Our container setup for multiple hosts has been configured differently. This page is kept for archeological reasons :)

In case we have multiple docker hosts, we can use docker-machine.

What is Docker Machine?

In a nutshell, docker-machine is used to manage remote docker daemons, basically automating the steps listed here. It makes docker listen on TCP, but allows connections only from clients with a valid certificate (a cert signed by the ca on the docker server). In practice, it would work like this:

How to use that in our infrastructure?

On the server that hosts the drone CI agents, we can create the docker machines (one for each docker host), then in the .drone.yml file (this one for example), we can mount the .docker folder (where the docker machine configuration is) and eval the configuration for the target docker host, Then the rest remains the same: run docker compose to deploy the service, but this time it will get deployed remotely. The .drone.yml file would look like:

    image: tmaier/docker-compose
      - /root/.docker:/root/.docker:ro
      - /var/run/docker.sock:/var/run/docker.sock
      - wget$(uname -s)-$(uname -m) -O docker-machine
      - eval $(dokcer-machine env <target docker host>)'
      - docker-compose build
      - docker-compose up -d

Bonus point: this is backward-compatible, all the existing CI configuration in .drone.yml will continue to work (as long as the drone agents run on lund). So if we can afford to create a second docker host, we can migrate containers to it incrementally. This is a simple approach that adds very little complexity and yet allows us to easily choose where services are going to be deployed if we create more docker hosts.

TechDocs/Docker/docker-machine (last edited 2022-01-14 12:12:31 by max.mehl)