TLDR
SSH into a remote machine from within a Docker container using a reproducible approach. Steps:
- Create a Dockerfile with SSH installed
- Build the Docker image and run the container
- Mount the local
~/.ssh
directory to the container - Execute SSH commands within the Docker container to access the remote machine
FROM ubuntu:20.04
WORKDIR /app
RUN apt update && \
apt install -y --no-install-recommends \
ssh
ENTRYPOINT ["ssh", "<remote-username>@<remote-hostname>"]
Terminal commands:
# Build the Docker image
docker build -t sshtest .
# Run the container
docker run --rm -it --network host -v $HOME/.ssh:/root/.ssh:ro sshtest
Motivation
As a developer looking to deploy projects on remote machines using Ansible, you may encounter limitations when running Ansible on a Windows host natively. To overcome this challenge, having a reliable method to connect to a remote machine via SSH from within a Docker container becomes invaluable. By configuring the Docker container with the necessary access rights and SSH keys, you can seamlessly execute Ansible commands and ensure a reproducible deployment process.
Prerequisites
To follow this tutorial, you’ll need:
- Docker
- PowerShell 7
- Access to a remote server via SSH, with your public key added to
~/.ssh/authorized_keys
on the remote machine - SSH keys located in
~/.ssh
on your local machine, which will be mounted when invokingdocker run
Tutorial
Create a Dockerfile
with the following content:
FROM ubuntu:20.04
WORKDIR /app
RUN apt update && \
apt install -y --no-install-recommends \
ssh
ENTRYPOINT ["ssh", "<remote-username>@<remote-hostname>"]
Now, build the image and run it with the following commands:
# Build the Docker image
docker build -t sshtest .
# Run the container
docker run --rm -it --network host -v $home/.ssh:/root/.ssh:ro sshtest
Explanation of Docker command options:
--rm
: Automatically remove the container when it exits-it
: Allocate a pseudo-TTY and keep STDIN open, enabling interactive terminal access--network host
: Use the host network stack inside the container for direct access to the remote machine-v $home/.ssh:/root/.ssh:ro
: Mount the~/.ssh
directory from your local machine to/root/.ssh
in the container as read-only, providing access to the SSH keys
A Note of Caution
It is crucial not to include the ~/.ssh
directory in the Docker image itself to avoid potential security risks. Instead, mount the directory as read-only when running the Docker container.
Conclusion
In this tutorial, we have explored a comprehensive approach to SSH into a remote machine from within a Docker container. By leveraging Docker, PowerShell, and SSH, you can overcome the limitations of running Ansible on a Windows host natively. By following the steps outlined in this article, you have learned how to configure a Docker container with the necessary access rights and SSH keys, enabling seamless execution of Ansible commands. This reproducible method simplifies the deployment process and ensures consistency across environments.