4

I am starting a local docker container as an environment to run my applications and I use CLion's remote host capabilities to manage the toolchain. My applications communicate on a specific network interface across various ports and ip addresses.

In a perfect world I would be able to run my applications locally and then also start one in a docker container through CLion and communicate with the locally running apps.

I know I can start a docker container with --network=host but that seems to remove the ability to SSH into a docker container which is a prerequisite to using CLion and docker. Is there a way to maintain both? Use the host network but also enable ssh'ing into the docker container?

Snippet from my Dockerfile that configures the SSH agent

########################################################
# Remote debugging and login in
########################################################

RUN mkdir /var/run/sshd
RUN echo 'root:root' | chpasswd
RUN sed -i 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config

# SSH login fix. Otherwise user is kicked off after login
RUN sed 's@session\s*required\s*pam_loginuid.so@session optional pam_loginuid.so@g' -i /etc/pam.d/sshd

ENV NOTVISIBLE "in users profile"
RUN echo "export VISIBLE=now" >> /etc/profile

# 22 for ssh server. 7777 for gdb server.
EXPOSE 22 7777

RUN useradd -ms /bin/bash debugger
RUN echo 'debugger:pwd' | chpasswd

CMD ["/usr/sbin/sshd", "-D"]

UPDATE: With CLion 2021.3 you no longer need to ssh into your docker container. It is now supported as its own toolchain type https://blog.jetbrains.com/clion/2021/10/clion-2021-3-eap-new-docker-toolchain/#new_docker_toolchain

Maspe36
  • 356
  • 5
  • 12
  • What do you mean by "SSH into a container"? did you install SSH agent on your container or do you refer to `docker exec` command as a way to gain access to it? – Arik Jun 16 '20 at 21:30
  • Yup, per CLion's documentation this is how you integrate the two tools. https://blog.jetbrains.com/clion/2020/01/using-docker-with-clion/#using-the-remote-development-workflow-with-docker I updated my question with the section of my Dockerfile that installs and configures the SSH agent. – Maspe36 Jun 16 '20 at 22:20

1 Answers1

4

Using --network=host means that your container will use the hosting machine's port 22 and if the machine already runs a process that uses port 22, the SSH Agent will fail.

To confirm, you can look at the agent's log files.

You can configure the SSH Agent to run on a different port than 22 (e.g., 2233), thus avoiding the port collision. In your Dockerfile add the following line:

RUN sed -i 's/\(^Port\)/#\1/' /etc/ssh/sshd_config && echo Port 2233 >> /etc/ssh/sshd_config

Then configure CLion to connect to the container using the alternative port.

Arik
  • 5,266
  • 1
  • 27
  • 26
  • Thanks! This works for SSH'ing into the container with the host network. Unfortunately I'm still having issues communicating with the applications but that's outside the scope of this question – Maspe36 Jun 17 '20 at 12:03