Shashikant shah

Wednesday, 30 September 2020

Docker network commands Part-6

 Docker Network.

Docker takes care of the networking aspects so that the containers can communicate with other containers and also with the Docker Host.

Network Drivers

There are mainly 5 network drivers:

1. Bridge

2. Host

3. None

4. Overlay

5. Macvlan

Bridge :- The bridge network is a private default internal network created by docker on the host. So, all containers get an internal IP address and these containers can access each other, using this internal IP. The Bridge networks are usually used when your applications run in standalone containers that need to communicate.




Host :-  This driver removes the network isolation between the docker host and the docker containers to use the host’s networking directly. So with this, you will not be able to run multiple web containers on the same host, on the same port as the port is now common to all containers in the host network.


None: In this kind of network, containers are not attached to any network and do not have any access to the external network or other containers. So, this network is used when you want to completely disable the networking stack on a container and, only create a loopback device.


Overlay: Creates an internal private network that spans across all the nodes participating in the swarm cluster. So, Overlay networks facilitate communication between a swarm service and a standalone container, or between two standalone containers on different Docker Daemons.


Macvlan: Allows you to assign a MAC address to a container, making it appear as a physical device on your network. Then, the Docker daemon routes traffic to containers by their MAC addresses. Macvlan driver is the best choice when you are expected to be directly connected to the physical network, rather than routed through the Docker host’s network stack.


showing Bridge IP :-

# ifconfig


NOTE :-  DNS not enabled on default network. Only custom network DNS is enabled.
The container is created with a custom network.

################################## 

1. Listing All Docker Networks

# docker network ls

2. Inspecting a Docker network.

# docker network inspect networkname

3. Creating Your Own New Network.

# docker network create –-driver drivername name

# docker network create –-driver bridge new_nw

# docker network create --driver=bridge --subnet=192.168.2.0/24 --gateway=192.168.2.10 new_nw

4. How to attached network with container.

#docker run -d --name test1 --network new_nw busybox

#docker network connect <mynetwork>  <conatiner_name>

5. All network deletes.

# docker network prune

6. Delete network.

# docker network rm my-network

 7. Disconnect network from container

# docker network disconnect multi-host-network container1 


Wednesday, 16 September 2020

Docker Storage commands part-5

 

Docker Storage commands :-

There are three main ways to manage data in containers:

·       Data volumes

·       Mount the host directory (bind mounts)

·       tmpfs for caching memory



·       Data volumes :- Volumes are stored in a part of the host filesystem which is managed by Docker (/var/lib/docker/volumes/ on Linux). Volumes are the best way to persist data in Docker.

·       Mount the host directory (bind mounts) :- Bind mounts may be stored anywhere on the host system.

·       tmpfs :- tmpfs mounts are stored in the host system’s memory only.

 

  1. volume lists.

# docker volume ls

  1. bind mount.

# docker container run -it -v /home/ubuntu/test:/tmp/test ubuntu:14.04 bash

  1. create a volume .

# docker volume create <volume_name>

# docker container run -it -v <volume_name>:/tmp/test ubuntu:14.04 bash

  1. volume details.

# docker volume inspect <volume_name>

  1. remove volume.

# docker volume rm <volume_name>

     6. change to docker home directory:-

        # vim /etc/sysconfig/docker-storage

            DOCKER_STORAGE_OPTIONS=

    7. Number of files open in container.

        #vim /etc/sysconfig/docker

        DAEMON_MAXFILES=1048576
       OPTIONS="--default-ulimit nofile=1024:4096"


8. Volume mount other location use local-persist plugin :-
 # docker info

Plugins:

  Volume: local local-persist

  Network: bridge host ipvlan macvlan null overlay

  Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog

# docker volume create -d local-persist -o mountpoint=/mnt/ --name=shashi_extra

# docker container  run -it -v shashi_extra:/tmp/test ubuntu:14.04 bash

ref link :- https://unix.stackexchange.com/questions/439106/docker-create-a-persistent-volume-in-a-specific-directory

Docker image commands. Part-4

 Docker image command :-

  1. docker image list.

# docker image ls / docker images

  1. Show the history of an image. (what action to perform)

# docker image history <image_name>

  1. Docker pull image from docker hub.

# docker pull ubuntu:18.04

  1. Create image of running container.

# docker container commit --author "shashikant" -m "this is test commit" <container ID> <new image_name>

  1. Docker image push to docker hub.

# docker login

<username and password>

# docker push account_name/image_name

  1. Docker image remove from docker host.

# docker image rm <image_name>

# docker rmi <image_name>

  1. inspect image command for show details image.

# docker image inspect <image_name>

  1. create image backup and restore.

# docker image save <image_name> > logstash.tar

# docker image load < logstash.tar

  1. what is a dockerfile ?  
 A Docker File is a simple text file with instructions on how to build your images. A Docker image consists of layers. Each layer adds something to the final Docker image. Each layer is actually a separate Docker image.

         MAINTAINER :- The Dockerfile MAINTAINER command is simply used to tell who is                                                     maintaining this Dockerfile.

            # MAINTAINER   shashikant <shashi@gamil.com>

         FROM :- The Dockerfile FROM command specifies the base image of your Docker images.
            # FROM ubuntu:latest

         CMD :- The CMD command specifies the command line command to execute when a                                             Docker container is started up which is based on the Docker image built from this                                 Dockerfile. This example just prints the text “image created” when the Docker                                         container is started.

# cmd [“echo”,”Image created”]

COPY :- The COPY command can copy both a file or a directory from the Docker host to the Docker image. 

# COPY  /myapp/target/myapp.jar  /myapp/myapp.jar   (for file)

# COPY  /myapp/config/prod  /myapp/config       (for directory)

ADD :- The ADD instruction can copy and extract TAR files from the Docker host to the Docker image.

# ADD  myapp.tar  /myapp/

# ADD  http://jenkov.com/myapp.jar  /myapp/

ENV :- The Dockerfile ENV command can set an environment variable inside the Docker image.

# ENV  MY_VAR  123

RUN :- The Dockerfile RUN command can execute command line executables within the Docker image. The RUN command is executed during build time of the Docker image, so RUN commands are only executed once. The RUN command can be used to install applications within the Docker image.

# RUN apt-get install some-needed-app

 

ARG :- The Dockerfile ARG instruction lets you define an argument which can be passed to Docker when you build the Docker image from the Dockerfile.

Notice the --build-arg followed by the tcpPort=8080 . This part sets the tcpPort argument value to 8080.

# vim dockerfile

ARG tcpPort

ARG useTls

CMD start-my-server.sh -port ${tcpPort} -tls ${useTls}

# docker build --build-arg tcpPort=8080 --build-arg useTls=true .

WORKDIR :- The WORKDIR instruction specifies what the working directory should be inside the Docker image. The working directory will be in effect for all commands following the WORKDIR instruction.

# WORKDIR    /java/jdk/bin

EXPOSE :- The Dockerfile EXPOSE instruction opens up network ports in the Docker container to the outside world.

# EXPOSE   8080

# EXPOSE   8080/tcp 9999/udp

 

VOLUME :- The Dockerfile VOLUME instruction creates a directory inside the Docker image which you can later mount a volume (directory) to from the Docker host. In other words, you can create a directory inside the docker image, e.g. called /data which can later be mounted to a directory, e.g. called /container-data/container1 in the Docker host. The mounting is done when the container is started up. Here is an example of defining a volume (mountable directory) in a Dockerfile using the VOLUME instruction.

# VOLUME   /data

 

ENTRYPOINT :- The Dockerfile ENTRYPOINT instruction provides an entrypoint for Docker containers started from this Docker image. An entrypoint is an application or command that is executed when the Docker container is started up. In that way, ENTRYPOINT works similarly to CMD, with the difference being that using ENTRYPOINT the Docker container is shut down when the application executed by ENTRYPOINT finishes. Thus, ENTRYPOINT kind of makes your Docker image an executable command itself, which can be started up and which shut down automatically when finished.

# ENTRYPOINT java -cp /apps/myapp/myapp.jar com.jenkov.myapp.Main

# ENTRYPOINT [“/usr/sbin/nginx”,”-g”,”daemon off;”]

SHELL :- Allows the default shell used for the shell form of commands to be overridden.

Its provide shell environment for linux and window on Dockerfile

# SHELL ["/bin/bash", "-c", "source /usr/local/bin/virtualenvwrapper.sh"]

10. create image to dockerfile

FROM ubuntu:latest

RUN apt-get -y update && apt-get -y upgrade

RUN apt-get -y install openjdk-8-jdk wget

RUN mkdir /usr/local/tomcat

RUN wget https://downloads.apache.org/tomcat/tomcat-8/v8.5.57/bin/apache-tomcat-8.5.57.tar.gz -O /tmp/tomcat.tar.gz

RUN cd /tmp && tar xvfz tomcat.tar.gz

RUN cp -Rv /tmp/apache-tomcat-8.5.57/* /usr/local/tomcat/

EXPOSE 8080

CMD ["/usr/local/tomcat/bin/catalina.sh", "run"]

# docker image build -t <new_imageName>:Tagname .

# docker image build -t ubuntu_new:1 .

OR

# docker image build -t <new_imageName>:Tagname  -f  path/dockerfile .





Thursday, 10 September 2020

Docker container commands. Part-3

Docker container commands :- 

# container home :- /var/lib/docker/containers/<container_ID>

# docker container --help

showing total details for docker

# docker info

  1. Search image for found the image from Docker repo.
    # docker search <image_name>

 

-t :-  Allocate a pseudo-TTY

-i :-  interactive (Keep STDIN open even if not attached)

-d :-   detach (Run container in background and print container ID)

 

  1. Run a container interactive mode. If you logout from container, container will be stop and delete.

# docker container run --name <container_name>  -it  -p<HostPort>:<Container_port> <Image_name>:<tag_name>  <login to container use shell>

# docker container run --name web_tomcat -it  -p 80:8080  shashikant11/tomcat8:latest    /bin/bash

  1. Run a container detached mode. This mode use for run container in the background.

# docker container run --name web_tomcat  -d  -p 8080:8080  tomcat8:latest

  1. Particular IP add with container.

# docker container run --name web_tomcat  -d  -p 192.168.1.24:8080:8080 tomcat8:latest

  1. Start/ Stop /Restart command for Container.

# docker container stop <container_ID>

# docker container start <container_ID>

# docker container restart <container_ID>

  1. Check running container and history.

# docker container ls

# docker container ps

# docker container ls -a

  1. remove/ pause/ unpause/kill/prune command

# docker container rm <container_ID>

# docker container pause <container_ID>

# docker container unpause <container_ID>

# docker container kill <container_ID>

# docker container docker prune {stopped all container}

  1. show container details like IP, volume, port

# docker container inspect <container_ID>

# docker container port <container_ID>

  1. Login in container

# docker container exec -it <container ID> /bin/bash

# docker container attach <container ID>

  1. Check cpu load and memory for container running.

# docker container top <container ID>

# docker container stats

  1. diff command for show change create, delete , add file.

   # docker container diff <container name>

  1. check container logs.

# docker container logs <container ID> -f

# docker container logs <container ID> --tail 6

# vim /var/lib/docker/containers/<container ID>/0306685bc0d7-json.log

# tail -f /var/log/messages

  1. Rename container name

# docker container rename <container ID> <new name>

  1. Copy data from localhost to container.

# docker container cp test/ <container ID>:/tmp/

  1. update command memory/cpu

docker container update -m "300M" --memory-swap -1 0306685bc0d7

  1. create container backup.

# docker container export <container ID> -o ubnutu_file.tar

# docker image import ubnutu_file.tar ubnutu_file

  1. running container ka image create ##

# docker container commit --author "shashikant" -m "this is test commit" <container ID> <new image_name>

18. add hostname in Container .

# docker container run --name web_tomcat  --hostname shashi.example.com -d  -p 8080:8080 tomcat8:latest 

 18. data copy from local machine to docker container.

# cd /var/data

# ls index.html

# docker cp <containerID>:/usr/share/nginx/html/index.html .

        OR

# docker cp index.html  <containerID>:/usr/share/nginx/html/index.html

19. Exit interactive mode .

# ctrl + p + q 

20. check image history.

# docker image history nginx

21 . start container with nginx

# docker container run --name=nginx_server -itd -p 80:80 new_nginx:latest nginx -g 'daemon off;'

22.Container restart policies are :- 

1. no :-    Do not automatically restart the container. (the default).

2. always :- If the container stops and docker daemon restarts for any reasons whatsoever, always attempt to restart it.


# sudo docker run -d --name testing_restarts --restart always testing_restarts

3. unless-stopped :- The unless-stopped restart policy behaves the same as always with one exception. When a container is stopped and the server is rebooted or the Docker service is restarted, the container will not be restarted.

One important item with unless-stopped is that if the container was running before the reboot, the container would be restarted once the system restarted. We can see this in action by restarting our container and rebooting the system again.

# sudo docker run -d --name testing_restarts --restart unless-stopped testing_restarts

4. on-failure :- Restart only if the container exits with a failure (non-zero exit status). To avoid restarting it indefinitely (in case of some problem), one can limit the number of restart retries the Docker daemon attempts.

The benefit of on-failures is that when an application exits with a successful exit code, the container will not be restarted.

# sudo docker run -d --name testing_restarts --restart on-failure:5 testing_restarts

 
How to check container restart  :-

# docker inspect always-policy | grep -i restartcount
        "RestartCount": 4, 

how many times the container has restarted:-

#docker inspect -f "{{ .RestartCount }}" <container_name>
 

Last time the container restarted:-

# docker inspect -f "{{ .State.StartedAt }}" <container_name>


############## always #################
# sudo docker run -d --name testing_restarts --restart always testing_restarts
# sudo docker ps

################# on-failure ###########


1. we’ll create a Docker container that executes a simple bash script named crash.sh.

# vim crash.sh

#!/bin/bash
sleep 30
exit 1

2.Building and Running a Custom Container


# vi Dockerfile
FROM ubuntu:14.04
ADD crash.sh /
CMD /bin/bash /crash.sh


# sudo docker build -t testing_restarts ./

# sudo docker run -d --name testing_restarts --restart on-failure:5 testing_restarts
# sudo docker ps -a

############## unless-stopped #############

The unless-stopped restart policy behaves the same as always with one exception. When a container is stopped and the server is rebooted or the Docker service is restarted, the container will not be restarted.

sudo docker run -d --name testing_restarts --restart unless-stopped testing_restarts

With the container running, let’s stop it and reboot the system again.

# sudo docker stop testing_restarts
testing_restarts
# sudo reboot

This time when the system restarts, we should see the container is in a stopped state.
#sudo docker ps -a
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS                            PORTS               NAMES
fec5be52b955        testing_restarts    "/bin/sh -c '/bin/bas"   2 minutes ago       Exited (137) About a minute ago

One important item with unless-stopped is that if the container was running before the reboot, the container would be restarted once the system restarted. We can see this in action by restarting our container and rebooting the system again.

#sudo docker start testing_restarts
testing_restarts
#sudo reboot

After this reboot, the container should be running.
#sudo docker ps -a
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS               NAMES
fec5be52b955        testing_restarts    "/bin/sh -c '/bin/bas"   5 minutes ago       Up 13 seconds                           testing_restarts


23. CPU and mem set for container.

# docker run -it --cpuset-cpus="1,3" ubuntu:14.04 /bin/bash

# docker run -it --cpuset-mems="1,3" ubuntu:14.04 /bin/bash

24. extra commands.

docker inspect -f "{{ .RestartCount }}" my-container

docker inspect -f "{{ .State.StartedAt }}" my-container

sudo docker inspect -f "{{ .NetworkSettings.IPAddress }}" Container_Name


25. Docker Change Port Mapping for an Existing Container .

NOTE: Stop the container and docker engine before editing the below files.

# cd /var/lib/docker/containers/<container_ID>

# docker container stop <container_ID>

# vim hostconfig.json

[{"HostIp":"","HostPort":"9091"}]

#systemctl restart docker.service

# docker container start <container_ID>

# docker container port <container_ID>


Wednesday, 9 September 2020

Docker architecture details and Install Docker in Centos /RHEL. Part-2

 

Docker Architecture Details :-


Client (User) run command :-  

  1. Docker Build à “docker image build -t myubuntu:1 . “ for image created on DOCKER_HOST.
  2. Docker Pull à “docker pull ubuntu:18.04” for get ubuntu-18 image from docker Registry (docker public repo) on Docker Host/ docker machine.
  3. Docker run à “docker run -itd ubuntu:18.04” for run ubuntu image on docker machine. 

Installing Docker :-

For RHEL/CentOS 6 32-64 Bit

#wget http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm#

#rpm -ivh epel-release-6-8.noarch.rpm

For RHEL/CentOS 6 64-Bit

#wget http://download.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm

#rpm -ivh epel-release-6-8.noarch.rpm

For CentOS/RHEL 7

# yum install docker 

# yum install device-mapper-event-libs

For RHEL 6

# yum install docker-io

# yum install device-mapper-event-libs

For RHEL/CentOS 7

# systemctl start docker.service

# systemctl status docker.service

# systemctl enable docker.service

For RHEL/CentOS 6

# service docker start

# service docker status

# chkconfig docker on

Verify Installation :-

# docker --version

Docker version 19.03.6-ce, build 369ce74

Install bash-completion for auto docker commands :-

# yum -y install bash-completion

# curl https://raw.githubusercontent.com/docker/docker-ce/master/components/cli/contrib/completion/bash/docker  -o  /etc/bash_completion.d/docker.sh

Tuesday, 8 September 2020

What Is Docker And Docker Containers. Part-1

What is Docker ? 

1. Docker is an open-source project and Container management service.
2. Docker work client base architecture and made up to Go language. 
3. Docker is application “platform as a service” (PaaS) model. 
4. Docker first release of docker was in March 2013.
5. Docker is basically three keywords based on: develop, ship and run anywhere. 
6. The concept of Docker is for developers to easily develop applications, ship them as containers and deploy these containers anywhere.
7. Docker uses a technology called namespaces to provide the isolated workspace called the container. 

 Benefits of Docker: - 

 1. Docker actually, reduces the size of development environment of every application.
 2. One of the main Docker’s benefits is its portability you can deploy containers anywhere like cloud VMs and physical machines. 
 3. Since Docker containers are lightweight, they are very easily scalable. 
 4. You don’t need to pre-allocate any RAM in containers.
 5. Version control function, If the update process fails, docker makes a rollback to a preview’s version  in few minutes. 
 6. Docker provide to run multiple containers and deploy separately multiple applications.


Docker Engine Workflow :-

Client (docker cli) -->  RESET API --> server docker daemon

Docker CLI :- docker cli command line interface  communicate to RESET API.

RESET API :- A REST API which specifies interfaces that programs can use to talk to the daemon and instruct it what to do.

docker daemon :- A server which is a type of long-running program called a daemon process.


What is Container :-

1.container separately provide like a isolated workspace we can deployed application and dependencies.

2. Containers isolate the application from accessing the resources as these are VMs. 

3.container is a lightweight, standalone, executable package of software that includes everything needed to run an application: code, runtime, system tools, system libraries.

4. Docker uses a technology called namespaces to provide the isolated workspace called the container. When you run a container, Docker creates a set of namespaces for that container.

  (i) PID namespace :- Process isolation (PID: Process ID).

  (ii) NET namespace :- Managing network interfaces (NET: Networking).

  (iii) IPC namespace :- Managing access to IPC resources (IPC: InterProcess          

      Communication).  

  (iv) MNT namespace :- Managing filesystem mount points (MNT: Mount).

  (v) UTS namespace :- Isolating kernel and version identifiers. (UTS: Unix Timesharing

      System)

 

Control Groups :- A cgroup limits an application to a specific set of resources. You can limit the memory available to a specific container.

Union file systems or UnionFS :- Docker Engine uses UnionFS to provide the building blocks for containers. Docker Engine can use multiple UnionFS variants, including AUFS, btrfs, vfs, and DeviceMapper.

container format use :- The default container format is libcontainer. In the future, Docker may support other container formats by integrating with technologies such as BSD Jails or Solaris Zones.

 

Components of Docker :-

There are three internal components that need to be understood

1.      Docker Images: Docker images are read-only templates; these images contain the operating system with the required libraries/tools and the applications.

2.      Docker Registries: Docker registries hold these images. These registries are like public/private repositories. The public Docker registry is called Docker Hub and has a huge collection of images with various applications embedded.

3.      Docker Containers: A Docker container holds everything that is needed for an application to execute. Containers are created from a Docker image. Similar to virtual machines, containers can be started, stopped, moved and deleted. Each container provides an isolated and secure environment for applications to run.