Wednesday, 16 June 2021

Docker

$ sudo systemctl start docker

Configuration

I am on a low bandwith thing, so needed to add max-concurrent-uploads to the /etc/docket/daemon.json, otherwise I got connection timeouts. (default is 5)

{
  "experimental": false,
  "max-concurrent-uploads": 1,
  "data-root": "/mnt/docker" }

I've since moved the docker data directory ("data-root") to a separate mount ("/mnt/docker"), as it takes up a deal of space.

See reference 1.

Basics

docker pull dockerimageurl
downloads a particular image, probably from Docker Hub
docker images
can show you all the images the docker has at its disposal
docker container create
creates a new container based on an image
docker run --rm -i -t -p portext:portint dockerimageurl
start running a new container (-d is detached, -p is portmap, -i keep STDIN open even if not attached , -t allocates a pseudo-TTY, --rm removes container on exit ), basically does all of the previous steps if necessary

Administration

docker inspect dockerimageurl
shows low level information on the running container
docker exec <container-id> cat /data.txt
run a single command on the container, can be run as long as the master process (pid 1) is running
docker ls [-a]
seems to be exactly the same as ps
docker ps [-a]
list docker containers (-a for aboth started and stopped)
docker attach <the-container-id>
stttach to a running docker container with the ID from docker ps. Convenient if you've run it "detatched".
docker stop <the-container-id>
stop docker container with the ID from docker ps
docker rm <the-container-id>
remove docker container
docker rmi <the-image-id>
removes an image

Examples

Simply running an image can be done with:

docker run --rm -i -t -p 80:8080 -p 443:8181 --name jelasticgraaljdk17 jelastic/javaengine:graalvm-21.0.0.2

"--name" is a nice option to prevent docker from assigning meaningless auto-generated names to your containers.

It will help tremendously if we could look at how an original image was made. This is possible with the history command.

docker history jelastic/javaengine:graalvm-21.0.0.2

Add --no-trunc to show entire command lines.

For example in the example, it will show the following:

IMAGECREATEDCREATED BYSIZE
72627645230f12 days ago24.4MB
<missing> 12 days ago /bin/sh -c #(nop) WORKDIR /etc/init.d 0B
<missing> 12 days ago /bin/sh -c #(nop) LABEL actions=webAccess a… 0B
<missing> 12 days ago /bin/sh -c #(nop) EXPOSE 21 22 25 80 8080 0B

Added 443 8743 to the exposed ports in my new image.

Creating your own image

docker build
build a new container image based on a Dockerfile. (-t is tag)
docker commit c16378f943fe rhel-httpd:latest
docker login -u YOUR-USER-NAME
logging into the Docker hub
docker tag c16378f943fe YOUR-USER-NAME/name
tag your image appropriately before pushing it to the repo
docker push imagename:tag
pushes an image to a remote Docker repository. If you do not provide a tag, it will automatically become "latest".

Examples

cd ../graalvm
docker build -t maartenl22/jelasticgraaljdk11:latest -t maartenl22/jelasticgraaljdk11:v0.1 .
cd ../karchan
docker build -t maartenl22/karchan:latest -t maartenl22/karchan:v2.0.8 .

Check that this worked by running:

docker run --name graalvm --rm -i -t -p 8080:8080 -p 8743:8743 maartenl22/jelasticgraaljdk11:latest
docker run --name karchan --rm -i -t -p 8080:8080 -p 8743:8743 maartenl22/karchan:latest

Pushing your image to Docker Hub

Examples

docker build -t maartenl22/jelasticgraaljdk11 .
docker build -t maartenl22/karchan .
docker image ls

First do this, just to make sure:

docker logout
docker login
docker push maartenl22/jelasticgraaljdk11
docker push maartenl22/karchan

You should see both jelasticgraaljdk11 and registry-host:5000/maartenl22/jelasticgraaljdk11 listed.

You should see both karchan and registry-host:5000/maartenl22/karchan listed.

docker run --name karchan -cap-add=NET_ADMIN --rm -i -t -p 8080:8080 -p 8743:8743 jelasticgraaljdk11:latest

The -cap-add=NET_ADMIN is necessary to see the iptables configuration.

cd /home/jelastic
java -jar payara-micro-5.2021.1.jar --port 80 --sslport 443 jakartaee-8-project.war

Portainer

Portainer is a docker image containing a simple server that interfaces with the Docker deamon. With it you can get a good view of what Docker is running and what containers and images are available and all that.

Also attaching a terminal via de website is possible. Very nice.

docker volume create portainer_dataa
docker run -d -p 8000:8000 -p 9000:9000 --name=portainer --restart=always -v /var/run/docker.sock:/var/run/docker.sock -v portainer_dataa:/data portainer/portainer-ce

When starting it for the first time, and surfing to localhost:9000, you can add an administrator user.

It works great to get a good overview about what's going on.

Hello, world.

References

[1] GuguWeb - HOW TO MOVE DOCKER DATA DIRECTORY TO ANOTHER LOCATION ON UBUNTU
https://www.guguweb.com/2019/02/07/how-to-move-docker-data-directory-to-another-location-on-ubuntu/
Jelastic - Build software stack container image for private PaaS
https://jelastic.com/blog/build-software-stack-container-image-private-paas/
Jelastic - Building custom containers
https://docs.jelastic.com/building-custom-container/
Docker - Custom container deployment
https://docs.jelastic.com/custom-containers-deployment/
Docker - Installing fedora
https://docs.docker.com/engine/install/fedora/
Docker - Reference manuals
https://docs.docker.com/reference/
Portainer
https://www.portainer.io/
Youtube - Intro to Docker [with Java Examples]
https://youtu.be/FzwIs2jMESM
Dockerhub - my jelastic graal with jdk 11 docker image
https://hub.docker.com/r/maartenl22/jelasticgraaljdk11
Github - Docker file
https://github.com/maartenl/jelasticgraaljdk11

No comments:

Post a Comment