Telepresence with Docker Golden Path

Why?

It can be tedious to adopt Telepresence across your organization, since in its handiest form, it requires admin access, and needs to get along with any exotic networking setup that your company may have.

If Docker is already approved in your organization, this Golden path should be considered.

How?

When using Telepresence in Docker mode, users can eliminate the need for admin access on their machines, address several networking challenges, and forego the need for third-party applications to enable volume mounts.

You can simply add the docker flag to any Telepresence command, and it will start your daemon in a container. Thus removing the need for root access, making it easier to adopt as an organization

Let's illustrate with a quick demo, assuming a default Kubernetes context named default, and a simple HTTP service:

This method limits the scope of the potential networking issues since everything stays inside Docker. The Telepresence daemon can be found under the name tp-<your-context> when listing your containers.

Start an intercept:

Start your intercept handler (interceptor) by targeting the daemon container --network=container:tp-<your-context>, and open the preview URL to see the traffic routed to your machine.

It's essential to ensure that users also open the debugging port on their container to allow them to attach their local debugger from their IDE.

Key learnings

• Using the Docker mode of telepresence do not require root access, and make it easier to adopt it across your organization.
• It limits the potential networking issues you can encounter.
• It leverages Docker for your interceptor.