search

wtsang11 / TechExplore

MIT License
0 stars 0 forks source link

Introduction #184

Open wtsang11 opened 2 years ago

wtsang11 commented 2 years ago

http://localhost/TechNotes/wp-admin/post.php?post=1446&action=edit

VSC: http://localhost/lab/python/utilities/study_codes/opencodes.php?f=/Users/wtsang/Lab/docker/arthur_docker/

wtsang11 commented 2 years ago

Using Docker to create an ubuntu environment

docker run -ti --name generic-ubuntu ubuntu@latest bash -- do something interesting and useful -- see the container id docker images docker commit --> image id docker tag -- Above 2 commands can be combined as: docker commit

Run processes in containers

-- Simple test, run a process and exit without saving the container docker run -rm -ti ubuntu bash -c "sleep 3; echo all done!" -- Keep the container running docker run -d -ti ubuntu bash -- stop a running container docker kill -- remove a container docker rm

wtsang11 commented 2 years ago

Exposing ports

ref on netcat https://www.varonis.com/blog/netcat-commands/ -- server to receive packet and relay packet docker run --rm -ti -p 45678:45678 -p 45679:45679 --name echo-server ubuntu:14.04 bash -- use nc to listen on port 45678 and pipe it out using port 45679 nc -lp 45678 | nc -lp 45679 -- open a terminal and issue nc localhost 45678 -- open another terminal nc localhost 45679 -- the above two terminals in local computer may be run inside two docker containers -- note that container cannot address its own ip address reliably, -- use keyword host.docker.internal -- Start the second container docker run --rm -ti ubuntu:14.04 bash nc host.docker.internal 45678 -- Start the third container docker run --rm -ti ubuntu:14.04 bash nc host.docker.internal 45679

-- If the server used dynamic ports docker run --rm -ti -p 45678 -p 45679 --name echo-server ubuntu:14.04 bash -- lookup ports to listen to docker port echo-server -- listen to dynamic ports eg 32777 and 32776 nc localhost 32777 nc localhost 32776

Exposing UDP Ports

docker run --rm -ti -p 45678/udp --name echo-server ubuntu:14.04 bash nc -ulp 45678

-- client -- lookup dynamic port eg 32771 docker port echo-server nc -u localhost 32771

wtsang11 commented 2 years ago

Container networking

container virtual network

-- list network docker network ls -- create a network docker network create -- start a container in network learning docker run --rm -ti --net learning ---name catserver ubuntu:14.04 bash -- start another container in another terminal docker run --rm -ti --net learning --name dogserver ubuntu:14.04 bash -- dogserver listens to port 1234 nc -lp 1234 -- catserver targets dogserver 1234 nc dogserver 1234 -- create a catonly network docker network create catsonly docker network connect catsonly catserver -- start another container bobcatserver in another terminal docker run --rm -ti --net catsonly ---name bobcatserver ubuntu:14.04 bash -- ping servers to confirm connections

wtsang11 commented 2 years ago

images

cleaning up

docker images docker rmi dpcler rmi

wtsang11 commented 2 years ago

Volumes

Virtual discs to store and share data, usually share data with the host computer 2 types: persistent and ephemeral Volume is not part of any image

demo

mkdir example docker run -ti -v :/shared-folder ubuntu bash -- shared-folder points to host example folder

Share data between containers only

docker run -ti -v :/shared-data ubuntu bash -- put some test data there echo hello > /shared-data/data-file -- in another terminal, start a container using the volume another -- container is using eg sick_hopper docker run -ti --volumes-from sick_hopper ubuntu bash

wtsang11 commented 2 years ago

Docker registeries

-- search for images docker search -- web search -- go to hub.docker.com and search there -- login docker, pull an image, tage it for own use docker login -- example push an image to hub.docker.com docker pull debian:sid docker tag debian:sid /test-image-42:v99.9 docker push /test-image-42:v99.9

wtsang11 commented 2 years ago

Dockerfile

Run to build image to be stored in local registry

ref: https://docs.docker.com/engine/reference/builder/

docker build -t . note: each line takes the image from the previous line and makes another image see alsoL https://goinbigdata.com/docker-run-vs-cmd-vs-entrypoint/

Syntax

tips: parts that change the most belong at the end of the Dockerfile Environment variables you set will be set on the next line

FROM what image to run from RUN run the command line, waits for it to finish and saves the result ADD add local files, zipped files are automatically unzipped ENV set env variables ENTRYPOINT and CMD while ENTRYPOINT specifies the start of the command to run. It makes a container like an ordinary executable program. CMD specifies the whole command to run they can be combined two forms: Shell and Exec Shell form eg: nano notes.txt Exec form eg: ["/bin/nano", "notes.txt"] EXPOSE maps a port into the container eg EXPOSE 8080 VOLUME defines shared or ephemeral volumes WORKDIR set the directory the container in USER set which user the container will run as

Multistage Dockerfile

FROM ubuntu:16.04 RUN apt-get update RUN apt-get -y install curl RUN curl https://google.com } wx -c > google-size ENTRYPOINT echo google is this big: cat google-size

-- to run docker build -t tooo-big . -- run the create image docker run tooo-big

optimize the Dockerfile

FROM ubuntu:16.04 as builder RUN apt-get update RUN apt-get -y install curl RUN curl https://google.com } wx -c > google-size

FROM alpine COPY --from=builder /google-size /google-size ENTRYPOINT echo google is this big: cat google-size

docker build -t google-size .

docker run google-size

wtsang11 commented 2 years ago

Internals

Kernels

Respond to messages from hardware Start and schedule programs Control and organize storage Pass messages between programs Allocate resources, memory, CPU, network and so on Docker create containers and configure the kernel Docker implements client and server model. Server recieves commands over a socket (over network or file in same computer: /var/run/docker.sock)

Bridging

Docker uses bridges to create virtual networks in local computer Bridges are software switches controlling the ethernet layer To turn off this protection: docker run --net=host options

Look at networking under the hood

-- start a container docker run -ti --rm --net=host --privileged=true ubuntu bash apt-get update apt-get install iptables iptables -n -L -t nat -- start another container docker run -ti --rm -p 8080:8080 ubuntu bash -- then in privileged container see the routing of port forwarding to the second container through 8080 -- proving EXPOSE means port forwarding iptables -n -L -t nat

wtsang11 commented 2 years ago

Implement Docker wordpress in a google cloud tiny virtual machine

20 sudo apt-get install vim

24 sudo vi /etc/fstab 29 df 31 curl https://get.docker.com/ > install-docker.sh 32 ls 33 chmod 755 install-docker.sh

35 sudo ./install-docker.sh 36 docker -v 37 top 38 sudo usermod -aG docker william_k_tsang

40 sudo docker images 42 docker images

43 sudo curl sudo curl -L "https://github.com/docker/compose/releases/download/1.29.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose

44 sudo curl -L "https://github.com/docker/compose/releases/download/1.29.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose

45 sudo chmod +x /usr/local/bin/docker-compose

46 docker-compose --version 47 sudo apt install -y git 51 git clone https://github.com/chrisbmatthews/wordpress-docker-compose.git 55 cd wordpress-docker-compose 56 docker-compose up -d 59 docker container ls