Docker Initialization Command

docker-initialization-for-mac-linux.md

Docker Image Initialization (Mac)

Basically, these command is doing mapping local host’s file system to docker container.

[TOC]

Command Instructions: docker run

docker run --help

Usage:    docker run [OPTIONS] IMAGE [COMMAND] [ARG...]

Run a command in a new container

Options:
      --add-host list                  Add a custom host-to-IP mapping (host:ip)
  -a, --attach list                    Attach to STDIN, STDOUT or STDERR
      --blkio-weight uint16            Block IO (relative weight), between 10 and 1000, or 0 to disable (default 0)
      --blkio-weight-device list       Block IO weight (relative device weight) (default [])
      --cap-add list                   Add Linux capabilities
      --cap-drop list                  Drop Linux capabilities
      --cgroup-parent string           Optional parent cgroup for the container
      --cidfile string                 Write the container ID to the file
      --cpu-period int                 Limit CPU CFS (Completely Fair Scheduler) period
      --cpu-quota int                  Limit CPU CFS (Completely Fair Scheduler) quota
      --cpu-rt-period int              Limit CPU real-time period in microseconds
      --cpu-rt-runtime int             Limit CPU real-time runtime in microseconds
  -c, --cpu-shares int                 CPU shares (relative weight)
      --cpus decimal                   Number of CPUs
      --cpuset-cpus string             CPUs in which to allow execution (0-3, 0,1)
      --cpuset-mems string             MEMs in which to allow execution (0-3, 0,1)
  -d, --detach                         Run container in background and print container ID
      --detach-keys string             Override the key sequence for detaching a container
      --device list                    Add a host device to the container
      --device-cgroup-rule list        Add a rule to the cgroup allowed devices list
      --device-read-bps list           Limit read rate (bytes per second) from a device (default [])
      --device-read-iops list          Limit read rate (IO per second) from a device (default [])
      --device-write-bps list          Limit write rate (bytes per second) to a device (default [])
      --device-write-iops list         Limit write rate (IO per second) to a device (default [])
      --disable-content-trust          Skip image verification (default true)
      --dns list                       Set custom DNS servers
      --dns-option list                Set DNS options
      --dns-search list                Set custom DNS search domains
      --domainname string              Container NIS domain name
      --entrypoint string              Overwrite the default ENTRYPOINT of the image
  -e, --env list                       Set environment variables
      --env-file list                  Read in a file of environment variables
      --expose list                    Expose a port or a range of ports
      --gpus gpu-request               GPU devices to add to the container ('all' to pass all GPUs)
      --group-add list                 Add additional groups to join
      --health-cmd string              Command to run to check health
      --health-interval duration       Time between running the check (ms|s|m|h) (default 0s)
      --health-retries int             Consecutive failures needed to report unhealthy
      --health-start-period duration   Start period for the container to initialize before starting health-retries countdown (ms|s|m|h)
                                       (default 0s)
      --health-timeout duration        Maximum time to allow one check to run (ms|s|m|h) (default 0s)
      --help                           Print usage
  -h, --hostname string                Container host name
      --init                           Run an init inside the container that forwards signals and reaps processes
  -i, --interactive                    Keep STDIN open even if not attached
      --ip string                      IPv4 address (e.g., 172.30.100.104)
      --ip6 string                     IPv6 address (e.g., 2001:db8::33)
      --ipc string                     IPC mode to use
      --isolation string               Container isolation technology
      --kernel-memory bytes            Kernel memory limit
  -l, --label list                     Set meta data on a container
      --label-file list                Read in a line delimited file of labels
      --link list                      Add link to another container
      --link-local-ip list             Container IPv4/IPv6 link-local addresses
      --log-driver string              Logging driver for the container
      --log-opt list                   Log driver options
      --mac-address string             Container MAC address (e.g., 92:d0:c6:0a:29:33)
  -m, --memory bytes                   Memory limit
      --memory-reservation bytes       Memory soft limit
      --memory-swap bytes              Swap limit equal to memory plus swap: '-1' to enable unlimited swap
      --memory-swappiness int          Tune container memory swappiness (0 to 100) (default -1)
      --mount mount                    Attach a filesystem mount to the container
      --name string                    Assign a name to the container
      --network network                Connect a container to a network
      --network-alias list             Add network-scoped alias for the container
      --no-healthcheck                 Disable any container-specified HEALTHCHECK
      --oom-kill-disable               Disable OOM Killer
      --oom-score-adj int              Tune host's OOM preferences (-1000 to 1000)
      --pid string                     PID namespace to use
      --pids-limit int                 Tune container pids limit (set -1 for unlimited)
      --privileged                     Give extended privileges to this container
  -p, --publish list                   Publish a container's port(s) to the host
  -P, --publish-all                    Publish all exposed ports to random ports
      --read-only                      Mount the container's root filesystem as read only
      --restart string                 Restart policy to apply when a container exits (default "no")
      --rm                             Automatically remove the container when it exits
      --runtime string                 Runtime to use for this container
      --security-opt list              Security Options
      --shm-size bytes                 Size of /dev/shm
      --sig-proxy                      Proxy received signals to the process (default true)
      --stop-signal string             Signal to stop a container (default "SIGTERM")
      --stop-timeout int               Timeout (in seconds) to stop a container
      --storage-opt list               Storage driver options for the container
      --sysctl map                     Sysctl options (default map[])
      --tmpfs list                     Mount a tmpfs directory
  -t, --tty                            Allocate a pseudo-TTY
      --ulimit ulimit                  Ulimit options (default [])
  -u, --user string                    Username or UID (format: <name|uid>[:<group|gid>])
      --userns string                  User namespace to use
      --uts string                     UTS namespace to use
  -v, --volume list                    Bind mount a volume
      --volume-driver string           Optional volume driver for the container
      --volumes-from list              Mount volumes from the specified container(s)
  -w, --workdir string                 Working directory inside the container

Command Instruction: docker network

docker network create --help

Usage:    docker network create [OPTIONS] NETWORK

Create a network

Options:
      --attachable           Enable manual container attachment
      --aux-address map      Auxiliary IPv4 or IPv6 addresses used by Network driver (default map[])
      --config-from string   The network from which copying the configuration
      --config-only          Create a configuration only network
  -d, --driver string        Driver to manage the Network (default "bridge")
      --gateway strings      IPv4 or IPv6 Gateway for the master subnet
      --ingress              Create swarm routing-mesh network
      --internal             Restrict external access to the network
      --ip-range strings     Allocate container ip from a sub-range
      --ipam-driver string   IP Address Management Driver (default "default")
      --ipam-opt map         Set IPAM driver specific options (default map[])
      --ipv6                 Enable IPv6 networking
      --label list           Set metadata on a network
  -o, --opt map              Set driver specific options (default map[])
      --scope string         Control the network's scope
      --subnet strings       Subnet in CIDR format that represents a network segment

Play with Docker

Play with Docker

Docker Image Registry

After instancing a portainer container, we should configure the docker image registry for China Mainland.

• Name: Ali Cloud Image Booster

  Registry URL: https://8wcoucg2.mirror.aliyuncs.com

• Name: Azure Container Registry Proxy

  Registry URL: https://dockerhub.azk8s.cn

Portainer

Portainer Official Docker Image

Additional attempts:

1. Name this container as portainer.
2. Avoid mapping local host’s 9000 port to docker container, due to conflicting with Spring Boot.
3. Directory /Users/johnny/docker-file-mapping/portainer is the storage data for Portainer.

docker run \
  --name portainer \
  -p 8000:8000 \
  -p 9001:9000 \
  --restart "always" \
  -v /var/run/docker.sock:/var/run/docker.sock \
  -v ~/docker-file-mapping/portainer:/data \
  -d portainer/portainer

Deploy Portainer via docker stack deploy or docker-compose

Example stack.yml for mysql:

version: "3.7"

services:
  portainer:
    container_name: portainer
    image: portainer/portainer:latest
    ports:
     - "8000:8000"
     - "9001:9000"
    restart: always
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - ~/docker-file-mapping/portainer:/data portainer/portainer

Portainer CE

docker run \
  -d -p 8000:8000 \
  -p 9001:9000 \
  --name=portainer \
  --restart=always \
  -v /var/run/docker.sock:/var/run/docker.sock \
  -v ~/docker-file-mapping/portainer:/data \
  portainer/portainer-ce

Enable Kubernetes on Docker

Read this tutorial

Watchtower

Watchtower monitors running containers and watches for changes to the images those containers were originally started from. When Watchtower detects that an image has changed, it automatically restarts the container using the new image. I use it in my local development where I would like to try out the latest built image.

docker run \
  --name watchtower \
  --rm -v /var/run/docker.sock:/var/run/docker.sock \
  -d v2tec/watchtower \
  --interval 30

Docker Slim

If you are worried about the size of your Docker images, you will be blown away by docker-slim.

The docker-slim utility uses static and dynamic analysis to create skinny image variants of your fat images. To use docker-slim, you have to download its binary from Github. Binaries are available for Linux and Mac. Once you download the binary, add it to your PATH.

MongoDB & Mongo Express

MongoDB Official Docker Image

Mongo Express Official Docker Image

Additional attempts:

1. Create a network.
2. Name this container as mongodb-server.
3. Map persistence data of MongoDB.
4. Map port (local machine port:container port): 27017:27017.

docker network create \
  --subnet 172.16.1.0/24 \
  --gateway 172.16.1.1 \
  mongo-dev-network

docker run \
  --name mongodb-server \
  -v ~/docker-file-mapping/mongodb-4.2.1:/data/db \
  -p 27017:27017 \
  --restart "always" \
  --network mongo-dev-network \
  --ip 172.16.1.2 \
  -d mongo:latest

docker run \
  --name mongo-express \
  --restart always \
  -p 27018:8081 \
  --restart "always" \
  -e ME_CONFIG_MONGODB_SERVER="mongodb-server" \
  -e ME_CONFIG_MONGODB_PORT=27017 \
  --network mongo-dev-network \
  --ip 172.16.1.3 \
  -d mongo-express:latest

Deploy MongoDB via docker stack deploy or docker-compose

Example stack.yml for mongo:

version: "3.7"

  mongodb-server:
    container_name: mongodb-server
    image: mongo:latest
    restart: always
    ports:
     - "27017:27017"
    #environment:
      #MONGO_INITDB_ROOT_USERNAME: root
      #MONGO_INITDB_ROOT_PASSWORD: root_user_password_here
    volumes:
      - ~/docker-file-mapping/mongodb-4.2.1:/data/db
    networks:
      mongo-dev-network:
        ipv4_address: 172.16.1.1

  mongo-express:
    container_name: mongo-express
    image: mongo-express:latest
    restart: always
    ports:
      - "27018:8081"
    environment:
      ME_CONFIG_MONGODB_SERVER: mongodb-server
      ME_CONFIG_MONGODB_PORT: 27017
      #ME_CONFIG_MONGODB_ADMINUSERNAME: root
      #ME_CONFIG_MONGODB_ADMINUSERNAME: root_user_password_here
    networks:
      mongo-dev-network:
        ipv4_address: 172.16.1.2

networks:
  mongo-dev-network:
    ipam:
      driver: default
      config:
        - subnet: "172.16.1.0/24"

Run docker stack deploy -c stack.yml mongo (or docker-compose -f stack.yml up), wait for it to initialize completely, and visit http://swarm-ip:8081, http://localhost:8081, or http://host-ip:8081 (as appropriate).

MySQL

MySQL Official Docker Image

Additional attempts:

1. Name this container as mysql-server.
2. Persistence storage data on local host directory: /Users/johnny/docker-file-mapping/mysql-8.0.18-1debian9.
3. Set the MySQL root password as: jm@mysql.
4. Map port (local machine port:container port): 3306:3306.

docker run \
  --name mysql-server \
  -v ~/docker-file-mapping/mysql-8.0.18-1debian9:/var/lib/mysql \
  -p 3306:3306 \
  --restart "always" \
  -e MYSQL_ROOT_PASSWORD="jm@mysql" \
  -d mysql:latest \
  --character-set-server=utf8mb4 \
  --collation-server=utf8mb4_unicode_ci \
  --general-log=1 \
  --general-log-file=/var/log/mysql/general-log.log

Deploy MySQL via docker stack deploy or docker-compose

Example stack.yml for mysql:

version: "3.7"

services:
  mysql-server:
    container_name: mysql-server
    image: mysql:latest
    ports:
     - "3306:3306"
    restart: always
    environment:
      MYSQL_ROOT_PASSWORD: "jm@mysql"
    volumes:
      - ~/docker-file-mapping/mysql-8.0.18-1debian9:/var/lib/mysql
    command: mysqld --character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_ci --general-log=1 --general-log-file=/var/log/mysql/general-log.log

  adminer:
    container_name: adminer
    image: adminer:latest
    restart: always
    ports:
      - 8306:8080

NGINX

NGINX Official Docker Image

Additional attempts:

1. Name this container as nginx-server.
2. Map static resource directory /Users/johnny/docker-file-mapping/nginx-1.17.6/static-resources to /usr/share/nginx/html.
3. Map NGINX configuration file: /Users/johnny/docker-file-mapping/nginx-1.17.6/default.conf.
4. Map port (local machine port:container port): 8081:80.

docker run \
  --name nginx-server \
  -v ~/docker-file-mapping/nginx-1.17.6/static-resources:/usr/share/nginx/html:ro \
  -v ~/docker-file-mapping/nginx-1.17.6/nginx.conf:/etc/nginx/nginx.conf:ro \
  -v ~/docker-file-mapping/nginx-1.17.6/mime.types:/etc/nginx/mime.types:ro \
  -v ~/docker-file-mapping/nginx-1.17.6/log:/var/log/nginx \
  -p 8081:80 \
  --restart "always" \
  -d nginx:latest

Deploy NGINX via docker stack deploy or docker-compose

Example stack.yml for nginx:

version: "3.7"

services:
  nginx-server:
    container_name: nginx-server
    image: nginx:latest
    ports:
     - "8081:80"
    restart: always
    volumes:
      - ~/docker-file-mapping/nginx-1.17.6/static-resources:/usr/share/nginx/html:ro
      - ~/docker-file-mapping/nginx-1.17.6/nginx.conf:/etc/nginx/nginx.conf:ro
      - ~/docker-file-mapping/nginx-1.17.6/mime.types:/etc/nginx/mime.types:ro
      - ~/docker-file-mapping/nginx-1.17.6/log:/var/log/nginx

Redis

Redis Official Docker Image

Additional attempts:

1. Name this container as redis-server.
2. Map data and configuration of Redis.
3. Specify the Redis configuration for startup.

docker run \
  --name redis-server \
  -v ~/docker-file-mapping/redis-5.0.7/data:/data \
  -v ~/docker-file-mapping/redis-5.0.7/redis.conf:/usr/local/etc/redis/redis.conf \
  -p 6379:6379 \
  --restart "always" \
  -d redis:latest \
  redis-server /usr/local/etc/redis/redis.conf

Deploy Redis via docker stack deploy or docker-compose

Example stack.yml for redis:

version: "3.7"

services:
  redis-server:
    container_name: redis-server
    image: redis:latest
    ports:
     - "6379:6379"
    restart: always
    volumes:
      - ~/docker-file-mapping/redis-5.0.7/data:/data
      - ~/docker-file-mapping/redis-5.0.7/redis.conf:/usr/local/etc/redis/redis.conf
    command: "redis-server /usr/local/etc/redis/redis.conf"

Atmoz SFTP

atmoz/sftp on Docker Hub

Additional attempts:

1. Name this container as atmoz-sftp-server.
2. Map data storage directory.
3. Expose port 23 on local host machine
4. Run customized command: johnny:atmoz@sftp:::upload. User Johnny with password atmoz@sftp can login with sftp and upload files to a folder called upload.

docker run \
  --name atmoz-sftp-server \
  -v ~/docker-file-mapping/atmoz-sftp:/home/johnny/upload \
  -p 23:22 \
  --restart "always" \
  -d atmoz/sftp \
  johnny:atmoz@sftp:::upload

Deploy Atmoz SFTP via docker stack deploy or docker-compose

Example stack.yml for redis:

version: "3.7"

services:
  atmoz-sftp-server:
    container_name: atmoz-sftp-server
    image: atmoz/sftp:latest
    ports:
     - "23:22"
    restart: always
    volumes:
      - ~/docker-file-mapping/atmoz-sftp:/home/johnny/upload
    command: "johnny:atmoz@sftp:::upload"

RabbitMQ

RabbitMQ on Docker Hub

Additional attempts:

1. Name this container as rabbit-mq-server.
2. Map data storage directory.
3. Expose port 8672, 5671, 5672 on local host machine.
4. Set default management user name as Johnny, and password as jm@rabbitmq.

Tips:

1. The configuration file of Rabbit MQ is: /etc/rabbitmq/rabbitmq.conf

   Configuration sample can be found on GitHub. It contains examples of most of the configuration items you might want to set (with some very obscure ones omitted), along with documentation for those settings.

docker run \
  --hostname rabbit-mq-server \
  --name rabbit-mq-server \
  -v ~/docker-file-mapping/rabbitmq:/var/lib/rabbitmq \
  -p 8672:15672 \
  -p 5671:5671 \
  -p 5672:5672 \
  -e RABBITMQ_DEFAULT_USER=johnny \
  -e RABBITMQ_DEFAULT_PASS=jm@rabbitmq \
  -d rabbitmq:3-management

Deploy RabbitMQ Server via docker stack deploy or docker-compose

version: "3.7"

services:
  rabbit-mq-server:
    container_name: rabbit-mq-server
    image: rabbitmq:3-management
    ports:
     - "8672:15672"
     - "5671:5671"
     - "5672:5672"
    restart: always
    environment:
      RABBITMQ_DEFAULT_USER: "johnny"
      RABBITMQ_DEFAULT_PASS: "jm@rabbitmq"
    volumes:
      - ~/docker-file-mapping/rabbitmq:/var/lib/rabbitmq

openzipkin/zipkin

This is the authoritative image for zipkin, a distributed tracing system.

Official Docker Image

docker run \
  --name zipkin \
  -p 9411:9411 \
  -d openzipkin/zipkin

Deploy zipkin via docker stack deploy or docker-compose

version: "3.7"

services:
  zipkin:
    container_name: openzipkin/zipkin
    image: openzipkin/zipkin
    # Environment settings are defined here https://github.com/openzipkin/zipkin/blob/master/zipkin-server/README.md#environment-variables
    environment:
      # - STORAGE_TYPE=mysql
      # Point the zipkin at the storage backend
      # - MYSQL_HOST=mysql
      # Uncomment to enable scribe
      # - SCRIBE_ENABLED=true
      # Uncomment to enable self-tracing
      # - SELF_TRACING_ENABLED=true
      # Uncomment to enable debug logging
      # - JAVA_OPTS=-Dlogging.level.zipkin2=DEBUG
    ports:
      # Port used for the Zipkin UI and HTTP Api
      - 9411:9411
      # Uncomment if you set SCRIBE_ENABLED=true
      # - 9410:9410

docker-initialization-for-windows.md

Docker Image Initialization (Windows 10)

Portainer

docker run -d -p 8000:8000 -p 9001:9000 --name portainer --restart always -v //var/run/docker.sock:/var/run/docker.sock -v C:/Users/Johnny/docker-file-mapping/portainer-ce:/data portainer/portainer-ce

MySQL

docker run -p 3306:3306 --name mysql-server-development --restart "always" -v C:/Users/Johnny/docker-file-mapping/mysql-server-development:/var/lib/mysql -e MYSQL_ROOT_PASSWORD=jm@mysql -d mysql:latest --character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_ci --general-log=1 --general-log-file=/var/log/mysql/general-log.log