Docker: Difference between revisions

From Bitpost wiki
Line 30: Line 30:


=== Containers ===
=== Containers ===
Find nirvana [https://hub.docker.com/ here.]


==== alpine ====
==== alpine ====
Line 41: Line 43:
SHELL ["/bin/bash", "-c"]
SHELL ["/bin/bash", "-c"]


ENV NEWUSER='esauto'
ENV NEWUSER='m'
RUN adduser -g "$NEWUSER" -D -s /bin/bash $NEWUSER \
RUN adduser -g "$NEWUSER" -D -s /bin/bash $NEWUSER \
&& echo "$NEWUSER ALL=(ALL) ALL" > /etc/sudoers.d/$NEWUSER && chmod 0440 /etc/sudoers.d/$NEWUSER
&& echo "$NEWUSER ALL=(ALL) ALL" > /etc/sudoers.d/$NEWUSER && chmod 0440 /etc/sudoers.d/$NEWUSER


USER esauto
USER m
WORKDIR /home/esauto
WORKDIR /home/m


COPY --chown=esauto es-platform /home/esauto/es-platform
COPY --chown=m my-code /home/m/my-code
COPY --chown=esauto es-config /home/esauto/es-config


RUN npm install -g meteor
RUN npm install -g whatevah


EXPOSE 3000
EXPOSE 3000
CMD [ "es", "run" ]
CMD [ "my_app", "param1" ]
</pre>
</pre>
==== Debian slim ====
Debian slim containers are much smaller than standard installs.  They are stripped of things like documentation.  A good choice for anything that needs a full linux kernel and C++ stack.


==== Node container ====
==== Node container ====
* Install a node container.  The official node one is HUGE (1GB), the alpine one is relatively tiny.  See the list [https://hub.docker.com/_/node here.]
The official node container is HUGE (1GB), the alpine one is relatively tiny.  See the list [https://hub.docker.com/_/node here.]
<pre>
<pre>
docker pull node
docker pull node
Line 68: Line 73:
docker image ls
docker image ls
</pre>
</pre>
=== More examples ===
=== More examples ===
* Example dockerfile for [https://hub.docker.com/r/linuxserver/nextcloud nextcloud]
* Example dockerfile for [https://hub.docker.com/r/linuxserver/nextcloud nextcloud]

Revision as of 20:25, 18 January 2022

Thanks Keith for the intro!

Keith: Alpine is a stripped down linux distro. Need to learn about how to handle persistent volumes, container secrets (don't put in container, but it can prompt for things). Dockerfile -v (volume). Container should output to stdin/out, then host can manage logging. Terraform can build your arch (can use a proxmox template), ansible is great for actual tasks. GCP has managed kubernetes (wait until you understand why you need it). Check out hashicorp vault FOSS version for awesome secret storage that is docker-compatible.

Commands

  • show containers in a nice format (you can also add this as default, in ~/.docker/config.json):
docker ps -a --format 'table Template:.ID\tTemplate:.Status \tTemplate:.Names\tTemplate:.Command'
docker ps -a --format 'table Template:.ID\tTemplate:.Status \tTemplate:.Names\tTemplate:.Command' | grep #mycontainer#

Install

Install docker

sudo apt-get install apt-transport-https ca-certificates curl gnupg lsb-release
echo   "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu \
   $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt update && sudo apt-get install docker-ce docker-ce-cli containerd.io
sudo docker run hello-world
sudo docker container ls -all # to see previous run-and-teardown
sudo usermod -aG docker m # to add m to docker group for complete access, no more need for [sudo docker]

Proxmox CPU config

Some images (like Meteor 5.0) require more-advanced CPU capabilities than Proxmox grants by default. Specifically, Mongo 5.0 requires AVX cpu instructions. To enable them: 

Proxmox > VM > Edit > Processor > Type: "host"

Note that my Proxmox docker VM is called matryoshka.

Containers

Find nirvana here.

alpine

Alpine is the best TINY base linux container. But it runs BusyBox and musl so many things (nvm, meteor) won't work (at least without a TON of effort).

Here's a good starting point but remember meteor won't work: 

FROM alpine/git
RUN apk --update add curl bash tar sudo npm 
SHELL ["/bin/bash", "-c"]

ENV NEWUSER='m'
RUN adduser -g "$NEWUSER" -D -s /bin/bash $NEWUSER \
&& echo "$NEWUSER ALL=(ALL) ALL" > /etc/sudoers.d/$NEWUSER && chmod 0440 /etc/sudoers.d/$NEWUSER

USER m
WORKDIR /home/m

COPY --chown=m my-code /home/m/my-code

RUN npm install -g whatevah

EXPOSE 3000
CMD [ "my_app", "param1" ]

Debian slim

Debian slim containers are much smaller than standard installs. They are stripped of things like documentation. A good choice for anything that needs a full linux kernel and C++ stack.

Node container

The official node container is HUGE (1GB), the alpine one is relatively tiny. See the list here. 

docker pull node
docker image pull node:current-alpine3.11
# details: https://github.com/nodejs/docker-node/blob/8d77359e4f20c45829f7d7399b76a5eb99eff4da/16/alpine3.11/Dockerfile
docker image ls
docker run -it node
Ctrl-D
docker image ls

More examples

  • Example dockerfile for nextcloud
  • MDMDockerfile attempt one
m@matryoshka:~$ cat MDMDockerfile
FROM node:current-alpine3.11

RUN curl https://install.meteor.com/ | sh
&& mkdir -p development
&& cd development
&& git clone es-platform
&& cd /home/m/development/es-platform
&& meteor npm install
&& cd /home/m/development/es-config/scripts/node/es
&& npm install -g

COPY docker-entrypoint.sh /usr/local/bin/
ENTRYPOINT ["docker-entrypoint.sh"]

CMD [ "es r" ]
Retrieved from "https://bitpost.com/w/index.php?title=Docker&oldid=6394"