Easy Containerization
Agenda
- Docker vs. other alternatives
-
Docker vs. Git
-
Image vs. Container
-
From devops perspective
-
From developer perspective
-
How to link multiple containers
-
Data-only containers
- Orchestration tools
- How to prepare environment
- Useful docker images
Docker Host on Demand
ssh root@dhod -p 20022 # albo: ssh root@10.93.1.226 -p 20022
#password: docker
Docker vs. Vagrant
uname -a
docker run -ti ubuntu uname -a
docker run -ti ubuntu:14.04 uname -a
docker run -ti ubuntu:12.04 uname -a
docker run -ti fedora uname -a
docker run -ti coreos uname -a
Demo time! #1
type in your console
Linux Containers & Docker
Docker vs. Git
Layers
- AUFS - AnotherUnionFS/advanced multi layered unification filesystem
- Each layer has its own hash
- Layer can be tagged
- Layers are shared
docker images --tree
Community
- Open Source
- docker service itself (written in go)
- most of images on docker hub
- 120+ officially supported images by docker
- few thousand created by community
- linked with github/bitbucket repositories
Image vs. Container
There is official tutorial on docker.com
... and I don't recommend it
Image
Container
docker images
docker build
docker pull
docker push
docker rmi
docker tag
docker run
docker ps
docker rm
docker exec
docker logs
docker stats
Docker from sysadmin perspective
Ports: 22, 80
p: 3306
v: /var/lib/mysql
p: 11211
How to run containers
docker run -p 8080:80 -p 20022:22 --name blog --mem_limit 512mb kszumny/my_blog
blog:
image: kszumny/my_blog
ports:
- "8080:80"
- "20022:22"
mem_limit: 512000000
Using fig.yml/docker-compose.yml file
# fig up -d
docker-compose up -d
docker run -ti noisy/httpd-hello-stx
docker run -ti -p 80:80 noisy/httpd-hello-stx
docker run -ti -P noisy/httpd-hello-stx
#in dhod:
docker run -ti -p 20101:80 --name hello-stx noisy/httpd-hello-stx
docker run -d -p 20101:80 --name hello-stx noisy/httpd-hello-stx
#check dhod:20101/
Demo time! #2
type in your console
docker
docker ps [-a]
docker exec <container_id/name> bash
docker logs <container_id/name>
docker stats <container_id/name>
fig
fig ps
fig exec
fig logs
fig stop
fig restart
fig scale
Interaction with running containers
Docker from developer perspective
Building an image
FROM
RUN
CMD
EXPOSE
ENV
ADD or COPY
ENTRYPOINT
VOLUME
USER
WORKDIR
ONBUILD
Dockerfile commands
Non interactive mode
- apt-get install -y --force
- cd /some/dir/ && make
- echo "yes" | git clone
- grep, xargs
- sed -e 's/foo/bar/g' /dir/filename
- git clone --depth 1
- expect
useful commands
$ sudo passwd bob
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully
#!/bin/sh
newpass=42
expect -c "
spawn sudo passwd
expect "?assword:"
send \"$newpass\r\"
expect "?assword:"
send \"$newpass\r\"
expect eof"
docker build
docker build --tag <tag> --no-cache <dir>
docker build -t docker-demo .
How to speed up building images
- add on the end/test/refactor
- no-cacheable commands on the end
- a .dockerignore file
- use base images
How to debug code in running container?
container
ssh service
Remote Debugger
- dockerization of ssh service is considered as bad practice
- ssh service is undesired in production images
- pycharm helpers are uploaded only once to remote server (data only container is needed)
pycharm helpers
data only container
Automated Builds
Linking containers
docker run -d --name db training/postgres
- Run the first container and name it
docker run -d -P --name web --link db:postgresdb training/webapp python app.py
- Run the 2nd container and link it with existing one
- /etc/hosts
- Environment Variables
- <name>_PORT_<port>_<protocol
WEB_PORT_80_TCP_ADDR=172.17.0.82
WEB_PORT_80_TCP_PORT=8080
- <name>_PORT_<port>_<protocol
Volumes
- upload/download files
- useful for backups
web:
image: yesnault/docker-phabricator
links:
- db:database
ports:
- "8082:80"
db:
image: yesnault/docker-phabricator-mysql
How to store data?
web:
image: yesnault/docker-phabricator
links:
- db:database
ports:
- "8082:80"
db:
image: yesnault/docker-phabricator-mysql
volumes_from:
- data
data:
image: busybox
volumes:
- /var/lib/mysql
web:
image: yesnault/docker-phabricator
links:
- db:database
ports:
- "8082:80"
db:
image: yesnault/docker-phabricator-mysql
volumes_from:
- data
data:
image: yesnault/docker-phabricator-mysql
volumes:
- /var/lib/mysql
entrypoint: /bin/ls
Demo time! #3
Data Only Containers
Persistent volumes
docker inspect
# Dockerfile
FROM busybox
VOLUME /var/lib/mysql
CMD /bin/sh
docker build -t mysql_datastore .
docker run -i -t -name mysql_data mysql_datastore
docker run -d --name mysql_data -v /var/lib/mysql busybox
or
fig/docker compose...
or
Orchestration tools
#fig.yml/docker-compose.yml
web:
build: .
ports:
- "80"
- "443:443"
volumes_from:
- data
volumes:
- /backup:/backup
environment:
- VIRTUAL_HOST=phab.localhost
- VIRTUAL_PORT=80
data:
image: busybox
volumes:
- /var/lib/mysql
- /var/repo
- /opt/phabricator/conf
- /etc/ssl/spistresci
fig / docker-compose
fig up -d # Voilà!
zookeeper:
image: raycoding/piggybank-zookeeper
ports:
- "8383:8383"
- "2181:2181"
- "2888:2888"
- "3888:3888"
environment:
- HOSTNAME=127.0.0.1
database:
image: mysql
environment:
- MYSQL_ROOT_PASSWORD=topsecret
volumes_from:
- data
volumes:
- .:/local/
ports:
- "3306"
command: mysqld
solr:
build: .
volumes_from:
- data
ports:
- "8983:8983"
links:
- zookeeper:ZK
- database:DB
environment:
- SOLR_OPTS="-DzkHost=$ZK_PORT_2181_TCP_ADDR:$ZK_PORT_2181_TCP_PORT"
command: /bin/bash -c '/upconfigs.sh ; /usr/lib/apache-tomcat-7.0.32/bin/catalina.sh run'
data:
image: busybox
volumes:
- /usr/lib/solr-home
- solr.xml:/usr/lib/solr-home/solr.xml
- /var/lib/mysql
Preparing Environment for Docker
- kernel
- 3.10+
- boot2docker (Mac OS X, Windows)
- users & groups
-
- partitions
- /var/lib/docker
- docker machine
- custom docker hub
- Docker Registry:
- docker run -p 5000:5000 registry
- Docker Distribution
- still alpha version :(
- Docker Registry:
sudo groupadd docker
sudo gpasswd -a ${USER} docker
sudo service docker restart
Instalation
Ubuntu:
$ curl -sSL https://get.docker.com/ubuntu/ | sudo sh
Other:
do not use apt-get to install docker
use:
Maintenance
docker ps -a | grep 'weeks ago' | awk '{print $1}' | xargs --no-run-if-empty docker rm
Remove old containers
docker rm $(docker ps -aq)
# or more explicite
docker rm $(docker ps -a | grep Exited | awk '{print $1}')
Remove all stopped containers
docker-cleanup script:
docker images | grep "<none>" | awk '{print $3}' | xargs docker rmi
Remove all untagged images
Useful docker images
Copy of docker
By noisy
Copy of docker
- 1,701