User Tools

Site Tools


notes:tools:docker

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
notes:tools:docker [2018/09/13]
leszek [Port Mapping]
notes:tools:docker [2018/10/17] (current)
leszek [Volume mapping]
Line 20: Line 20:
     docker run -it --name container_name ubuntu:​latest /bin/bash     docker run -it --name container_name ubuntu:​latest /bin/bash
     docker run -d ubuntu     docker run -d ubuntu
-</​code>​ 
- 
-The '​-it'​ paramater indicates '​interactive terminal'​. It allows you to stop a container with ^C 
- 
-Run a command and perform volume mapping: 
-<code text> 
-docker run -it -v "​C:​\Temp:/​console"​ microsoft/​dotnet:​latest 
-docker run --rm -it -v "​C:​\Temp:/​console"​ microsoft/​dotnet:​latest 
-docker run --rm --mount "​type=bind,​source=C:​\Projects,​target=/​src"​ -t -i ubuntu:​latest /bin/bash 
-docker run --rm --mount "​type=bind,​source=C:​\Projects,​target=/​src"​ -t -i microsoft/​dotnet:​2.1-sdk /bin/bash 
 </​code>​ </​code>​
  
Line 37: Line 27:
 <​code>​ <​code>​
 docker exec [OPTIONS] CONTAINER COMMAND [ARG...] docker exec [OPTIONS] CONTAINER COMMAND [ARG...]
 +    docker exec -it mycontainer bash
     docker exec -it mycontainer mongo     docker exec -it mycontainer mongo
     docker exec -it mycontainer powershell     docker exec -it mycontainer powershell
Line 61: Line 52:
     docker rm $(docker ps -aq)     docker rm $(docker ps -aq)
     docker rm $(docker ps -a -q)     docker rm $(docker ps -a -q)
 +    docker container rm $(docker container ls -aq) -f
 docker rmi [OPTIONS] IMAGE [IMAGE...] docker rmi [OPTIONS] IMAGE [IMAGE...]
     docker rmi ubuntu:​14.04     docker rmi ubuntu:​14.04
Line 72: Line 64:
 docker ps docker ps
 docker ps -a docker ps -a
 +docker ps -a --no-trunc
 </​code>​ </​code>​
  
Line 100: Line 93:
 </​code>​ </​code>​
  
 +Get the IP of the '​web1'​ container (does not show anything on ubuntu):
 +<code text>
 +docker inspect -f "{{ .NetworkSettings.Networks.nat.IPAddress }}" web1
 +</​code>​
  
 +Save one or more images to a tar archive (streamed to STDOUT by default):
 +<code text>
 +docker save [OPTIONS] IMAGE [IMAGE...]
 +    docker save ubuntu -o ubuntu.tar
 +</​code>​
  
 +Copy files/​folders between a container and the local filesystem:
 +<code text>
 +docker cp [OPTIONS] CONTAINER:​SRC_PATH DEST_PATH|-
 +docker cp [OPTIONS] SRC_PATH|- CONTAINER:​DEST_PATH
 +    docker cp .\App\. mycontainer:/​usr/​share/​app
 +</​code>​
  
  
  
 +====Volume mapping====
  
-====Tools====+Volumes are independent from containers used to store persitent data. When a container is removed, volumes stay.
  
-Use '​where ​docker' to find out the location of docker ​on Windows:+Run a command and perform volume mapping: 
 +<code text> 
 +docker ​run -it -v "​C:​\Temp:/​console"​ microsoft/​dotnet 
 +docker ​run --rm -it -v "​C:​\Temp:/​console"​ microsoft/​dotnet:​latest 
 +docker run --rm --mount "​type=bind,​source=C:​\Projects,​target=/​src"​ -t -i ubuntu:​latest /bin/bash 
 +docker run --rm --mount "​type=bind,​source=C:​\Projects,​target=/​src"​ -t -i microsoft/​dotnet:2.1-sdk /bin/bash 
 +</​code>​
  
-  * C:\Program Files\Docker\Docker\Resources\bin\docker.exe+Run a command, create a volume '​myvolume'​ (if it does not exist), and mount to it: 
 +<code text> 
 +docker ​container run -dit --name test --mount source=myvolume,​target=/​vol ubuntu
  
-There are also few other tools in the same location:+Put file to the volume (just for test purposes):​ 
 +> docker container exec -it test sh 
 +/# ls -l /vol/ 
 +total 0 
 +/# echo "​hello"​ > /​vol/​myfile 
 +/# cat /​vol/​myfile 
 +hello 
 +</​code>​ 
 + 
 +Run a command ​in PowerShell with volume mapping: 
 +<code text> 
 +docker run -it --rm -v "​${pwd}/​bin/​Debug:/​app"​ microsoft/​dotnet 
 +</​code>​ 
 + 
 +Map a static website: 
 +<code text> 
 +docker run --rm -it -p 8080:80 -v C:​\Projects\Website:/​usr/​share/​nginx/​html nginx 
 +</​code>​ 
 + 
 +Manage volumes: 
 +<code text> 
 +docker volume ls 
 +docker volume create myvolume 
 +docker volume inspect myvolume 
 +docker volume rm myvolume 
 +docker volume rm myvolume -f 
 +</​code>​ 
 + 
 +On Linux, volumes are located at /​var/​lib/​docker/​volumes/​VOLUME_NAME/​_data 
 + 
 +====Interactive Terminal==== 
 + 
 +When you run the following command, docker blocks the current process and waits: 
 +<code text> 
 +> docker run -p 4000:4000 docs/​docker.github.io 
 +Docker docs are viewable at: 
 +http://​0.0.0.0:​4000 
 +</​code>​ 
 + 
 +Pressing ^C does not stop the container:​ 
 +<code text> 
 +> docker ps 
 +CONTAINER ID   ​IMAGE ​                  ​COMMAND ​                 PORTS 
 +c9e5a66cc0e7 ​  ​docs/​docker.github.io ​  "/​bin/​sh -c 'echo -e…" ​  ​80/​tcp,​ 0.0.0.0:​4000->​4000/​tcp 
 +</​code>​ 
 + 
 +The following command specifies the '​-it'​ paramater which indicates an '​interactive terminal'​. It allows you to send commands to the process that runs the application in the container. For example, ^C terminates the process which in effect stops the container:​ 
 +<code text> 
 +> docker run -p 4000:4000 -it docs/​docker.github.io 
 +Docker docs are viewable at: 
 +http://​0.0.0.0:​4000 
 +> ^C 
 +> docker ps 
 +CONTAINER ID   ​IMAGE ​                  ​COMMAND ​                 PORTS 
 +</​code>​ 
 + 
 +Detach from the container but do not stop it: 
 +<code text> 
 +> docker run -p 4000:4000 -it docs/​docker.github.io 
 +Docker docs are viewable at: 
 +http://​0.0.0.0:​4000 
 +> ^PQ 
 +> docker ps 
 +CONTAINER ID   ​IMAGE ​                  ​COMMAND ​                 PORTS 
 +b0548024da32 ​  ​docs/​docker.github.io ​  "/​bin/​sh -c 'echo -e…" ​  ​80/​tcp,​ 0.0.0.0:​4000->​4000/​tcp 
 +</​code>​ 
 + 
 +Automatically detach from the container i.e., run the container in background:​ 
 +<code text> 
 +> docker run -p 4000:4000 -d docs/​docker.github.io 
 +1469be5b5dd5480572d184ae3510ad779184acb3e620d905a1ef43a06733399c 
 +> docker ps 
 +CONTAINER ID   ​IMAGE ​                  ​COMMAND ​                 PORTS 
 +1469be5b5dd5 ​  ​docs/​docker.github.io ​  "/​bin/​sh -c 'echo -e…" ​  ​80/​tcp,​ 0.0.0.0:4000->​4000/​tcp 
 +</​code>​
  
-  * docker-compose 
-  * docker-credential-wincred 
-  * docker-machine 
-  * kubectl 
-  * notary 
  
 ====Port Mapping==== ====Port Mapping====
Line 135: Line 221:
 Example: Example:
 <​code>​ <​code>​
-docker run -p 80:80 nginx +docker run --rm -it -p 8080:80 nginx 
-http://​localhost:​80+http://​localhost:8080 
 +</​code>​ 
 + 
 +<​code>​ 
 +> docker run -d --name web1 -p 8080:80 nginx 
 +> docker port web1 
 +80/tcp -> 0.0.0.0:​8080
 </​code>​ </​code>​
  
 Example: Windows container: Example: Windows container:
 <​code>​ <​code>​
-docker run -p 81:80 -d microsoft/​iis:​nanoserver+docker run -p 81:80 -d microsoft/​iis:​nanoserver
 http://​localhost:​81 http://​localhost:​81
 +
 +the application inside the container runs on port 80
 +we can access the application from the host on port 81
 </​code>​ </​code>​
  
Line 169: Line 264:
 local   ​0.000GB local   ​0.000GB
 </​code>​ </​code>​
 +
 +
 +====Tar Utility====
 +
 +Example: Use a docker container to unpack a tar file (C:/​Test/​myfile.tar):​
 +<code text>
 +C:\Test> mkdir extract
 +C:\Test> docker run --rm -it -v C:/​Test:/​data alpine tar -xf /​data/​myfile.tar -C /​data/​extract
 +</​code>​
 +
 +Example: Unpack a tar file and view an extracted json file:
 +<code text>
 +C:\Test> docker run --rm -it -v C:/​Test:/​data alpine sh
 +/ # tar -tf /​data/​myfile.tar
 +/ # mkdir /​data/​extract
 +/ # tar -xf /​data/​myfile.tar -C /​data/​extract
 +/ # apk add --no-cache jq
 +/ # cd data/​extract
 +/​data/​extract # cat manifest.json | jq
 +</​code>​
 +
 +
  
  
Line 219: Line 336:
  
  
-====Remarks====+ 
 +====General Info====
  
   * An **image** is an application packaging format. Image = Manifest + Loosely Coupled Layers   * An **image** is an application packaging format. Image = Manifest + Loosely Coupled Layers
   * A **stopped container** is an equivalent of installed software.   * A **stopped container** is an equivalent of installed software.
   * A **running container** is an equivalent to running software.   * A **running container** is an equivalent to running software.
 +  * A **host** or a **container host** is the machine that you run containers on.
  
 The building blocks of containers are the Linux kernel primitives: namespaces and control groups. Namespaces are about isolation. Control groups are about grouping objects and setting limits. ​ The building blocks of containers are the Linux kernel primitives: namespaces and control groups. Namespaces are about isolation. Control groups are about grouping objects and setting limits. ​
Line 242: Line 361:
 Tha image'​s Base Layer contains OS files and objects. Tha image'​s Base Layer contains OS files and objects.
  
 +
 +====Logging====
 +
 +There are two types of logs:
 +
 +  * **Daemon logs** (= docker engine logs)
 +    * Linux (systemd): journalctl -u docker.service
 +    * Linux (non-systemd):​ /​var/​log/​messages
 +    * Windows: ~/​AppData/​Local/​Docker -and/or- Event Viewer
 +
 +  * **Container logs** (= app logs)
 +    * run your app as PID1
 +    * log in messages to stdout/​stderr
 +    * -or- mount a volume and log in to a file
 +    * -or- logging driver plugins integrate containers with existing logging solutions such as syslog, gelf, splunk, fluentd, etc.
 +      * set the default logging driver in daemon.json
 +      * override the default logging driver with a per-container driver using --log-driver,​ --log-opts
 +
 +Inspect logs with the docker logs command:
 +<code text>
 +docker logs <​container>​
 +</​code>​
  
 ====Registries & Repos==== ====Registries & Repos====
Line 260: Line 401:
  
 A registry contains multiple repositories. The repos as well as the entire registries can be public or private. A registry contains multiple repositories. The repos as well as the entire registries can be public or private.
-====Links ​& Docs====+ 
 + 
 +====Containerizing an App==== 
 + 
 +**Example**:​ Create an image for a nodejs app: 
 + 
 +Create Dockerfile for your app. Dockerfile contains the list of instructions on how to build an image with an app inside. 
 +   
 +<code text> 
 +FROM alpine ​                            # Layer #1: a base image used as the base layer of your image 
 + 
 +LABEL maintainer="​email@something.com" ​ # metadata: maintainer 
 + 
 +RUN apk add --update nodejs nodejs-npm ​ # Layer #2: execute a command and create a new layer 
 +                                        # we add app-specific files: node and npm (node package manager) 
 + 
 +COPY . /src                             # Layer #3: copy files from the current directory into /src in the image 
 + 
 +WORKDIR /src                            # metadata: change the working dir to /src 
 + 
 +RUN npm install ​                        # Layer #4: install dependencies;​ in our example, npm runs against 
 +                                        # whatever is listed in packages.json 
 + 
 +EXPOSE 8080                             # metadata: a port the app is listening to 
 + 
 +ENTRYPOINT ["​node",​ "​./​app.js"​] ​        # metadata: run the app; it's relative to the specified WORKDIR 
 +</​code>​ 
 + 
 +From the location of your app's files and the Dockerfile, call '​docker image build'​. The last dot specifies the current directory as the build context: 
 + 
 +<code text> 
 +docker image build -t app_tag . 
 +</​code>​ 
 + 
 +'​docker image' sends the contents of the build context to the Docker Daemon. You could specify the build context explicitly if you were not in the location of your app and the Dockerfile. It means your build context may be a Git repo. In such a case, the Daemon pulls the context from GitHub. 
 + 
 +<code text> 
 +# specify the build context explicitly 
 +docker image build -t app_tag /​home/​code/​myapp/​ 
 + 
 +# specify a Git repo as the build context 
 +docker image build -t app_tag https://​github.com/​wbs/​wbs.git 
 +</​code>​ 
 + 
 +**Example**:​ Create an publish an image for a .NET Core console app: 
 + 
 +1. Create FDD (framework-dependent deployment) of your app: 
 +<code text> 
 +cd C:​\Projects\ConsoleApp 
 +dotnet publish -c Release 
 +</​code>​ 
 + 
 +2. Create a Dockerfile in C:​\Projects\ConsoleApp:​ 
 +<code text> 
 +FROM microsoft/​dotnet:​2.0-runtime 
 + 
 +WORKDIR /app 
 +COPY bin/​Release/​netcoreapp2.0/​publish . 
 + 
 +ENTRYPOINT ["​dotnet","​ConsoleApp.dll"​] 
 +</​code>​ 
 + 
 +3. Create the docker image '​consoleapp':​ 
 +<code text> 
 +docker build -t consoleapp . 
 +</​code>​ 
 + 
 +4. Run a container from the local image (just to test it): 
 +<code text> 
 +docker run --rm consoleapp 
 +</​code>​ 
 + 
 +5. Tag the image and publish it: 
 +<code text> 
 +docker tag consoleapp ata6502/​consoleapp 
 +docker login 
 +docker push ata6502/​consoleapp 
 +</​code>​ 
 + 
 +6. Run a container from the published image: 
 +<code text> 
 +docker run --rm -it ata6502/​consoleapp 
 +</​code>​ 
 + 
 +You can also override the entry point and list the files in the image: 
 +<code text> 
 +docker run --rm -it --entrypoint=bash ata6502/​consoleapp 
 +root@76f4811ead33:/​app#​ ls 
 +</​code>​ 
 + 
 +**Example**:​ Create a new image from container'​s changes using '​docker commit':​ 
 +<code text> 
 +docker commit [OPTIONS] CONTAINER [REPOSITORY[:​TAG]] 
 +    docker commit mycontainer repo:tag1 
 +</​code>​ 
 + 
 + 
 +Remember:  
 +  * Keep only what you need to build your image in the build context. 
 +  * Specify the smallest image as your base layer image. 
 +  * Use multi-stage builds to further reduce the size of your image. 
 +  * Provide metadata to document your app. 
 +  * CMD instruction:​ Run-time arguments override CMD commands 
 +  * ENTRYPOINT instruction:​ Run-time arguments are appended to ENTRYPOINT 
 + 
 + 
 +====Tools==== 
 + 
 +Use 'where docker'​ to find out the location of docker on Windows: 
 + 
 +  * C:\Program Files\Docker\Docker\Resources\bin\docker.exe 
 + 
 +There are also a few other tools in the same location: 
 + 
 +  * docker-compose - defines and composes multi-container apps (orchestration) 
 +  * docker-credential-wincred 
 +  * docker-machine - provisions docker hosts/​engines 
 +  * kubectl 
 +  * notary 
 +  * Docker Swarm - schedules containers over multiple docker engines 
 + 
 +Orchestration of containerized apps: 
 + 
 +  * Kubernetes 
 +  * Mesosphere DCOS (Datacenter Operating System) 
 +  * CoreOS fleet 
 +  * OpenStack Magnum 
 + 
 + 
 +====Links====
  
   * [[https://​hub.docker.com|Docker Hub]]   * [[https://​hub.docker.com|Docker Hub]]
-  * [[https://​docs.docker.com/​engine/​reference/​run/​|Docker Reference]]+  * [[https://​docs.docker.com/​engine/​reference/​run/|Docker CLI]] 
 +  * [[https://​docs.docker.com/​engine/​reference/​builder/|Docker Reference]]
   * [[https://​hub.docker.com/​r/​microsoft/​dotnet/​~/​dockerfile/​|Dockerfile of microsoft/​dotnet]]   * [[https://​hub.docker.com/​r/​microsoft/​dotnet/​~/​dockerfile/​|Dockerfile of microsoft/​dotnet]]
 +  * [[https://​docs.microsoft.com/​en-us/​virtualization/​windowscontainers/​index|Windows Containers Docs]]
 +  * [[https://​docs.microsoft.com/​en-us/​dotnet/​core/​docker/​building-net-docker-images|Building Docker Images for .NET Core Applications]]
  
 Show repos containing docs: Show repos containing docs:
Line 282: Line 555:
 </​code>​ </​code>​
  
-====Shortcuts==== 
- 
-^  Shortcut ​ ^  Description ​ ^ 
-| Ctrl+P+Q | Get out of a container without stopping it | 
  
 ====Linux==== ====Linux====
Line 300: Line 569:
 </​code>​ </​code>​
  
-Install ​vim:+====vim====
  
 <code text> <code text>
Line 306: Line 575:
 apt-get install vim apt-get install vim
 </​code>​ </​code>​
 +
 +  * i - enter the interactive mode
 +  * Esc :wq 
 +    * w - save changes
 +    * q - quit vim
 +  * Esc
 +    * o - insert a new line below
 +    * O - insert a new line above
 +    * i - start the --INSERT-- mode
 +
  
notes/tools/docker.1536889789.txt.gz · Last modified: 2018/09/13 by leszek