Back Home
apt install docker.io
Starting the Docker daemon
$ sudo systemctl start docker If we want Docker to start at boot, we should also: $ sudo systemctl enable docker
Add users to the docker group
$ sudo usermod -G docker <username> Done!
Note: for some reason I had link the device mapper library to get docker to work
sudo ln -s /lib64/libdevmapper.so.1.02 /lib64/libdevmapper.so.1.03
[arun@localhost ~]$ sudo docker info 2014/12/22 11:19:38 Get http:///var/run/docker.sock/v1.15/info: dial unix /var/run/docker.sock: no such file or directory
Debugging revealed that Docker daemon was not running on this VM. It can be easily started as:
sudo systemctl start docker
And then enable it to start automatically with every restart of the VM as:
sudo systemctl enable docker
attach Attach to a running container
build Build an image from a Dockerfile
commit Create a new image from a container's changes
cp Copy files/folders from a container's filesystem to the host path
create Create a new container
diff Inspect changes on a container's filesystem
events Get real time events from the server
exec Run a command in a running container
export Stream the contents of a container as a tar archive
history Show the history of an image
images List images
import Create a new filesystem image from the contents of a tarball
info Display system-wide information
inspect Return low-level information on a container or image
kill Kill a running container
load Load an image from a tar archive
login Register or log in to a Docker registry server
logout Log out from a Docker registry server
logs Fetch the logs of a container
port Lookup the public-facing port that is NAT-ed to PRIVATE_PORT
pause Pause all processes within a container
ps List containers
pull Pull an image or a repository from a Docker registry server
push Push an image or a repository to a Docker registry server
rename Rename an existing container
restart Restart a running container
rm Remove one or more containers
rmi Remove one or more images
run Run a command in a new container
save Save an image to a tar archive
search Search for an image on the Docker Hub
start Start a stopped container
stats Display a live stream of one or more containers' resource usage statistics
stop Stop a running container
tag Tag an image into a repository
top Lookup the running processes of a container
unpause Unpause a paused container
version Show the Docker version information
wait Block until a container stops, then print its exit code
Docker Containers vs Virtualization
| Virtual Machines (VMs) | Containers |
|---|---|
| Represents hardware-level virtualization | Represents operating system virtualization |
| Heavyweight | Lightweight |
| Slow provisioning | Real-time provisioning and scalability |
| Limited performance | Native performance |
| Fully isolated and hence more secure | Process-level isolation and hence less secure |
Overview commands
docker version - provides the basic version command docker info - provides a more detailed info including storage drives
Search for docker images against the default catalog at docker hub https://hub.docker.com/
docker search <image name>
For example docker search nginx
docker pull
docker run
Note: Google Container Registry and recommend using it instead of google/docker-registry. Google Container Registry is a private Docker registry running on Google Cloud Storage.
Portainer(formerly UI for Docker) is a free open-source web application that runs as a container itself. You can install and start it with:
docker run -d -p 9000:9000 -v /var/run/docker.sock:/var/run/docker.sock portainer/portainer
The -v flag isn’t mentioned by default, but you will need it to manage any local Docker containers. After creating a password and selecting the Docker instance to manage, you’re up and running
There is a opensource application that solves this issue, it's called DNS Proxy Server
It's a DNS server that solves containers hostnames, if could not found a hostname that matches then solve it from internet as well
Start the DNS Server
$ docker run --hostname dns.mageddo --name dns-proxy-server -p 5380:5380 \ -v /var/run/docker.sock:/var/run/docker.sock \ -v /etc/resolv.conf:/etc/resolv.conf \ defreitas/dns-proxy-server
It will set as your default DNS automatically (and recover to the original when stops)
Start your container for test
docker-compose up docker-compose.yml
version: '2'
services:
redis:
container_name: redis
image: redis:2.8
hostname: redis.dev.intranet
network_mode: bridge # that way he can solve others containers names even inside, solve elasticsearch, for example
elasticsearch:
container_name: elasticsearch
image: elasticsearch:2.2
hostname: elasticsearch.dev.intranet
Now solve your containers hostnames from host
$ nslookup redis.dev.intranet Server: 172.17.0.2 Address: 172.17.0.2#53 Non-authoritative answer: Name: redis.dev.intranet Address: 172.21.0.3 from another container $ docker exec -it redis ping elasticsearch.dev.intranet PING elasticsearch.dev.intranet (172.21.0.2): 56 data bytes As well it solves internet hostnames $ nslookup google.com Server: 172.17.0.2 Address: 172.17.0.2#53 Non-authoritative answer: Name: google.com Address: 216.58.202.78
At Dockercon this summer Google's VP of Infrastructure at Google, Eric Brewer, announced Kubernetes, which provides a way to orchestrate a collection of Docker containers across a cluster of machines. It is essentially a scheduler, which means it handles running your containers and ensuring uptime, even in the event of losing machines.
We have seen rapid adoption and interest in Kubernetes that goes beyond the buzz around it being a Google cloud technology. There is a need for orchestration at the Operations level which Kubernetes addresses well. A manifest describing a collection of Docker images can be created and pushed into the cluster which automatically deploys and horizontally scales those containers. Kubernetes also provides a way to define a “service”, which can be consumed by other applications running in the cluster.
Hand-in-hand with Kubernetes, Eric Brewer also talked about containers and introduced the concept of “pods”. This is a key concept within Kubernetes. He said, “At Google we rarely deploy a single container.” Instead, they group containers together. For instance, an application process often has several side-car processes for logging and other tasks outside of the concern of the application itself.
One issue he noted with Docker containers is the need for constant mapping of internal and external ports - between what the process inside the Docker container sees and what the external world sees. This is an additional layer of complexity that needs to be managed, stored and queried - even between the containers of a pod that has been deployed as a single unit. Therefore, at Google, they ensure that every pod of containers has its own IP address. This means the ports used can be the same inside and outside of a container. The ports can be baked in at design or build time. This does away with the additional layer of complexity of managing port. Now, to find pods running a particular service, you only need the list of IP addresses of those pods.
Google Compute Engine is currently the only cloud infrastructure service that facilitates assigning an IP subnet to a virtual machine - and hence an IP to each Docker pod within it.
CoreOS, who are actively involved with Kubernetes, have attempted to solve this problem with something they call Flannel (previously named Rudder). Flannel provides an overlay network on-top of the provided network, which allows for assigning an IP subnet to each machine. There is a performance cost to doing this, but they hope that this will be engineered away as Flannel evolves.
Recently, Microsoft joined the Docker bandwagon, saying they intended to build a containerization solution for Windows and provide a Docker compatible API on-top of this. Although, Docker images will unlikely ever be portable between Linux and Windows containers, it does mean that the tooling being built above the Docker API layer will be usable across these operating systems.
Large enterprises are heavily invested in Windows, so this announcement is a major win for the IT departments wanting to steer their ship in the direction of Docker adoption.
Custom docker files can be specified in a Docker (no extension) file. To create a docker image from ubuntu with java do the following.
Create a folder (ubuntJava) with the following Docker file in it:
FROM ubuntu:16.04
MAINTAINER Richard Donovan, https://github.com/newgeekorder
RUN apt-get update && \
apt-get upgrade -y && \
apt-get install -y software-properties-common && \
add-apt-repository ppa:webupd8team/java -y && \
apt-get update && \
echo oracle-java7-installer shared/accepted-oracle-license-v1-1 select true | /usr/bin/debconf-set-selections && \
apt-get install -y oracle-java8-installer && \
apt-get clean
Then when inside the same directory build he docker file and we can optionally tag with -t
docker build -t ubuntu_java .
List the tagged docker images
docker images
that show show the ubuntu_java
and run the new image as normal
winpty docker run -it ubuntu_java bash
To list the running instances
docker ps
to connect to a running instance
docker exec -i -t 98ccf1fb2ebc bash
for windows consoles one needs to add winpty to the front of the command.
Rancher is a tool for managing docker instances .. it can be run as it's own docker instance
docker run -d --restart=unless-stopped -p 8080:8080 rancher/server
Add an ip key to local security
2. Adding a Host For linux/Ubuntu host it is (currently) required to
udo docker run --rm --privileged -v /var/run/docker.sock:/var/run/docker.sock -v /var/lib/rancher:/var/lib/rancher rancher/agent:v1.2.5 http://192.168.0.16:8080/v1/scripts/686421D9068F70315452:1483142400000:BmCMaiY3hETCs60GLh9UozwkDfU
* Nodejs rancher-cli
Windows git has a funny means to mount directories:
winpty docker run -p 9000:9000 -v //c/Users/rdono/dockerShare:/opt/mule/apps2 -it ubuntu_java_mule bash
using this for mule we can start mule with mule & and copy apps to the deploy directory
cp /opt/mule/apps2/testGradle.zip /opt/mule/apps