Docker

From XennisWiki
Jump to: navigation, search

Docker is an open-source project that automates the deployment of applications inside software containers. [...] Docker provides an additional layer of abstraction and automation of operating-system-level virtualization on Linux. (Wikipedia)

Installation

Arch Linux

Install Docker

pacman -S docker

Enable and start the service docker.service.

Add user to the Docker group (log out and in again afterwards). Before carefully read Docker since anyone added to the docker group is root equivalent.

gpasswd --add <username> docker

Ubuntu

Further information: Docker - Installation on Ubuntu

Add Dockers GPG key

curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -

Add Docker repository and update the package index

add-apt-repository "deb [arch=armhf] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
apt-get update

Install Docker

apt-get install docker-ce

Add your user to the group docker

groupadd docker
usermod -a -G docker <user-name>

Log out and in again. Test your Docker installation with a following command

docker run hello-world

Install docker-compose

Further information: Docker Documentation - Install Docker Compose, Composer Command-line completion

Download docker-compose (here version 1.12.0) and make it executable

sudo -i
VERSION=1.12.0
curl -L https://github.com/docker/compose/releases/download/${VERSION}/docker-compose-`uname -s`-`uname -m` > /usr/local/bin/docker-compose
sudo chmod +x /usr/local/bin/docker-compose

Check version

docker-compose --version

Usage

Images

Build image

docker build -t example.org/fuu:2.4 -t example.org/fuu:latest .

Pull image

Pull for instance the redis image from Docker Hub

docker pull redis

List images

List all (-a) images

docker images -a

Push image

docker push <image>:<tag>

Delete image

docker rmi <image-id>

Containers

List containers

List all (-a) containers

docker ps -a

Run container

Run for instance a image named redis as some-redis container and expose the containers port 6379 to local port 7001 by using --publish.

docker run --publish 7001:6379 --name my-redis --detach redis

Instead of run the container in background (--detach), run it active and remove (--rm) it afterwards

docker run --publish 7001:6379 --name my-redis --rm redis

Mount a directory

docker run -v local/dir:/container/dir -it --rm redis

Set environment variables

docker run --env MY_PORT=9800 --env FUU=hello redis

Open shell in container

Run container and open shell

docker run -it --rm redis /bin/sh

Open shell of an running container (--user 0 for user with id 0)

docker exec -i -t <id> /bin/sh

Stop and delete container

Stop and delete a container

docker stop <container-id>
docker rm <container-id>

Always start container

docker update --restart=always <container-id>

Log into file

docker logs <container> >& /tmp/example.log

Copy file to or from container

docker cp example.txt <container>:/example.txt
docker cp <container>:/example.txt example.txt

Dockerfile

Commands

Arg (argument)

Usage. To overwrite the default value, add --build-arg=my-name=another-value to the Docker build command.

ARG my-name=default-value

Exemplary usage

ARG service=my-api
WORKDIR /go/src/$service

Cmd (command)

CMD ["python", "/app/server.py"]

Copy or add (a file)

COPY ./app/
COPY example.txt /app/
ADD exampleDir /opt/exampleDir

Env (set environment variable)

ENV PATH /env/bin:$PATH

Expose (a port)

EXPOSE <port>

From (pull image)

FROM <image>
FROM <image>:<tag>
FROM <url>

Run (a command)

RUN pip install --requirement /app/requirements.txt

Usage

Copy and execute a Bash script

ADD example.sh /example.sh
RUN chmod a+x /example.sh
CMD /example.sh

Multi stage image

Example for a multi stage image

FROM golang AS build
RUN go get -d -t ./...
RUN CGO_ENABLED=0 GOOS=linux go build -o /service .

FROM scratch
COPY --from=build /service .
ENTRYPOINT ["/service"]

Tips

Docker login configuration file

Path: ~/.docker/config.json

Remove all stopped containers, images, etc.

docker system prune

SSH into stopped container

Figure out the container ID

docker container ls --all
docker commit <container-id> my/example
docker run -ti --entrypoint=sh my/example

Run a Docker container inside another container

Run a container that has Docker installed and mount the Docker socket to it.

docker run -it --rm -v /var/run/docker.sock:/var/run/docker.sock docker /bin/sh

Inside that container start another container. Here it is a Redis container

docker run --publish 6379:6379 --detach redis

Access port of the container in the container

Inside the container with Docker installed get the IP of the Docker host.

docker_host_ip=`/sbin/ip route|awk '/default/ { print $3 }'`

Next install Redis to be able to use the Redis CLI and ping it with $docker_host_ip as host (and *not* localhost)

apk add --update redis
redis-cli -h $docker_host_ip ping

Outside of the container Redis can be accessed as usual

redis-cli -h localhost

Get IP of a container

docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' <container-name>

Get IP of the HOST

host_ip=$(ip route show | awk '/default/ {print $3}')
echo $host_ip

Errors and problems

Docker container has no internet connection

Restart the Docker service

service docker restart

could not find an available, non-overlapping IPv4 address pool

Error message
ERROR: could not find an available, non-overlapping IPv4 address pool among the defaults to assign to the network
Solution

Prune Network

docker network prune

Not enough random bytes available

Error message
Not enough random bytes available. Please do some other work to give the OS a chance to collect more entropy!
Solution

Mount /dev/urando from the host, for example

docker run -it --rm -v /dev/urandom:/dev/random ubuntu /bin/bash

See also

External links