March 21, 2023

Using What's Up Docker over Tailscale

Using What's Up Docker over Tailscale

So you've found What's Up Docker (WUD) and now want to see all your remote container notifications and automate or control their updates from one easy web interface using Tailscale.

This guide assumes you already have a running instance of WUD and use Tailscale. If you don't, see the quick start guides first:

Tailscale Quickstart:
https://tailscale.com/kb/1017/install/

WUD Quickstart:
https://fmartinou.github.io/whats-up-docker/#/quickstart/

I'm also assuming you have docker container(s) on at least one other remote host, otherwise, this won't be very useful to you :)

On the remote host(s), we need to allow the docker daemon to listen on the Unix socket and Tailscale interface, using the docker docs linked below.

Configure remote access for Docker daemon
Configuring remote access allows Docker to accept requests from remote hosts by configuring it to listen on an IP address and port as well as the Unix socket
Docker Documentation
  • Login to your remote host and run sudo systemctl edit docker.service to open an override file for the docker service in an editor of your choice.
  • Add or modify the following lines, substituting 100.64.0.0 for your hosts Tailscale interface IP.
[Service]
ExecStart=
ExecStart=/usr/bin/dockerd -H fd:// -H tcp://100.64.0.0:2375

NOTE: If you don't know this you can check your Tailscale console or run 

ip a | grep tailscale
  • Now we can reload the systemctl config and restart the docker service.
sudo systemctl daemon-reload
sudo systemctl restart docker.service
  • The next job is to make sure that WUD can reach our docker service by checking the firewall allows this communication.
    (Replace 100.64.0.1 with your WUD host Tailscale IP)
sudo ufw allow from 100.64.0.1 proto tcp to any port 2375

If you have multiple hosts, just repeat the steps above for each host, or define this in a configuration management system like Ansible !

Now that WUD can reach our host(s), we need to add the remote watchers to the WUD definition file back on the WUD host. I'm using docker-compose here:

version: '3'

services:
  whatsupdocker:
    image: fmartinou/whats-up-docker
    container_name: wud
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
    ports:
      - 3000:3000
    environment:
      -  WUD_WATCHER_LOCAL_SOCKET=/var/run/docker.sock
      -  WUD_WATCHER_NURGLE_HOST=100.99.3.127
      -  WUD_WATCHER_AMPERE_HOST=100.99.1.44

You need to leave the local socket entry. Just replace my hosts with yours and fire up WUD again and you'll have all your containers on each host, along with any available updates now showing.