Skip to content

Instantly share code, notes, and snippets.

@4mirul

4mirul/docker-basic.md

Last active February 20, 2023 12:38
Show Gist options
  • Star 2 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save 4mirul/3298f79b15e89aa55a05e278bbe8b6a3 to your computer and use it in GitHub Desktop.
Save 4mirul/3298f79b15e89aa55a05e278bbe8b6a3 to your computer and use it in GitHub Desktop.
Download ZIP
docker-and-notes
Raw
docker-basic.md

Docker basic

Version
Docker client version 20.10.12
Docker server version 20.10.12

link

docker version

docker info

docker top <container> - list running processes in specific container

docker container top

docker container inspect - show metadata about the container

docker container stats - show live performance data for all containers

docker run hello-world - create image if still dont have and run the image

docker run -d hello-world - create image if still dont have and run the image in the background

docker run -it <container> bash - start container interactively

docker create hello-world - create the image, it download from docker hub if still not exist

docker start hello-world - start the image without attach to it(cannot see the output)

docker start -a hello-world - start the image and attach to it so the output will show

docker ps - list active container

docker container ls - list active container

docker ps --all - list active and inactive container

docker system df - see space usage

docker image prune -a - remove unused images

docker start <container-id> - start the previous container(with previous image and previous command)

docker start -a <container-id> - start the previous container(with previous image and previous command) and able to see the output because of attach option

docker system prune - delete all stopped containers, delete networks not used, delete dangling images, delete all build cache

docker logs <container-id> - check the logs of the container, can use this to see output if running container without attach option

docker stop <container-id> - stop a container without force (SIGTERM)

docker kill <container-id> - stop a container with force (SIGKILL). Immediately kill it

docker exec -it <container-id> <command> - execute command inside running container. (-i allow to send input to the container, -t allow to see properly)

docker exec -it <container-id> sh - run shell inside the running container

docker exec -it <container-id> bash - run bash inside the running container

docker run -it <container-id> sh - run container with sh command

docker container port <container> - check container port

docker network ls

docker network inspect

docker network create --driver

docker network connect

docker network disconnect

docker inspect --format='{{ .NetworkSettings.IPAddress}}' <container>

docker image history <repository> - check image history

docker image inspect <repository> - inspect image

docker images - list all images

docker image tag <repository/image>:<tag> <repository/image>:<tag>

docker image push <repository/image>:<tag> - push image to registry(docker hub), need to login with docker login

docker volume create <name> - create volume

Dockerfile to create the image, Dockerfile contain FROM, RUN and CMD. below example

FROM alpine

RUN apk add --update redis

CMD ["redis-server"]

docker build -t <docker-id>/<project-name>:<version> . - build a container with tag option, example docker build -t oyuu/testcontainer:latest

docker commit -c 'CMD ["<command>"]' <container-id> - build a container from another container with new command.

docker commit -c "CMD '<command>'" <container-id> - for windows, build a container from another container with new command.

docker run -p 8080:8080 <container-id> - running web application with port mapping, docker port mapping change when we running container not inside Dockerfile

below example Dockerfile webapp

#base image
FROM node:alpine
#working directory, any command after this lines will be inside this working directory
WORKDIR /usr/app
#copy files from the build folder to the container(inside working directory location). If the files inside build folder got changing, the build process will rerun the copy and after that instead of using caches.
COPY ./ ./

RUN npm install

CMD [ "npm","start"]

below example Dockerfile webapp with improvement. the RUN command will not take longer time for build if files under ./ except package.json got changes.

#base image
FROM node:alpine
#working directory, any command after this lines will be inside this working directory
WORKDIR /usr/app

COPY --chown=node:node ./package.json ./

RUN npm install

COPY  --chown=node:node ./ ./

CMD [ "npm","start"]

below the output build process after the improvement

PS Y:\work\github\docker-and-kubernetes\simpleweb> docker build -t oyuu/simpleweb .
[+] Building 7.2s (11/11) FINISHED
 => [internal] load build definition from Dockerfile
 => => transferring dockerfile: 174B
 => [internal] load .dockerignore
 => => transferring context: 2B
 => [internal] load metadata for docker.io/library/node:alpine
 => [auth] library/node:pull token for registry-1.docker.io
 => [1/5] FROM docker.io/library/node:alpine@sha256:6f8ae702a7609f6f18d81ac72998e5d6f5d0ace9a13b866318c76340c6d986b2
 => [internal] load build context
 => => transferring context: 233B
 => CACHED [2/5] WORKDIR /usr/app
 => [3/5] COPY ./package.json ./
 => [4/5] RUN npm install
 => [5/5] COPY ./ ./
 => exporting to image
 => => exporting layers
 => => writing image sha256:3adb95dfee69603a642bf9d8fe95aa7c2d978878f16734e59e7c16b86c18220d
 => => naming to docker.io/oyuu/simpleweb
PS Y:\work\github\docker-and-kubernetes\simpleweb> docker build -t oyuu/simpleweb .
[+] Building 1.5s (10/10) FINISHED
 => [internal] load build definition from Dockerfile
 => => transferring dockerfile: 32B
 => [internal] load .dockerignore
 => => transferring context: 2B
 => [internal] load metadata for docker.io/library/node:alpine
 => [1/5] FROM docker.io/library/node:alpine@sha256:6f8ae702a7609f6f18d81ac72998e5d6f5d0ace9a13b866318c76340c6d986b2
 => [internal] load build context
 => => transferring context: 303B
 => CACHED [2/5] WORKDIR /usr/app
 => CACHED [3/5] COPY ./package.json ./
 => CACHED [4/5] RUN npm install
 => [5/5] COPY ./ ./
 => exporting to image
 => => exporting layers
 => => writing image sha256:f9d1d3afb4a6d783abff6a6e3dde9be1cffd08c82ee20a58fc548220cce58318
 => => naming to docker.io/oyuu/simpleweb

docker-compose - start up multiple docker containers at the same time, automates some of the long arguments that were passing to docker run

version: "3"
services:
  redis-server:
    image: "redis"
  node-app:
    build: . #build the dockerfile in current directory
    ports:
      - "4001:8081" #dash means array because can map many ports.

docker-compose up - run docker-compose.yml at the current location

docker-compose up --build - run docker-compose.yml with the build option at the current location

docker-compose up -d - run docker-compose.yml in the background

docker-compose down - stop all container in the docker-compose.yml

restart policies in docker-compose, below detail and example nodejs app with process.exit(0), exit with code okay

"no" - never attemt to restart this container if stops or crashes
"always" - if this container stops for anyreason, always attempt to restart it
"on-failure" - only restart if the container stops with an error code(not "0")
"unless-stopped" - always restart unless the developer forcibly stop it
const express = require("express");
const redis = require("redis");

const app = express();
const client = redis.createClient({
  host: "redis-server",
  port: 6379,
});
client.set("visits", 0);

app.get("/", (req, res) => {
  process.exit(0); //exit with 0 means everything is okay, with other value means something went wrong
  client.get("visits", (err, visits) => {
    res.send("Number of visits is " + visits);
    client.set("visits", parseInt(visits) + 1);
  });
});

app.listen(8081, () => {
  console.log("Listening on port 8081");
});

docker build -f Dockerfile.dev . - run docker build with specific Dockerfile name

docker run -v $(pwd):/app <image-id> - create a container with volume mapping current directory to container directory

docker run -v /app/node_modules -v $(pwd):/app <image-id> - -v /app/node_modules means dont map and keep using the container files

docker-compose.yml file with detail on build. for development purpose

version: "3"
services:
  web:
    build:
      context: . #Dockerfile location
      dockerfile: Dockerfile.dev #file name
    ports:
      - 3300:3000
    volumes:
      - /app/node_modules
      - .:/app

Dockerfile example for production build

FROM node:16-alpine as builder

WORKDIR '/app'

COPY ./package.json .

RUN npm install

COPY ./ ./

RUN npm run build

FROM nginx

COPY --from=builder /app/build /usr/share/nginx/html

complex exercise, below file tree and docker-compose.yml

complex
├── client
│   ├── Dockerfile.dev
│   ├── node_modules
│   ├── package.json
│   ├── public
│   │   ├── favicon.ico
│   │   ├── index.html
│   │   ├── logo192.png
│   │   ├── logo512.png
│   │   ├── manifest.json
│   │   └── robots.txt
│   ├── README.md
│   └── src
│       ├── App.css
│       ├── App.js
│       ├── App.test.js
│       ├── Fib.js
│       ├── index.css
│       ├── index.js
│       ├── logo.svg
│       ├── OtherPage.js
│       ├── serviceWorker.js
│       └── setupTests.js
├── docker-compose.yml
├── nginx
│   ├── default.conf
│   └── Dockerfile.dev
├── server
│   ├── Dockerfile.dev
│   ├── index.js
│   ├── keys.js
│   ├── node_modules
│   └── package.json
└── worker
    ├── Dockerfile.dev
    ├── index.js
    ├── keys.js
    ├── node_modules
    └── package.json

9 directories, 30 files


version: "3"
services:
  postgres:
    image: "postgres:latest"
    environment:
      - POSTGRES_PASSWORD=postgres_password
  redis:
    image: "redis:latest"
  nginx:
    depends_on:
      - api
      - client
    restart: always
    build:
      dockerfile: Dockerfile.dev
      context: ./nginx
    ports:
      - "3300:80"
  api:
    build:
      dockerfile: Dockerfile.dev
      context: ./server
    volumes:
      - /app/node_modules
      - ./server:/app
    environment: #below information for keys.js inside server and worker folder
      - REDIS_HOST=redis #from line no.7
      - REDIS_PORT=6379 #check redis documentation
      - PGUSER=postgres
      - PGHOST=postgres
      - PGDATABASE=postgres
      - PGPASSWORD=postgres_password
      - PGPORT=5432
  client:
    stdin_open: true
    build:
      dockerfile: Dockerfile.dev
      context: ./client
    volumes:
      - /app/node_modules
      - ./client:/app
  worker:
    build:
      dockerfile: Dockerfile.dev
      context: ./worker
    volumes:
      - /app/node_modules
      - ./worker:/app
    environment:
      - REDIS_HOST=redis
      - REDIS_PORT=6379
Raw
docker-compose.md

docker-compose

Version
Docker client version 20.10.12
Docker server version 20.10.12
docker-compose version 1.29.2, build 5becea4
docker-py version: 5.0.0

link

reusing existing volume with docker compose, below example. link

version: "3.5"
services:
  transmission:
    image: linuxserver/transmission
    container_name: transmission
    volumes:
      - transmission-config:/config
      - /path/to/downloads:/downloads
    ports:
      - 51413:51413
      - 51413:51413/udp
    networks:
      - rede
    restart: always

networks:
  rede:
    external: true
    name: rede
volumes:
  transmission-config:
    external: true
    name: transmission-config
Raw
dockerfile-instructions-with-examples.md

Dockerfile Instructions with Examples

link

#1: FROM –

FROM in Dockerfile Instruction used to specify Docker Image Name and start the build process

Example 1:

#specify a Base Image

FROM ubuntu:latest

Example 2:

#specify a Base Image

FROM node:12

#2: MAINTAINER –

MAINTAINER in Dockerfile Instruction is used to about the person who creates the Docker Image

Example:

MAINTAINER support@fosstechnix.com

#3: CMD –

CMD in Dockerfile Instruction is used to execute a command in Running container, There should be one CMD in a Dockerfile.

CMD executes the commands when your Docker Image is deployed.

Example 1:

# To run apache2 in foreground

CMD ["/usr/sbin/apache2", "-D", "FOREGROUND"]

Example 2:

FROM ubuntu:latest
CMD /bin/bash

#4: RUN –

RUN in Dockerfile Instruction is used to execute any commands on top of current Docker Image

RUN executes the command when you are building Image.

Example 1:

FROM ubuntu:latest
MAINTAINER support@fosstechnix.com
RUN apt-get update
RUN apt-get install -y apache2

If you want to run .sh(shell script) file inside Dockerfile

COPY test.sh .
RUN ./test.sh
#OR
RUN /path/to/test.sh

#5: LABEL –

LABEL in Dockerfile Instruction is used to specify metadata information of Docker Image.

Example:

FROM ubuntu:latest
LABEL "author"="FOSS TechNIx"
LABEL "Date"="2020-09-29"

#6: EXPOSE –

EXPOSE in Dockerfile Instruction is used to specify Network port for Docker container

Example 1:

# To Expose port 80 of Docker container

EXPOSE 80

Example 2:

EXPOSE 8080/tcp

#7: ENV –

ENV in Dockerfile Instruction is used to set Environment Variables with key and value.

Example 1:

FROM node:12
ENV workdirectory /usr/node

#8: ADD –

ADD: Copies a file and directory from your host to Docker image, however can also fetch remote URLs, extract TAR/ZIP files, etc. It is used downloading remote resources, extracting TAR/ZIP files.

Syntax:

ADD <source>... <destination>

Example 1:

ADD java/jdk-8u231-linux-x64.tar /opt/jdk/

Example 2:

ADD https://fosstechnix.com/test.tar.xz /home/ubuntu/test/

#9: COPY –

COPY in Dockerfile Instruction used to Copies a file or directory from your host to Docker image, It is used to simply copying files or directories into the build context.

Syntax:

COPY <source>... <destination>

Example 1:

# To Install All dependencies for Node.js App

COPY package\*.json ./

RUN npm install

# To copy all application packages

COPY . .

Example 2:

COPY index.html /var/www/html

#10: ENTRYPOINT –

ENTRYPOINT in Dockerfile Instruction is used you to configure a container that you can run as an executable.

ENTRYPOINT specifies a commands that will executes when the Docker container starts.

Example 1:

FROM ubuntu:latest

ENTRYPOINT ["ls"]

#11: VOLUME –

VOLUME in Dockerfile Instruction is used to create or mount volume to docker container.

Example 1:

FROM node:12
RUN mkdir /node
WORKDIR /node
RUN echo "Welcome to Node.js" > node
VOLUME /node

#12: USER –

USER in Dockerfile Instruction is used to set the user name and UID when running container

Example 1:

USER admin

To create new user in Dockerfile and login to user.

Example 2:

RUN adduser -D admin
USER admin

#13: WORKDIR –

WORKDIR in Dockerfile Instruction is used to set the working directory.

Example 1:

# To Create nodejsapp directory

WORKDIR /nodejsapp

#14: ARG –

ARG in Dockerfile Instruction is used to set Environment variables with key and value during the image build .

Example 1:

ARG JAVA_PATH=/opt/jdk/jdk1.8.0_251

ENV JAVA_HOME ${JAVA_PATH}

#15: ONBUILD –

ONBUILD in Dockerfile Instruction is used to specify command that runs when the image in Dockerfile is used as base image for another image.

Examples 1:

FROM node:12
RUN mkdir -p /usr/node/app
WORKDIR /usr/node/app
ONBUILD COPY package.json /usr/node/app/
ONBUILD RUN npm install
ONBUILD COPY . /usr/node/app
CMD [ "npm", "start" ]

#16: STOPSIGNAL –

STOPSIGNAL in Dockerfile Instruction is used to set the system call signal that will be sent to the container to exit

Example 1:

STOPSIGNAL SIGQUIT

#17: SHELL –

SHELL in Dockerfile Instruction is used to set the default shell.

Example:

SHELL ["/bin/bash", "-c", "echo hello"]

#18: HEALTHCHECK –

HEALTHCHECK in Dockerfile Instruction is used to Check container health by running a command inside the container

Example 1:

FROM ubuntu:latest
HEALTHCHECK --interval=60s --timeout=5s \
 CMD curl -f http://fosstechnix.info/ || exit 1
EXPOSE 80

#19: .dockerignore –

.dockerignore in Dockerfile Instruction is used to prevent copy local modules and other unwanted file being copied into Docker Image.

Create a .dockerignore in same directory and you can add unwanted modules/files into it.

sudo nano .dockerignore

\*.yaml
**pycache**/
.git
.aws
.env
Raw
k8s.md

k8s

Version
Docker client version 20.10.12
Docker server version 20.10.12

cert-manager

kubectl version - check the client and server version

kubectl cluster-info - check cluster info

kubectl api-resources - list available objects/kind

kubectl api-versions - list all api version

kubectl get pods - to list all the pods

kubectl get services - to list all the services

kubectl get deployments - to list all the deployments

kubectl get events - to list all events/logs

kubectl get all - list pods, services, deployments, statefulsets, etc

kubectl get all --all-namespaces - list pods, services, deployments, statefulsets, etc in all namespaces

kubectl get all --namespace <namespace-name> - list for specific name

kubectl run <pod-name> --image nginx - create a pod using cli

kubectl create deployment <deployment-name> --image <image-name> - create deployment

kubectl scale deployments <deployment-name> --replicas n - scale the deployment to the number

kubectl describe pods <pod-name> -n <namespace-name> - show pod detail in specific namespace

kubectl describe pods -n <namespace-name> - show pods details of specific namespace

kubectl describe nodes -n <namespace-name> - show nodes details of specific namespace

kubectl get namespaces - list all namespaces

kubectl expose deployment <deployment-name> --port 8001 --name <name> --type NodePort - create clusterIP service for specific deployment/expose the specific port to other deployment/pod. type nodeport

kubectl apply -f <config-file> - to apply the configuration and create the object(pod,service .. etc), below example files to create the pod and the service

kubectl delete -f <config-file> - delete the object

kubectl create <job/deployment> <name> --image <image-name> --dry-run=<none/server/client> -o yaml - generate the deployment details in yaml form

kubectl expose /deployment/<name> --port <port> --dry-run=<none/server/client> -o yaml - generate the expose details in yaml form

kubectl explain <kind> --recursive - get all the keys each that specific kind supports

kubectl explain <kind>.<key> - get the key details for that kind

kubectl explain <kind>.<key>.<key> - get the specific key detail for that key for that kind

apiVersion: v1
kind: Pod
metadata:
  name: client-pod
  labels:
    component: web #labeling for nodeport/service to identify
    #tier: frontend #example
spec:
  containers:
    - name: client-pod
      image: stephengrider/multi-client
      ports:
        - containerPort: 3000
apiVersion: v1
kind: Service
metadata:
  name: client-node-port
spec:
  type: NodePort
  ports:
    - port: 3050 #port for outside container(or other pod) use to connect
      targetPort: 3000 #container port
      nodePort: 31515 #for outside world to connect
  selector:
    component: web
    #tier: frontend #example another option. the name not reserved
apiVersion: apps/v1
kind: Deployment
metadata:
  name: client-deployment
spec:
  replicas: 1
  selector:
    matchLabels:
      component: web
  template:
    metadata:a
      labels:
        component: web
    spec:
      containers:
      - name: client
        image: stephengrider/multi-client
        resources: # suggested
          limits: # suggested
            memory: "128Mi" # suggested
            cpu: "500m" # suggested
        ports:
        - containerPort: 3

kubectl set image <object_type>/<object_name> <container_name>=<new_image_to_use> - set Imperatively updating deployment image. set version on the image to use.

kubectl create secret generic <secret_name> --from-literal key=value - create secret information for kubectl files

link - refer this for ingress configuration

minikube dashboard - minikube dashboard for localhost only

kubectl proxy --address 0.0.0.0 --port 8002 --disable-filter=true - use this to access kubectl dashboard remotely and gog to link

helm - link k8s package manager

Labels

labels goes under metadata:. simple list of key: value for identifying.

kubectl get pods -l <key>=<value> - find pods with this label

kubectl apply -f <yaml-files> -l <key>=<value> - apply only matching labels

Label Selectores

  • telling services and deploymens which pods are their
  • use label selectors to "link" resource dependencies
  • user labels and selectors to control which pods go to which nodes
  • selectors goes under selector:

microk8s

link

Raw
swarm.md

Swarm

Version
Docker version 20.10.14

link

docker service create --name <name> <image> - create a service

docker service inspect <service-id> - inspect a service

docker service ls - list the services

docker service ps <service-id> - list the tasks of service

docker service rm <service-id> - delete a service

docker stack deploy -c <compose-name> <stack-name> - deploy a stack

docker stack ls - list stack

docker stack ps <stack-name> - list tasks in the stack

docker stack rm <stack-name> - delete stack

docker stack services <stack-name> - list services in the stack

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment