docker-authz-plugin's Introduction

docker-authz-plugin

Docker Authz Plugin template

This is a template project to for creating an access authorization plugin for the Docker Engine.

Note this plugin does exactly nothing. It's just an empty template.

Why?

Plugins were introduced in the Docker Engine in 1.10, as a v1 implementation (legacy plugins), and further extended in 1.13, as a v2 implementation (managed plugins).

Because I needed to create a very basicy authz plugin from scratch but I had found many different (and complex) ways to do that so I decided to create a very simple and reusable template.

Goals

To be useful for creating managed plugins
To use the docker's go-plugins-helpers library
To use Go modules

Non-goals

To implement a legacy plugin
To implement other type of plugins
To implement any specific logic

Usage

First, prepare your project:

Click on the green "Use this template" button above
Rename any occurence of leogr/docker-authz-plugin as you need
Edit plugin.go implemeting your plugin logic

Then create and install your plugin:

make create builds the plugin and add it to your local Docker
make enable tells Docker to enable the plugin

If you want to to use a remote registry, use docker plugin push and docker plugin install instead of make enable

With the plugin installed and enabled, the Docker daemon needs to be configured to make use of the plugin. This can be done by editing the daemon's configuration file (eg. /etc/docker/daemon.json):

{
    "authorization-plugins": ["leogr/docker-authz-plugin:dev"]
}

Please, use your plugin name if you had renamed it.

Finally, you need to restart the daemon.

If you're using systemctl just run:

$ systemctl restart docker.service

Otherwise, a rude alternative is:

$ sudo kill -HUP $(pidof dockerd)

Enjoy!

docker-authz-plugin's People

Contributors

Stargazers

Watchers

docker-authz-plugin's Issues

Plugin does not install

Hi,

Thanks for this repo, it has been very helpful in making plugins a bit easier to understand! Unfortunately, the plugin does not seem to install as expected. I followed the readme, and everything went as expected until the step make install. I get the following error message:

$ make install
docker plugin install stuartthomson/docker-authz-plugin:dev
Error response from daemon: pull access denied for stuartthomson/docker-authz-plugin, repository does not exist or may require 'docker login': denied: requested access to 
the resource is denied
make: *** [Makefile:31: install] Error 1

The plugin does seem to be created correctly:

$ docker plugin ls
ID                  NAME                                    DESCRIPTION                       ENABLED
1c20ec293825        stuartthomson/docker-authz-plugin:dev   Authorization plugin for Docker   false
17e84a36c7a5        vieux/sshfs:latest                      sshFS plugin for Docker           true

Have you got any idea why this might be happening? I'm running this on Windows 10, Docker version 19.03.8, build afacb8b

Thanks!

Logging

If I place some logging into the authorization functions I cannot find anything in the docker logs does anyone know how?

for example:

func (p *plugin) AuthZRes(req authorization.Request) authorization.Response {
	fmt.Printf("***** Received AuthZRes %+v\n", req)
	return authorization.Response{Allow: true}
}

Following how to access logs in https://docs.docker.com/docker-for-mac/troubleshoot/ I can see all sorts of events regarding container startup but nothing that I have added to the plugin

Recommend Projects

leogr / docker-authz-plugin Goto Github PK

docker-authz-plugin's Introduction

docker-authz-plugin

Why?

Goals

Non-goals

Usage

docker-authz-plugin's People

Contributors

Stargazers

Watchers

Forkers

docker-authz-plugin's Issues

Plugin does not install

Logging

Recommend Projects

React

Vue.js

Typescript

TensorFlow

Django

Laravel

D3

Recommend Topics

javascript

web

server

Machine learning

Visualization

Game

Recommend Org

Facebook

Microsoft

Google

Alibaba

D3

Tencent