ict.ken.be

How

• Kernel Namespaces - Isolation
• Control Groups (cgroups) - Resource Utilization
• Capabilities - Privilege Partitioning
• Every container gets its own writable top layer
• One process per container, but we can run multiple processes

Who & What

• dotCloud - Solomon Hykes
• docker witten in Golang started by using LXC (evolved into libcontainer)

Getting started

For windows 2008R2 install docker from:

• https://www.docker.com/products/docker-toolbox
• https://github.com/docker/toolbox/releases

Documentation at https://docs.docker.com/

Browse images at https://hub.docker.com/explore/

Commands for quickstart terminal

• docker-machine
• docker-machine ip
• docker-machine ls

• docker-machine env

• docker --help

• docker info
• docker run hello-world
• docker images
• docker ps -a
• docker rm distracted_minksy
• docker rmi c54a2
• docker run container-name
• docker run -d -p 80:80 container-name:mayor.minor
• docker run container-name --cpu-shares=1024 --memory=1g
• docker stop c54
• docker stop $(docker ps -a -q)
• docker inspect c54 | grep Pid
• docker top container-name

• docker kill -s docker

• docker run ubuntu /bin/bash -c "echo 'some line in a file' > /tmp/some-file"

• docker commit container-name custom-image
• docker history custom-image
• docker save -o /tmp/custom-image.tar custom-image
• tar -tf /tmp/custom-image.tar
• docker load -i /tmp/custom-image.tar
• docker network create --driver bridge customisolatednetwork
• docker run -d --net=customisolatednetwork container-name
• docker logs container-name

• docker --debug ps

• docker-compose build

• docker-compose build --no-cache
• docker-compose up -d
• docker-compose logs
• docker-compose down

Portmapping: /var/lib/docker/containers/[hashofthe_container]/hostconfig.json

Shortcut Keys

• Exit container without killing it: ctrl + P + Q

Shell

• docker attach
• ssh
• docker-enter 8b
• docker exec -it 8b /bin/bash
• docker run -v /usr/local/bin:/target jpetazzo/nsenter
• nsenter -m -u -n -p -i -t /bin/bash

Dockerfile

• https://docs.docker.com/engine/reference/builder/

• each instruction creates a new layer (eg. RUN, CMD, MAINTAINER)

• only last cmd will be executed (even if it is on cmdline)
• CMD will add "/bin/sh -c"
• ENTRYPOINT will take the cmdline arguments

• docker build -t hellonginx:0.1 .
• docker build -f custom.dockerfile -t kenowi/custom
• docker run hello printechothismessage

Volumes

Store data in directory on host

• docker run -it -v /test-dir --name=testvolume ubuntu:15.04 /bin/bash
• docker run -it --volumes-from=testvolume ubuntu:15.04 /bin/bash
• docker run -v /data-dir-host:/data-dir-container
• docker rm -v testvolume

Networking

• apt-get install bridge-utils
• brctl show docker0
• cat /etc/resolv.conf
• docker run --dns=8.8.4.4 --name=dnstest my-image
• docker port containername
• docker run -d -p 192.168.56.50:5000:80/udp --name=overudp my-image
• docker run -d -P my-image
• docker run --name=src -d my-image
• docker run --name=dst --link=src:alias-src -it ubuntu:15.04 /bin/bash
• env | grep ALI
• cat /etc/hosts

Registry

• hub.docker.com
• docker tag imageid kenowi/custom
• docker push kenowi/custom:1.0
• docker pull kenowi/custom:1.0
• docker run -d -p 5000:5000 registry

Docker on Ubuntu

• sudo su
• uname -a
• apt-get update
• apt-get install -y docker.iodo
• service docker.io status
• docker -v
• docker version
• docker info
• ls -l /run
• cat etc/group
• sudo gpasswd -a my-user docker
• logout
• docker run -it ubuntu /bin/bash
• exit
• netstat -tlp
• service docker stop
• docker -H 192.168.56.50:2375 -d &
• docker -H 192.168.56.50:2375 -H unix:///var/run/docker.sock -d &
• ls -l /var/lib/docker/aufs/diff/
• docker start ff7
• docker attach ff7
• alias dps="docker ps"
• service docker stop
• docker -d -l debug &

Docker on CentOS

• yum install -y docker
• systemctl start docker.service
• systemctl status docker.service
• export DOCKER_HOST="tcp://192.168.56.50:2375"
• export DOCKER_HOST=
• ps -elf
• cat /etc/hosts
• ip a
• cat /etc/redhat-release
• yum check-update
• yum install -y vim
• vim /tmp/testfile
• :wq

Docker and Fedora

• docker run -it fedora /bin/bash
• docker pull -a fedora
• docker images fedora
• pstree
• man
• iostat

Docker and CoreOS

• docker pull coreos/etcd

Selenium

https://github.com/SeleniumHQ/docker-selenium

https://hub.docker.com/u/selenium/

• docker run -d ‐‐name selenium-hub -p 4444:4444 selenium/hub
• docker run -d -P ‐‐link selenium-hub:hub selenium/node-chrome
• docker run -d -P ‐‐link selenium-hub:hub selenium/node-firefox

docker-compose.yml

seleniumhub: image: selenium/hub ports: - 4444:4444

firefoxnode: image: selenium/node-firefox ports: - 5900 links: - seleniumhub:hub

chromenode: image: selenium/node-chrome ports: - 5900 links: - seleniumhub:hub

• docker-compose up -d
• docker-compose scale chromenode=3

NGinx

• docker pull kitematic/hello-world-nginx

Gitlab

• sudo docker run --detach \ --hostname gitlab.example.com \ --publish 443:443 --publish 80:80 --publish 22:22 \ --name gitlab \ --restart always \ --volume /srv/gitlab/config:/etc/gitlab \ --volume /srv/gitlab/logs:/var/log/gitlab \ --volume /srv/gitlab/data:/var/opt/gitlab \ gitlab/gitlab-ce:latest

• docker run gitlab/gitlab-ce

More

• First Docker preview ever: https://www.youtube.com/watch?v=wW9CAH9nSLs
• https://github.com/DanWahlin/Angular2-RESTfulService
• https://app.pluralsight.com/player?course=docker-deep-dive&author=nigel-poulton&name=docker-deep-dive-m0&clip=0&mode=live
• phusion/baseimage

Deprecated

• docker images --tree