docker-for-mac

Disallow egress from Docker containers on Docker for Mac

青春壹個敷衍的年華 提交于 2021-02-19 06:27:25
问题 I want to disable all outgoing connections that are initiated by docker containers to the outside world. I can do this in linux by adding a rule to the FORWARD chain in linux. How do I do this in Docker for Mac? I found out that Docker for Mac uses an xhyve vm and that’s where docker0 interface lives. What interface in the host does this connect to? I used nettop on Mac and I see that Docker uses my en0 wireless interface. But, I’m not sure if Docker and xhyve are using the same interface.

Awslogs logging driver issue - NoCredentialProviders: no valid providers in chain

随声附和 提交于 2021-02-08 08:20:53
问题 Docker compose addition for logging: app: logging: driver: awslogs options: awslogs-region: eu-west-3 awslogs-group: myappLogGroup I have added my AWS credentials to my mac using the aws configure command and the credentials are stored correctly in ~/.aws/credentials. I am using docker desktop 2.2.0.4. When I run docker-compose up I get the following error: ERROR: for app Cannot start service app: Failed to initialize logging driver: NoCredentialProviders: no valid providers in chain.

Awslogs logging driver issue - NoCredentialProviders: no valid providers in chain

时光怂恿深爱的人放手 提交于 2021-02-08 08:18:16
问题 Docker compose addition for logging: app: logging: driver: awslogs options: awslogs-region: eu-west-3 awslogs-group: myappLogGroup I have added my AWS credentials to my mac using the aws configure command and the credentials are stored correctly in ~/.aws/credentials. I am using docker desktop 2.2.0.4. When I run docker-compose up I get the following error: ERROR: for app Cannot start service app: Failed to initialize logging driver: NoCredentialProviders: no valid providers in chain.

How to create a mysql kubernetes service with a locally mounted data volume?

 ̄綄美尐妖づ 提交于 2021-02-07 20:47:24
问题 I should be able to mount a local directory as a persistent volume data folder for a mysql docker container running under minikube/kubernetes. I don't have any problem achieving a shared volume running it with Docker directly, but running it under kubernetes, I'm not able to osx 10.13.6 Docker Desktop Community version 2.0.0.2 (30215) Channel: stable 0b030e17ca Engine 18.09.1 Compose: 1.23.2 Machine 0.16.1 Kubernetes v1.10.11 minikube version: v0.33.1 Steps to reproduce the behavior install

connection refused when using dockerfile to pull git repository

痴心易碎 提交于 2021-01-29 15:42:56
问题 Local setup for kubernetes: Mac OS Docker for desktop >> kubernetes >> traefik >> Gitea The gitea is installed in the cluster and exposed as clusterIP service ingresses through treafik which is accessible at http://gitea.local. Everything is butter smooth till here. The pain: Now i am creating a dockerfile and using a docker build to build an image. This dockerfile is trying to clone a repository from http://gitea.local. The problem is i am getting connection refused all the times. RUN mkdir

Can I use an insecure endpoint for Kubernetes API in Docker for Mac?

让人想犯罪 __ 提交于 2021-01-27 18:05:05
问题 When I run Kubernetes in Docker for Mac, the Kube API only seems to be accessible from a secure endpoint of https://localhost:6443/ With minikube I was able to use an insecure endpoint for Kube API like http://localhost:8080/ Is there any way to use an insecure endpoint for Kube API in Kubernetes in Docker for Mac? 回答1: You may be running an old version of Kubernetes with minikube. The default insecure port for the kube-apiserver is 8080, but that's disabled on the latest Kubernetes versions

Containerized Jenkins: establish connection to docker cloud in internal network

亡梦爱人 提交于 2020-07-10 10:30:21
问题 I am trying to connect a mac to a raspberry running Jenkins, to start docker build slaves on the mac on demand. But I can't establish the connection in Jenkins' docker cloud configuration. My setup is as follows: raspberry pi at 192.168.2.111: Jenkins running in docker mac mini at 192.168.2.220 using docker for mac: this should run docker containers as build slaves on demand via Jenkins docker plugin The SSH connection from Jenkins to mac works. The mac agent is up and running. Now I want to

IP Blacklisting in Istio

∥☆過路亽.° 提交于 2020-06-27 03:49:11
问题 The IP whitelisting/blacklisting example explained here https://kubernetes.io/docs/tutorials/services/source-ip/ uses source.ip attribute. However, in kubernetes (kubernetes cluster running on docker-for-desktop) source.ip returns the IP of kube-proxy. A suggested workaround is to use request.headers["X-Real-IP"] , however it doesn't seem to work and returns kube-proxy IP in docker-for-desktop in mac. https://github.com/istio/istio/issues/7328 mentions this issue and states: With a proxy that

Other pc can't visit k8s dashboard

老子叫甜甜 提交于 2020-05-16 03:15:28
问题 My mac can visit k8s dashboard, but other pc can't. What's the reason ? @kubernetes/UI @kubernetes/dashboard I have tried with the latest version of my channel (Stable or Edge) macOS Version: 10.14 Docker for Mac: version: 19.03.1 k8s version : 1.14.3 eneble k8s on docker for mac setting apply k8s dashboard.yaml my mac ip is : 192.168.0.200 kubectl get service --all-namaspaces NAMESPACE NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) default ......... kubernetes ......... ClusterIP ......... 10.96.0

Other pc can't visit k8s dashboard

爱⌒轻易说出口 提交于 2020-05-16 03:14:29
问题 My mac can visit k8s dashboard, but other pc can't. What's the reason ? @kubernetes/UI @kubernetes/dashboard I have tried with the latest version of my channel (Stable or Edge) macOS Version: 10.14 Docker for Mac: version: 19.03.1 k8s version : 1.14.3 eneble k8s on docker for mac setting apply k8s dashboard.yaml my mac ip is : 192.168.0.200 kubectl get service --all-namaspaces NAMESPACE NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) default ......... kubernetes ......... ClusterIP ......... 10.96.0