Docker workshop
description
Transcript of Docker workshop
![Page 1: Docker workshop](https://reader034.fdocuments.net/reader034/viewer/2022051312/5476cfe1b4af9f22628b459d/html5/thumbnails/1.jpg)
Docker Workshop
Evans Ye2014.10.13
![Page 2: Docker workshop](https://reader034.fdocuments.net/reader034/viewer/2022051312/5476cfe1b4af9f22628b459d/html5/thumbnails/2.jpg)
Agenda• Docker and underlying technologies• Running Docker containers• Building Docker images• The official Docker hub
![Page 3: Docker workshop](https://reader034.fdocuments.net/reader034/viewer/2022051312/5476cfe1b4af9f22628b459d/html5/thumbnails/3.jpg)
![Page 4: Docker workshop](https://reader034.fdocuments.net/reader034/viewer/2022051312/5476cfe1b4af9f22628b459d/html5/thumbnails/4.jpg)
![Page 5: Docker workshop](https://reader034.fdocuments.net/reader034/viewer/2022051312/5476cfe1b4af9f22628b459d/html5/thumbnails/5.jpg)
Containers offer faster automation
HOW?
![Page 6: Docker workshop](https://reader034.fdocuments.net/reader034/viewer/2022051312/5476cfe1b4af9f22628b459d/html5/thumbnails/6.jpg)
Docker Container• A container is a group of isolated processes
– cgroups– namespace
• Isolated processes run straight on the host– native CPU performance– minimal memory overhead– minimal network performance overhead
![Page 7: Docker workshop](https://reader034.fdocuments.net/reader034/viewer/2022051312/5476cfe1b4af9f22628b459d/html5/thumbnails/7.jpg)
7
CGroups
![Page 8: Docker workshop](https://reader034.fdocuments.net/reader034/viewer/2022051312/5476cfe1b4af9f22628b459d/html5/thumbnails/8.jpg)
Cgroups (control groups)• Linux kernel feature• Groups of processes• Resource limitations
– Like limits.confbut the scope is a set of processes instead of uid/gid
• May be nested
![Page 9: Docker workshop](https://reader034.fdocuments.net/reader034/viewer/2022051312/5476cfe1b4af9f22628b459d/html5/thumbnails/9.jpg)
Cgroups submodules• memory• CPU• network IO• disk IO
![Page 10: Docker workshop](https://reader034.fdocuments.net/reader034/viewer/2022051312/5476cfe1b4af9f22628b459d/html5/thumbnails/10.jpg)
10
Namespaces
![Page 11: Docker workshop](https://reader034.fdocuments.net/reader034/viewer/2022051312/5476cfe1b4af9f22628b459d/html5/thumbnails/11.jpg)
namespaces• Linux kernel feature• wrap particular global system resource in an
abstracted, isolated instance• May be nested
![Page 12: Docker workshop](https://reader034.fdocuments.net/reader034/viewer/2022051312/5476cfe1b4af9f22628b459d/html5/thumbnails/12.jpg)
Different kinds of namespaces
![Page 13: Docker workshop](https://reader034.fdocuments.net/reader034/viewer/2022051312/5476cfe1b4af9f22628b459d/html5/thumbnails/13.jpg)
#TrendInsight
Running Docker Containers
![Page 14: Docker workshop](https://reader034.fdocuments.net/reader034/viewer/2022051312/5476cfe1b4af9f22628b459d/html5/thumbnails/14.jpg)
![Page 15: Docker workshop](https://reader034.fdocuments.net/reader034/viewer/2022051312/5476cfe1b4af9f22628b459d/html5/thumbnails/15.jpg)
Run Docker container in boot2docker directly
![Page 16: Docker workshop](https://reader034.fdocuments.net/reader034/viewer/2022051312/5476cfe1b4af9f22628b459d/html5/thumbnails/16.jpg)
Create a container with interactive shell$ docker run -t -i base:centos62 /bin/bash
[root@4d8c4b81f6d7 /]# exit (exited)
$ -t, --ttyAllocate a pseudo-TTY
$ -i, --interactiveKeep STDIN open even if not attached
![Page 17: Docker workshop](https://reader034.fdocuments.net/reader034/viewer/2022051312/5476cfe1b4af9f22628b459d/html5/thumbnails/17.jpg)
Check containers’ status$ docker ps
(only running containers are shown)$ docker ps –a
(all)
![Page 18: Docker workshop](https://reader034.fdocuments.net/reader034/viewer/2022051312/5476cfe1b4af9f22628b459d/html5/thumbnails/18.jpg)
Reattach in stopped container$ docker start -i 4d8c4b81f6d7[root@4d8c4b81f6d7 /]#
![Page 19: Docker workshop](https://reader034.fdocuments.net/reader034/viewer/2022051312/5476cfe1b4af9f22628b459d/html5/thumbnails/19.jpg)
Take a look at Docker run command$ docker run -t -i base:centos62 /bin/bash
![Page 20: Docker workshop](https://reader034.fdocuments.net/reader034/viewer/2022051312/5476cfe1b4af9f22628b459d/html5/thumbnails/20.jpg)
Command + args$ docker run base:centos62 /bin/cat /etc/hosts
![Page 21: Docker workshop](https://reader034.fdocuments.net/reader034/viewer/2022051312/5476cfe1b4af9f22628b459d/html5/thumbnails/21.jpg)
Name a container$ docker run -ti --name foo base:centos62 /bin/bash$ docker ps -a
$ docker rm foodestroy foo container
![Page 22: Docker workshop](https://reader034.fdocuments.net/reader034/viewer/2022051312/5476cfe1b4af9f22628b459d/html5/thumbnails/22.jpg)
Destroy all containers$ docker rm `docker ps --no-trunc -aq`
(except running containers, they must be stopped first)
$ docker rm -f `docker ps --no-trunc -aq`(force destroy all containers)
![Page 23: Docker workshop](https://reader034.fdocuments.net/reader034/viewer/2022051312/5476cfe1b4af9f22628b459d/html5/thumbnails/23.jpg)
Create ephemeral container$ docker run -ti --rm base:centos62 /bin/bash
[root@4d8c4b81f6d7 /]# exit (destroyed upon exit)
$ docker ps -a
![Page 24: Docker workshop](https://reader034.fdocuments.net/reader034/viewer/2022051312/5476cfe1b4af9f22628b459d/html5/thumbnails/24.jpg)
Ports forwarding (publish)$ docker run -ti -p 80:80 base:centos62 /bin/bash# yum install httpd# echo "hello world" > /var/www/html/index.html# service httpd start$ curl localhost:80
![Page 25: Docker workshop](https://reader034.fdocuments.net/reader034/viewer/2022051312/5476cfe1b4af9f22628b459d/html5/thumbnails/25.jpg)
What does Docker port forwarding do?
Windows / OS X
boot2docker
Container Container 80
80
![Page 26: Docker workshop](https://reader034.fdocuments.net/reader034/viewer/2022051312/5476cfe1b4af9f22628b459d/html5/thumbnails/26.jpg)
26
Well, I need to render it
in browsers…
![Page 27: Docker workshop](https://reader034.fdocuments.net/reader034/viewer/2022051312/5476cfe1b4af9f22628b459d/html5/thumbnails/27.jpg)
How about this?
Windows / OS X
boot2docker
Container Container 80
80
80
![Page 28: Docker workshop](https://reader034.fdocuments.net/reader034/viewer/2022051312/5476cfe1b4af9f22628b459d/html5/thumbnails/28.jpg)
Doable via Vagrant$ vim Vagrantfile
![Page 29: Docker workshop](https://reader034.fdocuments.net/reader034/viewer/2022051312/5476cfe1b4af9f22628b459d/html5/thumbnails/29.jpg)
The solution
Windows / OS X
boot2docker
Container Container 80
80
80
Docker port forwarding Vagrant port forwarding
![Page 30: Docker workshop](https://reader034.fdocuments.net/reader034/viewer/2022051312/5476cfe1b4af9f22628b459d/html5/thumbnails/30.jpg)
More about Docker ports forwarding$ docker run -ti -p 80:80 base:centos62 /bin/bash
• -p, --publishPublish a container's port to the host
• format: – ip:hostPort:containerPort (10.1.1.1:80:80)– ip::containerPort (10.1.1.1::80)– hostPort:containerPort (80:80)
![Page 31: Docker workshop](https://reader034.fdocuments.net/reader034/viewer/2022051312/5476cfe1b4af9f22628b459d/html5/thumbnails/31.jpg)
Volume (like sync folder)$ docker run -ti --name apache
-v /httpd-logs:/var/log/httpd base:centos62 /bin/bash
# touch /var/log/httpd/foo
$ ls /http-logs
![Page 32: Docker workshop](https://reader034.fdocuments.net/reader034/viewer/2022051312/5476cfe1b4af9f22628b459d/html5/thumbnails/32.jpg)
Volume from other container (useful to share data)$ docker run -ti --volumes-from apache
base:centos62 /bin/bash
# ls /var/log/httpd
![Page 33: Docker workshop](https://reader034.fdocuments.net/reader034/viewer/2022051312/5476cfe1b4af9f22628b459d/html5/thumbnails/33.jpg)
Link$ docker run -ti --link apache:apache.spn.tw.trendnet.org
base:centos62 /bin/bash# cat /etc/hosts
• Exposes information from source container to recipient container in two ways:– Environment variables– Updating the /etc/hosts file
• format:– name:alias
![Page 34: Docker workshop](https://reader034.fdocuments.net/reader034/viewer/2022051312/5476cfe1b4af9f22628b459d/html5/thumbnails/34.jpg)
04/09/2023
useful in multi-node situation
service(hadoop-client)
data(hadoop-client)
link
![Page 35: Docker workshop](https://reader034.fdocuments.net/reader034/viewer/2022051312/5476cfe1b4af9f22628b459d/html5/thumbnails/35.jpg)
Docker in client/server mode
Windows / OS X
boot2docker(Docker client)
Linux server
Docker Engine
Container Container
![Page 36: Docker workshop](https://reader034.fdocuments.net/reader034/viewer/2022051312/5476cfe1b4af9f22628b459d/html5/thumbnails/36.jpg)
Server: bind Docker engine to a tcp port$ docker -d -H 10.1.1.1:2375 -H
unix:///var/run/docker.sock
• -d, --daemondaemon mode
• -H, --hostthe socket(s) to bind in daemon mode
![Page 37: Docker workshop](https://reader034.fdocuments.net/reader034/viewer/2022051312/5476cfe1b4af9f22628b459d/html5/thumbnails/37.jpg)
Docker client$ export DOCKER_HOST=tcp://10.1.1.1:2375
$ docker images
$ docker run -ti --rm centos:centos6 /bin/bash(start container on the server)
• Note: – expose tcp port could let someone get root access to the host – not recommended in open network
![Page 38: Docker workshop](https://reader034.fdocuments.net/reader034/viewer/2022051312/5476cfe1b4af9f22628b459d/html5/thumbnails/38.jpg)
Running containers in background (Detached mode)
$ hadoop=$(docker run -d -p 50070:50070 tmh6:centos62)
$ docker inspect $hadoop
![Page 39: Docker workshop](https://reader034.fdocuments.net/reader034/viewer/2022051312/5476cfe1b4af9f22628b459d/html5/thumbnails/39.jpg)
39
Vagrant creates Docker containers in
detached mode
![Page 40: Docker workshop](https://reader034.fdocuments.net/reader034/viewer/2022051312/5476cfe1b4af9f22628b459d/html5/thumbnails/40.jpg)
Some other VM-like operations$ docker stop $hadoop$ docker start $hadoop$ docker kill $hadoop$ docker rm $hadoop
https://docs.docker.com/reference/commandline/cli/
![Page 41: Docker workshop](https://reader034.fdocuments.net/reader034/viewer/2022051312/5476cfe1b4af9f22628b459d/html5/thumbnails/41.jpg)
#TrendInsight
Building Docker Images
![Page 42: Docker workshop](https://reader034.fdocuments.net/reader034/viewer/2022051312/5476cfe1b4af9f22628b459d/html5/thumbnails/42.jpg)
42
There are two ways to build docker
images
![Page 43: Docker workshop](https://reader034.fdocuments.net/reader034/viewer/2022051312/5476cfe1b4af9f22628b459d/html5/thumbnails/43.jpg)
First: commit an existing container• Do changes manually, then commit
quick and dirty suitable for experiment might be deleted in the future
![Page 44: Docker workshop](https://reader034.fdocuments.net/reader034/viewer/2022051312/5476cfe1b4af9f22628b459d/html5/thumbnails/44.jpg)
Second: Build from Dockerfile• Dockerfile is a series of instructions• Use "Docker build" command to build images• pros:
– build images automatically by following instructions– visible and easy to understand instructions– enable Docker specific functions in the image– repeatability
![Page 45: Docker workshop](https://reader034.fdocuments.net/reader034/viewer/2022051312/5476cfe1b4af9f22628b459d/html5/thumbnails/45.jpg)
A sample httpd service DockerfileFROM base:centos62COPY index.html /var/www/html/index.htmlRUN yum -y install httpdEXPOSE 80CMD ["/usr/sbin/httpd", "-D", "FOREGROUND"]
![Page 46: Docker workshop](https://reader034.fdocuments.net/reader034/viewer/2022051312/5476cfe1b4af9f22628b459d/html5/thumbnails/46.jpg)
Build$ mkdir apache-server$ cd apache-server$ echo "our first docker image" > index.html$ vi Dockerfile (paste the sample and save it)$ docker build -t apache:0.1 ./
![Page 47: Docker workshop](https://reader034.fdocuments.net/reader034/viewer/2022051312/5476cfe1b4af9f22628b459d/html5/thumbnails/47.jpg)
Build context• docker build -t apache:0.1 ./• ./ will be transferred to Docker daemon as build
context• Must have a Dockerfile there
– ./Dockerfile
• DO NOT build at /– docker build -t apache:0.1 /
![Page 48: Docker workshop](https://reader034.fdocuments.net/reader034/viewer/2022051312/5476cfe1b4af9f22628b459d/html5/thumbnails/48.jpg)
Run the apache image$ docker run -d --name apache apache:0.1
$ docker run -ti --rm --link apache:a01 base:centos62 /bin/bash
# curl $A01_PORT_80_TCP_ADDR(you see how link and expose work together)
![Page 49: Docker workshop](https://reader034.fdocuments.net/reader034/viewer/2022051312/5476cfe1b4af9f22628b459d/html5/thumbnails/49.jpg)
49
Use entrypoint to bind a specific
executable to the image
![Page 50: Docker workshop](https://reader034.fdocuments.net/reader034/viewer/2022051312/5476cfe1b4af9f22628b459d/html5/thumbnails/50.jpg)
An httpd service exampleFROM base:centos62COPY index.html /var/www/html/index.htmlRUN yum -y install httpdEXPOSE 80ENTRYPOINT ["/usr/sbin/httpd"]CMD ["-D", "FOREGROUND"]
![Page 51: Docker workshop](https://reader034.fdocuments.net/reader034/viewer/2022051312/5476cfe1b4af9f22628b459d/html5/thumbnails/51.jpg)
The difference$ docker run -ti --rm apache:0.1 /bin/bash# (get into the container)
$ docker run -ti --rm apache:0.2 /bin/bashshow httpd helper message
the only thing you can do is to pass args to httpd
![Page 52: Docker workshop](https://reader034.fdocuments.net/reader034/viewer/2022051312/5476cfe1b4af9f22628b459d/html5/thumbnails/52.jpg)
Make sure init script always being executedFROM base:centos62…ENTRYPOINT ["init_wrapper_script"]CMD ["default_args"]
https://docs.docker.com/articles/dockerfile_best-practices/
![Page 53: Docker workshop](https://reader034.fdocuments.net/reader034/viewer/2022051312/5476cfe1b4af9f22628b459d/html5/thumbnails/53.jpg)
SHIPPING CONTAINERS
![Page 54: Docker workshop](https://reader034.fdocuments.net/reader034/viewer/2022051312/5476cfe1b4af9f22628b459d/html5/thumbnails/54.jpg)
Tagging an image$ docker tag -h
• dockerhub.evansye.com/base:centos62– REGISTRYHOST = dockerhub.evansye.com– NAME = base– TAG = centos62
![Page 55: Docker workshop](https://reader034.fdocuments.net/reader034/viewer/2022051312/5476cfe1b4af9f22628b459d/html5/thumbnails/55.jpg)
#TrendInsight
The official Docker hub
![Page 56: Docker workshop](https://reader034.fdocuments.net/reader034/viewer/2022051312/5476cfe1b4af9f22628b459d/html5/thumbnails/56.jpg)
![Page 57: Docker workshop](https://reader034.fdocuments.net/reader034/viewer/2022051312/5476cfe1b4af9f22628b459d/html5/thumbnails/57.jpg)
Redis$ docker run -d --name some-redis redis$ docker run -ti --rm --link some-redis:redis redis
/bin/bash# redis-cli -h $REDIS_PORT_6379_TCP_ADDR -p $REDIS_PORT_6379_TCP_PORT
https://registry.hub.docker.com/_/redis/
![Page 58: Docker workshop](https://reader034.fdocuments.net/reader034/viewer/2022051312/5476cfe1b4af9f22628b459d/html5/thumbnails/58.jpg)
MySQL$ docker run -d --name some-mysql -e
MYSQL_ROOT_PASSWORD=demo mysql
$ docker run -it --link some-mysql:mysql --rm mysql sh -c 'exec mysql -h"$MYSQL_PORT_3306_TCP_ADDR" -P"$MYSQL_PORT_3306_TCP_PORT" -uroot -p"$MYSQL_ENV_MYSQL_ROOT_PASSWORD"'
https://registry.hub.docker.com/_/mysql/
![Page 59: Docker workshop](https://reader034.fdocuments.net/reader034/viewer/2022051312/5476cfe1b4af9f22628b459d/html5/thumbnails/59.jpg)
Jenkins$ docker run -d -p 8080:8080 Jenkins
http://HOST_IP:8080
https://registry.hub.docker.com/_/jenkins/
![Page 60: Docker workshop](https://reader034.fdocuments.net/reader034/viewer/2022051312/5476cfe1b4af9f22628b459d/html5/thumbnails/60.jpg)
Private Docker registry$ docker run -d -p 5000:5000 registry
$ docker tag IMAGE HOST_IP:5000/NAME:TAG
$ docker push HOST_IP:5000/NAME:TAG
https://registry.hub.docker.com/_/registry/
![Page 61: Docker workshop](https://reader034.fdocuments.net/reader034/viewer/2022051312/5476cfe1b4af9f22628b459d/html5/thumbnails/61.jpg)
#TrendInsight
Summary
![Page 62: Docker workshop](https://reader034.fdocuments.net/reader034/viewer/2022051312/5476cfe1b4af9f22628b459d/html5/thumbnails/62.jpg)
Recap docker run• we’ve learned:
– port forwarding– volume mounting– linking containers together– running containers at remote
![Page 63: Docker workshop](https://reader034.fdocuments.net/reader034/viewer/2022051312/5476cfe1b4af9f22628b459d/html5/thumbnails/63.jpg)
Recap docker build• we’ve learned:
– how to write a Dockerfile– how expose and link work together– use entrypoint to bind a specific executable with image– ship images to the registry
![Page 64: Docker workshop](https://reader034.fdocuments.net/reader034/viewer/2022051312/5476cfe1b4af9f22628b459d/html5/thumbnails/64.jpg)
#TrendInsight
Q & A
![Page 65: Docker workshop](https://reader034.fdocuments.net/reader034/viewer/2022051312/5476cfe1b4af9f22628b459d/html5/thumbnails/65.jpg)
Re-associate Vagrant with VM• VBoxManage list vms
• cd .vagrant/machines/docker-platform/virtualbox/
• touch id• echo 33ca… > id