Docker: Difference between revisions

From Bitpost wiki
No edit summary
Line 26: Line 26:


Find nirvana [https://hub.docker.com/search?type=image here.]
Find nirvana [https://hub.docker.com/search?type=image here.]
==== Debian slim ====
Debian slim containers are much smaller than standard installs.  They are stripped of things like documentation.  A good choice for anything that needs a full linux kernel and C++ stack.
==== Node ====
The official node container is HUGE (1GB), the alpine one is relatively tiny.  See the list [https://hub.docker.com/_/node here.]
<pre>
docker pull node
docker image pull node:current-alpine3.11
# details: https://github.com/nodejs/docker-node/blob/8d77359e4f20c45829f7d7399b76a5eb99eff4da/16/alpine3.11/Dockerfile
docker image ls
docker run -it node
Ctrl-D
docker image ls
</pre>


==== alpine ====
==== alpine ====
Alpine is the best TINY base linux container.  But it runs BusyBox and musl so many things (nvm, meteor) won't work (at least without a TON of effort).
Alpine is the best TINY base linux container.  But it runs BusyBox and musl so many things (nvm, meteor) won't work (at least without a TON of effort).


Here's a good starting point but remember meteor won't work:
===== Node on alpine =====
 
Here's a good starting point for a node app, but remember meteor won't work:


<pre>
<pre>
Line 50: Line 69:
EXPOSE 3000
EXPOSE 3000
CMD [ "my_app", "param1" ]
CMD [ "my_app", "param1" ]
</pre>
==== Debian slim ====
Debian slim containers are much smaller than standard installs.  They are stripped of things like documentation.  A good choice for anything that needs a full linux kernel and C++ stack.
==== Node container ====
The official node container is HUGE (1GB), the alpine one is relatively tiny.  See the list [https://hub.docker.com/_/node here.]
<pre>
docker pull node
docker image pull node:current-alpine3.11
# details: https://github.com/nodejs/docker-node/blob/8d77359e4f20c45829f7d7399b76a5eb99eff4da/16/alpine3.11/Dockerfile
docker image ls
docker run -it node
Ctrl-D
docker image ls
</pre>
</pre>



Revision as of 21:12, 18 January 2022

Thanks Keith for the intro!

Keith: Alpine is a stripped down linux distro. Need to learn about how to handle persistent volumes, container secrets (don't put in container, but it can prompt for things). Dockerfile -v (volume). Container should output to stdin/out, then host can manage logging. Terraform can build your arch (can use a proxmox template), ansible is great for actual tasks. GCP has managed kubernetes (wait until you understand why you need it). Check out hashicorp vault FOSS version for awesome secret storage that is docker-compatible.

Commands

docker build -t name .            # builds an image from curr dir Dockerfile
docker images                     # lists images
docker run --name cont-name image # to create and start a container from an image, which you can then stop and start
                                  # Ctrl-C to stop it, or use -d to run detached - BTW... WHAT A SHITTY USE OF THE WORD "RUN"
docker ps                         # to see what containers are running
docker ps -a                      # to see what containers are running (including recently stopped containers)
docker start|stop name            # to start/stop a container
docker rm name                    # to remove a stopped container
docker container prune            # to remove all stopped containers
docker images                     # lists images
docker rmi REPOSITORY/TAG         # to remove an image
docker image prune                # remove all dangling images

docker push|pull                  # push to / pull from hub.docker.com (for subsequent pull elsewhere!)
  • show containers in a nice format (you can also add this as default, in ~/.docker/config.json):
docker ps -a --format 'table Template:.ID\tTemplate:.Status \tTemplate:.Names\tTemplate:.Command'
docker ps -a --format 'table Template:.ID\tTemplate:.Status \tTemplate:.Names\tTemplate:.Command' | grep #mycontainer#

Containers

Find nirvana here.

Debian slim

Debian slim containers are much smaller than standard installs. They are stripped of things like documentation. A good choice for anything that needs a full linux kernel and C++ stack.

Node

The official node container is HUGE (1GB), the alpine one is relatively tiny. See the list here.

docker pull node
docker image pull node:current-alpine3.11
# details: https://github.com/nodejs/docker-node/blob/8d77359e4f20c45829f7d7399b76a5eb99eff4da/16/alpine3.11/Dockerfile
docker image ls
docker run -it node
Ctrl-D
docker image ls

alpine

Alpine is the best TINY base linux container. But it runs BusyBox and musl so many things (nvm, meteor) won't work (at least without a TON of effort).

Node on alpine

Here's a good starting point for a node app, but remember meteor won't work:

FROM alpine/git
RUN apk --update add curl bash tar sudo npm 
SHELL ["/bin/bash", "-c"]

ENV NEWUSER='m'
RUN adduser -g "$NEWUSER" -D -s /bin/bash $NEWUSER \
&& echo "$NEWUSER ALL=(ALL) ALL" > /etc/sudoers.d/$NEWUSER && chmod 0440 /etc/sudoers.d/$NEWUSER

USER m
WORKDIR /home/m

COPY --chown=m my-code /home/m/my-code

RUN npm install -g whatevah

EXPOSE 3000
CMD [ "my_app", "param1" ]

More examples

Install

Install docker

sudo apt-get install apt-transport-https ca-certificates curl gnupg lsb-release
echo   "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu \
   $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt update && sudo apt-get install docker-ce docker-ce-cli containerd.io
sudo docker run hello-world
sudo docker container ls -all # to see previous run-and-teardown
sudo usermod -aG docker m # to add m to docker group for complete access, no more need for [sudo docker]

Proxmox CPU config

Some images (like Meteor 5.0) require more-advanced CPU capabilities than Proxmox grants by default. Specifically, Mongo 5.0 requires AVX cpu instructions. To enable them:

Proxmox > VM > Edit > Processor > Type: "host"

Note that my Proxmox docker VM is called matryoshka.