docker node
inspect --pretty NODEID
docker node
demote NID
CheatSheet
https://www.docker.com/sites/default/files/Docker_CheatSheet_08.09.2016_0.pdf
docker
commit -m "COMMENTs" -a "author" nasty_girl tcox/ubusshd:v1
DockerFile
#Custom
Ubuntu image with SSH installed
FROM
ubuntu:xenial
MAINTAINER
ryanblack <ryanblack@inbox.ru>
RUN apt-get
update
RUN apt-get
install -y telnet openssh-server
Ports
docker run
-d -p 8080:80 nginx:latest
Pun an
image, run container, find IPAddr:
=========================================
docker pull
httpd
docker
container run -d --name testweb httpd
docker
container inspect NAME |grep IPAddr
elinks
http://172.17.0.2
example:
docker
container inspect testweb |grep IPAddr
"SecondaryIPAddresses":
null,
"IPAddress":
"172.17.0.2",
"IPAddress":
"172.17.0.2",
List of
running containers
==========================
docker ps
Init SWARM
==========
docker swarm
init --advertise-addr 192.168.3.110
**********************
[root@ans0
~]# docker swarm init --advertise-addr 192.168.3.110
Swarm
initialized: current node (qkfcuzlwb7pnrdq1wqw77d0kp) is now a manager.
To add a
worker to this swarm, run the following command:
docker swarm join --token
SWMTKN-1-128qgf4kvbf7vflcphlbxdzok0ighezuwmfvonlyn2kyjpk5yr-4nvlww1vupx9pl2yuehtvm6k2
192.168.3.110:2377
To add a
manager to this swarm, run 'docker swarm join-token manager' and follow the
instructions.
**********************
Redisplay
Swarm TOKENs
=====================
[root@ans0
~]# docker swarm join-token worker
To add a
worker to this swarm, run the following command:
docker swarm join --token
SWMTKN-1-4ijxle2rxyc70ss14lgnfgwil0hmf6o7d3azzwzxoivp9im61x-ba1vfxkshjnkxe9yquxekpmah
192.168.3.110:2377
0b6feu2sqluvdhdfz3ot28kxn
- worker
[root@ans0
~]# docker swarm join-token manager
To add a
manager to this swarm, run the following command:
docker swarm join --token
SWMTKN-1-4ijxle2rxyc70ss14lgnfgwil0hmf6o7d3azzwzxoivp9im61x-dir4fo1e28f37o9200obra797
192.168.3.110:2377
3atxeqjoke20gdzdof60zweyx -
manager
List Swarm
Nodes
================
[root@ans0
~]# docker node ls
ID HOSTNAME STATUS AVAILABILITY MANAGER STATUS ENGINE VERSION
qkfcuzlwb7pnrdq1wqw77d0kp
* ans0.kuchuk.net Ready Active Leader 18.09.2
Swarm Info
==========
docker
system info | more
Create a
Service
================
docker service create --name bkupweb --publish
80:80 --replicas 2 httpd
List
Services
=============
[root@ans0
~]# docker service ls
ID NAME MODE REPLICAS IMAGE PORTS
j682c1hbjb6w bkupweb replicated 2/2 httpd:latest *:80->80/tcp
List Running
Service Details
============================
[root@ans0
~]# docker service ps bkupweb
ID NAME IMAGE NODE DESIRED STATE CURRENT STATE ERROR PORTS
odfufx2p1e0n bkupweb.1 httpd:latest ans2.kuchuk.net Running Running 2 minutes ago
n83crx3wod6w bkupweb.2 httpd:latest ans1.kuchuk.net Running Running 2 minutes ago
SetUP UCP
and DTR
=================
UCP -
Universal Control Plane
DTR - Docker
Trusted Repository
UCP Install
docker
container run --rm -it --name ucp -v /var/run/docker.sock:/var/run/docker.sock
docker/ucp install --host-address 192.168.3.110 --interactive
DTR Install
docker run
-it --rm docker/dtr install --ucp-node NAME-of-the-SERVER,cin --ucp-username
admin --ucp-url https://DNSNAME.com --ucp-insecure-tls
Working with
Images
===================
list images
with long tokens
docker
images --digests
docker
images --no-trunc
filter
docker
images --filter "before=centos:6"
quiet
docker
images -q
Search image
============
docker
search -f stars=50 -f is-official=true apache
top 10
docker
search --limit 10 apache
Tag and
IMAGE
=============
docker tag
centos:latest mycentos:v1
Manage
Images
=============
list the
list of image commands
#docker
image
remove image
docker rm
ImageName
docker rmi
ImageName
Inspect
image
=============
docker image
inspect centos --format '{{.ContainerConfig.Hostname}}'
docker image
inspect centos --format '{{.RepoTags}}'
Running
Containers
#docker ps
Run a
Container
docker run
-it centos:latest
Run a
Containter with a name and specific command
docker run
-it --name OS1 centos:latest /bin/bash
Remove
containter with name OS1
docker rm
OS1
Remove
multiple containers
docker rm
`docker ps -a -q`
Remove
containter after it is stoped
docker run
-it --name OS1 -rm centos:latest /bin/bash
Send a
variable into the container
docker run
-it --name OS1 -rm --env MYVAR=whatever centos:latest /bin/bash
Run a
Containter in Detached mode
docker run
-d --name webserver httpd:latest
Connect to a
Container that is already running
docker exec
-it goofy_hugle /bin/bash
BUILD DOCKER
FILE
===================
===================
1 вариант
mkdir
DockerFiles
cd
Dockerfiles
vi
Dockerfile
# This is a
small test Dockerfile
FROM
centos:latest
LABEL
maintainer="admin@pdlx.ru"
RUN yum -y
update
docker build
-t customimage:v1 .
2 Вариант
docker build
-t customubuntu:v1 -f Dockerfile2
3 Вариант
docker build
--pull --no-cache -t optimized:v1 -f Dockerfile2
DOCKER FILE
===========
#Comments
FROM
centos:6
LABEL
maintainer="latest@pdlx.ru"
RUN yum
update -y && yum install httpd net-tools
RUN mkdir -p
/run/httpd
RUN rm -rf
/run/http/* /tmp/http*
CMD echo
"Remember to check your container IP Address"
ENV
ENVIRONMENT="production"
EXPOSE 80
ENTRYPOINT
apachectl ".DFOREGROUND"
Build
containter
docker build
-t mywebserver:v1 .
Run created
container
docker run
-d --name testweb --rm mywebserver:v1
Another
DockerFile
==================
#Comments
ARG
TAGVERSION=6
FROM
centos:${TAGVERSION}
LABEL
maintainer="latest@pdlx.ru"
RUN yum -y
update && yum -y install httpd net-tools && \
mkdir -p /run/httpd && \
rm -rf /run/http/* /tmp/http*
COPY index.html
/var/www/html/
CMD echo
"Remember to check your container IP Address"
ENV
ENVIRONMENT="production"
VOLUME
/mymount
EXPOSE 80
ENTRYPOINT
apachectl ".DFOREGROUND"
History of
an image
===================
docker history mywebserver:v3 --no-trunc
docker image history mywebserver:v3
DOCKER
REGISTRY
===============
[root@ans0
~]# mkdir certs
[root@ans0
~]# mkdir auth
[root@ans0
~]# yum -y install openssl
47
openssl req -newkey rsa:4096 -nodes -sha256 -keyout certs/dockerrepo.key
-x509 -days 365 -out certs/dockerrepo.crt -subj /CN=myregistry.com
48
ifconfig
49 vi
/etc/hosts
54
mkdir -p /etc/docker/cert.d/myregistry.com:5000
55 cd
/etc/docker/cert.d/myregistry.com\:5000/
57 cp
/root/certs/dockerrepo.crt ca.crt
58
docker pull registry:2
59
docker images
61
docker run --entrypoint htpasswd registry:2 -Bbn test password >
/root/auth/htpasswd
62
cat /root/auth/htpasswd
Start
Repository
=================
docker run
-d -p 5000:5000 -v /root/certs:/certs/ -e
REGISTRY_HTTP_TLS_CERTIFICATE=/certs/dockerrepo.crt -e
REGISTRY_HTTP_TLS_KEY=/certs/dockerrepo.key -v /root/auth:/auth/ -e
REGISTRY_AUTH=htpasswd -e REGISTRY_AUTH_HTPASSWD_REALM="Registry Realm"
-e REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd registry:2
e6344aab68001a476ec0e6155b84d1f2ea7531a557a577f7947cb783e6d94758
docker login
myregistry.com:5000/mybusybox
docker tag
busybox myregistry.com:5000/mybusybox
docker pull
myrepository.com:5000/mybusybox
Managing
Images in you private Repository
=========================================
curl
--insecure -u "test:password" https://myregistry.com:5000/v2/_catalog
or
wget
--no-check-certificate --http-user=test --http-password=password
https://myregistry.com:5000/v2/_catalog
cat
_catalog.1
Container
Lifecicles - Setting the Restart Policies
===================================================
Always
restart container
docker
container run -d --name testweb --restart always httpd
Unless-Stopped
docker
container run -d --name testweb --restart unless-stopped httpd
ORCHESTRATION
===============
===============
Lock, Unlock
the Cluster
========================
docker swarm
init --auto-lock
update the
cluster - set to autolock
====================================
docker swarm
update --autolock =true
rotate the
key
==============
docker swarm
unlock-key --rotate
RUNNING
SERVICES
================
docker
service create --name testweb -p 80:80 httpd
docker
service ls
docker
service ps testweb
Scale
=====
docker service
update --replicas 3 testweb
docker
service scale --detach=false testnginx=3
docker
service scale --detach=false testnginx=4 testweb=5
Test and
Ferify
===============
docker
service update --replicas 10 --detach=false testweb
docker
service update --limit-cpu=0,5 --reserve-cpu=.75 --limit-memmory=128m
--reserve-memory=256m testweb
RUNNING in
GLOBAL
=================
docker
service create --name testnginx2 -p 8080:8080 --mode global --detach=false
nginx
Templase
with docker service create
===================================
docker service create --name myweb
--hostname="{{.Node.ID}}-{{.Service.Name}}" --detach=false httpd
docker
service ps --no-trunc myweb
ID NAME IMAGE NODE DESIRED STATE CURRENT STATE ERROR PORTS
2c7hgetxrnsc4wtc39f98lsdg myweb.1
httpd:latest@sha256:5e7992fcdaa214d5e88c4dfde274befe60d5d5b232717862856012bf5ce31086 ans1.kuchuk.net Running Running 12 seconds ago
Inspect a
node
==============
docker node
ls
ID HOSTNAME STATUS AVAILABILITY MANAGER STATUS ENGINE VERSION
xi3adgj0tcy1y3d4finllrpbs
* ans0.kuchuk.net Ready Active Leader 18.09.2
n9r838w25qs29v3lr97n4naeo ans1.kuchuk.net Ready Active 18.09.2
mzoit1vxtfxju0s2flvi01hoj ans2.kuchuk.net Ready Active 18.09.2
docker node
inspect --pretty n9r838w25qs29v3lr97n4naeo
Adding
Labels
=============
docker node
ls
ID HOSTNAME STATUS AVAILABILITY MANAGER STATUS ENGINE VERSION
xi3adgj0tcy1y3d4finllrpbs
* ans0.kuchuk.net Ready Active Leader 18.09.2
n9r838w25qs29v3lr97n4naeo ans1.kuchuk.net Ready Active 18.09.2
mzoit1vxtfxju0s2flvi01hoj ans2.kuchuk.net Ready Active 18.09.2
docker node
update --label-add mynode=testnode mzoit1vxtfxju0s2flvi01hoj
docker node
inspect --pretty mzoit1vxtfxju0s2flvi01hoj | more
ID: mzoit1vxtfxju0s2flvi01hoj
Labels:
- mynode=testnode
<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<--------------------!!!!!
Hostname: ans2.kuchuk.net
Joined
at: 2019-02-25
02:18:07.945699012 +0000 utc
Status:
State: Ready
Availability: Active
ERROR
(couldn't start the service with label)
[root@ans0
Dockerfiles]# docker service create --name constraints -p 8080:8080
--constraint 'node.lables.mynode == testnode' --replicas 3 httpd
rrsdaapg3jrzmdhiiqhkj9x85
overall
progress: 0 out of 3 tasks
1/3: no
suitable node (scheduling constraints not satisfied on 3 nodes)
2/3: no
suitable node (scheduling constraints not satisfied on 3 nodes)
3/3: no
suitable node (scheduling constraints not satisfied on 3 nodes)
Docker
Compose
==============
yum install
epel-release
yum -y
install python-pip
pip install
--upgrade-pip
pip install
docker-compose
[root@ans0
Dockerfiles]# vi Dockerfile
#simple
webserver
FROM
centos:latest
LABEL
maintainer="admin@pdlx.ru"
RUN yum
install -y httpd && \
echo "Our Containter Website"
>> /var/www/html/index.html
EXPOSE 80
docker build
-t myhttpd:v1 .
docker run -d
--name testweb -p 80:80 myhttpd:v1
vi
docker-compose.yml
version: '3'
services:
apiweb1:
image: myhttpd:v1
build: .
ports:
- "81:81"
apiweb2:
image: myhttpd:v1
ports:
- "82:80"
load-balancer:
image: nginx:latest
ports:
- "80:80"
version: '3'
services:
ghost:
image: ghost:latest
restart: always
depends_on:
- db
environment:
url: https://kidsdreamevent.com
database__client: mysql
database__connection__host: db
database__connection__user: root
database__connection__password:
bp24os35if
database__connection__database: ghost
volumes:
-
/opt/ghost_content:/var/lib/ghost/content
db:
image: mysql:5.7
restart: always
environment:
MYSQL_ROOT_PASSWORD: bp24os35if
volumes:
- /opt/ghost_mysql:/var/lib/mysql
docker-compose
up -d
--------------------
Creating
dockerfiles_apiweb1_1 ... done
Creating
dockerfiles_apiweb2_1 ... done
Creating
dockerfiles_load-balancer_1 ... done
[root@ans0
Dockerfiles]# docker-compose ps
Name Command State Ports
-------------------------------------------------------------------------------------------------
dockerfiles_apiweb1_1 /bin/sh -c apachectl -DFOR ... Up
80/tcp, 0.0.0.0:81->81/tcp
dockerfiles_apiweb2_1 /bin/sh -c apachectl -DFOR ... Up
0.0.0.0:82->80/tcp
dockerfiles_load-balancer_1 nginx -g daemon off; Up 0.0.0.0:80->80/tcp
docker-compose
down --volumes
Deploy
Docker-Compose to SWARM
==============================
docker stack
deploy --compose-file docker-compose.yml mycustomstack
docker service
ls
Grab infor
from Inspect JSON output
===================================
docker
container inspect --format="{{.State.Paused}}" testweb
docker
container inspect --format="{{json .State}}" testweb
TroubleShooing
Services
=======================
docker node
ls
docker
service ps
docker
service inspect
docker ps
===================
STORAGE
===================
docker
volume create mymount
docker
volume inspect mymount |more
docker
service create --name volweb -p 80:80 --mount source=mymount,target=/internal-mount
-d=false --replicals 3 nginx
docker ps
docker exec
-it b1c75dadacc6 /bin/bash
Lab1
======
docker
volume create http-files
96
docker volume ls
97
docker volume inspect http-files
99
vi /var/lib/docker/volumes/http-files/_data/index.html
100
cat /var/lib/docker/volumes/http-files/_data/index.html
101
docker container run -d --name testweb --mount
source=http-files,target=/usr/local/apache2/htdocs httpd
102
docker ps
103
docker inspect testweb |grep IPAddr
104
ping 172.17.0.2
107
elinks http://172.17.0.2
111
docker exec -it c2663147afbc /bin/bash
112
docker ps
113
elinks http://172.17.0.2
Lab2
MOUNT ON LOCAL SHARE
====================
docker run -d --name tesetweb -p 80:80
--mount type=bind,source=/root/httpfiles,target=/usr/local/apache2/htdocs httpd
GET Data INSPECT from JSON
==========================
docker inspect nginxtest
--format={{.NetworkSettings.IPAddress}}
============
NETWORKING
============
Create Bridge NETWORK
=====================
docker network create --driver=bridge
--subnet=192.168.0.1/24 --opt
"com.docker.network.driver.mtu"="1501" devel0
docekr network ls
Change the network for a container
==================================
docker network connect --ip=192.168.0.115
devel0 testnweb
External DNS
============
docker run -d -name webserver --dns=8.8.8.8
--dns=4.2.2.2 nginx
PermanentDNS
for new containers:
================================
vi /etc/docker/docker.json
{
"dns":
["8.8.8.8","8.8.4.4"]
}
Create a Network
=======================================
docker network create --driver=overlay
--subnet=192.168.10.0/24 overlay0
Deploy a Service with a Network option
======================================
docker service create --name web1 -p 80:80
--network=overlay0 --replicas 2 nginx
Logging
===========
System
cat /var/log/messages | grep [dD]ocker
Container
docker container logs
Service
docker service logs ServiceName
Комментариев нет:
Отправить комментарий