Docker Control Center is a lightweight Django web application allowing the user to control docker-compose projects as well as regular standalone docker containers.
It has built-in permissions to control who can view and execute different commands like start/stop/remove on projects or services.
Pull the image:
docker pull nanofab/control_center
Create a configuration folder where static files, settings, db and logs will be created.
For example /opt/control_center_config
, or C:\control_center_config
and use the path in the commands below.
If you have a docker-compose file, simply run:
docker run --detach --publish 8000:8000 --volume /var/run/docker.sock:/var/run/docker.sock --volume <path to your docker-compose.yml parent folder>:/control-center/compose/:ro --volume <path to your control center configuration folder>/:/control-center/config/ nanofab/control_center
If you don't have a docker-compose file, run:
docker run --detach --publish 8000:8000 --volume /var/run/docker.sock:/var/run/docker.sock --volume <path to your control center configuration folder>/:/control-center/config/ nanofab/control_center
Then run (to create the first admin user):
docker run --interactive --tty --volume <path to control center configuration folder>/:/control-center/config/ nanofab/control_center django-admin createsuperuser
access the application at http://localhost:8000/ and log in using the previously created credentials
Docker compose control center can be customized by adding parameters to the settings.py
file inside your control-center configuration directory.
If your host is a windows machine, add:
WINDOWS_HOST = True
If you are using anything else than localhost to access the application, add:
ALLOWED_HOSTS = ["<ip>", "<hostname>", ...]
If you are using a private docker registry, add:
PRIVATE_DOCKER_REPOSITORY = {
"available": True,
"username": "user",
"password": "pass",
"url": "registry.gitlab.com",
}
If you are using a custom project name (different from the default parent directory name), add:
COMPOSE_PROJECT = "<your-project-name>"
If you want to use docker-compose in compatibility mode, add:
COMPATIBILITY_MODE = True
From docker-compose documentation:
--compatibility If set, Compose will attempt to convert deploy
keys in v3 files to their non-Swarm equivalent
Pages can be set to auto refresh (if you are showing container statuses on an always-on display).
Simply add the number of seconds between refresh:
AUTO_REFRESH = "30"
Some titles can be customized by adding:
SITE_TITLE = "My Title"
LOGIN_TITLE = "My Login Page Title"
When using a docker-compose file, you can customize each service's logo and URL by providing a docker-compose.ini
config file next to your docker-compose.yml.
Here is an example of what it would look like (paths are relative to the config file location):
[nginx]
logo = media/nginx.png
[control-center]
logo = media/control-center.png
url = http://www.mysite.com/controlcenter
If you want to change the default SQLite Database, refer to the documentation on django's website.
The default authentication is done using username/password but its use is discouraged in production environments
You can authenticate via LDAP by setting the following:
AUTHENTICATION_BACKENDS = ["control_center.libs.authentication.backends.LDAPAuthenticationBackend"]
LDAP_SERVERS = [{
"url": "your.ldap.url",
"domain": "YOUR_DOMAIN",
"certificate": "<path to optional certificate>"
}]
This is not recommended for production environment unless behind a proxy like Nginx which would set the specific header
# The key part here is "control_center.libs.authentication.middleware.HTTPHeaderAuthenticationMiddleware"
MIDDLEWARE = [
"django.middleware.security.SecurityMiddleware",
"whitenoise.middleware.WhiteNoiseMiddleware",
"django.contrib.sessions.middleware.SessionMiddleware",
"django.middleware.common.CommonMiddleware",
"django.middleware.csrf.CsrfViewMiddleware",
"django.contrib.auth.middleware.AuthenticationMiddleware",
"control_center.libs.authentication.middleware.HTTPHeaderAuthenticationMiddleware",
"django.contrib.messages.middleware.MessageMiddleware",
"django.middleware.clickjacking.XFrameOptionsMiddleware",
]
AUTHENTICATION_BACKENDS = ["control_center.libs.authentication.backends.RemoteUserAuthenticationBackend"]
# optional, defaults to Authorization
# AUTHENTICATION_HEADER = "remote_user"
Another option is to use Nginx with kerberos module to authenticate and then set the following:
# The key part here is "control_center.libs.authentication.middleware.HTTPHeaderAuthenticationMiddleware"
MIDDLEWARE = [
"django.middleware.security.SecurityMiddleware",
"whitenoise.middleware.WhiteNoiseMiddleware",
"django.contrib.sessions.middleware.SessionMiddleware",
"django.middleware.common.CommonMiddleware",
"django.middleware.csrf.CsrfViewMiddleware",
"django.contrib.auth.middleware.AuthenticationMiddleware",
"control_center.libs.authentication.middleware.HTTPHeaderAuthenticationMiddleware",
"django.contrib.messages.middleware.MessageMiddleware",
"django.middleware.clickjacking.XFrameOptionsMiddleware",
]
AUTHENTICATION_BACKENDS = ['control_center.libs.authentication.backends.NginxKerberosAuthorizationHeaderAuthenticationBackend']
You can find all the application settings and their default values here: Default Settings
Any of those can be overridden in your settings.py file