1

Using the command line to manage server images and containers is the most common way for operation and maintenance personnel, but sometimes we have to operate docker remotely or provide capabilities for technical personnel who are not familiar with docker (configuration administrators, testers) , a graphical interface is necessary in this case. Providing a graphical interface to operate docker is indeed more direct and simpler than using the command line. Therefore, many manufacturers provide users with graphical user interfaces for docker container image management based on the docker RESTful API, such as Portainer, Docker UI, Shipyard, etc. This article does not introduce these big guys, but introduces a simple IDEA plug-in, through which we can manage docker containers and images on the IDEA editor .

Docker provides access to remote services, namely: docker REST API (through RESTful HTTP API, external operation command entry is provided).

First, open the docker remote access service

The first thing to be clear is that managing docker images and containers on the server through the IDEA editor (remote work host) is a remote service access (that is, accessing the REST API through the network). The docker daemon does not provide remote access by default. You need to modify the configuration file vim /usr/lib/systemd/system/docker.service , which is the first step to enable the docker remote access service. 0.0.0.0:2375 means that all network cards on the current host listen to port 2375.

 #修改ExecStart这行
ExecStart=/usr/bin/dockerd -H fd:// -H tcp://0.0.0.0:2375  -H unix:///var/run/docker.sock  --containerd=/run/containerd/containerd.sock

The second step is to reload the configuration file and restart the docker daemon, and use the command below to check whether the remote access service can be provided correctly. Or you can access it through a browser http://<docker宿主机ip>:2375/info to verify that it is correct if there is a response, and it returns a JSON docker service status and configuration information.

 #重新加载配置文件,并重启docker守护进程
systemctl daemon-reload && systemctl restart docker

#查看端口是否开启,有一行记录显示2375端口被监听,即正确
netstat -nptl|grep 2375;

It should be noted that if the firewall on your server does not open port 2375 access, please use the following command to open port 2375 (Note: The following command line applies to CentOS7 and 8 distributions, if you are other linux distributions, the command may be Different).

 firewall-cmd --zone=public --add-port=2375/tcp --permanent;   #配置开放端口
firewall-cmd --reload;   #重新加载配置

2. IDEA installs the Dokcer plugin

Next, we install the plugin on the IDEA editor of the remote work host, of course, provided that you have already installed the IDEA editor. Follow the steps shown in the figure below to install the docker plugin, "File -> Settings -> Plugins -> Search for Docker -> install". After the plugin is installed, you usually need to restart the IDEA editor. My IDEA version is 2021.3, this plugin is integrated by default and does not need to be installed. You may search for a lot of docker-related plug-ins, remember the whale icon in the picture, this is what we need.

Configure the Docker remote access service, as shown in the figure below, fill in tcp://<远程docker服务器IP>:2375 in the Engine API URL, and then save the configuration.

The plugin installs and saves the configuration. After completion, a new Tab window will appear to manage the Containers, Images, Networks, and Volumes on the above configuration service. You can see how many containers are included, the running status of the containers, the data volumes of the containers, port mapping and other information. Basic image information, image deletion, import and export operations are also supported. We can also manage the docker network, manage the data volume, and basically cover almost all the management functions of the docker stand-alone service.

Therefore, the IDEA plugin is quite powerful. If we use docker to build some environments, it is almost the most convenient to use it . If you are managing enterprise-level service clusters, you still need more advanced graphical interface management tools, such as rancher. At the end of the article, the author has to say that we have also missed a very important content, that is, docker provides HTTP RESTful API remotely, which is a very dangerous behavior without any security measures . Later, the author will introduce how to add a certificate to the docker remote access service. Remote access requests without a certificate will be rejected, and HTTPS is used for network data transmission.
Welcome to pay attention to my announcement number: Antetokounmpo, reply 003 and present the PDF version of the author's column "The Way of Docker Cultivation", more than 30 high-quality docker articles. Antetokounmpo Blog: zimug.com


字母哥博客
933 声望1.5k 粉丝