-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathdocker
362 lines (261 loc) · 12.5 KB
/
docker
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
Containers Advantage
- light weight
- portal
- flexible
- scalable
- stackable
It works on
- Namespace technology
IPS
MOUNT
Format- LIB
Client Server Architecture
docker client (CLI)
^
|
REST API
^
|
Docker Daemon
> docker ps
> docker images
> docker
Lits of parent Modules
Management Commands:
builder Manage builds
config Manage Docker configs
container Manage containers
context Manage contexts
engine Manage the docker engine
image Manage images
network Manage networks
node Manage Swarm nodes
plugin Manage plugins
secret Manage Docker secrets
service Manage services
stack Manage Docker stacks
swarm Manage Swarm
system Manage Docker
trust Manage trust on Docker images
volume Manage volumes
EX: docker parent_module sub_module
> docker image ls
> docker container ls (old version docker ps)
> docker container ls -a
> docker container rm <container_id>
> docker container rm <container_id> <container_id> <container_id> (delete multiple container at a time)
> docker container run ubuntu cat /etc/os-release
> docker container start <container_id> (we can use to restart container)
> docker container stop <container_id>
> docker container run -d <image_name> command (run container in background. d- deattach)
>docker container run -it ubuntu /bin/bash (specially for ubuntu. to get inside container)
>
How to get outside of container shell without shutting/terminating container?
> press ctrl+pq (you will be out of container and container will still running in background)
> docker container ls -aq (return id's of containers)
> docker conatiner rm $(docker container ls -aq) (it will delete all container)
> docker container inpsect <container_id> (give all info of container)
> docker container logs <container_id>
> docker container top <container_id> (gives the list of processes running inside container)
> docker container stats (gives statistic of all running container)
> docker container run -p 3600:80 nginx (p- port mappig, 3600(host) and 80(container)
> docker container run <image_name> --name testing_web(Ex.) (--name : attach name to container. so we can easily remember and manage)
> docker container exec -it <container_id> command (it iw used to execute command inside running container. command is specified at the end)
> docker container rename <container_id> new_name
to get ip detail of host
- netstat -ntlp (will give all info about networking like port forwarding,open ports)
----------------------------------------------------------------------------------------------------------------------
Containers Advantage
- light weight
- portal
- flexible
- scalable
- stackable
It works on
- Namespace technology
IPS
MOUNT
Format- LIB
Client Server Architecture
docker client (CLI)
^
|
REST API
^
|
Docker Daemon
> docker ps
> docker images
> docker
Lits of parent Modules
Management Commands:
builder Manage builds
config Manage Docker configs
container Manage containers
context Manage contexts
engine Manage the docker engine
image Manage images
network Manage networks
node Manage Swarm nodes
plugin Manage plugins
secret Manage Docker secrets
service Manage services
stack Manage Docker stacks
swarm Manage Swarm
system Manage Docker
trust Manage trust on Docker images
volume Manage volumes
EX: docker parent_module sub_module
> docker image ls
> docker container ls (old version docker ps)
> docker container ls -a
> docker container rm <container_id>
> docker container rm <container_id> <container_id> <container_id> (delete multiple container at a time)
> docker container run ubuntu cat /etc/os-release
> docker container start <container_id> (we can use to restart container)
> docker container stop <container_id>
> docker container run -d <image_name> command (run container in background. d- deattach)
> docker container attach <container_id>
>docker container run -it ubuntu /bin/bash (specially for ubuntu. to get inside container)
>
How to get outside of container shell without shutting/terminating container?
> press ctrl+pq (you will be out of container and container will still running in background)
> docker container ls -aq (return id's of containers)
> docker conatiner rm $(docker container ls -aq) (it will delete all container)
> docker container inpsect <container_id> (give all info of container)
> docker container logs <container_id>
> docker container top <container_id> (gives the list of processes running inside container)
> docker container stats (gives statistic of all running container)
> docker container run -p 3600:80 nginx (p- port mappig, 3600(host) and 80(container)
> docker container run <image_name> --name testing_web(Ex.) (--name : attach name to container. so we can easily remember and manage)
> docker container exec -it <container_id> command (it iw used to execute command inside running container. command is specified at the end)
> docker container rename <container_id> new_name
> docker container kill <container_id>
> docker container wait <container_id> (waiting for container to shutdown and it will return its exit status code)
> docker container pause <container_id> ( it will pause all processes running inside container)
> docker container unpause <container_id> ( it will unpause all pause processes running inside container)
> docker container prune (it will remove all stop container)
> docker container port <container_id>/<container_name> (it will show info regarding port mapping)
> docker container create <image_name> startup-command ( it only create container but does not start it. we need to explicitly start that container)
> docker container start <container_id> (it start the container which is created and not yet started. or start stop container)
> docker container diff <container_id> (return changes made in container file system)
> docker container cp localhost_path <container_id>:path (it will copy data from localhost to container Ex. docker container cp /tmp 12bhb:/tmp/)
> docker container export <container_id> > my_container.tar (it will export container(image) as tar file )
> docker image import my-container.tar give_some_name_for_image (it will import container from tar and put as image file)
> docker container commit --author "mukesh bhati" -m "this is test commit" <running_container_id> new_name_for image (it will create image from running container)
> docker pull image_name:tag (it will pull image from dockerHub)
> docker image tag <image_name> hub_account_id/image_name (it will create a tag with given image)
> docker login
> docker image push hub_account_id/image_name[i.e tag image]
> docker image ls --format '{{.ID}} , {{.Repository}}' (formated output)
> docker image history <image_id/image_name> (get history of image>
> docker image rm <image_name> (remove image)
> docker rmi <image_name> (old version of image rm)
> docker image inspect <image_name>
> docker image prune (it will remove all unused images)
> docker image save <image_name> new_name.tar (it will save image in tar)
> docker image load < new_name.tar (it will load image which is save by save command)
> docker container run -P -it <image-name> command (it will map with any random port of host if some port are expose in dockerfile/image)
to get ip detail of host
- netstat -ntlp (will give all info about networking like port forwarding,open ports)
For data persistent
2 Methods
i) Volume
ii) Bind mount
iii) tmpfs
docker container run command for mysql( docker container run -d --name mysql -e MYSQL_ALLOW_EMPTY_PASSWORD=true mysql)
Commands for Volume
> docker volume ls
> docker volume create <volume_name>
> docker volume rm <volume_name/volume_id>
> docker volume prune
networking
> docker network ls
> docker network create --help
> docker network create -d bridge <name_for_bridge_network>
> docker container run -it --network <name_of_network> <image_name> Command
> docker network create <network_name> (it will create network with bridge type)
> docker network connect <network_name> <container_id> (use to connect multiple network to container)
> docker network disconnect <network_name> <container_id>
> docker network rm <network_name>
> docker network prune
set up local registry
> docker pull registry
> docker image tag redis:alpine 127.0.0.1:5000/redis:alpine
> docker image push 127.0.0.1:5000/redis:alpine
> docker image pull 127.0.0.1:5000/redis:alpine
- by default docker server doesn't allow to pull or push image to http server. it required serber to be https.
- but we can exception and ask docker server to allow for given address through given steps
step 1 : create daemon.json file
step 2:content of file will be
Note: replace id with your ip
{
"insecure-registries" : ["127.0.0.1:5000"]
}
step 3: put the daemon.json to this location on host machine "/etc/docker"
step 4: restart docker service
creating secure registry
pre-requsites:
- delete daemon.json if have addee to access unsecure registry from /etc/docker/
step 1 : create directory for certificates:
> mkdir certs
step 2: creating certificate
> openssl req -newkey rsa:4096 -nodes -sha256 -keyout certs/domain.key -x509 -days 365 -out certs/domain.crt
step 3: will installing only give common name > repo.docker.local
step 4: cd certs
step 5 : create folder in /etc/docker with name certs.d
step 6: create folder in certs.d with mkdir repo.docker.local:5000
step 7: copy contain of cert folder to /etc/docker/certs.d/repo.docker.local\:5000/ca.crt
step 8: restart docker service
step 9: run this command
>docker container run -d -p 5000:5000 --name secure_registry -v $(pwd)/certs/:/certs -e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/domain.crt -e REGISTRY_HTTP_TLS_KEY=/certs/domain.key registry
Example of push
> docker image tag mariadb repo.docker.local:5000/mariadb
> docker image push repo.docker.local:5000/mariadb
video link
https://www.youtube.com/watch?v=Z8pqgSRs3cY&list=PL6XT0grm_Tfje2ySztzdhp0HmCjVj5P4z&index=34
Docker compose
> docker-compose up -d (start container in background)
> docker-compose --help
> docker-compose container (it only created container but it will not start the container, also network is not created)
> docker-compose rm (remove the container)
> docker-compose up --no-start
> docker-compose stop
> docker-compose start
> docker-compose create (deprected)
> (create,start,stop,rm command does not perform network related task)
> docker-compose images ()
> docker-compose pause
> docker-compose unpause
> docker-compose ls
> docker-compose ps
> docker-compose kill
> docker-compose port <service_name> <port_number>
> docker-compose logs -f
> docker-compose exec <service_name> command (it will run inside running container)
> docker-compose run <service_name> command (it will create new container)
> docker-compose restart
> docker-compose pull
> docker-compose scale
> docker-compose scale <serice_name>=no_of_conatiner_want <serice_name>=no
> docker-compose top
Docker swarm
https://www.infralovers.com/en/articles/2018/09/11/docker-swarm-how-to-create-a-minimal-cluster-running-a-service-using-virtualbox/
> docker swarm init
> docker node ls (gives total numbers of nodes present in our cluster. it only work on master node)
> docker swarm join --token <token> ip:port_of_master (run this command on workernode)
> docker swarm join-token worker (provide token for worker to join, run on master node only)
> docker swarm join-token manager (provide token for manager to join, run on master)
> docker swarm leave (worker node leave the cluster, run on worker node)
> docker node rm <worker_name/worker_id> (run on master, remove node from cluster)
> docker node promote <worker_name> (run on master, given worker will be promoted as manager)
> docker node demote <master_name> (reverse of promote)
> docker service create apline ping 8.8.8.8 (one service will be created on any node)
> docker service ps <service_id>
> docker service create -d --replicas 4 alpine ping 8.8.8.8 (4 replicas will be created
> docker service scale <service_id>=<no_of_replicas>
> docker service rm <service_id>
> docker service create -d -p 8090:80 nginx (we can access our service from any node when port mapping is done while creating service.)
> docker service create mode=global apline 8.8.8.8 (one instance per node will be created)
>docker container create --replicas=3 --constraint=="node.role=manager" apline ping 8.8.8.8
https://linuxize.com/post/how-to-remove-docker-images-containers-volumes-and-networks/