Docker cheat sheet: Difference between revisions
Jump to navigation
Jump to search
(Created page with "==Various Commands== List container docker container ls -a DELETE ALL IMAGES docker rmi $(docker images -a -q) View Logs of a specific container docker logs foo *Remov...") |
|||
Line 335: | Line 335: | ||
=VBind Mount= | =VBind Mount= | ||
*Mention to chown local data dir to appropriate users | *Mention to chown local data dir to appropriate users | ||
=Recovery special, example for Splunk= | |||
*cat /etc/passwd | |||
splunk:x:41812:41812::/home/splunk:/bin/bash | |||
*Create the splunk user on the physical host | |||
addgroup splunk --gid 41812 | |||
adduser splunk --uid 41812 --gid 41812 | |||
*Create volume | |||
docker volume create docker_splunk-etc | |||
docker volume create docker_splunk-var | |||
*Mount helper container | |||
docker run -v docker_splunk-etc:/opt/splunk/etc -v docker_splunk-var:/opt/splunk/var --name shrestore -itd debian:stable-slim /bin/bash | |||
*Switch into the newly container '''docker exec -it shrestore bash''' | |||
addgroup splunk --gid 41812 | |||
adduser splunk --uid 41812 --gid 41812 | |||
chown splunk /opt/splunk -R | |||
*Copy the tar archives from the host | |||
docker cp /home/vmadmin/restore/backup/docker/volumes/docker_splunk-etc.tar.gz shrestore:/tmp/docker_splunk-etc.etc.gz | |||
docker cp /home/vmadmin/restore/backup/docker/volumes/docker_splunk-var.tar.gz shrestore:/tmp/docker_splunk-var.tar.gz | |||
*Then uncompress them | |||
docker exec -it -u splunk shrestore bash -c "cd /opt/splunk/etc && tar xvf /tmp/docker_splunk-etc.etc.gz --strip 1 " | |||
docker exec -it -u splunk shrestore bash -c "cd /opt/splunk/var && tar xvf /tmp/docker_splunk-var.tar.gz --strip 1 " |
Revision as of 19:17, 24 June 2023
Various Commands
List container
docker container ls -a
DELETE ALL IMAGES
docker rmi $(docker images -a -q)
View Logs of a specific container
docker logs foo
- Remove Container
docker rm foo
- Stop all containers
docker stop $(docker ps -a -q)
- Remove all containers
docker rm $(docker ps -a -q) or docker container ls -aq | xargs docker container rm
- Remove all images
docker rmi $(docker images -a -q)
- Clean
docker container prune docker image prune -a docker volume prune
- List volume size
docker system df
delete Script
#!/bin/bash docker stop $(docker ps -a -q) docker rm $(docker ps -a -q) yes | docker rmi $(docker images -a -q) yes | docker container prune yes | docker image prune -a yes | docker volume prune
Create an easy Ubuntu Container
- Search for various releases
docker search ubuntu
- Build container and use interactive with bash
docker create --name=foo -it ubuntu bash
- Then start the container
docker start foo
- Then attach to the container, note that this will only work because we have an interactive bash behind
- To exit and stop the container use CTRL + D
- To exit only use CTRL + P + Q
docker attach foo
- Alternative run the new Ubuntu container in one shot and attach to it, this will automatically install the image if not already present
- To exit and stop the container use CTRL + D
- To exit only use CTRL + P + Q
docker run --name=foo -it ubuntu bash
- Or run detached:
docker run --name=foo -itd ubuntu bash
- And then attach
docker attach ubuntu
Build an easy Apache2 Container
Create the Dockerfile
root@vm-docker01:~/# mkdir apache
root@vm-docker01:~/# cd apache
root@vm-docker01:~/apache# echo "#Dockerfile sample #Choose ubuntu or debian FROM ubuntu #These images have no apt cache installed yet RUN apt-get update #Install apache2 RUN apt-get install apache2-utils apache2 --assume-yes #Here comes the most important part as we need to init an entrypoint for the container, #if you don't do this then the container will exit right away CMD [\"-D\", \"FOREGROUND\"] ENTRYPOINT [\"apachectl\"]" > Dockerfile
Build the Image
- Build a new image named apache_image:1.0, note the dot at the end as this expects the Dockerfile within the current directory
root@vm-docker01:~/apache# docker build -t apache_image:1.0 . Sending build context to Docker daemon 18.94kB Step 1/6 : FROM ubuntu ---> a8780b506fa4 Step 2/6 : RUN apt-get update ---> Running in 2021ece81156 Get:1 http://archive.ubuntu.com/ubuntu jammy InRelease [270 kB] Get:2 http://security.ubuntu.com/ubuntu jammy-security InRelease [110 kB] ... ... Fetched 24.6 MB in 2s (12.6 MB/s) Reading package lists... Removing intermediate container 2021ece81156 ---> 7e2028ae926a Step 3/6 : RUN apt-get install apache2 --assume-yes ---> Running in 7462500da559 Reading package lists... Building dependency tree... Reading state information... The following additional packages will be installed: apache2-bin apache2-data apache2-utils bzip2 ca-certificates file libapr1 ... ... The following NEW packages will be installed: apache2 apache2-bin apache2-data apache2-utils bzip2 ca-certificates file ... ... Get:1 http://archive.ubuntu.com/ubuntu jammy-updates/main amd64 perl-modules-5.34 all 5.34.0-3ubuntu1.1 [2976 kB] Get:2 http://archive.ubuntu.com/ubuntu jammy/main amd64 libgdbm6 amd64 1.23-1 [33.9 kB] ... ... Removing intermediate container 7462500da559 ---> 4df992b99ae5 Step 4/6 : RUN apt-get install apache2-utils --assume-yes ---> Running in e11af1c7cd8d Reading package lists... Building dependency tree... Reading state information... apache2-utils is already the newest version (2.4.52-1ubuntu4.2). apache2-utils set to manually installed. 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. Removing intermediate container e11af1c7cd8d ---> 800f1b355425 Step 5/6 : CMD ["-D", "FOREGROUND"] ---> Running in 76635350d8dd Removing intermediate container 76635350d8dd ---> b24fa728d6d7 Step 6/6 : ENTRYPOINT ["apachectl"] ---> Running in 5d642bc0312a Removing intermediate container 5d642bc0312a ---> fccb8e6a0568 Successfully built fccb8e6a0568 Successfully tagged apache_image:1.0
- Check to see if the image is present
root@vm-docker01:~/apache# docker image ls CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES apache_image 1.0 fccb8e6a0568 8 minutes ago 225MB ubuntu latest a8780b506fa4 2 weeks ago 77.8MB
Start the new buildet image
- Note the -d flag which says that the container runs detached and note that we map the container port 80 to the real host port 80
root@vm-docker01:~/apache# docker run --name myapache -d -p 80:80 apache_image:1.0 b4865c05a704055bb3bf080a58f1ee33334b0197bec4d89ce76e4995856879dc
- Note the entrypoint/command which we have specified
root@vm-docker01:~/apache# docker container ls CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES b4865c05a704 apache_image:1.0 "apachectl -D FOREGR…" 51 seconds ago Up 50 seconds 0.0.0.0:80->80/tcp myapache
Connect to the container
- Do not use the docker attach myapache method as the entrypoint will lead into a dead terminal, instead use the interactive method and start a bash
- To exit and stop the container use CTRL + D
- To exit only use CTRL + P + Q
root@vm-docker01:~/apache# docker exec -it myapache bash root@b4865c05a704:/# ps -e PID TTY TIME CMD 1 ? 00:00:00 apachectl 15 ? 00:00:00 apache2 16 ? 00:00:00 apache2 17 ? 00:00:00 apache2 72 pts/0 00:00:00 bash 80 pts/0 00:00:00 ps
- Now the webserver should be reachable through the network
root@vm-docker01:~/apache# netstat -tpan | grep 80 tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 160554/docker-proxy
Create an easy mysql container
- Create a password file
root@vm-docker01:~# mkdir ./secrets root@vm-docker01:~# echo "Passwd" > ./secrets/mysql-root-password
- Create the mysql container using the above passwd file, alos create an extra volume to keep the database persistant
root@vm-docker01:~# docker run --name mysql -d \ -p 3306:3306 \ -e MYSQL_ROOT_PASSWORD_FILE=/run/secrets/mysql-root-password \ -v /root/secrets:/run/secrets \ -v mysql:/var/lib/mysql \ mysql:8
- Connect to the container and run mysql, you can the create your database, user and so on
root@vm-docker01:~# docker exec -it mysql mysql -p Your MySQL connection id is 8 Server version: 8.0.31 MySQL Community Server - GPL Copyright (c) 2000, 2022, Oracle and/or its affiliates. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. mysql> create database mydatabase; Query OK, 1 row affected (0.03 sec) mysql> CREATE USER 'myuser'@'%' IDENTIFIED BY 'mypwd'; Query OK, 0 rows affected (0.03 sec) mysql> GRANT ALL PRIVILEGES ON mydatabase.* TO 'myuser'@'%'; Query OK, 0 rows affected (0.01 sec) mysql> ALTER USER 'myuser'@'%' IDENTIFIED WITH mysql_native_password BY 'mypwd'; Query OK, 0 rows affected (0.01 sec) mysql> quit
- Mysql is now ready on port 3306
root@vm-dev01:~# docker container ls CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 62b28b965c54 mysql:8 "docker-entrypoint.s…" 9 minutes ago Up 8 minutes 0.0.0.0:3306->3306/tcp, :::3306->3306/tcp, 33060/tcp mysql
Build an easy msql container
root@vm-docker01:~/# mkdir mysql root@vm-docker01:~/# cd mysql
- Create a sample sql init script which we run during the container init
root@vm-docker01:~/mysql # echo "#mysql script sample create database mydatabase; CREATE USER 'myuser'@'%' IDENTIFIED BY 'mypwd'; GRANT ALL PRIVILEGES ON mydatabase.* TO 'myuser'@'%'; ALTER USER 'myuser'@'%' IDENTIFIED WITH mysql_native_password BY 'mypwd'; "> init.sql
root@vm-docker01:~/mysql # echo "#Dockerfile sample #Get the mysql version 8 image FROM mysql:8 #Set the root pw during init, alternative use the /run/secrets option from above ENV MYSQL_ROOT_PASSWORD=Pass123 #Copy one or more sql init files to the container entrypoint COPY init.sql /docker-entrypoint-initdb.d/" > Dockerfile
- Build the msql Image
root@vm-docker01:~/mysql# docker build -t mysql_image:1.0 . Sending build context to Docker daemon 3.072kB Step 1/3 : FROM mysql:8 8: Pulling from library/mysql 0bb5c0c24818: Pull complete ... ad655e218e12: Pull complete Digest: sha256:96439dd0d8d085cd90c8001be2c9dde07b8a68b472bd20efcbe3df78cff66492 Status: Downloaded newer image for mysql:8 ---> 3842e9cdffd2 Step 2/3 : ENV MYSQL_ROOT_PASSWORD=Pass123 ---> Running in 655ef85c56db Removing intermediate container 655ef85c56db ---> 208553d8cba2 Step 3/3 : COPY init.sql /docker-entrypoint-initdb.d/ ---> 1cc6b668c6e1 Successfully built 1cc6b668c6e1 Successfully tagged mysql_image:1.0
- Run the new container
root@vm-docker01:~/mysql# docker run --name mysql -d -p 3306:3306 mysql_image:1.0 ade81568e9e77b8c87834f3422f23886e8b7251a8f3402f85d4d7f31c2877fcd
root@vm-docker01:~/mysql# docker container ls CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES ade81568e9e7 mysql_image:1.0 "docker-entrypoint.s…" 2 minutes ago Up 2 minutes 0.0.0.0:3306->3306/tcp, :::3306->3306/tcp, 33060/tcp mysql
Using docker-compose
This would be the docker-compose.yml file to build the above apache and mysql container
- To build
- docker-compose build
- docker-compose build -d MyProjectName (Otherwise the current directory will be used to prefix volumes)
- To View
- docker-compose logs
- docker-compose logs -f
- To start/stop
- docker-compose up -d
- docker-compose down
version: '3.0' services: apache: image: "apache_image:1.0" container_name: apache hostname: apache build: context: ./apache ports: - "80:80" mysql: image: "mysql_image:1.0" container_name: mysql hostname: mysql volumes: - mysql:/var/lib/mysql build: context: ./mysql ports: - "3306:3306" volumes: mysql: null
Backup/Restore
Backup Volume
- Create a temporary Container and mount the volume, make sure that no one else is suing the volume
docker run -v <volume_name>:/dbdata --name dbstore -itd ubuntu /bin/bash
- Backup the data
docker run --rm --volumes-from dbstore -v $(pwd):/backup ubuntu tar cvf /backup/backup.tar /dbdata Or gz docker run --rm --volumes-from dbstore -v $(pwd):/backup ubuntu tar czvf /backup/backup.tar.gz /dbdata
Restore Volume
- Create a temporary Container and mount the volume, make sure that no one else is suing the volume
docker run -v <volume_name>:/dbdata --name dbstore2 -itd ubuntu /bin/bash docker run --rm --volumes-from dbstore2 -v $(pwd):/backup ubuntu bash -c "cd /dbdata && tar xvf /backup/backup.tar --strip 1"
Backup Image
docker save mysql_image:1.0 apache_image:1.0 -o mybackup.tar.gz
Restore Image
docker load -i mybackup.tar.gz
VARS
- Sample
ARG MY_JAR=myJar.jar # ARG is only available during the build of a Docker image COPY bin/$MY_JAR $ORACLE_HOME/user_projects/domains/$DOMAIN_NAME/lib/ COPY bin/$MY_JAR $ORACLE_HOME/wlserver/server/lib/mbeantypes/
VBind Mount
- Mention to chown local data dir to appropriate users
Recovery special, example for Splunk
- cat /etc/passwd
splunk:x:41812:41812::/home/splunk:/bin/bash
- Create the splunk user on the physical host
addgroup splunk --gid 41812 adduser splunk --uid 41812 --gid 41812
- Create volume
docker volume create docker_splunk-etc docker volume create docker_splunk-var
- Mount helper container
docker run -v docker_splunk-etc:/opt/splunk/etc -v docker_splunk-var:/opt/splunk/var --name shrestore -itd debian:stable-slim /bin/bash
- Switch into the newly container docker exec -it shrestore bash
addgroup splunk --gid 41812 adduser splunk --uid 41812 --gid 41812 chown splunk /opt/splunk -R
- Copy the tar archives from the host
docker cp /home/vmadmin/restore/backup/docker/volumes/docker_splunk-etc.tar.gz shrestore:/tmp/docker_splunk-etc.etc.gz docker cp /home/vmadmin/restore/backup/docker/volumes/docker_splunk-var.tar.gz shrestore:/tmp/docker_splunk-var.tar.gz
- Then uncompress them
docker exec -it -u splunk shrestore bash -c "cd /opt/splunk/etc && tar xvf /tmp/docker_splunk-etc.etc.gz --strip 1 " docker exec -it -u splunk shrestore bash -c "cd /opt/splunk/var && tar xvf /tmp/docker_splunk-var.tar.gz --strip 1 "