Docker cheat sheet: Difference between revisions

From Coolscript
Jump to navigation Jump to search
(Created page with "==Various Commands== List container docker container ls -a DELETE ALL IMAGES docker rmi $(docker images -a -q) View Logs of a specific container docker logs foo *Remov...")
 
Line 335: Line 335:
=VBind Mount=
=VBind Mount=
*Mention to chown local data dir to appropriate users
*Mention to chown local data dir to appropriate users
=Recovery special, example for Splunk=
*cat /etc/passwd
splunk:x:41812:41812::/home/splunk:/bin/bash
*Create the splunk user on the physical host
addgroup splunk --gid 41812
adduser splunk --uid 41812 --gid 41812
*Create volume
docker volume create docker_splunk-etc
docker volume create docker_splunk-var
*Mount helper container
docker run -v docker_splunk-etc:/opt/splunk/etc -v docker_splunk-var:/opt/splunk/var --name shrestore -itd debian:stable-slim /bin/bash
*Switch into the newly container '''docker exec -it shrestore bash'''
addgroup splunk --gid 41812
adduser splunk --uid 41812 --gid 41812
chown  splunk /opt/splunk -R
*Copy the tar archives from the host
docker cp /home/vmadmin/restore/backup/docker/volumes/docker_splunk-etc.tar.gz shrestore:/tmp/docker_splunk-etc.etc.gz
docker cp /home/vmadmin/restore/backup/docker/volumes/docker_splunk-var.tar.gz shrestore:/tmp/docker_splunk-var.tar.gz
*Then uncompress them
docker exec -it -u splunk shrestore bash -c "cd /opt/splunk/etc && tar xvf /tmp/docker_splunk-etc.etc.gz --strip 1 "
docker exec -it -u splunk shrestore bash -c "cd /opt/splunk/var && tar xvf /tmp/docker_splunk-var.tar.gz --strip 1 "

Revision as of 19:17, 24 June 2023

Various Commands

List container

docker container ls -a

DELETE ALL IMAGES

docker rmi $(docker images -a -q) 

View Logs of a specific container

docker logs foo
  • Remove Container
docker rm foo
  • Stop all containers
docker stop $(docker ps -a -q)
  • Remove all containers
docker rm $(docker ps -a -q)
or
docker container ls -aq | xargs docker container rm
  • Remove all images
docker rmi $(docker images -a -q)
  • Clean
docker container prune
docker image prune -a
docker volume prune 


  • List volume size
docker system df

delete Script

#!/bin/bash
docker stop $(docker ps -a -q)
docker rm $(docker ps -a -q)
yes | docker rmi $(docker images -a -q)
yes | docker container prune
yes | docker image prune -a
yes | docker volume prune

Create an easy Ubuntu Container

  • Search for various releases
docker search ubuntu
  • Build container and use interactive with bash
docker create --name=foo -it ubuntu bash
  • Then start the container
docker start foo
  • Then attach to the container, note that this will only work because we have an interactive bash behind
    • To exit and stop the container use CTRL + D
    • To exit only use CTRL + P + Q
docker attach foo
  • Alternative run the new Ubuntu container in one shot and attach to it, this will automatically install the image if not already present
    • To exit and stop the container use CTRL + D
    • To exit only use CTRL + P + Q
docker run --name=foo -it ubuntu bash
  • Or run detached:
docker run --name=foo -itd ubuntu bash
  • And then attach
docker attach ubuntu

Build an easy Apache2 Container

Create the Dockerfile

root@vm-docker01:~/# mkdir apache
root@vm-docker01:~/#  cd apache
root@vm-docker01:~/apache# echo "#Dockerfile sample
#Choose ubuntu or debian
FROM ubuntu
#These images have no apt cache installed yet
RUN apt-get update
#Install apache2 
RUN apt-get install apache2-utils apache2 --assume-yes
#Here comes the most important part as we need to init an entrypoint for the container,
#if you don't do this then the container will exit right away
CMD [\"-D\", \"FOREGROUND\"]
ENTRYPOINT [\"apachectl\"]" > Dockerfile

Build the Image

  • Build a new image named apache_image:1.0, note the dot at the end as this expects the Dockerfile within the current directory
root@vm-docker01:~/apache# docker build -t apache_image:1.0 . 
Sending build context to Docker daemon  18.94kB
Step 1/6 : FROM ubuntu
 ---> a8780b506fa4
Step 2/6 : RUN apt-get update
 ---> Running in 2021ece81156
Get:1 http://archive.ubuntu.com/ubuntu jammy InRelease [270 kB]
Get:2 http://security.ubuntu.com/ubuntu jammy-security InRelease [110 kB]
...
...
Fetched 24.6 MB in 2s (12.6 MB/s)
Reading package lists...
Removing intermediate container 2021ece81156
---> 7e2028ae926a
Step 3/6 : RUN apt-get install apache2 --assume-yes
 ---> Running in 7462500da559
Reading package lists...
Building dependency tree...
Reading state information...
The following additional packages will be installed:
  apache2-bin apache2-data apache2-utils bzip2 ca-certificates file libapr1
...
...
The following NEW packages will be installed:
  apache2 apache2-bin apache2-data apache2-utils bzip2 ca-certificates file
...
...
Get:1 http://archive.ubuntu.com/ubuntu jammy-updates/main amd64 perl-modules-5.34 all 5.34.0-3ubuntu1.1 [2976 kB]
Get:2 http://archive.ubuntu.com/ubuntu jammy/main amd64 libgdbm6 amd64 1.23-1 [33.9 kB]
...
...
Removing intermediate container 7462500da559
 ---> 4df992b99ae5
Step 4/6 : RUN apt-get install apache2-utils --assume-yes
 ---> Running in e11af1c7cd8d
Reading package lists...
Building dependency tree...
Reading state information...
apache2-utils is already the newest version (2.4.52-1ubuntu4.2).
apache2-utils set to manually installed.
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
Removing intermediate container e11af1c7cd8d
 ---> 800f1b355425
Step 5/6 : CMD ["-D", "FOREGROUND"]
 ---> Running in 76635350d8dd
Removing intermediate container 76635350d8dd
 ---> b24fa728d6d7
Step 6/6 : ENTRYPOINT ["apachectl"]
 ---> Running in 5d642bc0312a
Removing intermediate container 5d642bc0312a
 ---> fccb8e6a0568
Successfully built fccb8e6a0568
Successfully tagged apache_image:1.0
  • Check to see if the image is present
root@vm-docker01:~/apache# docker image ls 
CONTAINER ID   IMAGE     COMMAND   CREATED   STATUS    PORTS     NAMES
apache_image   1.0       fccb8e6a0568   8 minutes ago   225MB
ubuntu         latest    a8780b506fa4   2 weeks ago     77.8MB

Start the new buildet image

  • Note the -d flag which says that the container runs detached and note that we map the container port 80 to the real host port 80
root@vm-docker01:~/apache# docker run --name myapache -d -p 80:80 apache_image:1.0
b4865c05a704055bb3bf080a58f1ee33334b0197bec4d89ce76e4995856879dc
  • Note the entrypoint/command which we have specified
root@vm-docker01:~/apache# docker container ls
CONTAINER ID   IMAGE              COMMAND                  CREATED          STATUS          PORTS                NAMES
b4865c05a704   apache_image:1.0   "apachectl -D FOREGR…"   51 seconds ago   Up 50 seconds   0.0.0.0:80->80/tcp   myapache

Connect to the container

  • Do not use the docker attach myapache method as the entrypoint will lead into a dead terminal, instead use the interactive method and start a bash
    • To exit and stop the container use CTRL + D
    • To exit only use CTRL + P + Q
root@vm-docker01:~/apache# docker exec -it myapache bash
root@b4865c05a704:/# ps -e
   PID TTY          TIME CMD
     1 ?        00:00:00 apachectl
    15 ?        00:00:00 apache2
    16 ?        00:00:00 apache2
    17 ?        00:00:00 apache2
    72 pts/0    00:00:00 bash
    80 pts/0    00:00:00 ps
  • Now the webserver should be reachable through the network
root@vm-docker01:~/apache# netstat -tpan | grep 80
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      160554/docker-proxy

Create an easy mysql container

  • Create a password file
root@vm-docker01:~# mkdir ./secrets
root@vm-docker01:~# echo "Passwd" > ./secrets/mysql-root-password
  • Create the mysql container using the above passwd file, alos create an extra volume to keep the database persistant
root@vm-docker01:~# docker run --name mysql -d \
-p 3306:3306 \
-e MYSQL_ROOT_PASSWORD_FILE=/run/secrets/mysql-root-password \
-v /root/secrets:/run/secrets \
-v mysql:/var/lib/mysql \
mysql:8
  • Connect to the container and run mysql, you can the create your database, user and so on
root@vm-docker01:~# docker exec -it mysql mysql -p
Your MySQL connection id is 8
Server version: 8.0.31 MySQL Community Server - GPL

Copyright (c) 2000, 2022, Oracle and/or its affiliates.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql> create database mydatabase;
Query OK, 1 row affected (0.03 sec)

mysql> CREATE USER 'myuser'@'%' IDENTIFIED BY 'mypwd';
Query OK, 0 rows affected (0.03 sec)

mysql> GRANT ALL PRIVILEGES ON mydatabase.* TO 'myuser'@'%';
Query OK, 0 rows affected (0.01 sec)

mysql> ALTER USER 'myuser'@'%' IDENTIFIED WITH mysql_native_password BY 'mypwd';
Query OK, 0 rows affected (0.01 sec)

mysql> quit


  • Mysql is now ready on port 3306
root@vm-dev01:~# docker container ls
CONTAINER ID   IMAGE     COMMAND                  CREATED         STATUS         PORTS                                                  NAMES
62b28b965c54   mysql:8   "docker-entrypoint.s…"   9 minutes ago   Up 8 minutes   0.0.0.0:3306->3306/tcp, :::3306->3306/tcp, 33060/tcp   mysql


Build an easy msql container

root@vm-docker01:~/# mkdir mysql
root@vm-docker01:~/#  cd mysql
  • Create a sample sql init script which we run during the container init
root@vm-docker01:~/mysql # echo "#mysql script sample
create database mydatabase;
CREATE USER 'myuser'@'%' IDENTIFIED BY 'mypwd';
GRANT ALL PRIVILEGES ON mydatabase.* TO 'myuser'@'%';
ALTER USER 'myuser'@'%' IDENTIFIED WITH mysql_native_password BY 'mypwd'; "> init.sql
root@vm-docker01:~/mysql # echo "#Dockerfile sample
#Get the mysql version 8 image
FROM mysql:8
#Set the root pw during init, alternative use the /run/secrets option from above
ENV MYSQL_ROOT_PASSWORD=Pass123
#Copy one or more sql init files to the container entrypoint
COPY init.sql /docker-entrypoint-initdb.d/" > Dockerfile
  • Build the msql Image
root@vm-docker01:~/mysql# docker build -t mysql_image:1.0 .
Sending build context to Docker daemon  3.072kB
Step 1/3 : FROM mysql:8
8: Pulling from library/mysql
0bb5c0c24818: Pull complete
...
ad655e218e12: Pull complete
Digest: sha256:96439dd0d8d085cd90c8001be2c9dde07b8a68b472bd20efcbe3df78cff66492
Status: Downloaded newer image for mysql:8
 ---> 3842e9cdffd2
Step 2/3 : ENV MYSQL_ROOT_PASSWORD=Pass123
 ---> Running in 655ef85c56db
Removing intermediate container 655ef85c56db
 ---> 208553d8cba2
Step 3/3 : COPY init.sql /docker-entrypoint-initdb.d/
 ---> 1cc6b668c6e1
Successfully built 1cc6b668c6e1
Successfully tagged mysql_image:1.0
  • Run the new container
root@vm-docker01:~/mysql# docker run --name mysql -d -p 3306:3306 mysql_image:1.0
ade81568e9e77b8c87834f3422f23886e8b7251a8f3402f85d4d7f31c2877fcd
root@vm-docker01:~/mysql# docker container ls
CONTAINER ID   IMAGE             COMMAND                  CREATED         STATUS         PORTS                                                  NAMES
ade81568e9e7   mysql_image:1.0   "docker-entrypoint.s…"   2 minutes ago   Up 2 minutes   0.0.0.0:3306->3306/tcp, :::3306->3306/tcp, 33060/tcp   mysql


Using docker-compose

This would be the docker-compose.yml file to build the above apache and mysql container

  • To build
    • docker-compose build
    • docker-compose build -d MyProjectName (Otherwise the current directory will be used to prefix volumes)
  • To View
    • docker-compose logs
    • docker-compose logs -f
  • To start/stop
    • docker-compose up -d
    • docker-compose down
version: '3.0'
services:
  apache:
    image: "apache_image:1.0"
    container_name: apache
    hostname: apache
    build:
      context: ./apache
    ports:
      - "80:80"

  mysql:
    image: "mysql_image:1.0"
    container_name: mysql
    hostname: mysql
    volumes:
     - mysql:/var/lib/mysql
    build:
      context: ./mysql
    ports:
      - "3306:3306"

volumes:
  mysql: null

Backup/Restore

Backup Volume

  • Create a temporary Container and mount the volume, make sure that no one else is suing the volume
docker run -v <volume_name>:/dbdata --name dbstore -itd ubuntu /bin/bash
  • Backup the data
docker run --rm --volumes-from dbstore -v $(pwd):/backup ubuntu tar cvf /backup/backup.tar /dbdata
Or gz
docker run --rm --volumes-from dbstore -v $(pwd):/backup ubuntu tar czvf /backup/backup.tar.gz /dbdata

Restore Volume

  • Create a temporary Container and mount the volume, make sure that no one else is suing the volume
docker run -v <volume_name>:/dbdata --name dbstore2 -itd ubuntu /bin/bash
docker run --rm --volumes-from dbstore2 -v $(pwd):/backup ubuntu bash -c "cd /dbdata && tar xvf /backup/backup.tar --strip 1"

Backup Image

docker save mysql_image:1.0 apache_image:1.0 -o mybackup.tar.gz

Restore Image

docker load -i mybackup.tar.gz

VARS

  • Sample

ARG MY_JAR=myJar.jar # ARG is only available during the build of a Docker image COPY bin/$MY_JAR $ORACLE_HOME/user_projects/domains/$DOMAIN_NAME/lib/ COPY bin/$MY_JAR $ORACLE_HOME/wlserver/server/lib/mbeantypes/

VBind Mount

  • Mention to chown local data dir to appropriate users

Recovery special, example for Splunk

  • cat /etc/passwd
splunk:x:41812:41812::/home/splunk:/bin/bash
  • Create the splunk user on the physical host
addgroup splunk --gid 41812
adduser splunk --uid 41812 --gid 41812

  • Create volume
docker volume create docker_splunk-etc
docker volume create docker_splunk-var
  • Mount helper container
docker run -v docker_splunk-etc:/opt/splunk/etc -v docker_splunk-var:/opt/splunk/var --name shrestore -itd debian:stable-slim /bin/bash
  • Switch into the newly container docker exec -it shrestore bash
addgroup splunk --gid 41812
adduser splunk --uid 41812 --gid 41812
chown  splunk /opt/splunk -R
  • Copy the tar archives from the host
docker cp /home/vmadmin/restore/backup/docker/volumes/docker_splunk-etc.tar.gz shrestore:/tmp/docker_splunk-etc.etc.gz
docker cp /home/vmadmin/restore/backup/docker/volumes/docker_splunk-var.tar.gz shrestore:/tmp/docker_splunk-var.tar.gz
  • Then uncompress them
docker exec -it -u splunk shrestore bash -c "cd /opt/splunk/etc && tar xvf /tmp/docker_splunk-etc.etc.gz --strip 1 "
docker exec -it -u splunk shrestore bash -c "cd /opt/splunk/var && tar xvf /tmp/docker_splunk-var.tar.gz --strip 1 "