Skip to content

Instantly share code, notes, and snippets.

@danielkraic

danielkraic/docker-swarm.md

Created June 6, 2018 11:08
Show Gist options
  • Save danielkraic/66c838ad1de901450d9d3becb8cf73b0 to your computer and use it in GitHub Desktop.
Save danielkraic/66c838ad1de901450d9d3becb8cf73b0 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
docker-swarm.md

docker

docker version
docker info

run

docker run hello-world
docker run -p 4000:80 friendlyhello
docker run -d -p 4000:80 friendlyhello

container

docker container ls
docker container ls -a
docker container ls -aq
docker container stop <hash>           # Gracefully stop the specified container
docker container kill <hash>         # Force shutdown of the specified container
docker container rm <hash>
docker container rm $(docker container ls -a -q)

build images

docker build -t friendlyhello .

docker image ls
docker image ls -a
docker image rm <image id>
docker image rm $(docker image ls -a -q)

docker login
docker tag <image> username/repository:tag
docker push username/repository:tag

compose

version: "3"
services:
  web:
    # replace username/repo:tag with your name and image details
    image: username/repo:tag
    deploy:
      replicas: 5
      restart_policy:
        condition: on-failure
      resources:
        limits:
          cpus: "0.1"
          memory: 50M
    ports:
      - "80:80"
    networks:
      - webnet
  visualizer:
    image: dockersamples/visualizer:stable
    ports:
      - "8080:8080"
    volumes:
      - "/var/run/docker.sock:/var/run/docker.sock"
    deploy:
      placement:
        constraints: [node.role == manager]
    networks:
      - webnet
  redis:
    image: redis
    ports:
      - "6379:6379"
    volumes:
      - "/home/docker/data:/data"
    deploy:
      placement:
        constraints: [node.role == manager]
    command: redis-server --appendonly yes
    networks:
      - webnet
networks:
  webnet:

swarm

docker init
docker swarm leave  # Make the worker leave the swarm
docker swarm leave -f # Make master leave, kill swarm
docker swarm join-token -q worker

docker node ls
docker node inspect <node ID>
docker stack ls
docker stack deploy -c <composefile> <appname>
docker stack deploy --with-registry-auth -c <composefile> <appname>
docker stack rm <appname>

docker service ls
docker service ps <service>
docker inspect <task or container>

machine

docker-machine ls
docker-machine create --driver virtualbox myvm1
docker-machine create -d hyperv --hyperv-virtual-switch "myswitch" myvm1 # Win10
docker-machine start myvm1
docker-machine stop $(docker-machine ls -q)               # Stop all running VMs
docker-machine rm $(docker-machine ls -q) # Delete all VMs and their disk images
eval $(docker-machine env -u)     # Disconnect shell from VMs, use native docker

docker-machine env myvm1 # View basic information about your node
docker-machine ssh myvm1
docker-machine ssh myvm1 "docker stack deploy -c <file> <app>"
docker-machine scp docker-compose.yml myvm1:~

secret

docker secret ls
printf "This is a secret" | docker secret create my_secret_data -
docker secret rm my_secret_data
docker service  create --name redis --secret my_secret_data redis:alpine
docker service update --secret-rm my_secret_data redis
docker container exec -it $(docker ps --filter name=redis -q) cat /run/secrets/my_secret_data
docker secret create site.key site.key # will create /run/secrets/site.key
docker secret create site.crt site.crt
docker config create site.conf site.conf
docker secret ls
docker config ls
docker service create \
     --name nginx \
     --secret site.key \
     --secret site.crt \
     --config source=site.conf,target=/etc/nginx/conf.d/site.conf,mode=0440 \
     --publish published=3000,target=443 \
     nginx:latest \
     sh -c "exec nginx -g 'daemon off;'"
docker config create site-v2.conf site.conf
docker service update \
  --config-rm site.conf \
  --config-add source=site-v2.conf,target=/etc/nginx/conf.d/site.conf,mode=0440 \
  nginx
docker service rm nginx
docker secret rm site.crt site.key
docker config rm site.conf site-v2.conf
openssl rand -base64 20 | docker secret create mysql_password -
openssl rand -base64 20 | docker secret create mysql_root_password -
docker network create -d overlay mysql_private
docker service create \
     --name mysql \
     --replicas 1 \
     --network mysql_private \
     --mount type=volume,source=mydata,destination=/var/lib/mysql \
     --secret source=mysql_root_password,target=mysql_root_password \
     --secret source=mysql_password,target=mysql_password \
     -e MYSQL_ROOT_PASSWORD_FILE="/run/secrets/mysql_root_password" \
     -e MYSQL_PASSWORD_FILE="/run/secrets/mysql_password" \
     -e MYSQL_USER="wordpress" \
     -e MYSQL_DATABASE="wordpress" \
     mysql:latest
docker service create \
     --name wordpress \
     --replicas 1 \
     --network mysql_private \
     --publish published=30000,target=80 \
     --mount type=volume,source=wpdata,destination=/var/www/html \
     --secret source=mysql_password,target=wp_db_password,mode=0400 \
     -e WORDPRESS_DB_USER="wordpress" \
     -e WORDPRESS_DB_PASSWORD_FILE="/run/secrets/wp_db_password" \
     -e WORDPRESS_DB_HOST="mysql:3306" \
     -e WORDPRESS_DB_NAME="wordpress" \
     wordpress:latest
openssl rand -base64 20 | docker secret create mysql_password_v2 -
docker service update \
     --secret-rm mysql_password mysql
docker service update \
     --secret-add source=mysql_password,target=old_mysql_password \
     --secret-add source=mysql_password_v2,target=mysql_password \
     mysql
docker service update \
     --secret-rm mysql_password \
     --secret-add source=mysql_password_v2,target=wp_db_password,mode=0400 \
     wordpress 
docker service update \
     --secret-rm mysql_password \
     mysql
docker secret rm mysql_password
docker service rm wordpress mysql
docker volume rm mydata wpdata
docker secret rm mysql_password_v2 mysql_root_password
version: '3.1'

services:
   db:
     image: mysql:latest
     volumes:
       - db_data:/var/lib/mysql
     environment:
       MYSQL_ROOT_PASSWORD_FILE: /run/secrets/db_root_password
       MYSQL_DATABASE: wordpress
       MYSQL_USER: wordpress
       MYSQL_PASSWORD_FILE: /run/secrets/db_password
     secrets:
       - db_root_password
       - db_password

   wordpress:
     depends_on:
       - db
     image: wordpress:latest
     ports:
       - "8000:80"
     environment:
       WORDPRESS_DB_HOST: db:3306
       WORDPRESS_DB_USER: wordpress
       WORDPRESS_DB_PASSWORD_FILE: /run/secrets/db_password
     secrets:
       - db_password


secrets:
   db_password:
     file: db_password.txt
   db_root_password:
     file: db_root_password.txt

volumes:
    db_data:

config

echo "This is a config" | docker config create my-config -
docker config ls
docker service create --name redis --config my-config redis:alpine
docker container exec $(docker ps --filter name=redis -q) ls -l /my-config
docker config rm my-config
docker service update --config-rm my-config redis
docker service rm redis
docker config rm my-config

docker config create homepage index.html
docker service create
    --name my-iis
    --publish published=8000,target=8000
    --config src=homepage,target="\inetpub\wwwroot\index.html"
    microsoft/iis:nanoserver
docker service rm my-iis
docker config rm homepage
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment