Skip to content

Instantly share code, notes, and snippets.

@afonsoaugusto

afonsoaugusto/Docker-commands.md

Last active February 27, 2019 21:00
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save afonsoaugusto/b410fb1d5315ed4661037f8d79591b8b to your computer and use it in GitHub Desktop.
Save afonsoaugusto/b410fb1d5315ed4661037f8d79591b8b to your computer and use it in GitHub Desktop.
Download ZIP
Raw
Docker-commands.md

Comandos docker treinamento:

First Alpine Linux Containers

  • Baixa e executa o container
docker container run hello-world
  • Faz o download da imagem:
docker image pull alpine
  • lista as imagens:
docker image ls
  • Executa um comando em um novo container: $ docker run [OPTIONS] IMAGE [COMMAND] [ARG...]
docker container run alpine ls -l
docker container run alpine echo "hello from alpine"
docker container run -it alpine /bin/sh
  • Listar os containers:
docker container ls -a
  • Iniciar um container:
docker container start <container ID>
# mantém a imagem do alpine rodando
docker run -d --name alpine alpine tail -f /dev/null
  • Executa um comando em um container rodando: $ docker exec [OPTIONS] CONTAINER COMMAND [ARG...]
docker container exec <container ID> ls
docker exec -it alpine sh

Doing More With Docker Images

  • Subindo um container ubuntu e executando o bash
docker container run --name ubuntu_custom -ti ubuntu bash
$ apt-get update -y && apt-get install -y figlet && figlet "hello docker" 
$ exit
  • Listando os containers
docker container ls -a
  • Verificar o que foi alterado da imagem base no container
docker container diff <container ID>
docker container diff ubuntu_custom
  • Criando uma imagem a partir do container: $ docker container commit [OPTIONS] CONTAINER [REPOSITORY[:TAG]]
docker container commit CONTAINER_ID
docker container commit ubuntu_custom

docker image tag b07587b9706f ourfiglet
docker image ls

docker container commit ubuntu_custom ourfiglet2:latest
docker image ls
  • Criando o container a partir da imagem criada
docker container run ourfiglet figlet hello
  • Criando uma imagem usando Dockerfile
mkdir app
cd app
echo "
var os = require(\"os\");
var hostname = os.hostname();
console.log(\"hello from \" + hostname);
" > index.js; cat index.js

FROM alpine
RUN apk update && apk add nodejs
COPY . /app
WORKDIR /app
CMD ["node","index.js"]
docker image build -t hello:v0.1 .
docker container run hello:v0.1

alt text

  • Camadas de uma imagem: $ docker image history [OPTIONS] IMAGE
docker image history <image ID>
docker image history hello:v0.1

[node1] (local) root@192.168.0.13 ~/app
$ docker image history hello:v0.1
IMAGE               CREATED             CREATED BY                                      SIZE                COMMENT
c1d5ca73fef6        27 seconds ago      /bin/sh -c #(nop)  CMD ["node" "index.js"]      0B
de9c2cac972a        27 seconds ago      /bin/sh -c #(nop) WORKDIR /app                  0B
402ac2d9e868        27 seconds ago      /bin/sh -c #(nop) COPY dir:5996afc0125d288c1…   189B
19b57ad6a3bb        28 seconds ago      /bin/sh -c apk update && apk add nodejs         27.6MB
caf27325b298        3 weeks ago         /bin/sh -c #(nop)  CMD ["/bin/sh"]              0B
<missing>           3 weeks ago         /bin/sh -c #(nop) ADD file:2a1fc9351afe35698…   5.53MB
[node1] (local) root@192.168.0.13 ~/app
  • Verificando detalhes de uma imagem: $ docker image inspect [OPTIONS] IMAGE [IMAGE...]
docker image inspect alpine
# filtrar uma informação em especifico:
docker image inspect --format "{{ json .RootFS.Layers }}" alpine

Swarm Mode indução à multiplos containers

  • Inicializando o master Swarm:
docker swarm init --advertise-addr $(hostname -i)
  • Adicionando um nó ao cluster:
docker swarm join --token SWMTKN-1-4o0g67xuc3rwy0ro67ik54hvjd6nhpwor2f1sqnaeh1wkcdkxl-0bor618rwxpblqvnqh3akn1y6 192.168.0.23:2377
  • Checando os nós:
docker node ls

alt text

  • Download da aplicação
git clone https://github.com/docker/example-voting-app
cd example-voting-app
  • Deploy stack swarm: $ docker stack deploy [OPTIONS] STACK
docker stack deploy --compose-file=docker-stack.yml voting_stack
  • listando stacks online:
docker stack ls

# $ docker stack --help

# Usage:  docker stack [OPTIONS] COMMAND
 
# Manage Docker stacks
 
# Options:
#       --orchestrator string   Orchestrator to use (swarm|kubernetes|all)
 
# Commands:
#   deploy      Deploy a new stack or update an existing stack
#   ls          List stacks
#   ps          List the tasks in the stack
#   rm          Remove one or more stacks
#   services    List the services in the stack
  • Listando serviços da stack:
docker stack services voting_stack
  • Listar as tarefas de um ou mais serviços: $ docker service ps [OPTIONS] SERVICE [SERVICE...]
docker service ps voting_stack_vote

$ docker service ps voting_stack_vote
ID                  NAME                  IMAGE                                        NODE                DESIRED STATE       CURRENT STATE            ERROR               PORTS
ltp3d663aqrx        voting_stack_vote.1   dockersamples/examplevotingapp_vote:before   node2               Running             Running 19 minutes ago
srutackfdpts        voting_stack_vote.2   dockersamples/examplevotingapp_vote:before   node1               Running             Running 19 minutes ago
  • Escalando a aplicação: $ docker service scale SERVICE=REPLICAS [SERVICE=REPLICAS...]
docker service scale voting_stack_vote=5

Comandos Rapidos:

# Stop all
docker stop $(docker ps -a -q)
# Remove all
docker container rm $(docker container ls -aq)

# Entrar Bash
docker exec -it <container> bash
Raw
Docker-network.md

Docker Networking Hands-on Lab

$ docker network

Usage:  docker network COMMAND

Manage networks

Commands:
  connect     Connect a container to a network
  create      Create a network
  disconnect  Disconnect a container from a network
  inspect     Display detailed information on one or more networks
  ls          List networks
  prune       Remove all unused networks
  rm          Remove one or more networks
  • Step 2: List networks
docker network ls
  • Step 3: Inspect a network
docker network inspect bridge
  • Step 4: View information docker : $ docker info [OPTIONS]
docker info

Section #2 - Bridge Networking

Uma bridge é uma interface de rede lógica composta por uma ou mais interfaces de rede física operando em nível 2 (enviando pacotes através de MAC adresses, veja [ch-rede.html#s-rede-camadas Camadas de Rede, Seção 4.10]). Sua operação é transparente na rede, podendo ser usada como um switch/firewall, estação de monitoração, etc. Aqui descreverei como montar uma bridge simples e uma aplicação de firewall simples. As possibilidades são diversas e uma configuração bem feita pode detectar ataques, protocolos desconhecidos até vírus complexos de rede.

  • Step 1: The Basics
docker network ls

apk update
apk add bridge

Listar todas as redes docker locais:

brctl show

[root@centosdell RaspberryPi]# brctl show
bridge name	bridge id		STP enabled	interfaces
docker0		8000.02424c70e2c4	no		
virbr0		8000.5254003ec863	yes		virbr0-nic
[root@centosdell RaspberryPi]#

Detalhar as redes locais:

ip a

6: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default 
    link/ether 02:42:4c:70:e2:c4 brd ff:ff:ff:ff:ff:ff
    inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
       valid_lft forever preferred_lft forever
  • Step 2: Connect a container:
docker run -dt ubuntu sleep infinity
docker ps
brctl show

$ docker ps
CONTAINER ID        IMAGE               COMMAND             CREATED              STATUS              PORTS               NAMES
e132018a414b        ubuntu              "sleep infinity"    About a minute ago   Up About a minute                       elegant_noether
[node1] (local) root@192.168.0.23 ~
$ brctl show
bridge name     bridge id               STP enabled     interfaces
docker0         8000.0242d0e0753d       no              veth9d3999c

Verificar os containers utilizando a rede

docker network inspect bridge

....
        "Containers": {
            "e132018a414b735d292659e4177ee751f652a1e357ea114f4a7f20de6434400d": {
                "Name": "elegant_noether",
                "EndpointID": "788dcc71e8d6c9ce4aa04e18574e90965368510345751eab18b2885906a6df06",
                "MacAddress": "02:42:ac:11:00:02",
                "IPv4Address": "172.17.0.2/16",
                "IPv6Address": ""
            }
        },
....
  • Step 3: Test network connectivity
ping -c5 172.17.0.2

#docker exec -it yourcontainerid /bin/bash
docker exec -it e132018a414b /bin/bash
apt-get update && apt-get install -y iputils-ping
ping -c5 www.github.com
exit

#docker stop yourcontainerid
docker stop e132018a414b
  • Step 4: Configure NAT for external connectivity
docker run --name web1 -d -p 8080:80 nginx
curl 127.0.0.1:8080

Section #3 - Overlay Networking

  • Step 1: The Basics
docker swarm init --advertise-addr $(hostname -i)

docker swarm join --token SWMTKN-1-4s12oa89kf6fs80rvbfe7x96wx1bw3b4284sa844smlw0guqzb-2aprzt05xx2abzsxw2dr918lm 192.168.0.23:2377
  • Step 2: Create an overlay network: $ docker network create [OPTIONS] NETWORK
docker network create -d overlay overnet

$ docker network ls
NETWORK ID          NAME                DRIVER              SCOPE
e9267720b5b6        bridge              bridge              local
a5b22bc5c5b5        docker_gwbridge     bridge              local
c6584c90d61b        host                host                local
lygkti0tj6q9        ingress             overlay             swarm
d4152022eaa2        none                null                local
yr3dq2mfp7s2        overnet             overlay             swarm

Detalhando a rede criada:

docker network inspect overnet
  • Step 3: Create a service: $ docker service create [OPTIONS] IMAGE [COMMAND] [ARG...]
docker service create --name myservice \
--network overnet \
--replicas 2 \
ubuntu sleep infinity

docker service ls
docker service ps myservice

docker network inspect overnet
...
"Peers": [
            {
                "Name": "fb576da4e189",
                "IP": "192.168.0.13"
            },
            {
                "Name": "a22f4dee9915",
                "IP": "192.168.0.12"
            }
        ]
...
  • Step 4: Test the network
docker network inspect overnet

$ docker ps
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS       PORTS               NAMES
35109477db03        ubuntu:latest       "sleep infinity"    3 minutes ago       Up 3 minutes                           myservice.2.n6ddk75gmy0oyqiaxl8u31r9o

docker exec -it 35109477db03 /bin/bash
apt-get update && apt-get install -y iputils-ping
ping -c5 10.0.0.3
  • Step 5: Test service discovery
ping -c5 myservice
docker service inspect myservice

...
"Endpoint": {
            "Spec": {
                "Mode": "vip"
            },
            "VirtualIPs": [
                {
                    "NetworkID": "igkh7ic7yug7dfkoi50pk71qw",
                    "Addr": "10.0.0.4/24"
                }
            ]
        }
...
  • Cleaning Up
docker service rm myservice

#docker kill yourcontainerid1 yourcontainerid2
docker kill 35109477db03

docker swarm leave --force
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment