Ubuntu:
Requirements:
apt-get install \
apt-transport-https \
ca-certificates \
curl \
gnupg-agent \
software-properties-common
Then:
curl -sSL https://get.docker.com | sh
Check also on:
https://docs.docker.com/engine/install/ubuntu/
SLES:
zypper se -s docker #get the version zypper in -f docker=18.06.1_ce-98.21.1 #reference the version
Control service:
systemctl is-enabled docker.service systemctl start docker.service systemctl status docker.service systemctl daemon-reload systemctl restart docker systemctl show --property Environment docker
https://hub.docker.com/r/mysql/mysql-server/
https://hub.docker.com/_/mysql/
https://github.com/cmoro-deusto/docker-rpi-mysql
https://www.techrepublic.com/article/how-to-deploy-and-use-a-mysql-docker-container/
https://docs.docker.com/install/linux/docker-ce/ubuntu/#install-docker-ce-1
https://docs.docker.com/engine/security/security/#docker-daemon-attack-surface
https://docs.docker.com/config/containers/multi-service_container/ #running multiple services in a container
docker node ls
docker node ls -q | xargs docker node inspect -f '{{ .Description.Hostname }}: {{ .Spec.Labels }}' | grep map | sed 's/ /\n\t/g' #show labels
docker service ls |grep container-name #check if container runs
docker service ps container-id #check on which node container runs
docker network create -d overlay --subnet=10.0.32.0/22 --attachable my_network_name
Start, stop, manage containers:
docker container ls docker container ls --all docker container start 10095cc1e53d docker start 176bd91300c3 #Start Container docker container stop 00b9227af244 docker container rm b9e0eb78c272 docker rm $(docker ps --all -q -f status=exited) docker rename CONTAINER_NAME NEW_NAME #Rename container docker commit my-container ubuntu:16.04 #Commit changes from container "my-container" to image "ubuntu:16.04" docker stats redis1 redis2 #command to live stream a container’s runtime metrics (cpu, mem etc.) docker cp containerID:/path/to/file/file_or_foldername . #to copy a file or an folder from within the container to the docker-host docker cp -a server.key cf755a260e93:/tmp
Forcefully delete all containers, so pay attention!!
docker container rm $(docker container ls -a -q)
docker image ls docker images -q #Just show "IMAGE ID" docker images --digests #show "sha" value to get version of e. g. "lastest" docker image ls --all docker pull mysql/mysql-server:latest #Install image mysql docker rmi image:tag #delete image-tag
Forcefully delete all images, so pay attention!!
docker rmi $(docker images -q) -f
Remove <none> images (untagged):
docker rmi $(docker images -f "dangling=true" -q)
docker image save 915f54b28a31 -o ubuntu-16.04.tar docker load < ubuntu-16.04.tar docker exec some-mysql sh -c 'exec mysqldump --all-databases -uroot -p"$MYSQL_ROOT_PASSWORD"' > /some/path/on/your/host/all-databases.sql
docker build -t "simple_flask:dockerfile" . #Build an image from a Dockerfile docker build - < Dockerfile docker build -t friendlyhello . #Create image using this directory's Dockerfile docker build -t friendlyhello /usr/lib/docker/example/. #Create image using path Dockerfile docker build -t ubuntu16-test:16.04 --no-cache . docker history simple_flask:dockerfile docker build -t ubuntu16-squid:16.04 /software/. #Build image "ubuntu16-squid" from Dockerfile within "/software/" docker build --build-arg http_proxy=http://1.2.3.4:80 --build-arg https_proxy=http://1.2.3.4:80 -t ubuntu16-squid:16.04 . docker build --no-cache -t tftp-alpine:latest . docker build -t php:5-apache $(pwd)/.
docker run ubuntu:16.04 #Download ans install ubuntu 16.04. docker run --name=mysql-01 -d mysql/mysql-server:latest docker run --name=ubuntu16.04-squid-1 ubuntu:16.04 docker run -d -p 8080:8080 --name=ubuntu16.04-squid-2 -ti ubuntu:16.04 #Deploy and keep running container from image "ubuntu:16.04" docker run --rm -i --user="$(id -u):$(id -g)" --net=none -v "$PWD":/data blang/latex xelatex article.tex docker run --name=mysql01 -d mysql:dockerfile docker run -d -p 3306:3306 -v /path/in/host:/var/lib/mysql dordoka/rpi-mysql docker run -d -p 3306:3306 --name=mysql01 -v /path/in/host:/var/lib/mysql -d mysql/mysql-server:latest docker run --name=test-kibana -d rutsky/kibana-logtrail-kubernetes:4.6.1-0.1.7-2 docker run -p 8080:80 -p 8443:443 68b57f0b6302 apache2-foreground docker run -dti -p 69:69/udp -v /data/tftp:/var/tftpboot tftp-alpine:latest docker run -it --entrypoint /bin/bash --env ENV VERSION="1.0" container-ID docker run --rm -tid -p 2080:80 -p 2443:443 haproxy-test:latest
Run and connect to container. When exiting, container stopps!
docker run -ti ubuntu:latest /bin/bash docker run -ti ubuntu /bin/bash docker run -ti mysql:dockerfile docker run -d -p 3306:3306 mysql:dockerfile
docker version docker info docker logs mysql01 docker logs --follow jenkins journalctl -fu docker docker ps docker ps --all docker inspect f8f1140788d8
docker inspect --format='{{.LogPath}}' $CONTNAME | xargs tail -f
Connect to running (!) container:
docker exec -it mysql3 bash
docker exec -it 7079297b1b01 /bin/bash
docker exec -it 4c1d592d40d9 mysql -uroot -p
docker exec -it 176bd91300c3 bash
docker exec -it $(echo $(docker ps | grep -i esphome | awk '{print $1}')) bash
docker volume create --name DataVolume1 docker volume create --label DataVolume1 docker volume create -d netapp --name myFirstVolume -opt size=1G docker volume inspect DataVolume1
docker run -d \ --name=nginxtest \ -v nginx-vol:/usr/share/nginx/html:ro \ nginx:latest
docker run -d \ --name=nginxtest \ --mount source=nginx-vol,destination=/usr/share/nginx/html,readonly \ nginx:latest
docker run -ti --name=Container2 -v DataVolume2:/datavolume2 ubuntu docker run -ti --name=Container2 -v DataVolume1:/datavolume1 ubuntu docker run --rm -ti -v DataVolume1:/datavolume1 ubuntu
docker plugin ls docker plugin install netapp/trident-plugin:18.04 --alias netapp --grant-all-permissions
/usr/lib/docker/ /var/lib/docker/
Use docker by a user that is a member of the docker group. If you do not have a user in that group, issue the command
sudo usermod -a -G docker USERNAME usermod -aG docker tmade
docker system prune
WARNING! This will remove:
- all stopped containers
- all networks not used by at least one container
- all dangling images
- unused build cache
Are you sure you want to continue? [y/N] y
https://docs.docker.com/engine/reference/builder/
Example dockerfile which builds ubuntu 16.04 with compiled squid 4.8:
#Download base image ubuntu
FROM ubuntu:22.04
#FROM ubuntu:16.04
#FROM ubuntu:18.04
LABEL version="1.1"
LABEL maintainer="info@tmade.de"
ENV SQUID_VERSION="6.4"
ENV MAIN_VERSION="6"
ENV SQUIDURL="http://www.squid-cache.org/Versions/v${MAIN_VERSION}/squid-${SQUID_VERSION}.tar.gz"
#http://www.squid-cache.org/Versions/v5/squid-5.1.tar.gz
#http://www.squid-cache.org/Versions/v4/squid-4.10.tar.gz
# locales to UTF-8
#RUN locale-gen C.UTF-8 && /usr/sbin/update-locale LANG=C.UTF-8
#ENV LC_ALL C.UTF-8
#ENV SQUID_VERSION=3.5.12-1ubuntu7
RUN apt-get update && \
apt-get -y upgrade && \
apt-get -y install bash-completion \
build-essential \
libssl-dev \
wget \
curl \
netcat \
vim \
iputils-ping \
net-tools && \
apt-get -qy autoremove && \
rm -rf /var/lib/apt/lists/*
RUN wget ${SQUIDURL}
RUN tar -xzf squid-${SQUID_VERSION}.tar.gz
RUN cd /squid-${SQUID_VERSION} && ./configure --with-large-files \
--disable-ipv6 --enable-follow-x-forwarded-for \
--sysconfdir=/etc/squid --localstatedir=/var/log/squid \
--enable-ssl --with-openssl --with-filedescriptors=16384 \
--enable-storeio=diskd,ufs --prefix=/usr/local/squid \
--with-included-ltdl
RUN cd /squid-${SQUID_VERSION} && make && make install
RUN useradd -r squid -s /bin/false && \
cat /etc/passwd && \
#RUN groupadd -r squid
touch /var/log/squid/logs/access.log && \
cd /var/log/squid/ && chmod -R 770 * && chown -R squid:squid * && \
chmod 660 /var/log/squid/logs/access.log
COPY squid-no-cache.conf /etc/squid/squid.conf
#COPY entrypoint.sh /usr/bin/entrypoint.sh
WORKDIR /etc/squid
USER squid
#ENTRYPOINT "/sbin/entrypoint.sh && /bin/bash"
#EXPOSE 8080/tcp
#ENTRYPOINT ["/sbin/entrypoint.sh"]
Squid entrypoint.sh:
#!/bin/sh echo "start squid-proxy" /usr/local/squid/sbin/squid -f /etc/squid/squid.conf
Example alpine with apache2:
FROM alpine:3.11
LABEL version="1.4"
LABEL maintainer="info@tmade.de"
#ENV http_proxy "http://proxy:80"
#ENV https_proxy "https://proxy:80"
#ENV no_proxy="localhost,127.0.0.1,.local"
#ARG VERSION
RUN set -ex;
RUN apk update && apk upgrade && \
apk add --no-cache \
bash \
tini \
tar \
xz \
wget \
less \
man man-pages \
mdocml-apropos \
busybox-extras \
curl \
make \
gcc \
g++ \
apache2 \
apache2-ssl \
apache2-ldap \
apache2-utils
RUN makewhatis
RUN rm -rf /var/cache/apk/* && \
#mkdir /var/www/htdocs && \
#chown -R apache:www-data /var/www/htdocs && \
mkdir /etc/apache2/certificate && \
echo 'alias ll="ls -alh"' >> ~/.bashrc && \
echo 'alias ..="cd .."' >> ~/.bashrc && \
echo 'alias ...="cd ../.."' >> ~/.bashrc
COPY certificate/* /etc/apache2/certificate/
COPY httpd.conf /etc/apache2/
COPY ssl.conf /etc/apache2/conf.d/
COPY index.html /var/www/localhost/htdocs/
WORKDIR /etc/apache2
#USER apache
#EXPOSE 80 443
#ENTRYPOINT ["/bin/sh", "-c", "/bin/bash"] #exec form
#ENTRYPOINT /bin/bash #shell form
#ENTRYPOINT ["/usr/sbin/apache2ctl", "-D", "FOREGROUND"] #exec form
#ENTRYPOINT /usr/sbin/httpd -D FOREGROUND -f /etc/apache2/httpd.conf #shell form
#ENTRYPOINT /sbin/tini /usr/sbin/httpd -D FOREGROUND -f /etc/apache2/httpd.conf
ENTRYPOINT ["/sbin/tini", "--"]
CMD ["/usr/sbin/httpd", "-D", "FOREGROUND", "-f", "/etc/apache2/httpd.conf"]
Build:
docker build --no-cache -t alpine-apache2:3.11 . docker run -it -d -p 80:8080 -p 443:8443 --hostname myhost.local --name=alpine-apache2-1 alpine-apache2:3.11 docker run -it -d -p 80:80 -p 443:443 --hostname myhost.local --name=alpine-apache2-1 alpine-apache2:3.11 docker container ls -a | grep alpine docker exec -ti PROCESS-ID /bin/bash
Just put this json into /etc/docker/daemon.json:
{
"graph": "/var/lib/docker"
}
Files (SLES12 and Ubuntu 16.04/ 18.04/ 20.04/ 22.04):
/etc/systemd/system/docker.service.d/http-proxy.conf /etc/systemd/system/docker.service.d/https-proxy.conf
Conf:
[Service] Environment="HTTP_PROXY=proxy:80" Environment="NO_PROXY=localhost,127.0.0.1"
[Service] Environment="HTTPS_PROXY=proxy:80" Environment="NO_PROXY=localhost,127.0.0.1"
Proxy-Setup for container-proxy-communication (version >= 17.07):
~/.docker/config.json
{
"proxies":
{
"default":
{
"httpProxy": "http://proxy:8080",
"httpsProxy": "https://proxy:8443",
"noProxy": "localhost, 127.0.0.1"
}
}
}
Check also on:
https://docs.docker.com/network/proxy/#configure-the-docker-client
https://docs.docker.com/compose/gettingstarted/#step-8-experiment-with-some-other-commands
apt-get install docker-compose
Or check releases for binary:
https://github.com/docker/compose/releases/
curl -L https://github.com/docker/compose/releases/download/1.18.0/docker-compose-`uname -s`-`uname -m` -o /usr/bin/docker-compose curl -L https://github.com/docker/compose/releases/download/1.23.2/docker-compose-`uname -s`-`uname -m` -o /usr/bin/docker-compose chmod +x /usr/bin/docker-compose
docker-compose up #inside directory where docker-compose.yml is located to run your service
docker-compose up -d #to run your services in the background (still runs after system reboot)
docker-compose -f docker-compose.yml -f docker-compose.dev.yml up -d #to run your services in the background ("-d")
docker-compose -f /scripts/dockerfiles/gitlab/docker-compose.yml down
docker-compose -f docker-compose.yml up -d
docker-compose down docker-compose ps
docker-compose.yaml (located inside “dockerfile” folder):
version: '2'
services:
mysql:
image: mysql:dockerfile
container_name: test-mysql
ports:
#localport:containerport
- 3306:3306
environment:
MYSQL_ROOT_PASSWORD: "mypassword"
volumes:
- /data/db:/var/lib/mysql
restart: always
gitlab-ce:
https://www.ivankrizsan.se/2018/06/23/gitlab-ce-on-docker/
# GitLab CE deployment using two external volumes; one for data and another
# for configuration. These volumes needs to be created prior to starting GitLab
# using the following commands:
# docker volume create gitlab-data
# docker volume create gitlab-config
#
# In addition you may want to change the hostname value in the Docker-Compose
# configuration below to match the name of your server/computer on which
# GitLab is to be run.
#
# Once started, access GitLab using the URL http://localhost:8880.
#
# The following ports are exposed by GitLab:
# 8880 (HTTP)
# 443 (if you configure HTTPS)
# 8080 (used by Unicorn)
# 8822 (used by the SSH daemon)
#
# The GitLab documentation suggests the following line to be added to the
# GITLAB_OMNIBUS_CONFIG environment variable.
# external_url 'http://hostname:8880'
# However, with this line present I am unable to access the GitLab webpage.
version: '2'
#version: '3'
services:
gitlab:
image: gitlab/gitlab-ce:latest
hostname: hostname
environment:
GITLAB_OMNIBUS_CONFIG: |
gitlab_rails['gitlab_shell_ssh_port'] = 8822
ports:
- "8443:443"
- "8880:80"
- "8822:22"
# The logs directory can be mapped to the logs directory in the same director
# as the docker-compose file using the following entry under volumes:
volumes:
- gitlab-config:/etc/gitlab
- gitlab-data:/var/opt/gitlab
- ./logs:/var/log/gitlab
restart: always
volumes:
gitlab-data:
external: true
gitlab-config:
external: true
Jenkins:
version: '2'
services:
jenkins:
image: jenkins/jenkins:lts
user: "1000:1000" #has to match lokal jenkins user´s uid and gid!
#user: "${UID}:${GID}"
container_name: jenkins-master
ports:
- 8888:8080
- 50000:50000
volumes:
- /data/jenkins/:/var/jenkins_home
restart: always
tftp:
version: '2'
services:
tftp:
image: tftp-alpine:latest
#user: "1003:1003"
#user: "${UID}:${GID}"
container_name: tftp-alpine
ports:
- "69:69/udp"
#- 69:69/udp
volumes:
- /data/tftp:/var/tftpboot
restart: always
https://docs.docker.com/engine/security/certificates/
mkdir -p /var/lib/docker/private-registry/auth mkdir -p /var/lib/docker/private-registry/data mkdir -p /var/lib/docker/private-registry/cert
docker run --entrypoint htpasswd registry:2 -Bbn admin mysecret >> /var/lib/docker/private-registry/auth/htpasswd
docker container ls -a |grep registry
docker container rm $(docker ps |grep registry |awk '{ print $1 }')
“/var/lib/docker/docker-compose.yml”:
registry: restart: always image: registry:2 container_name: registry ports: - 5000:5000 environment: REGISTRY_HTTP_TLS_CERTIFICATE: /cert/my.crt REGISTRY_HTTP_TLS_KEY: /cert/my.key REGISTRY_AUTH: htpasswd REGISTRY_AUTH_HTPASSWD_PATH: /auth/htpasswd REGISTRY_AUTH_HTPASSWD_REALM: Registry Realm volumes: - /var/lib/docker/private-registry/data:/var/lib/registry - /var/lib/docker/private-registry/cert:/cert - /var/lib/docker/private-registry/auth:/auth
Start and stop:
docker-compose -f /var/lib/docker/docker-compose.yml up -d docker-compose -f /var/lib/docker/docker-compose.yml down
Login:
docker login --username admin my-registry:5000
sudo usermod -aG docker myuser #add user "myuser" to docker group