Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
projects:zibaldone:linux:docker [2022/05/31 08:02] – [docker swarm] sscipioni | projects:zibaldone:linux:docker [2023/04/19 08:08] (current) – [docker registry (public)] sscipioni | ||
---|---|---|---|
Line 19: | Line 19: | ||
usermod -aG docker hass | usermod -aG docker hass | ||
</ | </ | ||
+ | |||
+ | / | ||
+ | <code | download> | ||
+ | { | ||
+ | " | ||
+ | [ | ||
+ | {" | ||
+ | ] | ||
+ | } | ||
+ | </ | ||
+ | |||
+ | ===== reset to factory and restart ===== | ||
+ | |||
+ | <code | download> | ||
+ | # if swarm | ||
+ | docker swarm leave --force | ||
+ | |||
+ | systemctl stop docker | ||
+ | rm -fR / | ||
+ | ip l delete docker_gwbridge | ||
+ | ip l delete docker0 | ||
+ | # and other bridges | ||
+ | systemctl start docker | ||
+ | </ | ||
+ | |||
===== deploy ===== | ===== deploy ===== | ||
Line 132: | Line 157: | ||
</ | </ | ||
+ | ===== multi platform build ===== | ||
+ | |||
+ | Multi platform build need a docker registry, local or remote (see below) | ||
+ | |||
+ | create a docker builder or use existing one | ||
+ | < | ||
+ | NAME=builder1 | ||
+ | docker buildx use $NAME || docker buildx create --use --name $NAME --driver-opt network=host | ||
+ | </ | ||
+ | |||
+ | build from a Dockerfile and push to local registry | ||
+ | < | ||
+ | REGISTRY=localhost: | ||
+ | docker buildx build --platform=linux/ | ||
+ | </ | ||
===== docker registry (private) ===== | ===== docker registry (private) ===== | ||
Line 141: | Line 181: | ||
# tag | # tag | ||
docker tag hello-world docker.csgalileo.org/ | docker tag hello-world docker.csgalileo.org/ | ||
+ | </ | ||
+ | |||
+ | create credentials in ~/ | ||
+ | < | ||
+ | docker login docker.csgalileo.org | ||
</ | </ | ||
Line 146: | Line 191: | ||
< | < | ||
docker push docker.csgalileo.org/ | docker push docker.csgalileo.org/ | ||
+ | </ | ||
+ | |||
+ | get remote info with aur/reg arch program | ||
+ | < | ||
+ | reg ls docker.csgalileo.org | ||
+ | reg digest docker.csgalileo.org/ | ||
+ | </ | ||
+ | |||
+ | docker registry on localhost | ||
+ | <file yaml docker-compose.yml> | ||
+ | services: | ||
+ | registry: | ||
+ | restart: no | ||
+ | image: registry:2 | ||
+ | ports: | ||
+ | - 5000:5000 | ||
+ | volumes: | ||
+ | - ./ | ||
+ | </ | ||
+ | |||
+ | ===== docker registry (public) ===== | ||
+ | |||
+ | retag local builded image to remote image | ||
+ | <code | download> | ||
+ | docker tag galileo/ | ||
+ | </ | ||
+ | |||
+ | push to docker.io | ||
+ | <code | download> | ||
+ | docker push scipioit/ | ||
+ | </ | ||
+ | |||
+ | ===== remote display via ssh ===== | ||
+ | |||
+ | scenario: connect to remote docker host via ssh and run X11 GUI on client ssh | ||
+ | |||
+ | on docker host sshd edit / | ||
+ | < | ||
+ | X11Forwarding yes | ||
+ | X11DisplayOffset 10 | ||
+ | X11UseLocalhost no | ||
+ | </ | ||
+ | |||
+ | on docker host create this helper script | ||
+ | <code bash | set-display.sh> | ||
+ | XAUTH=/ | ||
+ | HOSTIP=$(ip -o route get to 8.8.8.8 | sed -n ' | ||
+ | |||
+ | AUTH_COOKIE=$(xauth list ${DISPLAY} | awk ' | ||
+ | DISPLAY_NUMBER=$(echo $DISPLAY | cut -d. -f1 | cut -d: -f2) | ||
+ | export DISPLAY=${HOSTIP}: | ||
+ | touch $XAUTH | ||
+ | xauth -f $XAUTH add ${DISPLAY} MIT-MAGIC-COOKIE-1 ${AUTH_COOKIE} | ||
+ | </ | ||
+ | |||
+ | session from client | ||
+ | <code bash> | ||
+ | ssh -X < | ||
+ | source set-display.sh | ||
+ | docker run --rm -e DISPLAY=$DISPLAY -v $XAUTH:/ | ||
</ | </ | ||
Line 153: | Line 258: | ||
* [[https:// | * [[https:// | ||
+ | |||
+ | / | ||
+ | < | ||
+ | { | ||
+ | " | ||
+ | [ | ||
+ | {" | ||
+ | ] | ||
+ | } | ||
+ | |||
+ | </ | ||
+ | |||
init | init | ||
< | < | ||
- | docker swarm init --advertise-addr | + | docker swarm init --advertise-addr |
</ | </ | ||
Line 220: | Line 337: | ||
docker node ls -q | xargs docker node inspect -f '{{ .ID }} [{{ .Description.Hostname }}]: {{ range $k, $v := .Spec.Labels }}{{ $k }}={{ $v }} {{end}}' | docker node ls -q | xargs docker node inspect -f '{{ .ID }} [{{ .Description.Hostname }}]: {{ range $k, $v := .Spec.Labels }}{{ $k }}={{ $v }} {{end}}' | ||
+ | </ | ||
+ | |||
+ | show service status across nodes | ||
+ | < | ||
+ | alias lsd=' | ||
+ | </ | ||
+ | |||
+ | rebalance services across nodes after a node outage | ||
+ | < | ||
+ | alias rebalance=' | ||
+ | </ | ||
+ | |||
+ | drain a node from containers and migrate to others | ||
+ | < | ||
+ | docker node update --availability drain < | ||
+ | |||
+ | # re-enable node after maintenance | ||
+ | docker node update --availability active < | ||
+ | </ | ||
+ | |||
+ | get services using a particular network ' | ||
+ | < | ||
+ | docker network inspect --verbose web | jq ' | ||
+ | </ | ||
+ | |||
+ | get ip allocation in docker networks | ||
+ | < | ||
+ | docker run -it --rm -v / | ||
</ | </ | ||