Docker

From Braindump
Jump to navigation Jump to search

Docker

Docker makes use of Linux Containers. Docker can download images from dockerhub and run it in a container in it's own namespace. The processes in the container can not reach other processes or network or files, similar to a chroot jail. The running containers can run in the foreground continuously displaying the stdout or in background daemon mode, where the stdout is visbile as logs. The containers does if there is not a foreground process. The docker containers runs on the linux kernel and does not use libraries from the host os. You can run ubuntu programs that are based on GLIBC on an Alpine Linux that is based on MUSL without installing compatibility libraries, this makes images very portable.

An image can be build from a Dockerfile, which starts with a FROM base layer. Additional layers modify or add on this layer using overlays, these layers are downloaded individually and can be reused.

Run

docker run -d -p 1880:1880 -v node-red:/data --name mynodered nodered/node-red
docker run -d -p 8086:8086 --name influxdb2 -v /var/lib/influxdb2:/var/lib/influxdb2 influxdb:alpine
docker run -v ~/sniper/loot:/usr/share/sniper/loot -it xerosecurity/sn1per /bin/bash

Clean

docker image prune -a

Hello World

docker run hello-world
Unable to find image 'hello-world:latest' locally
latest: Pulling from library/hello-world
b8dfde127a29: Pull complete
Digest: sha256:308866a43596e83578c7dfa15e27a73011bdd402185a84c5cd7f32a88b501a24
Status: Downloaded newer image for hello-world:latest

Hello from Docker!

docker images
docker ps -a

REPOSITORY TAG IMAGE ID CREATED SIZE hello-world latest d1165f221234 12 days ago 13.3kB 

docker ps -a
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS                     PORTS               NAMES
697c27eb1e9c        hello-world         "/hello"            4 minutes ago       Exited (0) 4 minutes ago                       charming_brown

docker run --rm -it alpine /bin/ash
/ # ps auxww
PID   USER     TIME  COMMAND
   1 root      0:00 /bin/ash
   6 root      0:00 ps auxww

This is a process listing from an empty container

Building an image

Dockerfile

FROM node:12-alpine
WORKDIR /app
COPY . .
RUN yarn install --production
CMD ["node", "src/index.js"]

This downloads the alpine image with nodejs already installed, copies the ./app directory from the host into the image and runs the yarn install of this application and then runs the nodejs application serving the index.js on the app, which is likely a webserver.

The Mincraft server's Dockerfile, uses this dockerfile

https://github.com/itzg/docker-minecraft-bedrock-server/blob/master/Dockerfile

Quarkus

Oracle Java JDK changed licenses for enterprise usage in JDK-8. OpenJDK is the reference implementation, which is not license restricted.

Alpine is light and popular base for Docker images. Alpine Linux by default uses MUSL LIBC, JAVA depends on GLIBC, GLIBC compat can be used. The Redhat Quay contains quarkus/neo4j-jvm

(Micronaut)

Keycloak

https://www.keycloak.org/server/containers 

docker run --name optimized_keycloak -p 8443:8443 -e KEYCLOAK_ADMIN=admin -e KEYCLOAK_ADMIN_PASSWORD=me_change prebuilt_keycloak:latest
docker run --name keycloak_test -p 8080:8080 -e KEYCLOAK_ADMIN=admin -e KEYCLOAK_ADMIN_PASSWORD=me_change quay.io/keycloak/keycloak:latest start-dev
Retrieved from "https://www.janmg.com/wiki/index.php?title=Docker&oldid=322"