git/gitflow/gitlib>> docker-tcp-switchboard>> 返回
项目作者: OverTheWireOrg

项目描述 :
Launch a fresh docker container per SSH connection
高级语言: Python
项目地址: git://github.com/OverTheWireOrg/docker-tcp-switchboard.git
创建时间: 2017-02-21T22:44:14Z
项目社区:https://github.com/OverTheWireOrg/docker-tcp-switchboard
开源协议:
下载


Docker TCP Switchboard

Build Status

This project is part of OverTheWire‘s infrastructure and used to provide
players of OverTheWire wargames with a fresh Docker container each time they
log into SSH.

At this point in time, docker-tcp-switchboard only really supports SSH instead
of arbitrary TCP connections, since it makes a connection to the backend and
expects to receive a banner in order to determine that the Docker containers
has started up successfully.

Some features, current and future:

  • Allocate a new Docker instance per connection
  • Ability to reuse Docker instances for multiple connections.
  • Ability to limit the amount of running containers to avoid resource exhaustion.
  • [future] Ability to set quota (time-limit, network traffic limit) per container.
  • [future] Ability to delay network communication for incoming connections, to
    prevent that a flood of incoming connections spawns of a flood of containers
    that overwhelm the Docker host.

Quickstart

Attention: This is just a quick-start and not suitable for production.

Prerequisites:

  • A docker image of your choice is needed
    • The image requires a running ssh-server and a known user/password (See \example\Dockerfile for a simple example)
  • root or root-privileges are needed for setup
  1. # start in your home directory
  2. cd ~
  3. # clone this repository
  4. git clone https://github.com/OverTheWireOrg/docker-tcp-switchboard.git
  5. # install and start docker. You'll be able to control docker without root
  6. sudo apt-get -y install docker-ce
  7. sudo service docker start
  8. sudo usermod -a -G docker **yourusername**
  9. # install requirements
  10. cd /docker-tcp-switchboard
  11. sudo apt install python3-pip
  12. pip3 install -r requirements.txt
  13. # setup logfile
  14. touch /var/log/docker-tcp-switchboard.log
  15. chmod a+w /var/log/docker-tcp-switchboard.log
  16. # create the configuration file
  17. vi /etc/docker-tcp-switchboard.conf #paste your configuration file here (see below)
  18. # start docker-tcp-switchboard. It'll run in the foreground.
  19. python3 docker-tcp-switchboard.py

Done! Now connect to your outerport to start a fresh container.

Example configuration file

  1. [global]
  2. logfile = /var/log/docker-tcp-switchboard.log
  3. loglevel = DEBUG
  5. [profile:firstcontainer]
  6. innerport = 22
  7. outerport = 32768
  8. container = imagename
  9. limit = 10
  10. reuse = false
  12. [profile:differentcontainer]
  13. innerport = 22
  14. outerport = 32769
  15. container = differentimagename
  16. limit = 5
  17. reuse = false
  19. [dockeroptions:differentcontainer]
  20. ports={"8808/tcp":null}
  21. volumes={"/home/ubuntu/mountthisfolder/": {"bind": "/mnd/folderincointainer/", "mode": "rw"}}

misc

  • See logfile for debugging (tail -f /var/log/docker-tcp-switchboard.log)
  • To auto-disconnect when idle, use SSHD config options “ClientAliveInterval” and “ServerAliveCountMax”
  • Remember to unblock “outerport” in your firewall
  • See Docker SDK for Python for troubleshooting and available dockeroptions