something important about docker
docker exec -it app bash (running a virtaul bash)
INSTALL DOCKER
uname -r
curl -sSL https://get.docker.com/ | sh
docker -v
Docker version 1.11.2 build b9f10c9
systemctl start docker
systemctl enable docker ( start docker after boot )
ps -aux | grep docker
DOWNLOAD IMAGES
docker pull busybox
docker images [ -h ]
DELETE IMAGES
docker rmi app:1.0
PUSH IMAGES
docker login
docker push otfsenter/app
CREATE CONTAINERS
docker run -d -p 5000:5000 --restart=always --name registry -m 128m -v /data/registry:/var/lib/registry registry:2
( simple ): docker run -d -p 5000:5000 --name app nginx:1.11.1
CHANGE IMAGES'S TAG
docker tag nginx otfsenter/nginx
PUSH IMAGES
docker daemon
MODIFY start parameter "--insecure-registry=0.0.0.0/0"
vim /usr/lib/systemd/system/docker.service
ExecStart=/usr/bin/docker
TO
ExecStart=/usr/bin/docker daemon -H fd:// --insecure-registry=0.0.0.0/0
systemctl daemon-reload
systemctl restart docker
ps -aux | grep docker
/usr/bin/docker daemon -H fd:// --insecure-registry=0.0.0.0/0
docker push otfsenter/nginx
OPERATING CONTAINERS
docker create --name web nginx:1.11.1 ( created, not started )
docker stats app ( percentage used memory and cpu )
docker top app ( how many processes running )
* docker exec -it app bash (running a virtaul bash)
docker inspect/update/cp/export(container->tar file)/import/rm
update memory of app
docker update -m 256m app
docker inspect app | grep -i memory
RELATIONSHIP BETWEEN CONTAINERS AND IMAGES
docker commit ( commit image from container )
docker commit -a otfsenter -m "demo commit iamge" web web:2.0
docker save ( save as tar file from image )
docker save app > app.tar
docker load ( insert to images list from tar file )
docker load < app.tar
SHARE DATA BETWEEN CONTAINERS
create a data container
ro: readonly
docker run -d -v /web-data:/tmp:ro --name data-container app
get data from data-container
docker run -d --volumes-from data-container --name web-container apps
docker run -d --volumes-from data-container --name web2-container apps
BEST PRACTICE OF VOLUME
Dockerfile:
FROM centos:7
RUN yum -y install epel-release && \
yum -y install nginx && \
yum clean all
EXPOSE 80 443
VOLUME ["/usr/share/nginx/html"] ( container's directory )
CMD ["nginx", "-g", "daemon -off;"]
docker build -t app . ( build app from Dockerfile )
THE WAY OF SAVE FILES
centos: /var/lib/docker/devicemapper
ubuntu: /var/lib/docker/aufs
coreos: /var/lib/docker/overlayfs ( overlay )
BACK UP DATA FROM VOLUME
docker run --rm --volumes-from dbdata -v $(pwd):/backup ubuntu tar cvf /backup/backup.tar /dbdata
RESUME DATA FROM VOLUME
docker run --rm --volumes-from dbstore2 -v $(pwd):/backup ubuntu bash -c "cd /dbdata && tar xvf /backup/backup.tar --strip 1"
NETWORK MODULE ( nat, host, container, none, overlay )
default: NAT ( changed ip when container restart every time )
HOST: ( fixed ip )
docker run -d --name app2 --net=host nginx:1.11.1
CONTAINER: ( ping each other, communicate each other )
docker run -it --name busybox1 busybox sh
ip addr
exit without kill ( Ctrl+P+Q )
docker run -it --name busybox2 --net=container:busybox1 busybox sh
NONE:
docker run -it --name none --net=none busybox sh
OVERLAY: ( since Docker:1.10 )
(communicate with different container in different host)
Container(10.0.9.3)--
hostA -(Gateway)-> eth1(192.168.59.100)-----
Container(10.0.9.2)-- |
Internet
Container(10.0.9.5)-- |
hostB -(Gateway)-> eth1(192.168.59.101)-----
Container(10.0.9.4)--
CMD:
( consul )
vim /usr/lib/systemd/system/docker/service
ExecStart=/usr/bin/docker daemon -H tcp://0.0.0.0:2376 -H unix:///var/run/docker.sock --cluster-store=consul://192.168.59.100:8500 --cluster-advertise=eth01:2376 --insecure-registry=0.0.0.0/0
systemctl daemon-reload
systemctl restart docker
docker run -d -p 8400:8400 -p 8500:8500 -p 8600:53/udp -h consul progrium/consul -server(server) -bootstrap -ui-dir /ui (show progress)
PRACTICE OF OVERLAY
CREATE OVERLAY NETWORK
docker network create -d overlay --subnet=10.0.9.0/24 edu-net
hostA:
docker run -d --name app1 --net=edu-net newell.com:5000/nginx:1.11.1
docker exec -it app1 bash
hostB:
docker run -d --name app2 --net=edu-net newell.com:5000/nginx:1.11.1
docker exec -it app1 bash
DOWNLOAD
http://www.docker.com/products/docker-toolbox
c:\user\zhouxinzheng\.docker\machine\cache
boot2docker.iso
download jpress.war (www.jpress.io)
docker pull hub.c.163.com/library/tomcat
vi Dockerfile
from hub.c.163.com/library/tomcat
MAINTAINER newell xxx@163.com
COPY jpress.war /usr/local/tomcat/webapps
docker build -t jpress:latest .
docker run -d -p 8888:8080 jpress
docker pull hub.c.163.com/library/mysql
docker run -d -p 3306:3306 -e MYSQL_ROOT_PASSWORD=000000 hub.c.163.com/library/mysql:lastest
docker stop 93056e8a957a(mysql container id)
docker run -d -p 3306:3306 -e MYSQL_ROOT_PASSWORD=000000 -e MYSQL_DATABASE=jpress hub.c.163.com/library/mysql:lastest
docker restart 12fdb93345f2(jpress container)
PYTHON FLASK APP
Dockerfile:
FROM ubuntu:latest
MAINTAINER newell xxx@163.com
RUN apt-get update -y
RUN apt-get install -y python-pip python-dev build-essential
# Add source files
COPY . /app
ENV HOME=/app
WORKDIR /app
# Install Python web server and dependencies
RUN pip install -r requirements.txt
ENV FLASK_APP=anonpost.py
# Expose port
EXPOSE 5000
ENTRYPOINT ["gunicorn", "-b", "0.0.0.0:5000", "-w", "4", "wsgi:app"]
REQUIREMENTS.TXT
click == 6.6
Flask == 0.11.1
gunicorn == 19.6.0
itsdangerous == 0.24
Jinja == 22.8
MarkupSafe == 0.23
virtualenv == 15.1.0
Werkzeug == 0.11.11
