Working with Docker Containers

The search command allows you to search for Docker images in Docker registry, lets search images related to WordPress.

# docker search wordpress

The pull command allows you download docker images from registry. By default, it downloads from Docker public registry, also you can download images from your own registry.

# docker pull centos

List the available docker images on the system.

# docker images

You can remove downloaded images using rmi command, below command removes ubuntu image from the local system.

# docker rmi ubuntu

The following command is widely used to create a containers, uses the “centos” docker image to create a container.

# docker run -dit --name docker-centos --hostname="centos" centos /bin/bash

-d = Running a docker container in the background

-i = Running a docker container in interactive mode.

-t = Allocates tty terminal wich is required to attach to the containers.

–name = Name of a docker container

–hostname = Set a host to container

Check the running containers using ps command.

# docker ps -a

CONTAINER ID    IMAGE         COMMAND      CREATED  STATUS    PORTS      NAMES

1f99133e0387 centos:latest "/bin/bash" About a minute ago Up About a minute docker-centos

The attach command lets you to attach to running container (docker-centos), you can see the hostname is set to centos, also run some test commands like “df -h” to see the mount points details.

[root@server ~]# docker attach docker-centos

[root@centos /]# df -h

Filesystem  Size  Used Avail Use% Mounted on

/dev/mapper/docker-253:1-369-14d43fd37613411218528b599dd1c39a7b19ae2041a26a2cb170f52e8bc591e8  9.8G  254M  9.0G   3% /

tmpfs       490M     0  490M   0% /dev

shm         64M     0   64M   0% /dev/shm

/dev/mapper/fedora--server-root  50G  1.9G   45G   4% /etc/hosts

tmpfs       490M     0  490M   0% /proc/kcore

The docker run command allows you to run a command in a container. For example, let’s get an information of mount points with in a container.

–rm = removes the container when the process exits.

# docker run --rm  centos /usr/bin/df -h

Filesystem  Size  Used Avail Use% Mounted on

/dev/mapper/docker-253:1-369-8c3daee9969e4096047fa7b6802cccefe2b78ac176347d5b0feb9d4df4156c6d  9.8G  254M  9.0G   3% /

tmpfs       490M     0  490M   0% /dev

shm         64M     0   64M   0% /dev/shm

/dev/mapper/fedora--server-root   50G  1.9G   45G   4% /etc/hosts

tmpfs       490M     0  490M   0% /proc/kcore

The top command shows running process and their details.

# docker top docker-centos

UID    PID   PPID    C    STIME      TTY           TIME                CMD

root   3442  2121    0    21:44      pts/2         00:00:00           /bin/bash

The stats command does live stream of resource usage statistics, output of this command will look like normal top command.

# docker stats docker-centos

The cp command will help you to copy files/folders from containers to host system, the following command will copy “tobecopied” to /root of host machine.

# docker cp docker-centos:/tobecopied /root/

The kill command sends the SIGTERM to kill a running container.

# docker kill docker-centos

The start command lets you to start a stopped container, lets start the docker-centos.

# docker start docker-centos

The restart command helps you to restart a container.

# docker restart docker-centos

The stop command lets you to gracefully stop a container

# docker stop docker-centos

The rename command allows you to change the name of the container, following command rename 

the docker-centos to MyCentOS.

# docker rename docker-centos MyCentOS

The rm command will allow you to remove a container.

# docker rm MyCentOS

• Create Docker container

[root@karan-ws ~]# docker create -ti --name="mona" centos bash c7f9eb6b32eba38242b9d9ced309314f8eee720dbf29c656885aa0cbfff15aa6

• Start your docker container

# docker start mona

• Get IP address of your newly created docker container

[root@karan-ws ~]# docker inspect mona | grep -i ipaddress          "IPAddress": "172.17.0.1",

• Attach (login) to your docker container

[root@karan-ws ~]# docker attach mona [root@c7f9eb6b32eb /]# cat /etc/redhat-release CentOS Linux release 7.1.1503 (Core) [root@c7f9eb6b32eb /]# df -h Filesystem     Size   Used  Avail  Use%   Mounted on /dev/mapper/docker-253:1-16852579-c7f9eb6b32eba38242b9d9ced309314f8eee720dbf29c656885aa0cbfff15aa6  9.8G  268M  9.0G   3% / tmpfs             1.6G     0  1.6G   0% /dev shm               64M     0   64M   0% /dev/shm tmpfs             1.6G     0  1.6G   0% /run tmpfs             1.6G     0  1.6G   0% /tmp /dev/vda1       10G 1.6G  8.5G  16% /etc/hosts tmpfs             1.6G     0  1.6G   0% /run/secrets tmpfs             1.6G     0  1.6G   0% /proc/kcore

To detach from docker container use ctrl+p+q , avoid using exit command as it will stop container and exit.

• List container

[root@karan-ws ~]# docker ps CONTAINER ID        IMAGE        COMMAND       CREATED       STATUS       PORTS       NAMES c7f9eb6b32eb        centos:latest     "bash"            9 minutes ago   Up 28 seconds                 mona

• Stop and destroy container

[root@karan-ws ~]# docker stop mona ; docker kill mona mona mona [root@karan-ws ~]# docker ps CONTAINER ID  IMAGE  COMMAND  CREATED  STATUS  PORTS  NAMES

Install wordpress, mysql and apache on Docker:

$ Docker run –it –name wordpress –h wordpress –p 80:80 –e MYSQL_DB-“mycoolblog.com”  -e APACHE_SVRALIAS=www.mycoolblog.com localhost –e MYSQL_PASS=”passwrod123” –e MYSQL_DB=”mycoolblog” –e APP_USER=”wpadmin” –e APP_PASS=”password456” –e WP_KEY=”mycoolblog is cool” appcontainers/wordpress

route add 172.17.0.0 mask 255.255.0.0 192.168.0.251 –p

Installing DockerUI

Installing DockerUI is pretty easy than installing docker engine. We just need to pull the dockerui from the Docker Registry Hub and run it inside a container. To do so, we'll simply need to run the following command.

# docker run -d -p 9000:9000 --privileged -v /var/run/docker.sock:/var/run/docker.sock dockerui/dockerui

# Open your browser to http://<dockerd host ip>:9000

Bind mounting the Unix socket into the DockerUI container is much more secure than exposing your docker daemon over TCP. The --privileged flag is required for hosts using SELinux. You should still secure your DockerUI instance behind some type of auth. Directions for using Nginx auth are here.

Specify socket to connect to Docker daemon

By default DockerUI connects to the Docker daemon with/var/run/docker.sock. For this to work you need to bind mount the unix socket into the container with -v /var/run/docker.sock:/var/run/docker.sock.

You can use the -e flag to change this socket:

# Connect to a tcp socket:

$ docker run -d -p 9000:9000 --privileged dockerui/dockerui -e http://127.0.0.1:2375

Change address/port DockerUI is served on

DockerUI listens on port 9000 by default. If you run DockerUI inside a container then you can bind the container's internal port to any external address and port:

# Expose DockerUI on 10.20.30.1:80

$ docker run -d -p 10.20.30.1:80:9000 --privileged -v /var/run/docker.sock:/var/run/docker.sock dockerui/dockerui

How to Install Docker on CentOS 7

Docker is a container virtualization technology that has gained widespread popularity in recent times, it offers more efficient way to deploy the application. With Docker, the applications resides inside the container on top of the Linux operating system. Docker uses Kernel features such as cgroups and namespace to allow independent container to run on single os instance.

In this post, you will learn how to install Docker on CentOS 7 / RHEL 7 / Fedora 21

Note: Docker runs only on 64 bit operating system.

Installing Docker:

Docker package:

docker.x86_64 0:1.8.2-10.el7.centos

Docker Dependencies:

  device-mapper.x86_64 7:1.02.107-5.el7

  device-mapper-event.x86_64 7:1.02.107-5.el7

  device-mapper-event-libs.x86_64 7:1.02.107-5.el7

  device-mapper-libs.x86_64 7:1.02.107-5.el7

  device-mapper-persistent-data.x86_64 0:0.5.5-1.el7

  docker-selinux.x86_64 0:1.8.2-10.el7.centos

  lvm2.x86_64 7:2.02.130-5.el7

  lvm2-libs.x86_64 7:2.02.130-5.el7

Docker is available in standard repository of CentOS, so we don’t have to search for package. For RHEL 7, you must have a valid Redhat subscription to enable Extras rpm’s respository on server. Install it using the following command.

# yum -y install docker device-mapper device-mapper-event device-mapper-event-libs device-mapper-libs device-mapper-persistent-data docker-selinux lvm2 lvm2-libs

Now you have Docker installed onto your machine, start the Docker service incase if it not started automatically after the installation

# systemctl start docker.service

# systemctl enable docker.service

Once the service is started, verify your installation by running the following command.

# docker run -it centos echo Hello-World

Lets see what happens when we run “docker run” command. Docker starts a container with centos base image, since we are running this centos container for first time, the output will look like below.

Unable to find image 'centos:latest' locally
Trying to pull repository docker.io/centos ...
0114405f9ff1: Download complete
511136ea3c5a: Download complete
b6718650e87e: Download complete
3d3c8202a574: Download complete
Status: Downloaded newer image for docker.io/centos:latest
Hello-World

Docker looks for centos image locally, and it is not found, it starts downloading the centos image from docker registry. Once the images has been downloaded, it will start the container and echo the command “Hello-World” in the console which you can see at the end of the output.

Allowing Non-root access:

As you can see in my command, for CentOS i had to run docker as root user. To avoid this you can follow below procedure to allow non-root users to run Docker containers.

Create a group called docker, run the following commands with root privileges.

# groupadd docker

Add a user that is to be a part of docker group, replace “sam” with your own user name.

# useradd sam

Add a user to docker group.

# usermod -aG docker sam

Now you can run a Docker with non-root user.

FirewallD:

FirwallD in CentOS 7 can conflict with Docker, it is recommended to disable the service.

# systemctl stop firewalld.service
# systemctl disable firewalld.servic

When firewalld is started or restarted it will remove the DOCKER chain from iptables, it prevents Docker from working properly.

If you still want to use Systemd, firewalld is must be started before Docker service. In case if you start or restart firewalld after Docker, you will have to restart the Docker daemon.

That’s All!, You can now start working with Docker.

100 DevOps Tools List

100DevOpsTools

Here, we are summing it up in this blog post so that you have a single place to look for all the right DevOps tools:

• Git - An awesome tool to version your source code and collaborate.
• Jenkins - It is an open-source, lightweight CI tool written in Java, with high extensibility and a fast release cycle.
• Consul - Makes it simple for services to register themselves and to discover other services via a DNS or HTTP interface.
• Fig - A package management tool, similar to APT, language agnostic, faster and works well with both executable and libraries.
• Docker - Uses LXC to create and manage native, sandboxed virtual containers. Build, Ship, Run.
• Chef - Configuration management tool which uses a pure-Ruby, DSL for writing system configuration recipes.
• Vagrant - It is a cross platform tool to create, boot, configure and destroy development environments.
• Memcached - An open-source high performance, distributed memory object caching system.
• Snort - An open-source IPS. It provides real-time traffic analysis and packet logging for DevOps engineers.
• RabbitMQ - RabbitMQ is a queuing tool for DevOps engineers. Supports a large no. of development platforms.
• Terraform - A tool used in building, changing, and versioning the infrastructure across platforms.
• AWS - A cloud computing platform offering ready to use web services which are loosely coupled.
• CoreOs - Lightweight OS that support containers out of the box. Can be used as base OS to run your own PaaS
• Ansible - An agent-less orchestration engine that can automate application and systems.
• CfEngine - First of its kind. Configuration Management tool, automates large scale, complex infrastructure.
• Collectd - Demon to collect system performance statistics periodically & provides tons of plugins to analyze values.
• Logstash - A data pipeline that helps you process logs and other event data from a variety of systems.
• Log.io - A Real-time log monitoring in your browser. Broadcasting logs to the web clients.
• Graphite - A visualization tool for statistics. One can create customizable reports and dashboards.
• Weave - Virtual network that connects Docker containers deployed across multiple hosts & enables automatic discovery.
• Openstack - An open source, massively salable cloud operating system used for building private & public cloud.
• Packer - A tool for creating identical machine images for multiple platforms from a single source configuration
• Foreman - A complete lifecycle management tool for physical and virtual servers.
• Berkshelf - Cookbook source manager for chef, similar to a bundler for ruby.
• Veewee - A tool for easily & repeatedly building custom Vagrant base boxes, KVMs, & virtual machine images.
• Ganglia - A salable distributed monitoring system for high-performance computing systems such as clusters & grids.
• Icinga - A monitoring system checking hosts & services you specify & notifying when things go wrong & they recover.
• Beats - An open source collectors for log files, infrastructure metrics, and other important types of data agitation.
• Sensu - A simple & scalable monitoring framework which is designed for cloud.
• Zabbix - An opensource, enterprise-class network monitoring framework.
• Rundeck - A cross-platform opensource software, helps automate ad-hoc & routine procedures in data-center or cloud environment.
• Simian Army - A tool for testing & promoting infrastructure tolerance & high availability.
• Zookeeper - A centralized service for maintaining configuration information, naming, providing group services etc.
• Etcd - A highly-available key value store for shared configuration and service discovery.
• Chocolatey - It is apt-get for windows. Can install packages & dependencies over CLI.
• Fpm - Effing package management! Build packages for multiple platforms (deb, rpm, etc) with great ease and sanity.
• Jcloud - Apache jclouds, an open source multi-cloud toolkit for the Java platform, apps are portable across clouds.
• Opsbot - A pluggable, configurable bot for improving communication in operations.
• Buildbot - An open-source framework for automating software build, test and release process.
• CruiseControl - A CI server written in #Ruby with a focus on simplicity & being easy to hack.
• Flynn - An open source PaaS platform built on Docker awesomely manages deploying, scaling your applications.
• Kubernetes - An opensource system for managing containerized applications providing deployment & scaling of apps.
• Deis - Open Source Application Platform For Public and Private Clouds. Its built on Docker & CoreOs.
• Drone - A Continuous Integration platform built on Docker, written in Go.
• SumoLogic - Centralized Log Analysis tool, which scale to any data volume and query performance.
• Pagerduty - A tool which would help us to increase the uptime of our apps, services, and infrastructure.
• Serf - A lightweight & decentralized solution for cluster membership, failure detection & orchestration.
• SaltStack - Configuration Management software, delivers fast,scalable event-driven infrastructure automation & predictive cloud orchestration.
• Fabric - A command-line tool for streamlining use of SSH for application deployment or systems administration tasks.
• Heroku - Platform as a service (PaaS) that enables developers to build and run applications entirely in the cloud.
• Kickstart - Uses bash scripts to provision machines over ssh, with no client installation on the target.
• Mcollective - A framework for building server orchestration or parallel job execution systems.
• Capistrano - A remote server automation and deployment tool written in Ruby.
• Slaughter - A perl tool for automating configuration maintenance & management of large number of systems.
• FAI Fully Automatic Installer - Tool for mass unattained deployments of #Linux.
• Asgard - A netflix web interface tool for AWS Cloud Management and application deployment.
• rkt - CLI for running app containers on Linux. rkt is designed to be composable, secure, and fas.
• Rudder - An easy to use, web-driven, role-based solution for IT Infrastructure Automation.
• Artifactory - JFrog’s open source binary repository management product with support for Apache Maven artifacts.
• Gradle - A project automation tool that builds upon the concepts of #Apache Ant and Apache Maven.
• Grafana - An open source feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB.
• Vagrant-lxc - Vagrant plugin that allows it to control and provision Linux Containers as an alternative to the built in VirtualBox provider for Linux host.
• OSV - An operating System for lightweight virtual machines, designed for ground up to run single application, similar to CoreOS.
• Test Kitchen - A test harness tool to execute your configured code on one or more platforms in isolation.
• StackStorm - Event-driven automation used for auto-healing, security responses, troubleshooting, complex deployments.
• Nomad - A Hashicorp product; is a cluster manager & scheduler designed for microservices and batch workloads.
• Otto - successor to Vagrant is single solution to develop, deploy application with firstclass support to microservices.
• Eucalyptus - An open source software for building AWS - compatible private and hybrid clouds.
• Bento - A project that encapsulates Packer templates for building Vagrant base boxes.
• Dokku - Docker powered mini-Heroku, a smallest PaaS implementation you've ever seen around 100 lines of Bash.
• Poni - Systems management tool for defining, deploying and verifying complex multi-node computer systems.
• Loom - Does stuff Puppet doesn't do well or at all bootstrapping machines deploying code & installing reusable modules.
• Tsuru - An extensible and open source Platform as a Service; that uses Docker to make deploys simple & fast.
• Sequencer - Open-Source Software that can ping, power off and power on your whole cluster.
• Rex - An agent less orchestration tool written in simple perl.
• Pulp - A platform for managing repositories of content, such as software packages.
• BuildMaster - An automated deployment tool. It combines features to manage and automate processes primarily related to continuous integration, database change scripts, and production deployments.
• TeamCity - A feature packed CI tool with out-of-the-box support for java, ruby .Net, & many other languages.
• GoCD - release management tool,build from ground up with pipelines in mind & makes easy to model complex deployment work-flow.
• Deploykit - Collection of Ruby daemons flying in close formation. AKA our startling message-based deploy environment.
• Kibana - an open source (Apache Licensed), browser based analytic and search dashboard for Elasticsearch.
• Awsbox - A featherweight DYI PaaS on top of awscloud EC2 for deploying node apps.
• Orc - A model driven orchestration tool for the deployment of application clusters written in Ruby.
• Opskelaton - Bootstrap DevOps infra with some opinionated defaults(vagrant chef puppet) standard development guidelines.
• Brooklyn - Focused on deployment & post deployment life-cycle management, aware of network typologies integrates with clouds.
• Mina - Deployment tool, lets you build and run scripts to manage your app deployments on servers via SSH.
• Overcast - CLI for ease to spinup configure & manage clusters without learning curve or complexity of existing management tools.
• Sunzi - Shell-based provisioning tool which does not try to do anything else. Has no dependency other than shell.
• Credmgr - Securely manage privileged account credentials via Shamir secret sharing. Its like one passwd for DevOps.
• Djangy - An open source cloud hosting service for Python/Django web apps. Its like Heroku for Python/Django.
• Logster - Utility for reading logs & generating metrics to configurable outputs. Graphite, CloudWatch, Nagios & stdout.
• Vaurien - A Chaos Monkey for TCP conn. Randomly disconnects/stalls TCP connections in app to test tolerance and HA.
• Sysdig - An open source, system level exploration: capture system state & activity in linux instance save, filter & analyze.
• VMFest - a PalletOps project turns VirtualBox into light-weight cloud provider. Useful in developing cloud automation.
• ConDep - An opensource infrastructure configuration & deployment DSL specifically targeted (not limited) to Windows platform.
• CMB(Cloud Message Bus) - A highly available, horizontally scalable queuing & notification service compatible to AWS SQS, SNS.
• Semaphore - A hosted continuous integration and deployment service for open source and private projects.
• Barkeep - Code review tool for git projects, focused on code reviewing, can support both pre & post commit workflows.
• Juju - An orchestration tool allows software to be quickly deployed, integrated & scaled public/private/hybrid cloud.
• Sublime-Text - Sublime Text is a cross-platform source code editor with a Python application programming interface (API). It natively supports many programming languages and markup languages, and its functionality can be extended by users with plugins, typically community-built.