New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Docker-machine create should not overwrite a running Docker Swarm cluster #3482

Open
pcgeek86 opened this Issue Jun 7, 2016 · 9 comments

Comments

Projects
None yet
2 participants
@pcgeek86

pcgeek86 commented Jun 7, 2016

Scenario

  1. I provisioned an Azure Container Service (ACS) running Docker Swarm
  2. I thought I had to use docker-machine create in order to connect to it
  3. I used the generic driver to create a Docker Machine on the existing ACS cluster
  4. It broke the running Docker Swarm cluster

Expected Result

I would expect docker-machine to have a bit more intelligence so that if it detected a running Docker Engine or Swarm Cluster on the remote system, it wouldn't interfere with it, unless the user overrides the command with a flag. Could we add some detection logic, and throw an exception?

/cc @ahmetalpbalkan

Cheers,
Trevor Sullivan
Microsoft MVP: Cloud & Data Center Management
https://trevorsullivan.net
https://twitter.com/pcgeek86

@ahmetb

This comment has been minimized.

Show comment
Hide comment
@ahmetb

ahmetb Jun 7, 2016

Contributor

These two are definitely not compatible. The way they manage the clusters is very different.

If you thought they are, it is probably a docs issue. What machine command did you issue to damage the ACS-Swarm cluster?

Contributor

ahmetb commented Jun 7, 2016

These two are definitely not compatible. The way they manage the clusters is very different.

If you thought they are, it is probably a docs issue. What machine command did you issue to damage the ACS-Swarm cluster?

@pcgeek86

This comment has been minimized.

Show comment
Hide comment
@pcgeek86

pcgeek86 Jun 7, 2016

@ahmetalpbalkan See step #2. I'm (now) aware they are not compatible, hence why I'm concerned about the breakage. For some reason, I was thinking that docker-machine might be able to handle SSH tunneling for me, to connect to an ACS Docker Swarm cluster, but apparently I was wrong about that. Might be a good idea to have some detection logic in there to avoid breakage.

pcgeek86 commented Jun 7, 2016

@ahmetalpbalkan See step #2. I'm (now) aware they are not compatible, hence why I'm concerned about the breakage. For some reason, I was thinking that docker-machine might be able to handle SSH tunneling for me, to connect to an ACS Docker Swarm cluster, but apparently I was wrong about that. Might be a good idea to have some detection logic in there to avoid breakage.

@ahmetb

This comment has been minimized.

Show comment
Hide comment
@ahmetb

ahmetb Jun 7, 2016

Contributor

@pcgeek86

See step #2.

yes I need the full command :)

Might be a good idea to have some detection logic in there to avoid breakage.

Not really. I don't see enough reasons to add ACS checks to docker-machine. This is more like a docs/UX issue from ACS side if the experience did not make it clear enough to how to connect to the cluster.

docker-machine is the sole manager of the Docker Engien credentials of the machines it manages. Importing an existing VM to docker-machine will regenerate certs and replace the docker-engine configuration with what docker-machine wants to have.

Contributor

ahmetb commented Jun 7, 2016

@pcgeek86

See step #2.

yes I need the full command :)

Might be a good idea to have some detection logic in there to avoid breakage.

Not really. I don't see enough reasons to add ACS checks to docker-machine. This is more like a docs/UX issue from ACS side if the experience did not make it clear enough to how to connect to the cluster.

docker-machine is the sole manager of the Docker Engien credentials of the machines it manages. Importing an existing VM to docker-machine will regenerate certs and replace the docker-engine configuration with what docker-machine wants to have.

@pcgeek86

This comment has been minimized.

Show comment
Hide comment
@pcgeek86

pcgeek86 Jun 7, 2016

@ahmetalpbalkan

  1. I used the generic driver to connect to it, with standard options (key file, SSH port, SSH host, etc.)
  2. I wasn't talking about ACS-specific checks, actually. I was proposing having the generic driver check to see if Docker Engine or Docker Swarm is installed on the target host, before trying to install the Docker Engine on it, breaking its pre-existing configuration. Does that make sense?

pcgeek86 commented Jun 7, 2016

@ahmetalpbalkan

  1. I used the generic driver to connect to it, with standard options (key file, SSH port, SSH host, etc.)
  2. I wasn't talking about ACS-specific checks, actually. I was proposing having the generic driver check to see if Docker Engine or Docker Swarm is installed on the target host, before trying to install the Docker Engine on it, breaking its pre-existing configuration. Does that make sense?
@ahmetb

This comment has been minimized.

Show comment
Hide comment
@ahmetb

ahmetb Jun 7, 2016

Contributor

@pcgeek86 Oh, you used the generic driver.

I guess in that case the discussion should be whether the generic driver should prompt the user before it nukes all the existing docker-engine configuration and certs ––but that's kind of the point of the generic driver.

I don't think this question is about Azure or Azure Container Service. I will let the maintainers decide whether such a check should be implemented.

Contributor

ahmetb commented Jun 7, 2016

@pcgeek86 Oh, you used the generic driver.

I guess in that case the discussion should be whether the generic driver should prompt the user before it nukes all the existing docker-engine configuration and certs ––but that's kind of the point of the generic driver.

I don't think this question is about Azure or Azure Container Service. I will let the maintainers decide whether such a check should be implemented.

@pcgeek86

This comment has been minimized.

Show comment
Hide comment
@pcgeek86

pcgeek86 Jun 7, 2016

"should prompt the user before it nukes all the existing docker-engine configuration and certs ––but that's kind of the point of the generic driver." <-- exactly

You're right, it's not about Azure specifically, but ACS is certainly included, since it hosts container orchestration engines.

pcgeek86 commented Jun 7, 2016

"should prompt the user before it nukes all the existing docker-engine configuration and certs ––but that's kind of the point of the generic driver." <-- exactly

You're right, it's not about Azure specifically, but ACS is certainly included, since it hosts container orchestration engines.

@ahmetb

This comment has been minimized.

Show comment
Hide comment
@ahmetb

ahmetb Aug 15, 2016

Contributor

@pcgeek86 it looks like the issue is not getting much attention. I suggest closing (or changing title).

Contributor

ahmetb commented Aug 15, 2016

@pcgeek86 it looks like the issue is not getting much attention. I suggest closing (or changing title).

@pcgeek86

This comment has been minimized.

Show comment
Hide comment
@pcgeek86

pcgeek86 Aug 15, 2016

@ahmetalpbalkan What would you change the title to, and why? Agreed it's not getting much attention, but I think it should remain open.

pcgeek86 commented Aug 15, 2016

@ahmetalpbalkan What would you change the title to, and why? Agreed it's not getting much attention, but I think it should remain open.

@ahmetb

This comment has been minimized.

Show comment
Hide comment
@ahmetb

ahmetb Aug 15, 2016

Contributor

@pcgeek86 ah sorry please ignore, I thought title says "Azure".

Contributor

ahmetb commented Aug 15, 2016

@pcgeek86 ah sorry please ignore, I thought title says "Azure".

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment