projects:zibaldone:linux:docker

This is an old revision of the document!


docker

ubuntu
apt-get install -y ca-certificates curl gnupg lsb-release
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu \
  $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
apt update
apt-get install -y docker-ce docker-ce-cli containerd.io
mkdir /usr/local/lib/docker/cli-plugins -p
curl -SL https://github.com/docker/compose/releases/download/v2.2.2/docker-compose-linux-x86_64 -o /usr/local/lib/docker/cli-plugins/docker-compose
chmod +x /usr/local/lib/docker/cli-plugins/docker-compose

run docker as user

usermod -aG docker hass

get a docker-compose.yml file and edit it

create and run in background

docker-compose up -d

check

docker ps
docker stop <id>

autostart

docker update --restart unless-stopped <id>

apply changes on containers if change docker-compose.yml

docker-compose up -d --no-deps --build
#!/bin/sh
 
CONTAINER=52e59999a02b
TARGET=/backup/
SOURCE=/var/lib/docker/volumes/geonode_3x1t-backup-restore/_data/
 
set -x
rm $SOURCE/2*
docker exec -it $CONTAINER python manage.py backup -f --config=/usr/src/geonode_3x1t/geonode_3x1t/br/settings_docker.ini --backup-dir=/backup_restore/
rsync -av $SOURCE $TARGET

start from a base image, alpine for example

docker pull alpine

# create a new container on alpine image
docker run -dit alpine sh

# get container id
docker ps

CONTAINER ID   IMAGE     COMMAND   CREATED         STATUS         PORTS     NAMES
3fdbad8aa816   alpine    "sh"      4 minutes ago   Up 4 minutes             keen_black

attach to container and copy directory from host to container

docker attach 3f
apk update
apk add nss
mkdir /opt
exit

docker cp /opt/sslvpn-plus 3f:/opt # this op stop container
docker start 3f

commit container 3f into image

docker commit 3f 

tag image f8

docker tag f8 sslvpn-plus-leonardo

create container vpn-leonardo from image sslvpn-plus-leonardo

docker run --name vpn-leonardo --cap-add=NET_ADMIN --device=/dev/net/tun -dit sslvpn-plus-leonardo bash
docker pull dryseawind/wildfly14jdk8

create Dockerfile

FROM dryseawind/wildfly14jdk8
MAINTAINER Stefano Scipioni
RUN /opt/jboss/wildfly-14.0.1.Final/bin/add-user.sh admin admin#password --silent
CMD ["/opt/jboss/wildfly-14.0.1.Final/bin/standalone.sh", "-c", "standalone.xml", "-b", "0.0.0.0", "-bmanagement", "0.0.0.0", "--debug"]
docker build -t "soes/wildfly:14" .
docker volume create --name <new_volume>
docker run --rm -it -v <old_volume>:/from -v <new_volume>:/to alpine ash -c "cd /from ; cp -av . /to"
docker volume rm <old_volume>

create local image and tag with remote registry url

# get image from official docker registry
docker pull docker.io/hello-world

# tag
docker tag hello-world docker.csgalileo.org/hello-world

push

docker push docker.csgalileo.org/hello-world

retag local builded image to remote image

download
docker tag galileo/trac:1.4.3 scipioit/trac:1.4.3

push to docker.io

download
docker push scipioit/trac:1.4.3

init

docker swarm init --advertise-addr 185.91.188.93

convert web network scoped “local” to swarm scope

docker network rm web
docker network create -d overlay web

deploy compose as swarm

cd ~/traefik
docker stack deploy -c docker-compose.yml hosting3

add worker

# on manager get token
docker swarm join-token worker

# on worker add to manager
docker swarm join --token xxxx 172.30.18.94:2377

# on manager check nodes
docker node ls

assign label to nodes

docker node ls
ID                            HOSTNAME     STATUS    AVAILABILITY   MANAGER STATUS   ENGINE VERSION
n4z6nb6c8xi6el63a6b0vflyv *   ujitsi-dev   Ready     Active         Leader           20.10.7
jen361j71yr6k96zrhx7x7b6a     ujitsireg3   Ready     Active                          20.10.12

docker node update --label-add type=jibri jen361j71yr6k96zrhx7x7b6a
docker node update --label-add type=jvb n4z6nb6c8xi6el63a6b0vflyv

spread the deployment across nodes based on the value of “type” label: one node on type=jvb, one on type=jibri

docker service update --placement-pref-add 'spread=node.labels.type' meet2_jibri

check spread

docker service ps meet2_jibri |grep Running
rbv77rkxpq1f   meet2_jibri.1       galileo/jibri:stable-6726-1   ujitsireg3   Running         Running 5 hours ago                                        
jan7bs8ko2c0   meet2_jibri.2       galileo/jibri:stable-6726-1   ujitsi-dev   Running         Running 5 hours ago

add a contraint to other services (meet2_jvb, meet2_jicofo, …) to run on specific node

docker service update --constraint-add 'node.labels.type == jvb' meet2_jvb

show docker services across nodes

docker stack ps meet2 |grep Runn

show node labels

docker node ls -q | xargs docker node inspect -f '{{ .ID }} [{{ .Description.Hostname }}]: {{ range $k, $v := .Spec.Labels }}{{ $k }}={{ $v }} {{end}}'
  • projects/zibaldone/linux/docker.1660725639.txt.gz
  • Last modified: 2022/08/17 10:40
  • by sscipioni