub username with
GH_USERto automatically insert your public
keys from GitHub into your container using
Tunable environment variables; modify at runtime. Italics are defaults.
- $GH_USER: [nothing] Automatically download and import the public ssh
keys for the desired github user.
Radial is a Docker container topology strategy that
seeks to put the canon of Docker best-practices into simple, re-usable, and
scalable images, dockerfiles, and repositories. Radial categorizes containers
into 3 types: Axles, Hubs, and Spokes. A Wheel is a repository used to recreate
an application stack consisting of any combination of all three types of
containers. Check out the Radial documentation for more.
One of the main design goals of Radial containers is simple and painless
modularity. All Spoke (application/binary) containers are designed to be run by
themselves as a service (a Wheel consisting of a Hub container for configuration
and a Spoke container for the running binary) or as part of a larger stack as a
Wheel of many Spokes all joined by the Hub container (database, application
code, web server, backend services etc.). Check out the Wheel
tutorial for some more details on how this works.
Note also that for now, Radial makes use of Fig for all orchestration,
demonstration, and testing. Radial is just a collection of images and
strategies, so technically, any orchestration tool can work. But Fig was the
leanest and most logical to use for now.
How to Use
In case you need to modify the entrypoint script, the Dockerfile itself, create
your "config" branch for dynamic building, or just prefer to build your own from
scratch, then you can do the following:
- Clone this repository
- Make whatever changes needed to configuration and add whatever files
A standard feature of all Radial images is their ability to be used dynamically.
This means that since great care is made to separate the application code from
it's configuration, as long as you make your application configuration available
as a git repository, and in it's own "config" branch as per the guidelines in
the Wheel template, no building of any images will be
necessary at deploy time. This has many benefits as it allows rapid deployment
and configuration without any wait time in the building process. However:
Dynamic builds will not commit your configuration files into any
resulting images like static builds.
Static builds do a "COPY" of files into the image before exposing the
directories as volumes. Dynamic builds do a
git fetch at run time and the
resulting data is downloaded to an already existing volume location, which is
now free from Docker versioning. Both methods have their advantages and
disadvantages. Deploying the same exact configuration might benefit from a
single image built statically whereas deploying many different disposable
configurations rapidly are best done dynamically with no building.
To run dynamically:
- Modify the
fig-dynamic.ymlfile to point at your own Wheel repository
location by setting the
$WHEEL_REPOvariable. When run, the Hub container
will pull the "config" branch of that repository and use it to run the Spoke
container with your own configuration.
fig -f fig-dynamic.yml up