IT Area: Docker LA

docker node inspect --pretty NODEID

docker node demote NID

CheatSheet

https://www.docker.com/sites/default/files/Docker_CheatSheet_08.09.2016_0.pdf

docker commit -m "COMMENTs" -a "author" nasty_girl tcox/ubusshd:v1

DockerFile

#Custom Ubuntu image with SSH installed

FROM ubuntu:xenial

MAINTAINER ryanblack <ryanblack@inbox.ru>

RUN apt-get update

RUN apt-get install -y telnet openssh-server

Ports

docker run -d -p 8080:80 nginx:latest

Pun an image, run container, find IPAddr:

=========================================

docker pull httpd

docker container run -d --name testweb httpd

docker container inspect NAME |grep IPAddr

elinks http://172.17.0.2

example:

docker container inspect testweb |grep IPAddr

"SecondaryIPAddresses": null,

"IPAddress": "172.17.0.2",

List of running containers

==========================

docker ps

Init SWARM

==========

docker swarm init --advertise-addr 192.168.3.110

**********************

[root@ans0 ~]# docker swarm init --advertise-addr 192.168.3.110

Swarm initialized: current node (qkfcuzlwb7pnrdq1wqw77d0kp) is now a manager.

To add a worker to this swarm, run the following command:

docker swarm join --token SWMTKN-1-128qgf4kvbf7vflcphlbxdzok0ighezuwmfvonlyn2kyjpk5yr-4nvlww1vupx9pl2yuehtvm6k2 192.168.3.110:2377

To add a manager to this swarm, run 'docker swarm join-token manager' and follow the instructions.

**********************

Redisplay Swarm TOKENs

=====================

[root@ans0 ~]# docker swarm join-token worker

To add a worker to this swarm, run the following command:

docker swarm join --token SWMTKN-1-4ijxle2rxyc70ss14lgnfgwil0hmf6o7d3azzwzxoivp9im61x-ba1vfxkshjnkxe9yquxekpmah 192.168.3.110:2377

0b6feu2sqluvdhdfz3ot28kxn - worker

[root@ans0 ~]# docker swarm join-token manager

To add a manager to this swarm, run the following command:

docker swarm join --token SWMTKN-1-4ijxle2rxyc70ss14lgnfgwil0hmf6o7d3azzwzxoivp9im61x-dir4fo1e28f37o9200obra797 192.168.3.110:2377

3atxeqjoke20gdzdof60zweyx - manager

List Swarm Nodes

================

[root@ans0 ~]# docker node ls

ID HOSTNAME STATUS AVAILABILITY MANAGER STATUS ENGINE VERSION

qkfcuzlwb7pnrdq1wqw77d0kp * ans0.kuchuk.net Ready Active Leader 18.09.2

Swarm Info

==========

docker system info | more

Create a Service

================

docker service create --name bkupweb --publish 80:80 --replicas 2 httpd

List Services

=============

[root@ans0 ~]# docker service ls

ID NAME MODE REPLICAS IMAGE PORTS

j682c1hbjb6w bkupweb replicated 2/2 httpd:latest *:80->80/tcp

List Running Service Details

============================

[root@ans0 ~]# docker service ps bkupweb

ID NAME IMAGE NODE DESIRED STATE CURRENT STATE ERROR PORTS

odfufx2p1e0n bkupweb.1 httpd:latest ans2.kuchuk.net Running Running 2 minutes ago

n83crx3wod6w bkupweb.2 httpd:latest ans1.kuchuk.net Running Running 2 minutes ago

SetUP UCP and DTR

=================

UCP - Universal Control Plane

DTR - Docker Trusted Repository

UCP Install

docker container run --rm -it --name ucp -v /var/run/docker.sock:/var/run/docker.sock docker/ucp install --host-address 192.168.3.110 --interactive

DTR Install

docker run -it --rm docker/dtr install --ucp-node NAME-of-the-SERVER,cin --ucp-username admin --ucp-url https://DNSNAME.com --ucp-insecure-tls

Working with Images

===================

list images with long tokens

docker images --digests

docker images --no-trunc

filter

docker images --filter "before=centos:6"

quiet

docker images -q

Search image

============

docker search -f stars=50 -f is-official=true apache

top 10

docker search --limit 10 apache

Tag and IMAGE

=============

docker tag centos:latest mycentos:v1

Manage Images

=============

list the list of image commands

#docker image

remove image

docker rm ImageName

docker rmi ImageName

Inspect image

=============

docker image inspect centos --format '{{.ContainerConfig.Hostname}}'

docker image inspect centos --format '{{.RepoTags}}'

Running Containers

#docker ps

Run a Container

docker run -it centos:latest

Run a Containter with a name and specific command

docker run -it --name OS1 centos:latest /bin/bash

Remove containter with name OS1

docker rm OS1

Remove multiple containers

docker rm `docker ps -a -q`

Remove containter after it is stoped

docker run -it --name OS1 -rm centos:latest /bin/bash

Send a variable into the container

docker run -it --name OS1 -rm --env MYVAR=whatever centos:latest /bin/bash

Run a Containter in Detached mode

docker run -d --name webserver httpd:latest

Connect to a Container that is already running

docker exec -it goofy_hugle /bin/bash

BUILD DOCKER FILE

===================

1 вариант

mkdir DockerFiles

cd Dockerfiles

vi Dockerfile

# This is a small test Dockerfile

FROM centos:latest

LABEL maintainer="admin@pdlx.ru"

RUN yum -y update

docker build -t customimage:v1 .

2 Вариант

docker build -t customubuntu:v1 -f Dockerfile2

3 Вариант

docker build --pull --no-cache -t optimized:v1 -f Dockerfile2

DOCKER FILE

===========

#Comments

FROM centos:6

LABEL maintainer="latest@pdlx.ru"

RUN yum update -y && yum install httpd net-tools

RUN mkdir -p /run/httpd

RUN rm -rf /run/http/* /tmp/http*

CMD echo "Remember to check your container IP Address"

ENV ENVIRONMENT="production"

EXPOSE 80

ENTRYPOINT apachectl ".DFOREGROUND"

Build containter

docker build -t mywebserver:v1 .

Run created container

docker run -d --name testweb --rm mywebserver:v1

Another DockerFile

==================

#Comments

ARG TAGVERSION=6

FROM centos:${TAGVERSION}

LABEL maintainer="latest@pdlx.ru"

RUN yum -y update && yum -y install httpd net-tools && \

mkdir -p /run/httpd && \

rm -rf /run/http/* /tmp/http*

COPY index.html /var/www/html/

CMD echo "Remember to check your container IP Address"

ENV ENVIRONMENT="production"

VOLUME /mymount

EXPOSE 80

ENTRYPOINT apachectl ".DFOREGROUND"

History of an image

===================

docker history mywebserver:v3 --no-trunc

docker image history mywebserver:v3

DOCKER REGISTRY

===============

[root@ans0 ~]# mkdir certs

[root@ans0 ~]# mkdir auth

[root@ans0 ~]# yum -y install openssl

47 openssl req -newkey rsa:4096 -nodes -sha256 -keyout certs/dockerrepo.key -x509 -days 365 -out certs/dockerrepo.crt -subj /CN=myregistry.com

48 ifconfig

49 vi /etc/hosts

54 mkdir -p /etc/docker/cert.d/myregistry.com:5000

55 cd /etc/docker/cert.d/myregistry.com\:5000/

57 cp /root/certs/dockerrepo.crt ca.crt

58 docker pull registry:2

59 docker images

61 docker run --entrypoint htpasswd registry:2 -Bbn test password > /root/auth/htpasswd

62 cat /root/auth/htpasswd

Start Repository

=================

docker run -d -p 5000:5000 -v /root/certs:/certs/ -e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/dockerrepo.crt -e REGISTRY_HTTP_TLS_KEY=/certs/dockerrepo.key -v /root/auth:/auth/ -e REGISTRY_AUTH=htpasswd -e REGISTRY_AUTH_HTPASSWD_REALM="Registry Realm" -e REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd registry:2

e6344aab68001a476ec0e6155b84d1f2ea7531a557a577f7947cb783e6d94758

docker login myregistry.com:5000/mybusybox

docker tag busybox myregistry.com:5000/mybusybox

docker pull myrepository.com:5000/mybusybox

Managing Images in you private Repository

=========================================

curl --insecure -u "test:password" https://myregistry.com:5000/v2/_catalog

wget --no-check-certificate --http-user=test --http-password=password https://myregistry.com:5000/v2/_catalog

cat _catalog.1

Container Lifecicles - Setting the Restart Policies

===================================================

Always restart container

docker container run -d --name testweb --restart always httpd

Unless-Stopped

docker container run -d --name testweb --restart unless-stopped httpd

ORCHESTRATION

===============

Lock, Unlock the Cluster

========================

docker swarm init --auto-lock

update the cluster - set to autolock

====================================

docker swarm update --autolock =true

rotate the key

==============

docker swarm unlock-key --rotate

RUNNING SERVICES

================

docker service create --name testweb -p 80:80 httpd

docker service ls

docker service ps testweb

Scale

=====

docker service update --replicas 3 testweb

docker service scale --detach=false testnginx=3

docker service scale --detach=false testnginx=4 testweb=5

Test and Ferify

===============

docker service update --replicas 10 --detach=false testweb

docker service update --limit-cpu=0,5 --reserve-cpu=.75 --limit-memmory=128m --reserve-memory=256m testweb

RUNNING in GLOBAL

=================

docker service create --name testnginx2 -p 8080:8080 --mode global --detach=false nginx

Templase with docker service create

===================================

docker service create --name myweb --hostname="{{.Node.ID}}-{{.Service.Name}}" --detach=false httpd

docker service ps --no-trunc myweb

ID NAME IMAGE NODE DESIRED STATE CURRENT STATE ERROR PORTS

2c7hgetxrnsc4wtc39f98lsdg myweb.1 httpd:latest@sha256:5e7992fcdaa214d5e88c4dfde274befe60d5d5b232717862856012bf5ce31086 ans1.kuchuk.net Running Running 12 seconds ago

Inspect a node

==============

docker node ls

ID HOSTNAME STATUS AVAILABILITY MANAGER STATUS ENGINE VERSION

xi3adgj0tcy1y3d4finllrpbs * ans0.kuchuk.net Ready Active Leader 18.09.2

n9r838w25qs29v3lr97n4naeo ans1.kuchuk.net Ready Active 18.09.2

mzoit1vxtfxju0s2flvi01hoj ans2.kuchuk.net Ready Active 18.09.2

docker node inspect --pretty n9r838w25qs29v3lr97n4naeo

Adding Labels

=============

docker node ls

ID HOSTNAME STATUS AVAILABILITY MANAGER STATUS ENGINE VERSION

xi3adgj0tcy1y3d4finllrpbs * ans0.kuchuk.net Ready Active Leader 18.09.2

n9r838w25qs29v3lr97n4naeo ans1.kuchuk.net Ready Active 18.09.2

mzoit1vxtfxju0s2flvi01hoj ans2.kuchuk.net Ready Active 18.09.2

docker node update --label-add mynode=testnode mzoit1vxtfxju0s2flvi01hoj

docker node inspect --pretty mzoit1vxtfxju0s2flvi01hoj | more

ID: mzoit1vxtfxju0s2flvi01hoj

Labels:

- mynode=testnode <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<--------------------!!!!!

Hostname: ans2.kuchuk.net

Joined at: 2019-02-25 02:18:07.945699012 +0000 utc

Status:

State: Ready

Availability: Active

ERROR (couldn't start the service with label)

[root@ans0 Dockerfiles]# docker service create --name constraints -p 8080:8080 --constraint 'node.lables.mynode == testnode' --replicas 3 httpd

rrsdaapg3jrzmdhiiqhkj9x85

overall progress: 0 out of 3 tasks

1/3: no suitable node (scheduling constraints not satisfied on 3 nodes)

2/3: no suitable node (scheduling constraints not satisfied on 3 nodes)

3/3: no suitable node (scheduling constraints not satisfied on 3 nodes)

Docker Compose

==============

yum install epel-release

yum -y install python-pip

pip install --upgrade-pip

pip install docker-compose

[root@ans0 Dockerfiles]# vi Dockerfile

#simple webserver

FROM centos:latest

LABEL maintainer="admin@pdlx.ru"

RUN yum install -y httpd && \

echo "Our Containter Website" >> /var/www/html/index.html

EXPOSE 80

docker build -t myhttpd:v1 .

docker run -d --name testweb -p 80:80 myhttpd:v1

vi docker-compose.yml

version: '3'

services:

apiweb1:

image: myhttpd:v1

build: .

ports:

- "81:81"

apiweb2:

image: myhttpd:v1

ports:

- "82:80"

load-balancer:

image: nginx:latest

ports:

- "80:80"

version: '3'

services:

ghost:

image: ghost:latest

restart: always

depends_on:

- db

environment:

url: https://kidsdreamevent.com

database__client: mysql

database__connection__host: db

database__connection__user: root

database__connection__password: bp24os35if

database__connection__database: ghost

volumes:

- /opt/ghost_content:/var/lib/ghost/content

db:

image: mysql:5.7

restart: always

environment:

MYSQL_ROOT_PASSWORD: bp24os35if

volumes:

- /opt/ghost_mysql:/var/lib/mysql

docker-compose up -d

--------------------

Creating dockerfiles_apiweb1_1 ... done

Creating dockerfiles_apiweb2_1 ... done

Creating dockerfiles_load-balancer_1 ... done

[root@ans0 Dockerfiles]# docker-compose ps

Name Command State Ports

-------------------------------------------------------------------------------------------------

dockerfiles_apiweb1_1 /bin/sh -c apachectl -DFOR ... Up 80/tcp, 0.0.0.0:81->81/tcp

dockerfiles_apiweb2_1 /bin/sh -c apachectl -DFOR ... Up 0.0.0.0:82->80/tcp

dockerfiles_load-balancer_1 nginx -g daemon off; Up 0.0.0.0:80->80/tcp

docker-compose down --volumes

Deploy Docker-Compose to SWARM

==============================

docker stack deploy --compose-file docker-compose.yml mycustomstack

docker service ls

Grab infor from Inspect JSON output

===================================

docker container inspect --format="{{.State.Paused}}" testweb

docker container inspect --format="{{json .State}}" testweb

TroubleShooing Services

=======================

docker node ls

docker service ps

docker service inspect

docker ps

===================

STORAGE

===================

docker volume create mymount

docker volume inspect mymount |more

docker service create --name volweb -p 80:80 --mount source=mymount,target=/internal-mount -d=false --replicals 3 nginx

docker ps

docker exec -it b1c75dadacc6 /bin/bash

Lab1

======

docker volume create http-files

96 docker volume ls

97 docker volume inspect http-files

99 vi /var/lib/docker/volumes/http-files/_data/index.html

100 cat /var/lib/docker/volumes/http-files/_data/index.html

101 docker container run -d --name testweb --mount source=http-files,target=/usr/local/apache2/htdocs httpd

102 docker ps

103 docker inspect testweb |grep IPAddr

104 ping 172.17.0.2

107 elinks http://172.17.0.2

111 docker exec -it c2663147afbc /bin/bash

112 docker ps

113 elinks http://172.17.0.2

Lab2

MOUNT ON LOCAL SHARE

====================

docker run -d --name tesetweb -p 80:80 --mount type=bind,source=/root/httpfiles,target=/usr/local/apache2/htdocs httpd

GET Data INSPECT from JSON

==========================

docker inspect nginxtest --format={{.NetworkSettings.IPAddress}}

============

NETWORKING

============

Create Bridge NETWORK

=====================

docker network create --driver=bridge --subnet=192.168.0.1/24 --opt "com.docker.network.driver.mtu"="1501" devel0

docekr network ls

Change the network for a container

==================================

docker network connect --ip=192.168.0.115 devel0 testnweb

External DNS

============

docker run -d -name webserver --dns=8.8.8.8 --dns=4.2.2.2 nginx

PermanentDNS for new containers:

================================

vi /etc/docker/docker.json

{

"dns": ["8.8.8.8","8.8.4.4"]

}

Create a Network

=======================================

docker network create --driver=overlay --subnet=192.168.10.0/24 overlay0

Deploy a Service with a Network option

======================================

docker service create --name web1 -p 80:80 --network=overlay0 --replicas 2 nginx

Logging

===========

System

cat /var/log/messages | grep [dD]ocker

Container

docker container logs

Service

docker service logs ServiceName

IT Area

среда, 24 апреля 2019 г.

Docker LA

Комментариев нет:

Отправить комментарий

среда, 24 апреля 2019 г.

Docker LA

Комментариев нет:

Отправить комментарий

среда, 24 апреля 2019 г.