Docker: Difference between revisions

From Bitpost wiki
No edit summary
Line 2: Line 2:


Keith: Alpine is a stripped down linux distro.  Need to learn about how to handle persistent volumes, container secrets (don't put in container, but it can prompt for things).  Dockerfile -v (volume).  Container should output to stdin/out, then host can manage logging.  Terraform can build your arch (can use a proxmox template), ansible is great for actual tasks.  GCP has managed kubernetes (wait until you understand why you need it).  Check out hashicorp vault FOSS version for awesome secret storage that is docker-compatible.
Keith: Alpine is a stripped down linux distro.  Need to learn about how to handle persistent volumes, container secrets (don't put in container, but it can prompt for things).  Dockerfile -v (volume).  Container should output to stdin/out, then host can manage logging.  Terraform can build your arch (can use a proxmox template), ansible is great for actual tasks.  GCP has managed kubernetes (wait until you understand why you need it).  Check out hashicorp vault FOSS version for awesome secret storage that is docker-compatible.
=== Commands ===
* show containers in a nice format (you can also add this as default, in ~/.docker/config.json):
docker ps -a --format 'table {{.ID}}\t{{.Status}} \t{{.Names}}\t{{.Command}}'
docker ps -a --format 'table {{.ID}}\t{{.Status}} \t{{.Names}}\t{{.Command}}' | grep #mycontainer#


=== Install ===
=== Install ===
Line 16: Line 21:
</pre>
</pre>


=== Node container ===
=== Containers ===
 
==== alpine ====
Alpine is the best TINY base linux container.  But it runs BusyBox and musl so many things (nvm, meteor) won't work (at least without a TON of effort).
 
Here's a good starting point but remember meteor won't work:
 
<pre>
FROM alpine/git
RUN apk --update add curl bash tar sudo npm
SHELL ["/bin/bash", "-c"]
 
ENV NEWUSER='esauto'
RUN adduser -g "$NEWUSER" -D -s /bin/bash $NEWUSER \
&& echo "$NEWUSER ALL=(ALL) ALL" > /etc/sudoers.d/$NEWUSER && chmod 0440 /etc/sudoers.d/$NEWUSER
 
USER esauto
WORKDIR /home/esauto
 
COPY --chown=esauto es-platform /home/esauto/es-platform
COPY --chown=esauto es-config /home/esauto/es-config
 
RUN npm install -g meteor
 
EXPOSE 3000
CMD [ "es", "run" ]
</pre>
 
==== Node container ====
* Install a node container.  The official node one is HUGE (1GB), the alpine one is relatively tiny.  See the list [https://hub.docker.com/_/node here.]
* Install a node container.  The official node one is HUGE (1GB), the alpine one is relatively tiny.  See the list [https://hub.docker.com/_/node here.]
<pre>
<pre>
Line 48: Line 81:
CMD [ "es r" ]
CMD [ "es r" ]
</pre>
</pre>
=== Commands ===
* show containers in a nice format (you can also add this as default, in ~/.docker/config.json):
docker ps -a --format 'table {{.ID}}\t{{.Status}} \t{{.Names}}\t{{.Command}}'
docker ps -a --format 'table {{.ID}}\t{{.Status}} \t{{.Names}}\t{{.Command}}' | grep #mycontainer#

Revision as of 20:07, 18 January 2022

Thanks Keith for the intro!

Keith: Alpine is a stripped down linux distro. Need to learn about how to handle persistent volumes, container secrets (don't put in container, but it can prompt for things). Dockerfile -v (volume). Container should output to stdin/out, then host can manage logging. Terraform can build your arch (can use a proxmox template), ansible is great for actual tasks. GCP has managed kubernetes (wait until you understand why you need it). Check out hashicorp vault FOSS version for awesome secret storage that is docker-compatible.

Commands

  • show containers in a nice format (you can also add this as default, in ~/.docker/config.json):
docker ps -a --format 'table Template:.ID\tTemplate:.Status \tTemplate:.Names\tTemplate:.Command'
docker ps -a --format 'table Template:.ID\tTemplate:.Status \tTemplate:.Names\tTemplate:.Command' | grep #mycontainer#

Install

sudo apt-get install apt-transport-https ca-certificates curl gnupg lsb-release
echo   "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu \
   $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt update && sudo apt-get install docker-ce docker-ce-cli containerd.io
sudo docker run hello-world
sudo docker container ls -all # to see previous run-and-teardown
sudo usermod -aG docker m # to add m to docker group for complete access, no more need for [sudo docker]

Containers

alpine

Alpine is the best TINY base linux container. But it runs BusyBox and musl so many things (nvm, meteor) won't work (at least without a TON of effort).

Here's a good starting point but remember meteor won't work:

FROM alpine/git
RUN apk --update add curl bash tar sudo npm 
SHELL ["/bin/bash", "-c"]

ENV NEWUSER='esauto'
RUN adduser -g "$NEWUSER" -D -s /bin/bash $NEWUSER \
&& echo "$NEWUSER ALL=(ALL) ALL" > /etc/sudoers.d/$NEWUSER && chmod 0440 /etc/sudoers.d/$NEWUSER

USER esauto
WORKDIR /home/esauto

COPY --chown=esauto es-platform /home/esauto/es-platform
COPY --chown=esauto es-config /home/esauto/es-config

RUN npm install -g meteor

EXPOSE 3000
CMD [ "es", "run" ]

Node container

  • Install a node container. The official node one is HUGE (1GB), the alpine one is relatively tiny. See the list here.
docker pull node
docker image pull node:current-alpine3.11
# details: https://github.com/nodejs/docker-node/blob/8d77359e4f20c45829f7d7399b76a5eb99eff4da/16/alpine3.11/Dockerfile
docker image ls
docker run -it node
Ctrl-D
docker image ls

More examples

  • Example dockerfile for nextcloud
  • MDMDockerfile attempt one
m@matryoshka:~$ cat MDMDockerfile
FROM node:current-alpine3.11

RUN curl https://install.meteor.com/ | sh
&& mkdir -p development
&& cd development
&& git clone es-platform
&& cd /home/m/development/es-platform
&& meteor npm install
&& cd /home/m/development/es-config/scripts/node/es
&& npm install -g

COPY docker-entrypoint.sh /usr/local/bin/
ENTRYPOINT ["docker-entrypoint.sh"]

CMD [ "es r" ]