====== Docker ======
[[https://www.docker.com/|Docker]] est un programme libre de création, gestion et déploiement de conteneurs. Vous pouvez trouver plus d'informations sur [[https://fr.wikipedia.org/wiki/Docker_%28logiciel%29|Wikipédia]] et sur de nombreux sites.
===== Installer Docker =====
==== Sur Raspberry Pi ====
=== Prérequis ===
Un [[Raspberry Pi]] fonctionnel avec une distribution supportant Docker, comme [[Ubuntu Mate]] ou [[HypriotOS]]. Il faut que le noyau soit récent pour bénéficier de toutes les possibilités.
=== Installation ===
Sur Ubuntu Mate, on peut l'installer via les paquets :
$ sudo apt-get install docker.io
=== Vérifications ===
On peut vérifier qu'il est bien installé et trouver les infos importantes avec les commandes suivantes :
$ sudo docker
Usage: docker [OPTIONS] COMMAND [arg...]
docker daemon [ --help | ... ]
docker [ --help | -v | --version ]
A self-sufficient runtime for containers.
Options:
--config=~/.docker Location of client config files
-D, --debug Enable debug mode
-H, --host=[] Daemon socket(s) to connect to
-h, --help Print usage
-l, --log-level=info Set the logging level
--tls Use TLS; implied by --tlsverify
--tlscacert=~/.docker/ca.pem Trust certs signed only by this CA
--tlscert=~/.docker/cert.pem Path to TLS certificate file
--tlskey=~/.docker/key.pem Path to TLS key file
--tlsverify Use TLS and verify the remote
-v, --version Print version information and quit
Commands:
attach Attach to a running container
build Build an image from a Dockerfile
commit Create a new image from a container's changes
cp Copy files/folders between a container and the local filesystem
create Create a new container
diff Inspect changes on a container's filesystem
events Get real time events from the server
exec Run a command in a running container
export Export a container's filesystem as a tar archive
history Show the history of an image
images List images
import Import the contents from a tarball to create a filesystem image
info Display system-wide information
inspect Return low-level information on a container or image
kill Kill a running container
load Load an image from a tar archive or STDIN
login Register or log in to a Docker registry
logout Log out from a Docker registry
logs Fetch the logs of a container
network Manage Docker networks
pause Pause all processes within a container
port List port mappings or a specific mapping for the CONTAINER
ps List containers
pull Pull an image or a repository from a registry
push Push an image or a repository to a registry
rename Rename a container
restart Restart a container
rm Remove one or more containers
rmi Remove one or more images
run Run a command in a new container
save Save an image(s) to a tar archive
search Search the Docker Hub for images
start Start one or more stopped containers
stats Display a live stream of container(s) resource usage statistics
stop Stop a running container
tag Tag an image into a repository
top Display the running processes of a container
unpause Unpause all processes within a container
update Update resources of one or more containers
version Show the Docker version information
volume Manage Docker volumes
wait Block until a container stops, then print its exit code
Run 'docker COMMAND --help' for more information on a command.
$ sudo docker version
Client:
Version: 1.10.3
API version: 1.22
Go version: go1.6.1
Git commit: 20f81dd
Built: Wed, 20 Apr 2016 14:19:16 -0700
OS/Arch: linux/arm
Server:
Version: 1.10.3
API version: 1.22
Go version: go1.6.1
Git commit: 20f81dd
Built: Wed, 20 Apr 2016 14:19:16 -0700
OS/Arch: linux/arm
$ sudo docker info
[sudo] password for simon:
Containers: 0
Running: 0
Paused: 0
Stopped: 0
Images: 0
Server Version: 1.10.3
Storage Driver: overlay
Backing Filesystem: extfs
Execution Driver: native-0.2
Logging Driver: json-file
Plugins:
Volume: local
Network: bridge null host
Kernel Version: 4.1.19-v7+
Operating System: Ubuntu 16.04.1 LTS
OSType: linux
Architecture: armv7l
CPUs: 4
Total Memory: 925.8 MiB
Name: rpi2
ID: K5PJ:JHJS:AEOJ:QMBV:N6GY:LEJY:L6GW:DJGT:7TCV:A247:62PI:O6H5
WARNING: No memory limit support
WARNING: No swap limit support
WARNING: No oom kill disable support
WARNING: No cpu cfs quota support
WARNING: No cpu cfs period support
=== Bonus ===
Pour ne pas devoir utiliser [[sudo]] et pour limiter la surface d'attaque de Docker, on peut utiliser [[https://www.guillaume-leduc.fr/docker-comme-solution-de-virtualisation-installation.html|cette astuce]] :
# On ajoute le groupe docker s'il n'existe pas déjà.
$ sudo groupadd docker
# On ajoute l'utilisateur courant (nous) "${USER}" au groupe.
# On peut y mettre n'importe quel utilisateur
# Il faudra peut-être de reconnecter pour que les modifications prennent effet.
$ sudo gpasswd -a ${USER} docker
# On redémarre le daemon.
$ sudo service docker restart
==== Sur Debian 9 Stretch ====
La procédure est là : [[http://www.itzgeek.com/how-tos/linux/debian/how-to-install-docker-on-debian-9.html|itzgeek.com]]
===== Télécharger et utiliser des conteneurs =====
==== Mono ====
Mon premier essais consiste à faire tourner un code en C# via un conteneur mono [[https://hub.docker.com/_/mono/|disponible sur le Docker Hub]] :
$ docker pull mono
latest: Pulling from mono
675952da5001: Pull complete
c527f527316d: Pull complete
13be62761cfd: Pull complete
d559e85a2176: Pull complete
19a0cc119d92: Pull complete
d1ddf658ac76: Pull complete
Digest: sha256:26812170a5381cf482caa776d90d8ea4d38de0273894e894ecb7fabcb9f02cac
Status: Downloaded newer image for mono:latest
$ docker build -t drone-test .
Sending build context to Docker daemon 20.99 kB
Sending build context to Docker daemon
Step 0 : FROM mono:3.10-onbuild
3.10-onbuild: Pulling from mono
2cbc5686618a: Pull complete
ab0ae6bb20f1: Pull complete
86f977c7a3e6: Pull complete
6b14d937da83: Pull complete
f973886e468c: Pull complete
82a2a1e130db: Pull complete
e04b34b9f606: Pull complete
f69cd3d8fb2d: Pull complete
4ae5a5dcc234: Pull complete
3a0b1f94c975: Pull complete
4f5c6ddeb70b: Pull complete
675952da5001: Already exists
c527f527316d: Already exists
13be62761cfd: Already exists
d559e85a2176: Already exists
Digest: sha256:9e50fd95f1fddc16d30f16dfb15f716ec727845823fede6ff3270f8fd7f531e8
Status: Downloaded newer image for mono:3.10-onbuild
# Executing 4 build triggers
Trigger 0, COPY . /usr/src/app/source
Step 0 : COPY . /usr/src/app/source
Trigger 1, RUN nuget restore -NonInteractive
Step 0 : RUN nuget restore -NonInteractive
---> Running in e0a89a75599f
This folder contains no solution files, nor packages.config files.
INFO[0040] The command [/bin/sh -c nuget restore -NonInteractive] returned a non-zero code: 1
==== Docker Machine ====
[[https://docs.docker.com/machine/install-machine/|Installation de docker-machine]] (lien officiel).
===== Commandes utiles =====
==== Démarrer/Arrêter un container ====
$ docker start cptactionhank/atlassian-jira
$ docker stop gitlab
==== Avoir des informations sur les containers ====
$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
ab2180a9e20f cptactionhank/atlassian-jira:latest "/docker-entrypoin..." 3 hours ago Up 27 minutes 0.0.0.0:8080->8080/tcp jira
9118afb6987c gitlab/gitlab-ce:latest "/assets/wrapper" 2 days ago Up About a minute (healthy) 0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp, 0.0.0.0:23->22/tcp gitlab2
$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
ab2180a9e20f cptactionhank/atlassian-jira:latest "/docker-entrypoin..." 3 hours ago Up 28 minutes 0.0.0.0:8080->8080/tcp jira
f341e0f8de10 cptactionhank/atlassian-jira:latest "/docker-entrypoin..." 4 hours ago Exited (143) 3 hours ago confident_goldstine
9118afb6987c gitlab/gitlab-ce:latest "/assets/wrapper" 2 days ago Up 2 minutes (healthy) 0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp, 0.0.0.0:23->22/tcp gitlab2
9ff27779cbe4 gitlab/gitlab-ce:latest "/assets/wrapper" 2 days ago Created gitlab
4e6d1af014eb gitlab/gitlab-ce:latest "/assets/wrapper" 2 days ago Exited (0) 2 days ago thirsty_keller
c5222668e5e2 gitlab/gitlab-ce:latest "/assets/wrapper" 2 days ago Created sharp_yalow
c1444e3e3239 cptactionhank/atlassian-jira:latest "/docker-entrypoin..." 2 days ago Exited (137) 2 days ago loving_allen
a8841c425532 cptactionhank/atlassian-jira "/docker-entrypoin..." 2 days ago Exited (130) 2 days ago peaceful_borg
$ docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
cptactionhank/atlassian-jira latest 282b3a72b814 4 days ago 1.12GB
gitlab/gitlab-ce latest e5bfc2240b16 5 days ago 1.33GB
$ docker inspect jira
=== Supprimer un container ===
Après avoir regardé tous les containers existants sur la machine avec un ''docker ps -a'', on peut supprimer ceux qui ne sont pas/plus utilisés :
$ docker rm confident_goldstine
=== Informations sur le réseau ===
$ docker network list
NETWORK ID NAME DRIVER SCOPE
0417a114705a bridge bridge local
d9d00b7cedb9 host host local
80176826d54c none null local
$ docker network inspect 0417a114705a
[
{
"Name": "bridge",
"Id": "0417a114705acee8bb5e464e06652d6134ce49e5d7956192201e48157253e708",
(...)
==== Informations sur les volumes ====
$ docker volume ls
==== Exécuter des action depuis un container ====
=== Lancer un bash dans un container ===
$ docker exec -ti jira bash
daemon@ab2180a9e20f:/var/atlassian/jira$
=== Pinger un container depuis un autre ===
$ docker exec -ti jira ping 172.17.0.3
PING 172.17.0.3 (172.17.0.3): 56 data bytes
64 bytes from 172.17.0.3: icmp_seq=0 ttl=64 time=0.036 ms
(...)
^C--- 172.17.0.3 ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max/stddev = 0.036/0.080/0.117/0.034 ms
==== Aide ====
$ docker exec --help
Usage: docker exec [OPTIONS] CONTAINER COMMAND [ARG...]
Run a command in a running container
Options:
-d, --detach Detached mode: run command in the background
--detach-keys string Override the key sequence for detaching a container
-e, --env list Set environment variables
--help Print usage
-i, --interactive Keep STDIN open even if not attached
--privileged Give extended privileges to the command
-t, --tty Allocate a pseudo-TTY
-u, --user string Username or UID (format: [:])
===== Exemples pratiques =====
- [[Haproxy sous Docker]]
- [[Nextcloud]] (obsolète: [[Nextcloud avec docker-compose]])
- [[Funkwhale]]
- [[Jekyll]]
===== Liens et références =====
- [[http://wiki.tuxunix.com/index.php/Utiliser_Docker_sous_Debian|Utiliser Docker sous Debian (Tuxunix.com)]]
- [[https://www.guillaume-leduc.fr/docker-comme-solution-de-virtualisation-installation.html|Docker comme solution de virtualisation (guillaume-leduc.fr)]]
- [[http://blog.nicolargo.com/2014/06/virtualisation-legere-docker.html|Virtualisation légère avec Docker (nicolargo.com)]]