Last active
February 25, 2021 20:50
-
-
Save billyto/3b5502baf58b1a0f57a22750a9244d68 to your computer and use it in GitHub Desktop.
K8s discover
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Let's start with Docker | |
# Image is A filesytem + metadata + a command | |
# Dockerfile, requieres a base image ... use "docker build" command | |
# Images are stores in registries ie (Docker registry) | |
# pulling an image | |
docker image pull memcached | |
# Sequence for creating an image: | |
# Base image -> Derived Container -> New Image | |
# choice of image is important | |
# Creating a container and retrievin its ID | |
docker container run alpine apk add --no-cache python | |
docker container ls -l --format 'table {{.ID}}\t{{.Image}}\t{{.Command}}' | |
# alpine tiny linux distro (4mb) | |
#inspecting changes: | |
docker container diff acd451f0ef03 |less | |
# To create the image commit the container to an image | |
docker container commit -m "added python" acd451f0ef03 my-image:1.0 | |
docker image ls --format 'table {{.Repository}}\t{{.TAG}}\t{{.ID}}\t{{.Size}}' my-image:1.0 | |
#a docker image is just a json object (Layers by a hash!) | |
#layers have an order and are read only, they are assmbled as a union creating a file system with the image layer on top (RW). | |
# all the changes on the layers go to the image layer via "copy on write" | |
# a new image will have all the layers of the base image, having the RW layer as the last image layer of the new image | |
# IMAGE SIZE MATTERS | |
# less resources, faster startup times, less resource consumption. | |
# Image size has a direct bearing on push and pull times in workflows | |
# Flattering an image | |
# A container's filesystem can be dumped into a tar: | |
docker container export -o lighttpd-1.1.tar $(docker container ls -lq) | |
# if we check the archive for w-get, there isn't any | |
tar -xvf lighttpd-1.1.tar | grep wget | |
# then can be imported as a single layer image ( w/o the redundant part) | |
docker image import lighttpd-1.1.tar lighttpd:1.1 | |
# How the image was built? | |
docker image history lighttpd:1.0 | trunc | |
# BUILDING DOCKER IMAGES | |
# Base image specified in the Dockerfile | |
docker image build -t my_image . | |
# . is the build context | |
# each step uses the output intermediate image of the previous step | |
# intermediate images are kept to speed up future builds. | |
# Docker deamon vs Docker client (local files, http GET tar. or git repo) | |
# .dockerignore what should be excluded from the archive being sent to the deamon | |
# default name is "Dockerfile" at the root of the build context. | |
# Instructions are executed in containers in order to create: | |
# Filesystem content or add active/passive metadata | |
docker image build --build-arg USER=aws -t awscli:1.0 . | |
docker image build -t awscli:1.1 . | |
# depending the order of instructions, buidl time can be optomized, lets remove prior images | |
docker image rm awscli:1.0 awscli:1.1 | |
# AUTHORING DOCKER IMAGES | |
# FROM Instruction (specify base image) | |
# must be the first instruction | |
# 'scratch' means build no base image to start. | |
FROM <repository>[<:tag>] #default is 'latest' | |
FROM <repository>[<@digest>] #digest fo the image manifest | |
docker image inspect --format '{{.RepoDigests}}' ubuntu | |
# ENV Instruction (for both the build and the runtime) | |
# varibale and value persist into a derived container | |
# multiple varaibles can be defines with a single ENV or one ENV for each. | |
ENV <variable> <value> | |
ENV <variable> <value> | |
# or | |
ENV <variable=value> \ | |
<variable=value> | |
#ARG Instruction (vars that change from build to build) | |
#passsed by the comamnd line | |
ARG <variable[=default value]> # --build-arg | |
# it doesnt persist on the derived container | |
# altered build args break build cache at point consumed, not when declared | |
# Variables defined with ENV, override variables defined with ARG, thus build argument can be passed on to derived containers | |
ARG VERSION | |
... | |
ENV VERSION=${VERSION:-3.5.1} | |
#RUN Instruction (install, builds, clones, etc) | |
RUN <command parameter ...> #shell form | |
RUN <["executable", "parameter", ...]> #when no shell in the image | |
#build cache breaks only if instruction alters | |
# Best Practice: ie | |
#each RUN creates a layer | |
RUN apt-get update | |
RUN apt-get install -y wget | |
RUN rm- rf /var/lib/apt/lists/* | |
# but this creates a single layer: | |
RUN apt-get update && \ | |
apt-get install -y wget && \ | |
rm- rf /var/lib/apt/lists/* | |
# COPY Instruction (forget about ADD) | |
COPY <src> ... <dst> | |
COPY ["<src>" ... "<dst>"] | |
# copy artifacts to the image, globbina characters are allowed | |
COPY foo /bar # File or dir called 'foo' copied as /bar | |
COPY foo /bar/ # File called 'foo' copied as /bar/foo, directory 'foo' copied as /bar | |
COPY path/foo /bar # File or dir called 'foo' copied as /bar | |
COPY path/tmp* /bar/ # All files or dirs located at path, copied to a directory /bar | |
COPY foo bar # File or directory called 'foo' copied as bar, lcoated relative to the previous WORKDIR instruction. | |
# Execution | |
# CMD Instruction (define a default command or default paramentes to ENTRYPOINT) | |
CMD <command parameter ...> or <parameter parameter ...> | |
CMD ["<command>", "<parameter>", ...] #exec form (preferred) and used for defaul parameters. | |
# command line arguments override CMD | |
# ENTRYPOINT Instruction (used to define an executable) | |
ENTRYPOINT <executable parameter ...> #shell uses linux signals, child process to the shell | |
ENTRYPOINT ["<executable>", "<parameter>", ...] #preferred, intented process, bypasses the shell pip 1. | |
# commad line arguments are appended | |
# (to run a container) | |
docker image build -t demo . | |
docker container run demo | |
# HEALTHCHECK Instruction (Test container health) | |
HEALTHCHECK [options] CMD <command> | |
HEALTCHECK NONE | |
# 0 is healthy, 1 is unhealthy | |
# runs periodically | |
# --interval N 30 secs is default | |
# --timeout and --retries (3 times default) | |
# Health status is available via docker cli, when a health check fails, and event is raised. | |
HEALTHCHECK --interval=3s CMD --fail -m 2 http://localhost:80/ || exit 1 | |
#to check | |
docker system events --since 30m --filter event=health_status | |
# Deferring instruction execution | |
# Authoring base in another base image... but some instructions needs to be used in a specific context (later) | |
# ONBUILD Instruction (provides a means to impose method on image use, defers execution of instruction) | |
ONBUILD <instruction> | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment