[[https://blog.geekhunter.com.br/docker-na-pratica-como-construir-uma-aplicacao/|https://blog.geekhunter.com.br/docker-na-pratica-como-construir-uma-aplicacao/]]
== Confinamento ==
Cgroup:\\
Systemd : (container with systemd) [[https://wiki.archlinux.org/index.php/systemd-nspawn#Create_a_Debian_or_Ubuntu_environment|https://wiki.archlinux.org/index.php/systemd-nspawn#Create_a_Debian_or_Ubuntu_environment]]
== Boas práticas criação de sua app para um container docker ==
* [[https://docs.docker.com/develop/develop-images/dockerfile_best-practices/|https://docs.docker.com/develop/develop-images/dockerfile_best-practices/]]
* [[https://cloud.google.com/architecture/best-practices-for-building-containers|https://cloud.google.com/architecture/best-practices-for-building-containers]]
Lembre-se que de incluir o systemd ou upstart, pois eles gerenciam os processos, então se um processo comer mais memória do que tem, o processo pode morrer. Exemplo em cgroup aulas William ;)
== Migrando Container Docker para outra Máquina. ==
Na máquina fonte:
# docker commit
# docker save > /tmp/nome-nova-imagem .tar
Na máquina destino:
# docker load
Verificar lista de camadas:
# docker history
* Export e Import (congela todas a camadas)
Shared network of other container:
# docker run -itd --name debiantest --net=container:test-mediawiki debian
[[https://forums.docker.com/t/shared-network-namespaces-using-net-container/16697/4|https://forums.docker.com/t/shared-network-namespaces-using-net-container/16697/4]] [[https://stackoverflow.com/questions/55399695/attaching-a-docker-container-to-another-containers-network-with-net-container|https://stackoverflow.com/questions/55399695/attaching-a-docker-container-to-another-containers-network-with-net-container]]
$ docker run -it --name myTomcat --net=myNetwork tomcat
$ docker run -it --net container:myTomcat busybox
Docker compose (stack serviço) dentro mesmo container
#################################
#stack.yml
version: '3.1'
services:
mongo:
image: mongo
restart: always
environment:
MONGO_INITDB_ROOT_USERNAME: root
MONGO_INITDB_ROOT_PASSWORD: example
mongo-express:
image: mongo-express
restart: always
ports:
- 8081:8081
environment:
ME_CONFIG_MONGODB_ADMINUSERNAME: root
ME_CONFIG_MONGODB_ADMINPASSWORD: example
#################################
$ docker stack deploy -c stack.yml mongo / $ docker-compose -f stack.yml up
Referência: [[https://hub.docker.com/_/mongo/|https://hub.docker.com/_/mongo/]]
== Docker cluster (swarm). ==
[[https://www.profissionaisti.com.br/2017/07/portainer-orquestrando-containers-em-um-cluster-docker-swarm/|https://www.profissionaisti.com.br/2017/07/portainer-orquestrando-containers-em-um-cluster-docker-swarm/]]
== Docker compose ==
Multiplos container started
== Docker standalone ==
[[https://www.digitalocean.com/community/tutorials/how-to-install-and-use-docker-getting-started|https://www.digitalocean.com/community/tutorials/how-to-install-and-use-docker-getting-started]] [[https://docs.docker.com/samples/|https://docs.docker.com/samples/]]
Instalação do Docker no Debian / Ubuntu
# apt install systemd-docker docker.io
# systemctl start docker
# docker info
Imagem
# docker search centos
# docker pull centos
# docker images
Create minha imagem sem base source [[https://docs.docker.com/engine/userguide/eng-image/baseimages/#create-a-full-image-using-tar|https://docs.docker.com/engine/userguide/eng-image/baseimages/#create-a-full-image-using-tar]] [[https://rominirani.com/docker-tutorial-series-writing-a-dockerfile-ce5746617cd|https://rominirani.com/docker-tutorial-series-writing-a-dockerfile-ce5746617cd]] [[https://www.digitalocean.com/community/tutorials/docker-explained-using-dockerfiles-to-automate-building-of-images|https://www.digitalocean.com/community/tutorials/docker-explained-using-dockerfiles-to-automate-building-of-images]]
root@note:~/onlybash# ls
bin Dockerfile lib lib64
root@note:~/onlybash# cat Dockerfile
FROM scratch
ADD /bin /bin
ADD /lib /lib
ADD /lib64 /lib64
RUN /bin/bash
# docker build -t onlybash .
Executa o comando LS e quando termina ele finaliza o docker, mas arquivos continua, você consegue dar o docker start novamente no processo.
# docker run onlybash ls
** docker start 34de3d34d32
** docker start -i 34de3d34d32
root@note:/# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b8b705b7543d onlybash "ls" 9 seconds ago Exited (0) 7 seconds ago determined_euler
2c5c39f80933 onlybash "/bin/bash" 2 minutes ago Exited (0) 14 seconds ago evil_boyd
f20039ae5e10 onlybash "/bin/bash" 4 minutes ago Exited (0) 3 minutes ago dreamy_raman
root@note:/# docker start b8b705b7543d
b8b705b7543d
root@note:/# docker start -i b8b705b7543d
bin dev etc lib lib64 proc sys
Executa o comando bash e só termina quando é fechado o bash
# docker run -it onlybash /bin/bash
Processos que foram executados
# docker ps -a
Processos que estão em execução
# docker ps
[[https://www.digitalocean.com/community/tutorials/how-to-install-and-use-docker-getting-started|https://www.digitalocean.com/community/tutorials/how-to-install-and-use-docker-getting-started]]
* Executa em um container existente um comando
# docker exec -it f20039ae5e10 /bin/bash
root@note:~# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
6516d128243e onlybash "/bin/bash" 6 seconds ago Up 5 seconds peaceful_davinci
root@note:~# docker exec -it 6516d128243e /bin/bash
bash-4.3#
== Ferramentas de gerenciamento: ==
* Cockpit
* [[https://portainer.io/|https://portainer.io/]]
* Magnum (cluster over VMs)
* Zen ()
* [[https://rancher.com/|https://rancher.com/]]
* [[https://kitematic.com/|https://kitematic.com/]]
* Swarm
* Kubernetes
== Swarm Master ==
apt-get update apt-get -y install apt-transport-https ca-certificates curl software-properties-common curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add - apt-key fingerprint 0EBFCD88 add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" apt-get update apt-get -y install docker-ce docker ps iptables -L -n sudo ufw allow 2376/tcp && sudo ufw allow 7946/udp && sudo ufw allow 7946/tcp && sudo ufw allow 80/tcp && sudo ufw allow 2377/tcp && sudo ufw allow 4789/udp sudo ufw reload && sudo ufw systemctl restart docker docker swarm init --advertise-addr 172.20.0.32> /root/docker-swarm-join
=== Swarm Node ===
install docker and after execute: docker swarm join --token xxxxxxxxxxxxtokenxxxxxxxxxxxxxxxxx 172.20.0.32:2377
==== Alterando segmento de rede default do docker e de novas bridges ====
No arquivo de configuração do docker daemon /etc/docker/daemon.json
''{
"live-restore": true,
"bip": "172.30.0.1/24",
"default-address-pools": [{
"base": "172.31.0.0/16",
"size": 24
}]
}''
Reiniciar o serviço docker e verificar a rede docker0 ;)
# network stack [[https://blog.alexellis.io/docker-stacks-attachable-networks/|https://blog.alexellis.io/docker-stacks-attachable-networks/]]
# network standalone [[https://docs.docker.com/network/network-tutorial-standalone/|https://docs.docker.com/network/network-tutorial-standalone/]] [[https://medium.com/@hafandhalf/networking-between-docker-containers-1d718f22424|https://medium.com/@hafandhalf/networking-between-docker-containers-1d718f22424]] [[https://dev.to/mozartted/docker-networking--how-to-connect-multiple-containers-7fl|https://dev.to/mozartted/docker-networking--how-to-connect-multiple-containers-7fl]] [[https://runnable.com/docker/docker-compose-networking|https://runnable.com/docker/docker-compose-networking]] [[https://medium.com/@havloujian.joachim/advanced-docker-networking-outgoing-ip-921fc3090b09|https://medium.com/@havloujian.joachim/advanced-docker-networking-outgoing-ip-921fc3090b09]]
# acessando netns [[https://www.thegeekdiary.com/how-to-access-docker-containers-network-namespace-from-host/|https://www.thegeekdiary.com/how-to-access-docker-containers-network-namespace-from-host/]]
# network arch [[https://platform9.com/blog/container-namespaces-deep-dive-container-networking/|https://platform9.com/blog/container-namespaces-deep-dive-container-networking/]]
# diferença docker compose e docker stack [[https://vsupalov.com/difference-docker-compose-and-docker-stack/|https://vsupalov.com/difference-docker-compose-and-docker-stack/]] Install docker-ce centos [[https://syslint.com/blog/tutorial/install-docker-cecommunity-edition-in-centos-7/|https://syslint.com/blog/tutorial/install-docker-cecommunity-edition-in-centos-7/]] Install docker-compose com pip [[https://github.com/NaturalHistoryMuseum/scratchpads2/wiki/Install-Docker-and-Docker-Compose|https://github.com/NaturalHistoryMuseum/scratchpads2/wiki/Install-Docker-and-Docker-Compose]]-(Centos-7)