Docker/Basics: Difference between revisions
From charlesreid1
| Line 201: | Line 201: | ||
===Httpd container: bind to public host port=== | |||
Note: the httpd container uses port 80 internally by default. | |||
If you are running a host server available at the IP address 192.168.0.10, and you want the docker container's service to be available at port 8000 for other machines that are on the 192.168.0.* network, you can bind the docker container to that IP and port when you spin it up. | |||
Map the internal port 80 (for the docker container) map to the public IP address port of choice on the host machine. | |||
If your host is at the IP 192.168.0.10: | |||
<pre> | |||
$ docker run -p 192.168.0.10:8000:80 -it httpd | |||
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.17.0.12. Set the 'ServerName' directive globally to suppress this message | |||
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.17.0.12. Set the 'ServerName' directive globally to suppress this message | |||
[Fri Mar 24 05:50:51.400325 2017] [mpm_event:notice] [pid 1:tid 140701557254016] AH00489: Apache/2.4.25 (Unix) configured -- resuming normal operations | |||
[Fri Mar 24 05:50:51.400737 2017] [core:notice] [pid 1:tid 140701557254016] AH00094: Command line: 'httpd -D FOREGROUND' | |||
100.200.155.18 - - [24/Mar/2017:05:50:53 +0000] "GET / HTTP/1.1" 200 45 | |||
100.200.155.18 - - [24/Mar/2017:05:50:53 +0000] "GET /favicon.ico HTTP/1.1" 404 209 | |||
</pre> | |||
This makes the service publicly available using the server's IP, and specifying port 8000. | |||
[[Image:DockerHttpdPublicPort.png|300px]] | |||
Revision as of 05:57, 24 March 2017
Filesystem basics
Working directory
You can set the working directory using the -w flag:
$ docker run -w /path/to/dir/ -i -t ubuntu pwd
Volumes
You can set storage drive options using storage opt fllag:
$ docker run -it --storage-opt size=120G fedora /bin/bash
You can also mount external (your machine) drives/folders inside the Docker container:
$ docker run \ -v `pwd`:`pwd` \ -w `pwd` \ -i -t ubuntu pwd
The -v flag mounts the current working directory into the container. The -w lets the command being executed inside the current working directory, by changing into the directory to the value returned by pwd. So this combination executes the command using the container, but inside the current working directory.
Docker creates any folders on your machine if they don't exist, before it spins up the docker container:
$ docker run -v /doesnt/exist:/foo -w /foo -i -t ubuntu bash
Read only control can be set on volumes as well: --read-only flag.
$ docker run -t -i -v /var/run/docker.sock:/var/run/docker.sock -v /path/to/static-docker-binary:/usr/bin/docker busybox sh
The--read-onlyflag mounts the container’s root filesystem as read only prohibiting writes to locations other than the specified volumes for the container.
Instances
Listing all/running containers
To list containers that are currently running:
$ docker ps
To list all containers that have been run:
$ docker ps -a
If, for example, I run the docker hello world app, it will print a hello world message and then shut down:
$ docker run hello-world
Hello from Docker!
This message shows that your installation appears to be working correctly.
To generate this message, Docker took the following steps:
1. The Docker client contacted the Docker daemon.
2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
3. The Docker daemon created a new container from that image which runs the
executable that produces the output you are currently reading.
4. The Docker daemon streamed that output to the Docker client, which sent it
to your terminal.
To try something more ambitious, you can run an Ubuntu container with:
$ docker run -it ubuntu bash
Share images, automate workflows, and more with a free Docker ID:
https://cloud.docker.com/
For more examples and ideas, visit:
https://docs.docker.com/engine/userguide/
Now, if I run the ps command to list running containers, it will not show up, because it shut down when it was finished printing its message. But if I run the ps -a command, I will see when it ran and what it was called:
charles @ rojo via 104.200.154.88 [ 2017-03-24 - 05:17:03 - 57 ] ~ $ docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES charles @ rojo via 104.200.154.88 [ 2017-03-24 - 05:18:26 - 58 ] ~ $ docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES d6a0776634d4 hello-world:latest "/hello" About a minute ago Exited (0) About a minute ago cranky_blackwell
Note that cranky_blackwell is just an autogenerated name from docker, since we didn't specify a name. We could have used the --name flag:
$ docker run --name my_uncreative_name hello-world
Hello from Docker!
This message shows that your installation appears to be working correctly.
To generate this message, Docker took the following steps:
1. The Docker client contacted the Docker daemon.
2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
3. The Docker daemon created a new container from that image which runs the
executable that produces the output you are currently reading.
4. The Docker daemon streamed that output to the Docker client, which sent it
to your terminal.
To try something more ambitious, you can run an Ubuntu container with:
$ docker run -it ubuntu bash
Share images, automate workflows, and more with a free Docker ID:
https://cloud.docker.com/
For more examples and ideas, visit:
https://docs.docker.com/engine/userguide/
$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
48d33ae27050 hello-world:latest "/hello" 31 seconds ago Exited (0) 30 seconds ago my_uncreative_name
d6a0776634d4 hello-world:latest "/hello" 3 minutes ago Exited (0) 3 minutes ago cranky_blackwell
Networking and Ports
Networks
To connect a container to a network when starting, use --network=MYNETWORK:
$ docker run -itd --network=wlan0 ubuntu $ docker run -itd --network=wlan0 --ip=192.168.0.101 ubuntu
Httpd container: automatic network interface creation
If you don't specify a network interface for a container that provides a network service, e.g., Apache httpd,
$ docker run httpd AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.17.0.7. Set the 'ServerName' directive globally to suppress this message AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.17.0.7. Set the 'ServerName' directive globally to suppress this message [Fri Mar 24 05:37:18.878881 2017] [mpm_event:notice] [pid 1:tid 140136493913984] AH00489: Apache/2.4.25 (Unix) configured -- resuming normal operations [Fri Mar 24 05:37:18.879282 2017] [core:notice] [pid 1:tid 140136493913984] AH00094: Command line: 'httpd -D FOREGROUND'
it will actually create a brand new networking interface with the IP address 172.17.0.7, available at the device docker0:
$ ifconfig docker0
docker0 Link encap:Ethernet HWaddr 02:42:a1:02:56:a7
inet addr:172.17.0.1 Bcast:0.0.0.0 Mask:255.255.0.0
inet6 addr: fe80::42:a1ff:fe02:56a7/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:22 errors:0 dropped:0 overruns:0 frame:0
TX packets:3 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1536 (1.5 KB) TX bytes:258 (258.0 B)
Httpd container: bind to private, local host port
Use the above method - this creates a subnet with just you and the docker machine on the network.
Ports
Internal and External Ports
The way that the docker container works is, it's a tiny virtual Linux box. This means there is an internal port scheme, as well as a separate host port scheme. When you run containers, their ports can be connected to the host's ports, and therefore be made available externally.
Exposing Ports
If you want to bind the container's CONTAINER_PORT to the host's HOST_PORT on HOST_IP of the host machine (e.g., 127.0.0.1), use the syntax:
docker run -p HOST_IP:HOST_PORT:CONTAINER_PORT docker run -p 127.0.0.1:80:8080 ubuntu bash
This binds port 8080 of the container to port 80 on 127.0.0.1 of the host machine. The Docker User Guide explains in detail how to manipulate ports in Docker.
Httpd container: bind to public host port
Note: the httpd container uses port 80 internally by default.
If you are running a host server available at the IP address 192.168.0.10, and you want the docker container's service to be available at port 8000 for other machines that are on the 192.168.0.* network, you can bind the docker container to that IP and port when you spin it up.
Map the internal port 80 (for the docker container) map to the public IP address port of choice on the host machine.
If your host is at the IP 192.168.0.10:
$ docker run -p 192.168.0.10:8000:80 -it httpd AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.17.0.12. Set the 'ServerName' directive globally to suppress this message AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.17.0.12. Set the 'ServerName' directive globally to suppress this message [Fri Mar 24 05:50:51.400325 2017] [mpm_event:notice] [pid 1:tid 140701557254016] AH00489: Apache/2.4.25 (Unix) configured -- resuming normal operations [Fri Mar 24 05:50:51.400737 2017] [core:notice] [pid 1:tid 140701557254016] AH00094: Command line: 'httpd -D FOREGROUND' 100.200.155.18 - - [24/Mar/2017:05:50:53 +0000] "GET / HTTP/1.1" 200 45 100.200.155.18 - - [24/Mar/2017:05:50:53 +0000] "GET /favicon.ico HTTP/1.1" 404 209
This makes the service publicly available using the server's IP, and specifying port 8000.
