CheatSheet | Docker

Introduction

• Contents

  1. Install docker ∑in centos

  2. Frequently used docker commands

  3. FIle sharing in docker (bind, volume)

  4. Dockerfile instruction

  5. Docker compose

  6. Docker swarm

• Glossary

  • swarm : almost same with word “cluster”
  • node (manager/worker) : A unit of server in a cluster. You can run swarm commands only on the manager node.
  • service : A unit of modules in project, a basic distribution unit,
  • stack : You can think of it as a unit of a project, and containers grouped into one stack basically belong to the same overlay network.

---

1. Install docker in centOS

• Install Docker Engine on CentOS | Docker Documentation

# (1) Set up the repository
$ sudo yum install -y yum-utils
$ sudo yum-config-manager \
    --add-repo \
    https://download.docker.com/linux/centos/docker-ce.repo

# (2) Install Docker Engine
$ sudo yum install docker-ce docker-ce-cli containerd.io
$ sudo yum install docker-ce-19.03.13 docker-ce-cli-19.03.13 containerd.io docker-compose-plugin

• Post-installation steps for Linux | Docker Documentation

# (3) Create the docker group.
# $ sudo groupadd docker

# (4)Add your user to the docker group.
# sudo usermod -aG docker <USER>
$ sudo /usr/sbin/usermod -aG docker <USER>
$ sudo /usr/sbin/usermod -aG docker <USER_SU>

# (5) Run and Stop docker before change root directory
$ sudo systemctl start docker
$ sudo systemctl stop docker

# (5) change root directory (storage for default docker directory is not enough)
# add {"data-root": "/home1/<USER>/docker-data"} in /etc/docker/daemon.json
$ sudo vim /etc/docker/daemon.json

# (6) Run docker
$ sudo systemctl start docker
# if got permission error for /var/run/docker.sock
$ sudo chmod 666 /var/run/docker.sock
# check root directory
$ docker info | grep Root
$ docker run hello-world

---

2. Frequently used Docker Commands

• Dockerize an SSH service

$ docker --version # check docker version
$ docker build -t [TAG] . # build using Dockerfile in cwd
$ docker images # show docker images
$ docker ps -a # show docker containers
$ docker ps --format '{{.Names}}'
$ docker rm -f [CONTAINER_NAME] # remove docker container
$ docker rmi [IMAGE_NAME] # remove docker image

$ docker run --dit --rm -p 22:22 --name [CONTAINER_NAME] -v [SRC]:[DST] [IMAGE_NAME] # run docker container
$ ctrl p q # exit without removing container
$ docker attach [CONTAINER_NAME]] # attach to docker container
$ docker exec -u 0 -it [CONTAINER_NAME] bash # exec on root 

$ docker commit [OPTIONS] CONTAINER [REPOSITORY[:TAG]]
$ docker push [REPOSITORY[:TAG]]

$ docker container prune # prune docker container
$ docker image prune # prune docker images
$ docker system prune -a # remove all building cache

$ docker logs -f <CONTAINER_NAME> --tail=1000 2>&1 | grep complete # show logs in container

---

3. File sharing in docker container

• Bind-mount : are files mounted from your host machine (the one that runs your docker daemon) onto your container.

• Volume : are like storage spaces totally managed by docker. In fact, volumes are managed in the hidden(?) path of host machine such as ‘/var/lib/docker/volumes/VOLUME_NAME’

  • named volumes : you provide the name of it

  • anonymous volumes : usual UUID names from docker, like you can find them on container or untagged images

$ docker volume ls
$ docker volume rm
$ docker volume inspect VOLUME_NAME

---

4. Dockerfile Instructions

# Set base image
FROM ubuntu:16.04 
# argument used only in build time : ARG NAME=DEFAULT
ARG PYVERSION=3.7.12
# run shell cmd using  "bin/sh -c" in docker image
RUN ["apt-get", "install", "-y", "nginx"]
# set expose port 
EXPOSE 8080
# set env-var, env-var can be used as $variable_name
ENV FOO /bar
# set user of docker image
USER nginx  
# volume mount from host to docker container
VOLUME ["opt/project"]
# copy files from host to docker image
ADD file /some/dir/file
# almost same with ADD, do not unzip zipped files automatically, cannot use URL as source of file
COPY file /some/dir/file
# cmd to run when docker container starts
CMD ["python", "main.py"]

---

5. Docker Registry

$ docker login # docker-hub
$ docker login -u <ID> reg.*********.com # private registry

$ docker push ${REG_HOST}/IMAGE_TO_PUSH:${TAG}

---

6. Docker Compose

## Install
$ sudo curl -L "https://github.com/docker/compose/releases/download/1.24.1/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
$ sudo chmod +x /usr/local/bin/docker-compose
$ sudo ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose

$ docker-compose up -d 
$ docker-compose down
$ docker-compose stop [CONTAINER_NAME]
$ docker-compose ps

version: '3.7'
services:
  my_service1:
    build: # if wanna build a image
      context: ./
      dockerfile: ./Dockerfile
    image: # image name
    hostname: # host name
    tty: true # docker run -t
    container_name: <my_cont1> # container_name
    volumes: # mout volumes
      - ./src:/myproject/src
    networks:
      - myproject
    ports:
      - 2003:3003
    user: celery
    command: python -m black /myproject/src -t py39
    depends_on:
      - black

volumes:
  rabbitmq:
    driver: local
  redis:
    driver: local
networks:
  myproject:

---

7. Docker swarm

• Server Orchestration

  • Scheduling : Distribute multiple containers to each server, and when the server dies, it is deployed to another server so that there is no disruption to the service.
  • Clustering : Multiple servers can be used like one server. By adding/removing new servers to the cluster, scattered containers can communicate easily as if they were on the same server using a virtual network.
  • Service Discovery
  • Logging, Monitoring

• Why Docker Swarm?

  • When you build an API server and traffic increases => one server cannot handle it,

  • What if the images constituting the container are updated. Should I delete all currently running containers and create a new container again with docker-compose => Rolling update of Docker Swarm

  • Swarm was developed separately from Docker, and since v1.12, it was merged under the name of Swarm Mode.

# (1) init docker swarm
$ docker swarm init # run on manager node
# This will return the following command. To add a worker to this swarm, just run that command on the worker node
> docker swarm join --token ............. # use <***.nfra.io:2377> rather than inner ip
> docker swarm join-token worker # will return the token message again

# (2) deploy
$ docker stack deploy --compose-file <docker-compose.yml> <STACK_NAME> # deploy using docker-compse.yml

# (3) manage swarm
$ docker node ls # show all nodes joined to current node
$ docker stack ls # show all stacks in current node (manager) 
$ docker service ls # show all services (including worker nodes) managed by current node 

$ docker service ps <SERVICE_NAME>

# Update node metadata
$ docker node update --label-add <LABEL_KEY>=<LABEL_VALUE> <HOSTNAME>