I've been learning Docker through John Willis's tutorials:
https://www.youtube.com/watch?v=bV5vbNK3Uhw&list=PLkA60AVN3hh_6cAz8TUGtkYbJSL2bdZ4h&index=1
Here are my notes from the tutorials. As usual, these are for my own reference, but put on a public forum in the hope others may also find them useful.
add user to the docker group
docker version
docker -v
docker info
docker run busybox
docker ps -a
docker run -i busybox
docker run -it busybox
docker run -d busybox
docker run -it -v /volume busybox
docker restart <tag/volume>
docker rm <tag>
cid=$(docker run < >)
docker <command> $cid
Explicitly set container name:
--name <name>
Run a command inside the container:
docker exec <tag> <command>
docker inspect <tag>
docker history <image>
docker run -it -v <path on host>:<path on container> <tag>
eg: docker run -it -v /home/ubuntu/docker-shared:/shared busybox
Flag to mount read only:
-v <host path>:<container path>:ro
docker ps -q - gives ids in a list to pass to other commands
eg:
docker kill $(docker ps -q)
docker rm $(docker ps -aq)
docker search <image>
Pull a particular image to local storage:
docker pull <image>
List all locally available images:
docker images
Output from command that was run in a container
docker log <tag>
$(docker ps -l) - the last container
docker stats <tag>
docker top <tag> -ef - similar to ps -ef
Docker run param to set metadata
--label=<key>=<value>
Docker inspect formatted to show labels:
docker inspect --format '{{.Name}} {{.Config.Labels.<key>}}' <tag>
Flag to set limits: --ulimit <params>
brctl show docker0
Bring up a shell without disrupting the container
docker exec -it <tag> /bin/sh
To lookup ip address of the container
docker exec <tag> ip a
apt install traceroute
traceroute <destination>
To watch the iptables rules that docker sets up as you expose/map container ports
sudo iptables -t nat -L -n
When using docker run, to map ports:
-P - capital P maps all exposed ports on the container to high numbered ports on the host
-p <host port>:<container port> - explicitly map ports.
HAProxy load balancer (Note to self: read up on this sometime)
Some images used in this tutorial
docker build -f <filename> -t <imagename> .
So for the above:
docker build -f apache-ex1 -t apache-ex1 .
docker images - lists images
Remove an image from local store:
docker rmi <imagename>
Flag for build to force rebuild: --no-cache=true
Free-form:
Two ways to get ip address
(1) docker exec $cid ip a
(2) nid=$(docker inspect --format '{{.NetworkSettings.IPAddress}}' $cid)
Where does the index.html live in apache2
docker exec -it $cid /bin/sh
find / -name index.html
apache-ex3:
docker build -f apache-ex3 -t apache-ex3 .
docker ps shows port mappings
Two ways to map port when invoking docker run: -P and -p above.
To run above:
cid=$(docker run -itd -P apache-ex3)
or cid=$(docker run -itd -p 8080:80 apache-ex3)
ipaddr=$(docker inspect -format '{{.NetworkSettings.IPAddress}}' $cid)
curl $ipaddr
apache-ex4:
docker build -f apache-ex4 -t apache-ex4 .
cid=$(docker run -itd -v ~/docker/:/var/www/html/ -p 8080:80 apache-ex4)
curl localhost:8080
apache-ex5:
docker exec -it /bin/sh
ls
you'll see the /var/www/html folder rather than the / folder.
Notice also the ENTRYPOINT + CMD split. ENTRYPOINT specifies the executable, and CMD specifies the arguments. This means that now when you run the docker image, the specified entry point will be the executable running - that cannot be overriden (the default is /bin/sh which allows you to pass some command to it) So something like
docker run -it apache-ex5 /bin/sh
will fail now, with a terminal dump from /usr/sbin/apache2ctl say '/bin/sh' is not a legitimate action.
.
https://www.youtube.com/watch?v=bV5vbNK3Uhw&list=PLkA60AVN3hh_6cAz8TUGtkYbJSL2bdZ4h&index=1
Here are my notes from the tutorials. As usual, these are for my own reference, but put on a public forum in the hope others may also find them useful.
#1 - Installing docker
apt install docker.ioadd user to the docker group
docker version
docker -v
docker info
#2 - Docker run
docker psdocker run busybox
docker ps -a
docker run -i busybox
docker run -it busybox
docker run -d busybox
docker run -it -v /volume busybox
docker restart <tag/volume>
docker rm <tag>
cid=$(docker run < >)
docker <command> $cid
Explicitly set container name:
--name <name>
Run a command inside the container:
docker exec <tag> <command>
docker inspect <tag>
docker history <image>
#3 - volumes
Mount a host folder onto the container as a columedocker run -it -v <path on host>:<path on container> <tag>
eg: docker run -it -v /home/ubuntu/docker-shared:/shared busybox
Flag to mount read only:
-v <host path>:<container path>:ro
docker ps -q - gives ids in a list to pass to other commands
eg:
docker kill $(docker ps -q)
docker rm $(docker ps -aq)
#4 - more on run
Search for particular imagesdocker search <image>
Pull a particular image to local storage:
docker pull <image>
List all locally available images:
docker images
Output from command that was run in a container
docker log <tag>
$(docker ps -l) - the last container
docker stats <tag>
docker top <tag> -ef - similar to ps -ef
Docker run param to set metadata
--label=<key>=<value>
Docker inspect formatted to show labels:
docker inspect --format '{{.Name}} {{.Config.Labels.<key>}}' <tag>
Flag to set limits: --ulimit <params>
#5 - Networking
ip a (or ip address in full) - shows the ip addressbrctl show docker0
Bring up a shell without disrupting the container
docker exec -it <tag> /bin/sh
To lookup ip address of the container
docker exec <tag> ip a
apt install traceroute
traceroute <destination>
To watch the iptables rules that docker sets up as you expose/map container ports
sudo iptables -t nat -L -n
When using docker run, to map ports:
-P - capital P maps all exposed ports on the container to high numbered ports on the host
-p <host port>:<container port> - explicitly map ports.
HAProxy load balancer (Note to self: read up on this sometime)
Some images used in this tutorial
- wordpress
- httpd
- mysql
#6 - Dockerfiles
apache-ex1:FROM ubuntu:14.04To build the docker file
RUN apt-get -y install apache2
CMD ["/usr/sbin/apache2ctl", "-D", "FOREGROUND"]
docker build -f <filename> -t <imagename> .
So for the above:
docker build -f apache-ex1 -t apache-ex1 .
docker images - lists images
Remove an image from local store:
docker rmi <imagename>
Flag for build to force rebuild: --no-cache=true
Free-form:
RUN apt -y install apache2Array form:
CMD /usr/sbin/apache2ctl -D FOREGROUND
RUN ["apt", "-y", "install", "apache2"]The difference is, free form prefixes /bin/sh -c whereas, first element is base command in array form.
CMD ["/usr/sbin/apache2ctl", "-D", "FOREGROUND"]
Two ways to get ip address
(1) docker exec $cid ip a
(2) nid=$(docker inspect --format '{{.NetworkSettings.IPAddress}}' $cid)
Where does the index.html live in apache2
docker exec -it $cid /bin/sh
find / -name index.html
apache-ex3:
FROM ubuntu:latestTo build this:
RUN \
apt-get update && \
apt-get -y install apache2
ADD index.html /var/www/html/index.html
EXPOSE 80
CMD ["/usr'sbin/apache2ctl", "-D", "FOREGROUND"]
docker build -f apache-ex3 -t apache-ex3 .
docker ps shows port mappings
Two ways to map port when invoking docker run: -P and -p above.
To run above:
cid=$(docker run -itd -P apache-ex3)
or cid=$(docker run -itd -p 8080:80 apache-ex3)
ipaddr=$(docker inspect -format '{{.NetworkSettings.IPAddress}}' $cid)
curl $ipaddr
apache-ex4:
FROM ubuntu:latestTo build and run this:
VOLUME ["/var/www/html"]ADD index.html /var/www/html/index.html
RUN \
apt-get update && \
apt-get -y install apache2
EXPOSE 80
CMD ["/usr'sbin/apache2ctl", "-D", "FOREGROUND"]
docker build -f apache-ex4 -t apache-ex4 .
cid=$(docker run -itd -v ~/docker/:/var/www/html/ -p 8080:80 apache-ex4)
curl localhost:8080
apache-ex5:
FROM ubuntu:latestNote that the ENTRYPOINT - this means if you do
MAINTAINER Matt Varghese
# Change this if you want to prevent cached build
ENV REFRESHED_AT 2016-05-28
VOLUME ["/var/www/html"]
WORKDIR /var/www/html
ADD index.html /var/www/html/index.html
RUN \
apt update && \
apt -y install apache2
EXPOSE 80
# this fixes the command to this executable
ENTRYPOINT ["/usr/sbin/apache2ctl"]
# the parameters may be modified at run
CMD ["-D", "FOREGROUND"]
docker exec -it /bin/sh
ls
you'll see the /var/www/html folder rather than the / folder.
Notice also the ENTRYPOINT + CMD split. ENTRYPOINT specifies the executable, and CMD specifies the arguments. This means that now when you run the docker image, the specified entry point will be the executable running - that cannot be overriden (the default is /bin/sh which allows you to pass some command to it) So something like
docker run -it apache-ex5 /bin/sh
will fail now, with a terminal dump from /usr/sbin/apache2ctl say '/bin/sh' is not a legitimate action.
.
No comments:
Post a Comment