Docker est un programme libre de création, gestion et déploiement de conteneurs. Vous pouvez trouver plus d'informations sur Wikipédia et sur de nombreux sites.
Un Raspberry Pi fonctionnel avec une distribution supportant Docker, comme Ubuntu Mate ou HypriotOS. Il faut que le noyau soit récent pour bénéficier de toutes les possibilités.
Sur Ubuntu Mate, on peut l'installer via les paquets :
$ sudo apt-get install docker.io
On peut vérifier qu'il est bien installé et trouver les infos importantes avec les commandes suivantes :
$ sudo docker Usage: docker [OPTIONS] COMMAND [arg...] docker daemon [ --help | ... ] docker [ --help | -v | --version ] A self-sufficient runtime for containers. Options: --config=~/.docker Location of client config files -D, --debug Enable debug mode -H, --host=[] Daemon socket(s) to connect to -h, --help Print usage -l, --log-level=info Set the logging level --tls Use TLS; implied by --tlsverify --tlscacert=~/.docker/ca.pem Trust certs signed only by this CA --tlscert=~/.docker/cert.pem Path to TLS certificate file --tlskey=~/.docker/key.pem Path to TLS key file --tlsverify Use TLS and verify the remote -v, --version Print version information and quit Commands: attach Attach to a running container build Build an image from a Dockerfile commit Create a new image from a container's changes cp Copy files/folders between a container and the local filesystem create Create a new container diff Inspect changes on a container's filesystem events Get real time events from the server exec Run a command in a running container export Export a container's filesystem as a tar archive history Show the history of an image images List images import Import the contents from a tarball to create a filesystem image info Display system-wide information inspect Return low-level information on a container or image kill Kill a running container load Load an image from a tar archive or STDIN login Register or log in to a Docker registry logout Log out from a Docker registry logs Fetch the logs of a container network Manage Docker networks pause Pause all processes within a container port List port mappings or a specific mapping for the CONTAINER ps List containers pull Pull an image or a repository from a registry push Push an image or a repository to a registry rename Rename a container restart Restart a container rm Remove one or more containers rmi Remove one or more images run Run a command in a new container save Save an image(s) to a tar archive search Search the Docker Hub for images start Start one or more stopped containers stats Display a live stream of container(s) resource usage statistics stop Stop a running container tag Tag an image into a repository top Display the running processes of a container unpause Unpause all processes within a container update Update resources of one or more containers version Show the Docker version information volume Manage Docker volumes wait Block until a container stops, then print its exit code Run 'docker COMMAND --help' for more information on a command. $ sudo docker version Client: Version: 1.10.3 API version: 1.22 Go version: go1.6.1 Git commit: 20f81dd Built: Wed, 20 Apr 2016 14:19:16 -0700 OS/Arch: linux/arm Server: Version: 1.10.3 API version: 1.22 Go version: go1.6.1 Git commit: 20f81dd Built: Wed, 20 Apr 2016 14:19:16 -0700 OS/Arch: linux/arm $ sudo docker info [sudo] password for simon: Containers: 0 Running: 0 Paused: 0 Stopped: 0 Images: 0 Server Version: 1.10.3 Storage Driver: overlay Backing Filesystem: extfs Execution Driver: native-0.2 Logging Driver: json-file Plugins: Volume: local Network: bridge null host Kernel Version: 4.1.19-v7+ Operating System: Ubuntu 16.04.1 LTS OSType: linux Architecture: armv7l CPUs: 4 Total Memory: 925.8 MiB Name: rpi2 ID: K5PJ:JHJS:AEOJ:QMBV:N6GY:LEJY:L6GW:DJGT:7TCV:A247:62PI:O6H5 WARNING: No memory limit support WARNING: No swap limit support WARNING: No oom kill disable support WARNING: No cpu cfs quota support WARNING: No cpu cfs period support
Pour ne pas devoir utiliser sudo et pour limiter la surface d'attaque de Docker, on peut utiliser cette astuce :
# On ajoute le groupe docker s'il n'existe pas déjà. $ sudo groupadd docker # On ajoute l'utilisateur courant (nous) "${USER}" au groupe. # On peut y mettre n'importe quel utilisateur # Il faudra peut-être de reconnecter pour que les modifications prennent effet. $ sudo gpasswd -a ${USER} docker # On redémarre le daemon. $ sudo service docker restart
La procédure est là : itzgeek.com
Mon premier essais consiste à faire tourner un code en C# via un conteneur mono disponible sur le Docker Hub :
$ docker pull mono latest: Pulling from mono 675952da5001: Pull complete c527f527316d: Pull complete 13be62761cfd: Pull complete d559e85a2176: Pull complete 19a0cc119d92: Pull complete d1ddf658ac76: Pull complete Digest: sha256:26812170a5381cf482caa776d90d8ea4d38de0273894e894ecb7fabcb9f02cac Status: Downloaded newer image for mono:latest
$ docker build -t drone-test . Sending build context to Docker daemon 20.99 kB Sending build context to Docker daemon Step 0 : FROM mono:3.10-onbuild 3.10-onbuild: Pulling from mono 2cbc5686618a: Pull complete ab0ae6bb20f1: Pull complete 86f977c7a3e6: Pull complete 6b14d937da83: Pull complete f973886e468c: Pull complete 82a2a1e130db: Pull complete e04b34b9f606: Pull complete f69cd3d8fb2d: Pull complete 4ae5a5dcc234: Pull complete 3a0b1f94c975: Pull complete 4f5c6ddeb70b: Pull complete 675952da5001: Already exists c527f527316d: Already exists 13be62761cfd: Already exists d559e85a2176: Already exists Digest: sha256:9e50fd95f1fddc16d30f16dfb15f716ec727845823fede6ff3270f8fd7f531e8 Status: Downloaded newer image for mono:3.10-onbuild # Executing 4 build triggers Trigger 0, COPY . /usr/src/app/source Step 0 : COPY . /usr/src/app/source Trigger 1, RUN nuget restore -NonInteractive Step 0 : RUN nuget restore -NonInteractive ---> Running in e0a89a75599f This folder contains no solution files, nor packages.config files. INFO[0040] The command [/bin/sh -c nuget restore -NonInteractive] returned a non-zero code: 1
Installation de docker-machine (lien officiel).
$ docker start cptactionhank/atlassian-jira
$ docker stop gitlab
$ docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES ab2180a9e20f cptactionhank/atlassian-jira:latest "/docker-entrypoin..." 3 hours ago Up 27 minutes 0.0.0.0:8080->8080/tcp jira 9118afb6987c gitlab/gitlab-ce:latest "/assets/wrapper" 2 days ago Up About a minute (healthy) 0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp, 0.0.0.0:23->22/tcp gitlab2
$ docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES ab2180a9e20f cptactionhank/atlassian-jira:latest "/docker-entrypoin..." 3 hours ago Up 28 minutes 0.0.0.0:8080->8080/tcp jira f341e0f8de10 cptactionhank/atlassian-jira:latest "/docker-entrypoin..." 4 hours ago Exited (143) 3 hours ago confident_goldstine 9118afb6987c gitlab/gitlab-ce:latest "/assets/wrapper" 2 days ago Up 2 minutes (healthy) 0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp, 0.0.0.0:23->22/tcp gitlab2 9ff27779cbe4 gitlab/gitlab-ce:latest "/assets/wrapper" 2 days ago Created gitlab 4e6d1af014eb gitlab/gitlab-ce:latest "/assets/wrapper" 2 days ago Exited (0) 2 days ago thirsty_keller c5222668e5e2 gitlab/gitlab-ce:latest "/assets/wrapper" 2 days ago Created sharp_yalow c1444e3e3239 cptactionhank/atlassian-jira:latest "/docker-entrypoin..." 2 days ago Exited (137) 2 days ago loving_allen a8841c425532 cptactionhank/atlassian-jira "/docker-entrypoin..." 2 days ago Exited (130) 2 days ago peaceful_borg
$ docker images REPOSITORY TAG IMAGE ID CREATED SIZE cptactionhank/atlassian-jira latest 282b3a72b814 4 days ago 1.12GB gitlab/gitlab-ce latest e5bfc2240b16 5 days ago 1.33GB
$ docker inspect jira
Après avoir regardé tous les containers existants sur la machine avec un docker ps -a, on peut supprimer ceux qui ne sont pas/plus utilisés :
$ docker rm confident_goldstine
$ docker network list NETWORK ID NAME DRIVER SCOPE 0417a114705a bridge bridge local d9d00b7cedb9 host host local 80176826d54c none null local
$ docker network inspect 0417a114705a [ { "Name": "bridge", "Id": "0417a114705acee8bb5e464e06652d6134ce49e5d7956192201e48157253e708", (...)
$ docker volume ls
$ docker exec -ti jira bash daemon@ab2180a9e20f:/var/atlassian/jira$
$ docker exec -ti jira ping 172.17.0.3 PING 172.17.0.3 (172.17.0.3): 56 data bytes 64 bytes from 172.17.0.3: icmp_seq=0 ttl=64 time=0.036 ms (...) ^C--- 172.17.0.3 ping statistics --- 3 packets transmitted, 3 packets received, 0% packet loss round-trip min/avg/max/stddev = 0.036/0.080/0.117/0.034 ms
$ docker exec --help Usage: docker exec [OPTIONS] CONTAINER COMMAND [ARG...] Run a command in a running container Options: -d, --detach Detached mode: run command in the background --detach-keys string Override the key sequence for detaching a container -e, --env list Set environment variables --help Print usage -i, --interactive Keep STDIN open even if not attached --privileged Give extended privileges to the command -t, --tty Allocate a pseudo-TTY -u, --user string Username or UID (format: <name|uid>[:<group|gid>])