Docker.io Howto

From Cactus Howto
Jump to navigationJump to search

Documentation

Basics

A running instance of an image is called container. You can make changes to a container (e.g. delete a file), but these changes will not affect the image. However, you can create a new image from a running container (and all it changes) using docker commit <container-id> <image-name>.

Setup

sample docker running under Ubuntu 14.04.1:

itsecorg@pbuilder:~$ sudo aptitude install docker.io

Set proxy for docker:

itsecorg@pbuilder:~$ grep http_proxy /etc/default/docker.io
export http_proxy="http://proxy.int.cactus.de:8080/"
sudo service docker.io restart

Remove all images and containers:

tim@pbuilder:~/dock1$ cat remove_all.sh
#!/bin/bash
# Delete all containers
docker rm $(docker ps -a -q)
# Delete all images
docker rmi $(docker images -q)
tim@pbuilder:~/dock1$

Image and Container Handling

Search images

sudo docker search -s 10 "ubuntu"
NAME                                     DESCRIPTION                                     STARS     OFFICIAL   AUTOMATED
ubuntu                                   Official Ubuntu base image                      934       [OK]
dockerfile/ubuntu                        Trusted automated Ubuntu (http://www.ubunt...   32                   [OK]
crashsystems/gitlab-docker               A trusted, regularly updated build of GitL...   21                   [OK]
ansible/ubuntu14.04-ansible              Ubuntu 14.04 LTS with ansible                   21                   [OK]
clue/ttrss                               The Tiny Tiny RSS feed reader allows you t...   19                   [OK]
mbentley/ubuntu-django-uwsgi-nginx                                                       17                   [OK]
sylvainlasnier/memcached                 Memcached docker images based on Ubuntu 14...   17                   [OK]
ubuntu-upstart                           Upstart is an event-based replacement for ...   16        [OK]
dockerfile/ubuntu-desktop                Trusted automated Ubuntu Desktop (LXDE) (h...   14                   [OK]
tutum/ubuntu                             Ubuntu image with SSH access. For the root...   13                   [OK]
tinyerp/ubuntu-openerp                   Run OpenERP on Ubuntu - September 2014          10
itsecorg@pbuilder:~$

Install / list / remove images

sudo docker pull ubuntu

Display installed images:

itsecorg@pbuilder:~$ sudo docker images ubuntu
REPOSITORY          TAG                 IMAGE ID            CREATED             VIRTUAL SIZE
ubuntu              utopic              277eb4304907        3 weeks ago         228.5 MB
ubuntu              14.10               277eb4304907        3 weeks ago         228.5 MB
ubuntu              14.04               5506de2b643b        3 weeks ago         199.3 MB
ubuntu              14.04.1             5506de2b643b        3 weeks ago         199.3 MB
ubuntu              latest              5506de2b643b        3 weeks ago         199.3 MB
ubuntu              trusty              5506de2b643b        3 weeks ago         199.3 MB
ubuntu              12.04               0b310e6bf058        3 weeks ago         126.7 MB
ubuntu              12.04.5             0b310e6bf058        3 weeks ago         126.7 MB
ubuntu              precise             0b310e6bf058        3 weeks ago         126.7 MB
ubuntu              12.10               c5881f11ded9        4 months ago        172.2 MB
ubuntu              quantal             c5881f11ded9        4 months ago        172.2 MB
ubuntu              13.04               463ff6be4238        4 months ago        169.4 MB
ubuntu              raring              463ff6be4238        4 months ago        169.4 MB
ubuntu              13.10               195eb90b5349        4 months ago        184.7 MB
ubuntu              saucy               195eb90b5349        4 months ago        184.7 MB
ubuntu              10.04               3db9c44f4520        6 months ago        183 MB
ubuntu              lucid               3db9c44f4520        6 months ago        183 MB
itsecorg@pbuilder:~$

Remove

Remove Container

itsecorg@pbuilder:~$ sudo docker rm busybox

Remove Image(s)

itsecorg@pbuilder:~$ sudo docker rmi 0b310e6bf058 c5881f11ded9  463ff6be4238 195eb90b5349 3db9c44f4520


Better:

sudo docker pull ubuntu:14.04.1
itsecorg@pbuilder:~$ sudo docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             VIRTUAL SIZE
ubuntu              14.04.1             5506de2b643b        3 weeks ago         199.3 MB
itsecorg@pbuilder:~$

Show containers

itsecorg@pbuilder:~$ sudo docker ps -a --no-trunc=true
itsecorg@pbuilder:~$ sudo docker ps -a --no-trunc=false
CONTAINER ID        IMAGE               COMMAND                CREATED             STATUS                           PORTS               NAMES
09a4d97bdc2b        ubuntu:14.04.1      sudo http_proxy=http   About an hour ago   Exited (0) About an hour ago                         loving_hypatia
b4360f35202b        ubuntu:14.04.1      sudo http_proxy=http   About an hour ago   Exited (0) About an hour ago                         cocky_perlman
8d1fbf98c719        ubuntu:14.04.1      sudo http_proxy=http   About an hour ago   Exited (0) About an hour ago                         backstabbing_newton

Create new image from container

Syntax:

sudo docker commit <container-id> <image-name>

Example:

sudo docker commit b4360f35202b ubuntu-new

Using phusion/baseimage

tim@pbuilder:~/phusion$ sudo docker search -s 100 "phusion"
NAME                DESCRIPTION                                     STARS     OFFICIAL   AUTOMATED
phusion/baseimage   A special image that is configured for cor...   451
tim@pbuilder:~/phusion$ sudo docker pull "phusion/baseimage"
...
# run container with ssh listening on port 2222/tcp and a shell in parallel
tim@pbuilder:~/phusion$ sudo docker run --rm -t -p 192.168.100.96:2222:22 -i phusion/baseimage:0.9.15


...
*** Runit started as PID 95
*** Running bash -l...
root@b2a9f8dfff35:/# 

# run container with ssh listening on port 2222/tcp
tim@pbuilder:~/phusion$ sudo docker run --rm -t -p 2222:22 -i phusion/baseimage:0.9.15
...
*** Runit started as PID 95



tim@pbuilder:~/phusion$ sudo docker run --name="isodb" -h iso-db phusion/baseimage:0.9.15
*** Running /etc/my_init.d/00_regen_ssh_host_keys.sh...
No SSH host key available. Generating one...
Creating SSH2 RSA key; this may take some time ...
Creating SSH2 DSA key; this may take some time ...
Creating SSH2 ECDSA key; this may take some time ...
Creating SSH2 ED25519 key; this may take some time ...
invoke-rc.d: policy-rc.d denied execution of restart.
*** Running /etc/rc.local...
*** Booting runit daemon...
*** Runit started as PID 95

Changing config files

Replacing settings:

RUN sed -i.orig \
-e "s/^memory_limit\s*=.*/memory_limit = 200M/" \
-e "s/^max_execution_time\s*=.*/max_execution_time = 900/" \
-e "s/^default_charset\s*=.*/default_charset = \"utf\-8\"/" \
-e "s|^include_path\s*=.*|include_path = \"/usr/share/php:/usr/share/lib/php:/usr/share/itsecorg/web/include:/usr/share/itsecorg/etc:/usr/share/itsecorg/web/htdocs/inctxt:/usr/share/itsecorg/web/htdocs/hilfe\"|" \
-e "s|^doc_root\s*=.*|doc_root = /usr/share/itsecorg/web|" \
-e "s/^sql\.safe_mode\s*=.*/sql.safe_mode = On/" \
-e "s/^expose_php\s*=.*/expose_php = Off/" \
-e "s/^display_errors\s*=.*/display_errors = Off/" \
-e "s/^display_startup_errors\s*=.*/display_startup_errors = Off/" \
-e "s/^error_log\s*=.*/error_log = syslog/" \
-e "s/^log_errors_max_len\s*=.*/log_errors_max_len = 0/" \
-e "s/^pgsql\.log_notice\s*=.*/pgsql.log_notice = 1/" \
-e "s|^session\.save_path\s*=.*|session.save_path = /var/itsecorg/session|" \
-e "s/^session\.gc_maxlifetime\s*=.*/session\.gc_maxlifetime = 14400/" \
/etc/php5/apache2/php.ini /etc/php5/cli/php.ini

RUN sed -i.orig \
-e "s|^host\s*all\s*all\s*127.0.0.1/32\s*md5|# &|" \
-e "s|^host\s*all\s*all\s*::1/128\s*md5|# &|" \
/etc/postgresql/main/9.3/pg_hba.conf

Adding settings:

RUN cat <<EOT >> /etc/postgresql/main/9.3/pg_hba.conf
host    all         dbadmin             127.0.0.1/32          md5
host    all         itsecorg            127.0.0.1/32          md5
host    all         +dbbackupusers      127.0.0.1/32          trust
host    all         +configimporters    127.0.0.1/32          trust
host    all         confexporter        127.0.0.1/32          trust
host    all         +secuadmins         127.0.0.1/32          md5
host    all         +reporters          127.0.0.1/32          md5
host    all             all             127.0.0.1/32            md5
host    all             all             ::1/128                 md5
EOT