- Docker Fundamentals Study Guide 2020
- Table of Contents
- 1 Running & Inspecting Containers
- 2 Interactive Containers
- 3 Detached Containers and Logging
- 4 Starting, Stopping, Inspecting and Deleting Containers
- 5 Interactive Image Creation
- 6 Creating Images with Dockerfiles (1/2)
- 7 Creating Images with Dockerfiles (2/2)
- 8 Multi-Stage Builds
- 9 Managing Images
- 10 Database Volumes
- 11 Introduction to Container Networking
- 12 Container Port Mapping
- 13 Creating a Swarm
- 14 Starting a Service
- 15 Node Failure Recovery
- 16 Swarm Scheduling
- 17 Provisioning Swarm Configuration
- 18 Routing to Services
- 19 Updating Applications
- 20 Installing Kubernetes
- 21 Kubernetes Orchestration
- 22 Provisioning Kube Configuration
- 23 Kubernetes Networking
- 24 Cleaning up Docker Resources
- 25 Inspection Commands
- 26 Plugins
- 27 Starting a Compose App
- 28 Scaling a Compose App
- Docker in 100 Seconds
- Update docker
sudo yum install https://storebits.docker.com/ee/centos/sub-2df29a12-742a-461b-893c-9c1aca7aa714/7/x86_64/stable-19.03/Packages/docker-ee-19.03.12-3.el7.x86_64.rpm https://storebits.docker.com/ee/centos/sub-2df29a12-742a-461b-893c-9c1aca7aa714/7/x86_64/stable-19.03/Packages/containerd.io-1.3.4-3.1.el7.x86_64.rpm https://storebits.docker.com/ee/centos/sub-2df29a12-742a-461b-893c-9c1aca7aa714/7/x86_64/stable-19.03/Packages/docker-ee-cli-19.03.12-3.el7.x86_64.rpm- detached mode: run as a background process
- linux system commands
docker container run centos:7 ping 8.8.8.8
docker container run --detach centos:7 ping 8.8.4.4
docker container run --detach --name opendnsping \
centos:7 ping 208.67.222.222
docker container run --detach --name pinggoogledns centos:7 ping 8.8.8.8- quiet option: only display numeric IDs
docker ps
docker container ls
docker container ls -a
docker container ls --all
docker container ls --all --quietdocker container rm --help
docker container ls --helpdocker container rm <container ID>
docker container rm --force <container ID>
docker container rm --force $(docker container ls --all --quiet)Container lifecycle
- run: container is in CREATED state
- start: container is in UP state
- stop: container is in EXITED state
docker container run -it centos:7 bash
[root@2b8de2ffdf85 /]# ls -l
[root@2b8de2ffdf85 /]# echo 'Hello there...' > test.txt
[root@2b8de2ffdf85 /]# ls -l | grep.test.txt- docker exec: Run a command in a running container
- docker top: Display the running processes of a container
- linux ps: Prints a list of currently running processes
docker container ls -a
docker container start <container ID>
docker container ls
docker container exec <container ID> ps -ef
docker container top <container ID>
docker container exec -it <container ID> bash- no-trunc option: see the entire container ID
- q: List only the container ID
- l: List the last container created
- filter: filter results
docker container ls -a --no-trunc
docker container ls -a -q
docker container ls -l
docker container ls -a --filter "exited=0"
docker container rm -f $(docker container ls -aq)- detached mode: run as a background process
docker container run centos:7 ping 127.0.0.1 -c 2
docker container run -d centos:7 ping 127.0.0.1
docker container logs <container ID>- attach mode: attach a terminal to a container’s PID 1 output
docker container attach <container ID>
docker container run -d -it centos:7 ping 127.0.0.1- tail: display to the last n lines
- f: piped in real time to the terminal
docker container logs --tail 5 <container ID>
docker container logs -f <container ID>docker container run -d centos:7 ping 8.8.8.8 docker container ls -l docker container stop docker container ls -a -l docker container start -a docker container kill
docker container start docker container inspect docker container inspect | grep IPAddress docker container inspect | grep Cmd docker container inspect --format='{{.Config.Cmd}}' docker container inspect --format='{{json .Config}}' | jq
docker start $(docker container ls -aq)
docker container ls -a
docker container ls -a --filter status=exited
docker container rm <container ID>
docker container ls -a
docker container rm -f <container ID>
docker container rm -f $(docker container ls -aq)docker container run -it centos:7 bash
[root@dfe86ed42be9 /]# yum install -y which wget
[root@dfe86ed42be9 /]# exit
docker container ls -a
docker container diff <container ID>docker container commit <container ID> myapp:1.0
docker image ls | grep myapp
docker container run -it myapp:1.0 bash
[root@2ecb80c76853 /]# which wget- List of container commands
- Getting started with containers
- Start containers automatically
- Limit a container's resources
- Keep containers alive during daemon downtime
- Isolate containers with a user namespace
- Intro to Windows Containers
- RUN executes command(s) in a new layer and creates a new image. E.g., it is often used for installing software packages.
Dockerfile
FROM centos:7
RUN yum update -y
RUN yum install -y wget
docker image build -t myimage .
docker container run -it myimage bash
[root@1d86d4093cce /]# wget example.com
[root@1d86d4093cce /]# cat index.html
[root@1d86d4093cce /]# exit
cat Dockerfile | docker image build -t myimage -f - .Dockerfile
FROM centos:7
RUN yum update -y
RUN yum install -y wget
RUN yum install -y vim
docker image build -t myimage .Dockerfile
FROM centos:7
RUN yum update -y
RUN yum install -y vim
RUN yum install -y wget
docker image build -t myimage .docker image history myimage:latest
docker image build -t myimage .
docker image history myimage:latestIMAGE CREATED CREATED BY SIZE COMMENT
e2429c9d83b3 36 hours ago /bin/sh -c yum install -y wget 92.2MB
610de53a1d62 36 hours ago /bin/sh -c yum install -y vim 147MB
8ed3e38b320f 37 hours ago /bin/sh -c yum update -y 91.5MB
7e6257c9f8d8 6 weeks ago /bin/sh -c #(nop) CMD ["/bin/bash"] 0B
<missing> 6 weeks ago /bin/sh -c #(nop) LABEL org.label-schema.sc… 0B
<missing> 6 weeks ago /bin/sh -c #(nop) ADD file:61908381d3142ffba… 203MB
Dockerfile
FROM centos:7
RUN yum update -y
RUN yum install -y wget vim
docker image build -t myimage .- CMD sets default command and/or parameters, which can be overwritten from command line when docker container runs.
- ENTRYPOINT configures a container that will run as an executable.
Dockerfile
FROM centos:7
RUN yum update -y
RUN yum install -y wget vim
CMD ["ping", "127.0.0.1", "-c", "5"]
docker image build -t myimage .
docker container run myimage
docker container run myimage echo "hello world"Dockerfile
FROM centos:7
RUN yum update -y
RUN yum install -y wget vim
ENTRYPOINT ["ping"]
docker image build -t myimage .
docker container run myimage
docker container run myimage 127.0.0.1Dockerfile
FROM centos:7
RUN yum update -y
RUN yum install -y wget vim
ENTRYPOINT ["ping", "-c", "3"]
CMD ["127.0.0.1"]
docker image build -t myimage .
docker container run myimage
docker container run myimage 8.8.8.8Dockerfile
FROM alpine:3.5
RUN apk update && \
apk add --update alpine-sdk
RUN mkdir /app
WORKDIR /app
COPY hello.c /app
RUN mkdir bin
RUN gcc -Wall hello.c -o bin/hello
CMD /app/bin/hello
docker image build -t my-app-large .
docker image ls | grep my-app-large
docker container run my-app-largeDockerfile
FROM alpine:3.5 AS build
RUN apk update && \
apk add --update alpine-sdk
RUN mkdir /app
WORKDIR /app
COPY hello.c /app
RUN mkdir bin
RUN gcc -Wall hello.c -o bin/hello
FROM alpine:3.5
COPY --from=build /app/bin/hello /app/hello
CMD /app/hello
docker image build -t my-app-small .
docker image ls | grep 'my-app-'
docker container run --rm my-app-smalldocker image build -t my-build-stage --target build .
docker image ls | grep 'my-build-stage'
docker container run -it --rm my-build-stage /app/bin/hellodocker image history my-app-large:latest
docker image history my-app-small:latest
docker image history my-build-stage:latestmy-app-large:latest
5584686e4f85 12 minutes ago /bin/sh -c #(nop) CMD ["/bin/sh" "-c" "/app… 0B
31a78f507531 12 minutes ago /bin/sh -c gcc -Wall hello.c -o bin/hello 10.6kB
5b2111e5495b 12 minutes ago /bin/sh -c mkdir bin 0B
4faff63a12e7 12 minutes ago /bin/sh -c #(nop) COPY file:1a97681366e8c1df… 81B
6a1e3d0606e6 12 minutes ago /bin/sh -c #(nop) WORKDIR /app 0B
d3cc5ab9096e 12 minutes ago /bin/sh -c mkdir /app 0B
200fda09a157 12 minutes ago /bin/sh -c apk update && apk add --update … 180MB
f80194ae2e0c 20 months ago /bin/sh -c #(nop) CMD ["/bin/sh"] 0B
<missing> 20 months ago /bin/sh -c #(nop) ADD file:84d23bb1bfe03587c… 4MB my-app-small:latest
6246fee1a37a 7 minutes ago /bin/sh -c #(nop) CMD ["/bin/sh" "-c" "/app… 0B
b635ee179c22 7 minutes ago /bin/sh -c #(nop) COPY file:e1bb5e4622dbf3b5… 10.6kB
f80194ae2e0c 20 months ago /bin/sh -c #(nop) CMD ["/bin/sh"] 0B
<missing> 20 months ago /bin/sh -c #(nop) ADD file:84d23bb1bfe03587c… 4MB my-build-stage:latest
31a78f507531 16 minutes ago /bin/sh -c gcc -Wall hello.c -o bin/hello 10.6kB
5b2111e5495b 16 minutes ago /bin/sh -c mkdir bin 0B
4faff63a12e7 16 minutes ago /bin/sh -c #(nop) COPY file:1a97681366e8c1df… 81B
6a1e3d0606e6 16 minutes ago /bin/sh -c #(nop) WORKDIR /app 0B
d3cc5ab9096e 16 minutes ago /bin/sh -c mkdir /app 0B
200fda09a157 16 minutes ago /bin/sh -c apk update && apk add --update … 180MB
f80194ae2e0c 20 months ago /bin/sh -c #(nop) CMD ["/bin/sh"] 0B
<missing> 20 months ago /bin/sh -c #(nop) ADD file:84d23bb1bfe03587c… 4MB Dockerfile
FROM alpine:3.8 AS build
RUN ["apk", "update"]
RUN ["apk", "add", "--update", "alpine-sdk"]
COPY sleep.c /
RUN ["gcc", "-static", "sleep.c", "-o", "sleep"]
FROM scratch
COPY --from=build /sleep /sleep
CMD ["/sleep"]
docker image build -t sleep:scratch .
docker image history sleep:scratch
docker image ls | grep scratch
docker container run --name sleeper -d sleep:scratch
docker container top sleeper
sudo ls /proc/<PID>/root
docker container rm -f sleeperIMAGE CREATED CREATED BY SIZE COMMENT
5fac24d124db 16 hours ago /bin/sh -c #(nop) CMD ["/sleep"] 0B
30098c0de8b3 16 hours ago /bin/sh -c #(nop) COPY file:de95a23743d7d1df… 128kB
FROM alpine:3.8 AS build
RUN ["apk", "update"]
RUN ["apk", "add", "--update", "alpine-sdk"]
COPY sleep.c /
RUN ["gcc", "-static", "sleep.c", "-o", "sleep"]
FROM scratch
COPY --from=build /sleep /sleep
CMD ["/sleep"]
FROM alpine:3.5 AS prod
RUN apk update
COPY --from=build /app/bin/hello /app/hello
CMD /app/hello
export DOCKER_BUILDKIT=1
docker image build --no-cache -t my-app-small-bk .
export DOCKER_BUILDKIT=0docker image pull centos:7
docker image tag centos:7 my-centos:dev
docker image ls -a | grep centosdocker image push my-centos:dev
docker image tag my-centos:dev <Docker ID>/my-centos:dev
docker image push <Docker ID>/my-centos:dev
docker image build -t <Docker ID>/my-centos:1.0 .
docker image rm my-centos:dev- Best practices for writing Dockerfiles
- Use multi-stage builds
- More about images, containers, and storage drivers
- Details on image layering
- Graphdriver plugins
- Docker Reference Architecture: An Intro to Storage Solutions for Docker CaaS
- How to select a storage driver
- Use the AUFS storage driver
- User guided caching in Docker
docker image pull postgres:9-alpine
docker image inspect postgres:9-alpine
docker container run --name some-postgres \
-v db_backing:/var/lib/postgresql/data \
-e POSTGRES_PASSWORD=password \
-d postgres:9-alpinedocker container exec -it some-postgres psql -U postgres
postgres=# CREATE TABLE PRODUCTS(PRICE FLOAT, NAME TEXT);
postgres=# INSERT INTO PRODUCTS VALUES('18.95', 'widget');
postgres=# INSERT INTO PRODUCTS VALUES('1.45', 'sprocket');
postgres=# SELECT * FROM PRODUCTS;
postgres=# \q
docker container rm -f some-postgres
docker container run \
--name some-postgres \
-v db_backing:/var/lib/postgresql/data \
-e POSTGRES_PASSWORD=password \
-d postgres:9-alpine
docker container exec -it some-postgres psql -U postgres
postgres=# SELECT * FROM PRODUCTS;Networking features in Docker Desktop for Mac
docker network ls
docker network inspect bridge
ip addr
sudo yum install bridge-utils
brctl show docker0NETWORK ID NAME DRIVER SCOPE
0d909ca6f3fa bridge bridge local
8e90fc700e0f host host local
6690bb85fa2c none null local
docker container run --name u1 -dt centos:7
docker network inspect bridge
ip addr
brctl show docker0
docker container exec -it u1 bash
[root@11da9b7db065 /]# yum install -y iproute
[root@11da9b7db065 /]# ip addr- u1: 172.17.0.2
docker network create --driver bridge my_bridge
docker container run --name=u2 --network=my_bridge -dt centos:7
docker container inspect u2
docker container run --name=u3 --network=my_bridge -it centos:7
[root@70bedd49293b /]# ping u2
docker container run centos:7 ping u1
docker network inspect bridge
docker container exec u2 ping <u1 IP>
docker container rm -f $(docker container ls -aq)
docker network rm my_bridgedocker container run -d nginx
docker container run -d -p 5000:80 nginx
docker container port <container id>docker image build -t my_nginx .
docker container run -d -P my_nginx
docker container ls -l
docker container rm -f $(docker container ls -aq)- Docker Reference Architecture: Designing Scalable, Portable Docker Container Networks
- Network containers
- Docker container networking
- Understand container communication
Each node is one docker host. Each node can be a manager / work. A Manager coordinate the traffic between all workers. A service is a image. A manager can involve a replica of a service in a worker node through a task. All nodes communicate through the overlay private network.
-
A Hands-On Guide to Container Orchestration With Docker Swarm
-
Docker Swarm Reference Architecture: Exploring Scalable, Portable Docker Container Networks
-
A three-manager swarm tolerates a maximum loss of one manager.
-
A five-manager swarm tolerates a maximum simultaneous loss of two manager nodes.
-
An N manager cluster tolerates the loss of at most (N-1)/2 managers.
-
Docker recommends a maximum of seven manager nodes for a swarm.
-
TCP port 2377 for cluster management communications
-
TCP and UDP port 7946 for communication among nodes
-
UDP port 4789 for overlay network traffic
docker swarm init
docker system info
docker node ls
docker swarm ca --rotate --cert-expiry 168h
sudo netstat -plunt | grep -E "2377|7946|4789"docker swarm leave -fdocker swarm join-token workerdocker node promote node-1 node-2
docker run -it -d -p 5000:8080 -v /var/run/docker.sock:/var/run/docker.sock dockersamples/visualizer
docker network create --driver overlay my_overlay
docker network inspect my_overlay
docker service create --name pinger \
--network my_overlay alpine ping 8.8.8.8
docker service ls
docker service ps pinger
docker service update pinger --replicas=3
docker network inspect my_overlay
docker service logs pingerdocker service rm $(docker service ls -q)docker service create --replicas 4 --name myProxy nginx
docker service ps myProxy
ID NAME IMAGE NODE DESIRED STATE CURRENT STATE ERROR PORTS
ywsk4x9f0029 myProxy.1 nginx:latest docker-desktop Running Running 27 seconds ago
mac3cltf1efr myProxy.2 nginx:latest docker-desktop Running Running 27 seconds ago
lodeq1bxbxwk myProxy.3 nginx:latest docker-desktop Running Running 27 seconds ago
izdjwq6ge3zj myProxy.4 nginx:latest docker-desktop Running Running 27 seconds ago
[centos@node-3 ~]$ sudo reboot nowdocker service update --force myProxydocker service rm $(docker service ls -q)docker service create --name compute-stress \
--replicas 4 \
--detach \
training/stress:3.0 --vm 2
docker stats
docker service rm compute-stress
docker service create --name compute-stress \
--replicas 4 \
--limit-cpu 1 \
--detach \
training/stress:3.0 --vm 2
docker stats
docker service rm compute-stress
docker service create --name compute-stress \
--replicas 4 \
--limit-cpu 1 \
--limit-memory 512M \
--detach \
training/stress:3.0 --vm 2 --vm-bytes 1024M
docker container ls -a
docker container inspect eac5f4c35142 | grep OOM
docker service rm compute-stress
docker service create --name compute-stress \
--replicas 4 \
--limit-cpu 1 \
--limit-memory 512M \
--reserve-memory 512M \
--detach \
training/stress:3.0 --vm 2 --vm-bytes 128M
docker service ps compute-stress
docker service update compute-stress --replicas=40 --detach
docker service ps compute-stress
docker inspect xf3xigecdfw8
docker service rm compute-stress- Global services are generally only appropriate for things that perform or monitor things related directly to node management
- eg. Log shipping or monitoring agents
docker service create --mode global \
--name my-global \
centos:7 ping 8.8.8.8
docker service ps my-global
docker service rm my-global
docker node update --label-add datacenter=east node-0
docker node update --label-add datacenter=east node-1
docker node update --label-add datacenter=west node-2
docker node update --label-add datacenter=west node-3
docker service create --replicas 4
--constraint node.labels.datacenter==east
--name east-deploy
centos:7 ping 8.8.8.8
docker service rm east-deploy
docker service create --replicas 4
--constraint node.role==worker
--name worker-only
centos:7 ping 8.8.8.8
docker service rm worker-only
docker service create --name my_proxy
--replicas=2 --publish 8000:80
--placement-pref spread=node.labels.datacenter
nginx
docker service ps my_proxy
docker service rm my_proxy
docker stack deploy -c mystack.yaml dbdemo
docker stack ls
docker service ls
docker stack rm dbdemodocker stack deploy -c mystack.yaml dbdemo
docker stack ps dbdemo
docker inspect <task ID> | grep ContainerID
docker container inspect <container ID> | grep POSTGRES
docker container exec -it <container ID> psql -U moby -d mydb
mydb=# \du
mydb=# \qdocker stack deploy -c mystack.yaml dbdemo
docker config ls
docker config inspect --pretty <config ID>
docker container exec -it <container ID> psql -U moby -d mydb
mydb=# \qdocker secret create password ./mypassword
rm mypassword
docker secret inspect passwordInternal / Stateless
nano net-demo.yaml
docker stack deploy -c net-demo.yaml netstack
docker stack ps netstack
[centos@node-3 ~]$ docker container ls
[centos@node-3 ~]$ docker container exec -it <container ID> bash
[root@0e3c8b8e8183 /]# curl destination:8000
I'm 00b4c2dc162b (node-1 container ID)
[root@0e3c8b8e8183 /]# curl destination:8000
I'm 6d23fb652e03 (node-2 container ID)
[root@0e3c8b8e8183 /]# curl destination:8000
I'm 8340c6f8fa4a (node-0 container ID)
[root@0e3c8b8e8183 /]# curl destination:8000
I'm 00b4c2dc162b (node-1 container ID)
[root@3047dbb47a7a /]# sudo yum install -y bind-utils
[root@3047dbb47a7a /]# nslookup destination
[root@3047dbb47a7a /]# exit
docker stack rm netstack
ID NAME IMAGE NODE DESIRED STATE CURRENT STATE ERROR PORTS
xz3g0dmv6waa netstack_destination.1 training/whoami:latest node-0 Running Running 48 seconds ago
izhil4mrnwh0 netstack_origin.1 centos:7 node-3 Running Running 50 seconds ago
y0aiarrr7zyj netstack_destination.2 training/whoami:latest node-1 Running Running 47 seconds ago
c1au2266t9wb netstack_destination.3 training/whoami:latest node-2 Running Running 48 seconds ago
External / Stateless
docker stack deploy -c mesh.yaml mesh
curl <any node IP>:8080
docker stack rm mesh
git clone -b ee3.0 \
https://github.com/docker-training/orchestration-workshop.git
cd ~/orchestration-workshop/dockercoins
docker stack deploy -c docker-compose.yml dockercoins
Modify docker-compose.yml
worker:
image: training/dockercoins-worker:1.0 networks:
- dockercoins
deploy:
replicas: 2
docker stack deploy -c docker-compose.yml dockercoins
httping -c 5 localhost:8001
httping -c 5 localhost:8002Modify docker-compose.yml
rng:
image: training/dockercoins-rng:1.0 networks:
- dockercoins
ports:
- "8001:80"
deploy:
mode: global
docker stack rm dockercoins
docker stack deploy -c=docker-compose.yml dockercoinsModify worker.py
def work_once():
log.debug("Doing one unit of work") time.sleep(0.1)
docker image build -t <Docker ID>/dockercoins-worker:1.1 .
docker image push <Docker ID>/dockercoins-worker:1.1Modify docker-compose.yml
worker:
image: <Docker ID>/dockercoins-worker:1.1
networks:
- dockercoins
docker stack deploy -c='docker-compose.yml' dockercoinsModify docker-compose.yml
worker:
image: training/dockercoins-worker:1.0 networks:
- dockercoins
deploy:
replicas: 10
update_config:
parallelism: 2
delay: 5s
docker stack deploy -c='docker-compose.yml' dockercoins
[centos@node-1 ~]$ watch -n1 "docker service ps dockercoins_worker \
| grep -v Shutdown.*Shutdown"Modify docker-compose.yml
worker:
image: training/dockercoins-worker:1.0
networks:
- dockercoins
deploy:
replicas: 10
update_config:
parallelism: 2
delay: 5s
failure_action: rollback
max_failure_ratio: 0.2
monitor: 20s
docker stack deploy -c=docker-compose.yml dockercoins
docker image build -t <Docker ID>/dockercoins-worker:bugged .
docker image push <Docker ID>/dockercoins-worker:buggedModify docker-compose.yml
worker:
image: training/dockercoins-worker:bugged
networks:
- dockercoins
deploy:
replicas: 10
update_config:
parallelism: 2
delay: 5s
failure_action: rollback
max_failure_ratio: 0.2
monitor: 20s
docker stack rm dockercoinssudo kubeadm init --pod-network-cidr=192.168.0.0/16 \
--ignore-preflight-errors=SystemVerification
sudo kubeadm token create --print-join-command
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
kubectl get nodes
kubectl apply -f https://bit.ly/2KHCEgO
kubectl get nodes -w
[centos@node-1 ~]$ sudo kubeadm join ... --ignore-preflight-errors=SystemVerification
[centos@node-2 ~]$ sudo kubeadm join ... --ignore-preflight-errors=SystemVerification
kubectl get nodes
kubectl apply -f "https://cloud.weave.works/k8s/net?k8s-version=$(kubectl version | base64 | tr -d '\n')"
kubectl get pods -n kube-system
kubectl get po -A
kubectl create -f pod.yaml
kubectl get pod demo
kubectl describe pod demo
kubectl delete pod demo
kubectl create -f pod.yaml
kubectl exec -c=sidecar -it demo -- /bin/bash
[root@demo /]# curl localhost:80
[root@demo /]# ps -aux
[root@demo /]# ps -auwx
[root@demo /]# exit
kubectl delete pod demokubectl create -f replicaset.yaml
kubectl describe replicaset rs-demo
kubectl delete pod <pod name>
kubectl describe replicaset rs-demo
kubectl delete replicaset rs-demonano deployment.yaml
less deployment.yaml
kubectl create -f deployment.yaml
kubectl describe deployment nginx-deployment
kubectl get replicaSet
kubectl set image deployment/nginx-deployment nginx=nginx:1.9.1
kubectl get replicaSets
kubectl delete deployment nginx-deploymentkubectl create configmap dbconfig --from-env-file=env-config
kubectl get configmap dbconfig -o yaml
kubectl create -f postgres.yaml
kubectl describe pod dbdemo
kubectl exec -it -c pg dbdemo -- psql -U moby -d mydb
mydb=# \du
mydb=# \q
kubectl delete -f postgres.yaml
kubectl create configmap dbinit --from-file=db-init.sh
kubectl create -f postgres.yaml
kubectl exec -it -c pg dbdemo -- psql -U moby -d mydb
mydb=# SELECT * FROM products;
mydb=# \q
kubectl delete -f postgres.yamlkubectl create -f secret.yaml
kubectl create -f postgres.yaml
kubectl exec -it -c pg dbdemo -- env | grep POSTGRES
kubectl get secret postgres-pwd -o yaml
kubectl delete pod dbdemo
kubectl delete configmap dbconfig
kubectl delete configmap dbinit
kubectl delete secret postgres-pwdkubectl create -f deployment.yaml
kubectl get pods
kubectl describe pods <pod name>
ip route
curl <pod IP>:80
[centos@node-2 ~]$ ip route
kubectl logs <pod name>kubectl create -f cluster.yaml
kubectl get services
curl <nginx CLUSTER-IP>:8080
kubectl create -f nodeport.yaml
kubectl describe service nodeport-demo
kubectl delete deployment nginx-deployment
kubectl delete service cluster-demo
kubectl delete service nodeport-demokubectl create deployment redis --image=redis
for DEPLOYMENT in hasher rng webui worker; do
kubectl create deployment $DEPLOYMENT \
--image=training/dockercoins-${DEPLOYMENT}:1.0
done
kubectl get pods -o wide -w
kubectl logs deploy/rng
kubectl logs deploy/worker
kubectl get services
kubectl expose deployment redis --port 6379
kubectl expose deployment rng --port 80
kubectl expose deployment hasher --port 80
kubectl get services
kubectl logs deploy/worker
kubectl expose deploy/webui --type=NodePort --port 80
http://<node IP>:<port>
kubectl scale deploy/worker --replicas=10
kubectl get deploy/rng -o yaml --export > deploy-rng.yaml
kubectl apply -f deploy-rng.yaml
kubectl get daemonset
kubectl delete deploy/rng
for D in redis hasher rng webui; \
do kubectl delete svc/$D; done
for D in redis hasher webui worker; \
do kubectl delete deploy/$D; done
kubectl delete ds/rng
kubectl get alldocker system df
docker system prune
docker system df
docker container run --label apple --name fuji -d alpine
docker container run --label orange --name clementine -d alpine
docker container ls -a
docker container prune --filter 'label=apple'
docker container ls -a
TIMESTAMP=$(date --rfc-3339=seconds | sed 's/ /T/')
docker container run --label tomato --name beefsteak -d alpine
docker container prune -f --filter "until=$TIMESTAMP"
docker container ls -adocker system infodocker system events
<!-- Open a second connection -->
docker container run --rm alpine echo 'Hello World!'
docker system events --format '--> {{.Type}}-{{.Action}}'
docker system events --format '{{json .}}' | jqdocker plugin install vieux/sshfs
docker plugin lsPlugin "vieux/sshfs" is requesting the following privileges:
- network: [host]
- mount: [/var/lib/docker/plugins/]
- mount: []
- device: [/dev/fuse]
- capabilities: [CAP_SYS_ADMIN]
docker plugin disable vieux/sshfs
docker plugin ls
docker plugin enable vieux/sshfs
docker plugin lsdocker plugin inspect vieux/sshfs
docker plugin disable vieux/sshfs
docker plugin set vieux/sshfs DEBUG=1
docker plugin enable vieux/sshfs
docker plugin inspect vieux/sshfs[centos@node-1 ~]$ mkdir ~/demo
docker volume create -d vieux/sshfs \
-o [email protected]:/home/centos/demo \
-o password=skills0921 \
sshvolume
docker volume ls
docker container run --rm -it -v sshvolume:/data alpine sh
docker container exec -it a56cba756409 sh
/ # cd /data
/ # echo 'Hello from client!' > demo.txt / # ls -al
[centos@node-1 ~] cd demo
[centos@node-1 ~] lsdocker volume rm sshvolume
docker plugin disable vieux/sshfs
docker plugin rm vieux/sshfsCompose file version 3 reference
sudo curl -L "https://github.com/docker/compose/releases/download/1.27.3/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-composegit clone -b ee3.0 \
https://github.com/docker-training/orchestration-workshop.git
cd orchestration-workshop/dockercoinsdocker-compose up
docker-compose up -d
docker-compose psdocker-compose logs
docker-compose logs --tail 10 --followdocker-compose ps
docker-compose up -d --scale worker=2
docker-compose psdocker-compose up -d --scale worker=10
docker-compose ps
httping -c 5 localhost:8001
httping -c 5 localhost:8002
docker-compose down
React
Typescript
Django
Laravel
Facebook
Microsoft
Google
Alibaba
D3
Tencent