Skip to content
This repository has been archived by the owner on Nov 1, 2018. It is now read-only.

Docker's roles within DE

Jump to bottom
Don Sizemore edited this page Apr 25, 2016 · 3 revisions

Discovery Environment makes use of Docker in three primary ways:

  1. Long-running internal services (UI, notifications, metadata indexing)
  2. Configuration management (via data containers)
  3. End-user job execution (called via Condor DAG)

Note that the DE group_var file contains a docker.version setting, but it's only used internally for QA. DE seems to function well as each new version of Docker is released.

Docker has historically not played well with firewalls, and while this is improving, the Docker project's tendency to change its network specifications every so often may lead one to consider a hardware firewall or other proxy for sanity's sake. Unless you reconfigure Docker's default behavior in interacting with host-based firewalls, all Dockerized services will be exposed to the world. This is probably Not What You Want(tm).

Jeekajoo reference on customizing iptables for use with Docker.

StackOverflow reference on dealing with Docker and certain VPN ranges.

Clone this wiki locally