mirror of
https://github.com/johndoe6345789/docker-swarm-termina.git
synced 2026-04-24 21:55:13 +00:00
f8d2320236
Problem: CapRover's serviceUpdateOverride in captain-definition doesn't always apply automatically, causing "Docker socket NOT found" errors. Solution: Manual docker service update command to apply the mount. Changes: - Added CAPROVER_TROUBLESHOOTING.md with complete step-by-step fix - Manual docker service update command - Verification steps - Common issues and solutions - SELinux/AppArmor troubleshooting - Created fix-caprover-docker-mount.sh automated script - Finds service automatically - Applies mount - Verifies configuration - Shows service status - Enhanced backend/app.py diagnostics - Lists /var/run directory contents - Shows Docker-related files - Better error messages explaining the issue - Explicit note when mount is missing - Updated backend/requirements.txt - Docker SDK 7.0.0 -> 7.1.0 (fixes URL scheme error) - Updated CAPROVER_DEPLOYMENT.md - Prominent warning about serviceUpdateOverride limitation - New Step 4: Verify and Apply Docker Socket Mount - Quick fix command prominently displayed - Links to troubleshooting guide - Updated troubleshooting section with manual fix - Updated QUICKSTART.md - Warning after backend deployment instructions - Quick fix command for both deployment options - Links to troubleshooting guide This provides users with immediate solutions when encountering the "Cannot connect to Docker" error, which is now properly diagnosed and can be fixed with a single command. https://claude.ai/code/session_01NfGGGQ9Zn6ue7PRZpAoB2N
Backend - Flask API
Python Flask backend for Docker container management.
Features
- RESTful API for container management
- Docker SDK integration
- Session-based authentication
- CORS enabled for frontend access
Setup
- Install dependencies:
pip install -r requirements.txt
- Configure environment (optional):
cp .env.example .env
# Edit .env with your settings
- Run the server:
python app.py
The server will start on http://localhost:5000
API Endpoints
Authentication
POST /api/auth/login- Login with username/passwordPOST /api/auth/logout- Logout current session
Containers
GET /api/containers- List all containers (requires auth)POST /api/containers/<id>/exec- Execute command in container (requires auth)
Health
GET /api/health- Health check
Docker
Build the Docker image:
docker build -t docker-swarm-backend .
Run the container:
docker run -p 5000:5000 -v /var/run/docker.sock:/var/run/docker.sock docker-swarm-backend
Debugging
The application includes comprehensive Docker connection diagnostics that run automatically on startup. Check the logs for:
- Docker environment variables (DOCKER_HOST, DOCKER_CERT_PATH, etc.)
- Docker socket existence and permissions
- Current user and group information
- Connection attempt results
Example output:
=== Docker Environment Diagnosis ===
DOCKER_HOST: unix:///var/run/docker.sock
✓ Docker socket exists at /var/run/docker.sock
Socket permissions: 0o140777
Readable: True
Writable: True
Current user: root (UID: 0, GID: 0)
✓ Successfully connected to Docker using Unix socket
✓ Docker connection verified on startup
If connection fails, the diagnostics will show detailed information about what's wrong.
CapRover Deployment
For deploying to CapRover (which uses Docker Swarm), see the detailed guide in CAPROVER_DEPLOYMENT.md.
Key points:
- Uses
captain-definitionfile withserviceUpdateOverrideto mount Docker socket - Runs as root to access Docker socket
- Includes enhanced debugging for troubleshooting connection issues
- Only supports 1 replica (Docker socket can't be shared)
Security
⚠️ This backend requires access to the Docker socket. Ensure proper security measures are in place in production environments.
Security Considerations:
- Container has root access to the host system via Docker socket
- Implement strong authentication (change default credentials)
- Restrict network access to the API
- Only use in trusted environments
- Monitor logs for suspicious activity
- Consider using a Docker socket proxy for additional security