├── _config.yml ├── Docker-Practical ├── 6_Dockerfile │ ├── EXPOSE │ │ └── Dokerfile │ ├── persistent_storage │ │ ├── initVolume │ │ │ ├── DATA │ │ │ └── Dockerfile │ │ ├── Dockerfile │ │ ├── hellodocker.js │ │ └── README.md │ ├── VOLUME │ │ └── Dockerfile │ ├── ADD │ │ ├── Dockerfile │ │ └── README.md │ ├── CMD │ │ └── Dockerfile │ ├── COPY │ │ ├── Dockerfile │ │ └── README.md │ ├── ENTRYPOINT │ │ └── Dockerfile │ ├── Alpine │ │ └── Dockerfile │ ├── Ubuntu │ │ └── Dockerfile │ ├── WORKDIR │ │ ├── README.md │ │ └── Dockerfile │ ├── NETWORK │ │ └── Dockerfile │ ├── ENV │ │ └── Dockerfile │ └── README.md ├── img │ ├── 4_d.png │ ├── 7_1.png │ ├── 7_2.png │ ├── 7_3.png │ ├── 7_4.png │ ├── 2_ps.png │ ├── 3_pull.png │ ├── 4_end.png │ ├── 2_image.png │ ├── 2_ubuntu.png │ ├── 3_alpine.png │ ├── 3_filter.png │ ├── 1HelloWorld.png │ ├── 2_inspect.png │ ├── 2_inspect1.png │ ├── 3_notrunc.png │ ├── 4_stop_rm.png │ └── Docker_exec.png ├── README.md ├── 1_HelloWorld.md ├── 5_Interact_container_exec.md ├── 7_DockerHub.md ├── 3_Pull_img.md ├── 2_Basics.md └── 4_Enter_container.md ├── Docker-Theory ├── img │ ├── arch.png │ ├── Docker.jpg │ └── containervm.png ├── README.md ├── Container_VM.md ├── What_is_Docker.md ├── History_of_Docker.md ├── Docker.md ├── DockerVocabulary.md ├── Traditional_Docker_SDLC.md ├── Monolithic_Microservice_architecture.md └── Docker-101.md ├── Kubernetes-Theory ├── img │ ├── K1.png │ ├── lb.png │ ├── Arch1.png │ ├── Arch2.png │ ├── Pods.png │ ├── full.png │ ├── scale.png │ ├── K8_arch.png │ ├── Master.png │ ├── Master1.png │ ├── Secrets.png │ ├── Kubernetes.png │ └── Services.png ├── Kubernetes-Cheat-Sheet.pdf ├── README.md └── Kubernetes-101.md ├── Kubernetes-Practical ├── Pod │ ├── nginx.yaml │ └── README.md ├── Deployment │ ├── deploy2.yaml │ └── deploy1.yaml └── RBAC │ ├── rbac.yaml │ └── README.md ├── LICENSE └── README.md /_config.yml: -------------------------------------------------------------------------------- 1 | theme: jekyll-theme-cayman -------------------------------------------------------------------------------- /Docker-Practical/6_Dockerfile/EXPOSE/Dokerfile: -------------------------------------------------------------------------------- 1 | FROM ubuntu 2 | EXPOSE 80 -------------------------------------------------------------------------------- /Docker-Practical/6_Dockerfile/persistent_storage/initVolume/DATA: -------------------------------------------------------------------------------- 1 | Hello from Docker! -------------------------------------------------------------------------------- /Docker-Practical/6_Dockerfile/VOLUME/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM ubuntu 2 | VOLUME /opt/app/home 3 | -------------------------------------------------------------------------------- /Docker-Practical/6_Dockerfile/ADD/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM ubuntu 2 | ADD README.md /home/README.md 3 | -------------------------------------------------------------------------------- /Docker-Practical/6_Dockerfile/CMD/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM alpine 2 | CMD ["ping", "localhost"] 3 | 4 | -------------------------------------------------------------------------------- /Docker-Practical/6_Dockerfile/COPY/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM ubuntu 2 | COPY README.md /home/README.md 3 | -------------------------------------------------------------------------------- /Docker-Practical/6_Dockerfile/ENTRYPOINT/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM ubuntu 2 | ENTRYPOINT ["top", "-b"] 3 | -------------------------------------------------------------------------------- /Docker-Practical/6_Dockerfile/ADD/README.md: -------------------------------------------------------------------------------- 1 | # https://github.com/NishkarshRaj/Docker-Kubernetes/issues/22 2 | -------------------------------------------------------------------------------- /Docker-Practical/6_Dockerfile/Alpine/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM alpine-latest 2 | RUN apk upgrade 3 | RUN apk add git 4 | -------------------------------------------------------------------------------- /Docker-Practical/6_Dockerfile/COPY/README.md: -------------------------------------------------------------------------------- 1 | # https://github.com/NishkarshRaj/Docker-Kubernetes/issues/27 2 | -------------------------------------------------------------------------------- /Docker-Practical/6_Dockerfile/Ubuntu/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM ubuntu-latest 2 | RUN apt-get update && apt-get upgrade 3 | -------------------------------------------------------------------------------- /Docker-Practical/6_Dockerfile/WORKDIR/README.md: -------------------------------------------------------------------------------- 1 | # https://github.com/NishkarshRaj/Docker-Kubernetes/issues/34 2 | -------------------------------------------------------------------------------- /Docker-Practical/6_Dockerfile/persistent_storage/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM node 2 | COPY . / 3 | CMD cd / && node hellodocker.js -------------------------------------------------------------------------------- /Docker-Theory/img/arch.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NishkarshRaj/Docker-Kubernetes/HEAD/Docker-Theory/img/arch.png -------------------------------------------------------------------------------- /Docker-Practical/img/4_d.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NishkarshRaj/Docker-Kubernetes/HEAD/Docker-Practical/img/4_d.png -------------------------------------------------------------------------------- /Docker-Practical/img/7_1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NishkarshRaj/Docker-Kubernetes/HEAD/Docker-Practical/img/7_1.png -------------------------------------------------------------------------------- /Docker-Practical/img/7_2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NishkarshRaj/Docker-Kubernetes/HEAD/Docker-Practical/img/7_2.png -------------------------------------------------------------------------------- /Docker-Practical/img/7_3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NishkarshRaj/Docker-Kubernetes/HEAD/Docker-Practical/img/7_3.png -------------------------------------------------------------------------------- /Docker-Practical/img/7_4.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NishkarshRaj/Docker-Kubernetes/HEAD/Docker-Practical/img/7_4.png -------------------------------------------------------------------------------- /Docker-Theory/img/Docker.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NishkarshRaj/Docker-Kubernetes/HEAD/Docker-Theory/img/Docker.jpg -------------------------------------------------------------------------------- /Kubernetes-Theory/img/K1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NishkarshRaj/Docker-Kubernetes/HEAD/Kubernetes-Theory/img/K1.png -------------------------------------------------------------------------------- /Kubernetes-Theory/img/lb.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NishkarshRaj/Docker-Kubernetes/HEAD/Kubernetes-Theory/img/lb.png -------------------------------------------------------------------------------- /Docker-Practical/img/2_ps.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NishkarshRaj/Docker-Kubernetes/HEAD/Docker-Practical/img/2_ps.png -------------------------------------------------------------------------------- /Docker-Practical/img/3_pull.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NishkarshRaj/Docker-Kubernetes/HEAD/Docker-Practical/img/3_pull.png -------------------------------------------------------------------------------- /Docker-Practical/img/4_end.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NishkarshRaj/Docker-Kubernetes/HEAD/Docker-Practical/img/4_end.png -------------------------------------------------------------------------------- /Kubernetes-Theory/img/Arch1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NishkarshRaj/Docker-Kubernetes/HEAD/Kubernetes-Theory/img/Arch1.png -------------------------------------------------------------------------------- /Kubernetes-Theory/img/Arch2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NishkarshRaj/Docker-Kubernetes/HEAD/Kubernetes-Theory/img/Arch2.png -------------------------------------------------------------------------------- /Kubernetes-Theory/img/Pods.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NishkarshRaj/Docker-Kubernetes/HEAD/Kubernetes-Theory/img/Pods.png -------------------------------------------------------------------------------- /Kubernetes-Theory/img/full.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NishkarshRaj/Docker-Kubernetes/HEAD/Kubernetes-Theory/img/full.png -------------------------------------------------------------------------------- /Kubernetes-Theory/img/scale.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NishkarshRaj/Docker-Kubernetes/HEAD/Kubernetes-Theory/img/scale.png -------------------------------------------------------------------------------- /Docker-Practical/img/2_image.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NishkarshRaj/Docker-Kubernetes/HEAD/Docker-Practical/img/2_image.png -------------------------------------------------------------------------------- /Docker-Practical/img/2_ubuntu.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NishkarshRaj/Docker-Kubernetes/HEAD/Docker-Practical/img/2_ubuntu.png -------------------------------------------------------------------------------- /Docker-Practical/img/3_alpine.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NishkarshRaj/Docker-Kubernetes/HEAD/Docker-Practical/img/3_alpine.png -------------------------------------------------------------------------------- /Docker-Practical/img/3_filter.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NishkarshRaj/Docker-Kubernetes/HEAD/Docker-Practical/img/3_filter.png -------------------------------------------------------------------------------- /Docker-Theory/img/containervm.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NishkarshRaj/Docker-Kubernetes/HEAD/Docker-Theory/img/containervm.png -------------------------------------------------------------------------------- /Kubernetes-Theory/img/K8_arch.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NishkarshRaj/Docker-Kubernetes/HEAD/Kubernetes-Theory/img/K8_arch.png -------------------------------------------------------------------------------- /Kubernetes-Theory/img/Master.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NishkarshRaj/Docker-Kubernetes/HEAD/Kubernetes-Theory/img/Master.png -------------------------------------------------------------------------------- /Kubernetes-Theory/img/Master1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NishkarshRaj/Docker-Kubernetes/HEAD/Kubernetes-Theory/img/Master1.png -------------------------------------------------------------------------------- /Kubernetes-Theory/img/Secrets.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NishkarshRaj/Docker-Kubernetes/HEAD/Kubernetes-Theory/img/Secrets.png -------------------------------------------------------------------------------- /Docker-Practical/6_Dockerfile/NETWORK/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM ubuntu 2 | networks: 3 | default: 4 | external: 5 | name: network-external 6 | -------------------------------------------------------------------------------- /Docker-Practical/6_Dockerfile/WORKDIR/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM ubuntu 2 | RUN mkdir /home/workspace 3 | WORKDIR /home/workspace 4 | RUN pwd 5 | -------------------------------------------------------------------------------- /Docker-Practical/img/1HelloWorld.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NishkarshRaj/Docker-Kubernetes/HEAD/Docker-Practical/img/1HelloWorld.png -------------------------------------------------------------------------------- /Docker-Practical/img/2_inspect.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NishkarshRaj/Docker-Kubernetes/HEAD/Docker-Practical/img/2_inspect.png -------------------------------------------------------------------------------- /Docker-Practical/img/2_inspect1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NishkarshRaj/Docker-Kubernetes/HEAD/Docker-Practical/img/2_inspect1.png -------------------------------------------------------------------------------- /Docker-Practical/img/3_notrunc.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NishkarshRaj/Docker-Kubernetes/HEAD/Docker-Practical/img/3_notrunc.png -------------------------------------------------------------------------------- /Docker-Practical/img/4_stop_rm.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NishkarshRaj/Docker-Kubernetes/HEAD/Docker-Practical/img/4_stop_rm.png -------------------------------------------------------------------------------- /Docker-Practical/img/Docker_exec.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NishkarshRaj/Docker-Kubernetes/HEAD/Docker-Practical/img/Docker_exec.png -------------------------------------------------------------------------------- /Kubernetes-Theory/img/Kubernetes.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NishkarshRaj/Docker-Kubernetes/HEAD/Kubernetes-Theory/img/Kubernetes.png -------------------------------------------------------------------------------- /Kubernetes-Theory/img/Services.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NishkarshRaj/Docker-Kubernetes/HEAD/Kubernetes-Theory/img/Services.png -------------------------------------------------------------------------------- /Docker-Practical/6_Dockerfile/persistent_storage/initVolume/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM alpine 2 | COPY . /data 3 | VOLUME /data 4 | CMD cd /data && cat DATA -------------------------------------------------------------------------------- /Kubernetes-Theory/Kubernetes-Cheat-Sheet.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NishkarshRaj/Docker-Kubernetes/HEAD/Kubernetes-Theory/Kubernetes-Cheat-Sheet.pdf -------------------------------------------------------------------------------- /Kubernetes-Practical/Pod/nginx.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: nishkarsh 5 | spec: 6 | containers: 7 | - name: nishkarsh 8 | image: nginx 9 | -------------------------------------------------------------------------------- /Docker-Practical/6_Dockerfile/ENV/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM ubuntu 2 | ENV VARIABLE1 My First Environment Variable 3 | ENV VARIABLE2 My Second Environment Variable 4 | CMD ["/bin/sh", "-c", "echo $VARIABLE1; echo $VARIABLE2"] 5 | -------------------------------------------------------------------------------- /Docker-Practical/6_Dockerfile/persistent_storage/hellodocker.js: -------------------------------------------------------------------------------- 1 | /* File System Object */ 2 | var fs = require('fs'); 3 | 4 | /* Read File */ 5 | 6 | fs.readFile('data/DATA', 'utf8', function(err, contents) { 7 | console.log(contents); 8 | }); -------------------------------------------------------------------------------- /Kubernetes-Practical/Deployment/deploy2.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: busybox 5 | spec: 6 | containers: 7 | - name: busybox 8 | image: radial/busyboxplus:curl 9 | args: 10 | - sleep 11 | - "1000" 12 | 13 | -------------------------------------------------------------------------------- /Docker-Practical/README.md: -------------------------------------------------------------------------------- 1 | # Docker Practical Demo 2 | 3 | * **Online Docker compiler:** https://labs.play-with-docker.com/ 4 | 5 | * **Check Docker version:** 6 | ``` 7 | $ docker version 8 | ``` 9 | 10 | * **Summary of Docker version:** 11 | ``` 12 | $ docker -v 13 | ``` 14 | 15 | **Note:** To enter full screen on Play with Docker sandbox, use left ```alt+enter``` 16 | -------------------------------------------------------------------------------- /Kubernetes-Practical/Deployment/deploy1.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: nginx 5 | labels: 6 | app: nginx 7 | spec: 8 | replicas: 3 9 | selector: 10 | matchLabels: 11 | app: nginx 12 | template: 13 | metadata: 14 | labels: 15 | app: nginx 16 | spec: 17 | containers: 18 | - name: nginx 19 | image: nginx:1.15.4 20 | ports: 21 | - containerPort: 80 22 | -------------------------------------------------------------------------------- /Docker-Practical/1_HelloWorld.md: -------------------------------------------------------------------------------- 1 | # Run the Hello-World Docker image from DockerHub 2 | 3 | ``` 4 | $ docker run hello-world 5 | ``` 6 | 7 | ![HelloWorld](img/1HelloWorld.png) 8 | 9 | * It first searches for **hello-world** Docker image in the local machine but if it does not exists, it pings the Docker Hub registry and pulls the best matched repository with the same name. 10 | 11 | ## Syntax: Run a docker container from docker image 12 | 13 | ``` 14 | $ docker run {image name} 15 | ``` 16 | 17 | -------------------------------------------------------------------------------- /Docker-Theory/README.md: -------------------------------------------------------------------------------- 1 | # Agenda 2 | 3 | [1. Shifting from Monolithic to Microservice based architecture](Monolithic_Microservice_architecture.md) 4 | 5 | [2. Traditional Software Workflow (with and without Docker)](Traditional_Docker_SDLC.md) 6 | 7 | [3. What is Docker?](What_is_Docker.md) 8 | 9 | [4. History of Docker](History_of_Docker.md) 10 | 11 | [5. Why Docker?](Docker.md) 12 | 13 | [6. Docker Basics](DockerVocabulary.md) 14 | 15 | [7. Docker versus virtual machines](Container_VM.md) 16 | -------------------------------------------------------------------------------- /Docker-Practical/5_Interact_container_exec.md: -------------------------------------------------------------------------------- 1 | # Alternate and more conventional way to interact (enter) with Docker Containers 2 | 3 | ``` 4 | $ docker exec -it {container id} bash 5 | ``` 6 | 7 | ## Steps: 8 | 9 | 1. Pull a docker image 10 | ``` 11 | $ docker pull ubuntu-latest 12 | ``` 13 | 14 | 2. Open the docker container in Detached mode 15 | ``` 16 | $ docker run -itd ubuntu-latest 17 | ``` 18 | 19 | 3. Check the docker image ID 20 | ``` 21 | $ docker images 22 | ``` 23 | 24 | 4. Attach to the docker container 25 | ``` 26 | $ docker exec -it {image id} bash 27 | ``` 28 | 29 | ![img](img/Docker_exec.png) 30 | -------------------------------------------------------------------------------- /Docker-Theory/Container_VM.md: -------------------------------------------------------------------------------- 1 | # Containers versus Virtual Machines 2 | 3 | **1. OS:** Virtual Machines use their own guest OS over the Hypervisor on parent OS while containers directly use the parent OS. 4 | 5 | **2. Booting time:** Minutes for VM but seconds for containers 6 | 7 | **3. Snapshots versus Images:** VM snapshots are static while images can be modified and layered. 8 | 9 | **4. Version Controlled:** Docker images can be version controlled like Git using DockerHub repositories. 10 | 11 | **5. Multiplicity:** One Iso file may launch only one VM at a time but one docker image can launch multiple containers at once. 12 | -------------------------------------------------------------------------------- /Docker-Practical/7_DockerHub.md: -------------------------------------------------------------------------------- 1 | # Pushing the Docker Image to Docker Hub 2 | 3 | 1. Login to you Docker account: 4 | ``` 5 | $ docker login 6 | ``` 7 | 8 | 2. Build your docker image using Dockerfile 9 | ``` 10 | $ docker build -t {docker image name} . 11 | ``` 12 | 13 | 3. Create tag for your docker image 14 | ``` 15 | $ docker tag <> {docker hub username}/{docker image name you want on remote repo:version} 16 | ``` 17 | 18 | 4. Push the image to docker hub 19 | ``` 20 | $ docker push <> 21 | ``` 22 | 23 | ![img](img/7_1.png) 24 | 25 | ![img](img/7_2.png) 26 | 27 | ![img](img/7_3.png) 28 | 29 | ![img](img/7_4.png) 30 | -------------------------------------------------------------------------------- /Docker-Theory/What_is_Docker.md: -------------------------------------------------------------------------------- 1 | # What is Docker??? 2 | 3 | ```Docker is a standard collection of executables and packages. 4 | Standard means that all dependencies are configured and the application will work on all platforms. 5 | It consists of various containers having independent modules in sandbox environment that communicate with each other using Protocols and APIs. 6 | All the containers share the parent OS kernel. 7 | ``` 8 | 9 | Offerings of Docker: 10 | 11 | 1. Software As a Service: 12 | * Docker Cloud 13 | * Docker Hub 14 | * Docker Store 15 | 16 | 2. Desktop 17 | * Docker for Mac 18 | * Docker Desktop for Windows 19 | 20 | 3. Docker Engine (On cloud servers) 21 | * Docker Community Edition 22 | * Docker Enterprise Edition 23 | -------------------------------------------------------------------------------- /Docker-Theory/History_of_Docker.md: -------------------------------------------------------------------------------- 1 | # History of Docker 2 | 3 | * Developed by DotCloud Inc. in 2010 but the company closed out within a year. 4 | * Rejuvenated under Docker Inc. in 2013 with the new logo and new motto, "Build, Ship and Run" 5 | 6 | Docker is: 7 | 8 | 1. A **company** 9 | 2. A **product** falling under PaaS category 10 | 3. A **platform** 11 | 4. A **program** 12 | 5. A **CLI tool** 13 | 14 | It is Cross Platform: 15 | 16 | **1. For Humans:** Has applications for Developers, Tester etc. 17 | **2. Wrt Environment:** Works on all the platforms, clouds and even micro devices like Rpi that too with the same UI. 18 | 19 | **Note:** Docker guarentees the working of the application on any machine and environment given it works on one machine and all machine it is supposed to work on have Docker engine installed on them. 20 | 21 | 22 | -------------------------------------------------------------------------------- /Docker-Theory/Docker.md: -------------------------------------------------------------------------------- 1 | # What is Docker?? 2 | 3 | ``` 4 | Docker is an open source tool/product used for OS virutalization 5 | -> Containerization 6 | -> Platform as a Service product 7 | ``` 8 | 9 | Problem it solves: 10 | * Sandboxed isolated environment -> Secure 11 | * Portable 12 | 13 | **Note:** Containers are platform independent and are guarenteed to run on any system/environment irrespective of the configurations given that Containerization Engine exists on them. 14 | 15 | * Distributed Development with mirroring 16 | * Lightweight: Does not need its own OS. 17 | 18 | # Docker Logo 19 | 20 | ![Docker Logo](img/Docker.jpg) 21 | 22 | Docker logo signifies: 23 | 24 | **1. Core Docker principles** 25 | * Expedition 26 | * Automation 27 | * Encapsulation 28 | * Automation 29 | 30 | **2. Docker Motto** 31 | * Build 32 | * Ship 33 | * Run 34 | 35 | 36 | 37 | -------------------------------------------------------------------------------- /Docker-Practical/3_Pull_img.md: -------------------------------------------------------------------------------- 1 | # Pulling Docker Images from Docker Hub 2 | 3 | ``` 4 | docker pull {imagename}:{Tag} 5 | ``` 6 | * Tag is the version number like 1.0 etc. 7 | * If tag is not specified, Docker pulls the latest image. 8 | 9 | # Pulling Multiple versions of the same image 10 | 11 | Here, we pull the alpine Linux, the minimal version of Linux without any binaries and libraries installed. 12 | ``` 13 | $ docker pull alpine-latest 14 | $ docker pull alpine:3.6 15 | $ docker pull alpine:3.7 16 | ``` 17 | 18 | ![img](img/3_pull.png) 19 | 20 | # See all the Docker images on local machine 21 | 22 | ``` 23 | $ docker images 24 | ``` 25 | 26 | ![img](img/3_alpine.png) 27 | 28 | # Seeing the entire Image Id of the Docker Images 29 | 30 | ``` 31 | $ docker images --no-trunc 32 | ``` 33 | 34 | ![img](img/3_notrunc.png) 35 | 36 | # Searching for Docker Images with a pattern 37 | 38 | ``` 39 | $ docker images --filter=reference='pattern' 40 | ``` 41 | 42 | ![img](img/3_filter.png) 43 | -------------------------------------------------------------------------------- /Docker-Theory/DockerVocabulary.md: -------------------------------------------------------------------------------- 1 | # Basics of Docker 2 | 3 | I have covered them in my [blog](https://iq.opengenus.org/basics-of-using-docker/) 4 | 5 | Here is some basic vocabulary: 6 | 7 | **1. Docker Images:** Basis static image on which containers are built on execution. 8 | They represent the entire application along with the dependencies. 9 | It includes the following 10 | * Platform (Parent) OS image 11 | * Layering (See: Image Layering using RUN command) 12 | * Commands to be executed on build 13 | * Dependencies 14 | 15 | -> We can create a docker image based on another docker image. This is the concept of layering. 16 | 17 | **2. Docker Containers:** It is the Docker image in execution. 18 | It is where the application resides and executes. 19 | 20 | ``` 21 | Analogy: Docker Image is a program and Docker Container is its state in process. 22 | ``` 23 | 24 | **3. Docker Hub or Docker Registry:** Remote cloud based repositories of Docker Images made by us and the community. 25 | 26 | **4. Docker Engine:** Standard software on which containers are executed. It is used to build, run and ship docker images. 27 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2019 Nishkarsh Raj 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /Docker-Practical/6_Dockerfile/README.md: -------------------------------------------------------------------------------- 1 | # Creating a Dockerfile for building Docker Images 2 | 3 | 1. Create a Dockerfile 4 | ``` 5 | vi Dockerfile 6 | ``` 7 | * Dockerfile is a special file with name **Dockerfile** and no extension. 8 | * It is a declarative file containing statements for Docker image creation. 9 | 10 | 2. Write the Dockerfile 11 | 12 | **Basic Syntax** 13 | ``` 14 | FROM {parent image} 15 | RUN {command 1} 16 | RUN {command 2} 17 | ... 18 | ``` 19 | * FROM command pulls a docker image from registry which will act as platform image for our Docker image. 20 | * RUN command is used to layer the platform image with new operations. 21 | 22 | 3. Close the Dockerfile 23 | ``` 24 | Escape -> :wq 25 | ``` 26 | 27 | 4. Build the Dockerfile to create Docker Image 28 | ``` 29 | $ docker build -t {docker image name you want} . 30 | ``` 31 | * . is used because Dockerfile is present on the current directory. If this is not the case, provide path to Dockerfile. 32 | 33 | 5. Check for the creation of Docker image 34 | ``` 35 | $ docker images 36 | ``` 37 | 38 | 6. Run the docker image 39 | ``` 40 | $ docker run --it {docker image name} 41 | ``` 42 | -------------------------------------------------------------------------------- /Kubernetes-Practical/RBAC/rbac.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Namespace 3 | metadata: 4 | name: rbac-example-namespace 5 | --- 6 | apiVersion: v1 7 | kind: ServiceAccount 8 | metadata: 9 | name: rbac-example-serviceaccount 10 | namespace: rbac-example-namespace 11 | --- 12 | apiVersion: rbac.authorization.k8s.io/v1 13 | kind: Role 14 | metadata: 15 | name: rbac-example-role 16 | namespace: rbac-example-namespace 17 | rules: 18 | - apiGroups: 19 | - "" 20 | resources: 21 | - pods 22 | verbs: 23 | - get 24 | - watch 25 | - list 26 | --- 27 | apiVersion: rbac.authorization.k8s.io/v1 28 | kind: RoleBinding 29 | metadata: 30 | name: rbac-example-rolebinding 31 | namespace: rbac-example-namespace 32 | subjects: 33 | - kind: ServiceAccount 34 | name: rbac-example-serviceaccount 35 | namespace: rbac-example-namespace 36 | roleRef: 37 | kind: Role 38 | name: rbac-example-role 39 | apiGroup: rbac.authorization.k8s.io 40 | --- 41 | apiVersion: v1 42 | kind: Pod 43 | metadata: 44 | name: nginx 45 | namespace: rbac-example-namespace 46 | spec: 47 | containers: 48 | - name: nginx 49 | image: nginx 50 | -------------------------------------------------------------------------------- /Docker-Theory/Traditional_Docker_SDLC.md: -------------------------------------------------------------------------------- 1 | # Traditional Software Development 2 | 3 | 1. Development Environment -> Implementation 4 | 2. SCM Server -> Version Control and triggers Build server 5 | 3. Build Server -> Creates executable and perform basic tests 6 | 4. SCM Server -> Get the output of Build Server 7 | * If Build Success -> Proceeed to UAT and Deployment 8 | * If Build Fails -> Feedback to all developers 9 | 5. Deployment server -> Stage, test and deploy to production. 10 | 11 | # Software Development using Containers 12 | 13 | 1. Development Environment -> Implementation 14 | 2. SCM Server -> Version Control and triggers Build server 15 | 3. Build Server -> Creates executable **in form of a docker image** and perform basic tests 16 | 4. SCM Server -> Get the output of Build Server 17 | * If Build Success -> Proceeed to UAT and Deploy **Docker image to Docker registry (Docker Hub)** 18 | * If Build Fails -> Feedback to all developers 19 | 5. Deployment server -> Stage, test and deploy to production. 20 | 21 | **Note:** Biggest advantage of using containers is that it guarentees working of application on any device/environment given that container engine is present on it. 22 | -------------------------------------------------------------------------------- /Docker-Practical/6_Dockerfile/persistent_storage/README.md: -------------------------------------------------------------------------------- 1 | # Use volumes to persist data 2 | 3 | ## Create a volume an fill with data 4 | We build the container initvolume and populate it with data. 5 | ``` 6 | docker build -t initvolume ./initVolume 7 | docker run initvolume` 8 | ``` 9 | 10 | ``` 11 | #Dockerfile initvolume 12 | FROM alpine 13 | COPY . /data 14 | VOLUME /data 15 | CMD cd /data && cat DATA 16 | ``` 17 | The container's folder /data is persisted in a volume. 18 | The container terminates the volume lives on. 19 | 20 | ## Access and print out the data from another container 21 | We then build a second container which will print out the data stored in the /data folder. 22 | ``` 23 | docker build -t hellodocker . 24 | 25 | docker run --volumes-from initvolume hellodocker 26 | ``` 27 | This uses the volume created by the initvolume-Container. 28 | ``` 29 | #Dockerfile hellodocker 30 | FROM node 31 | COPY . / 32 | CMD cd / && node hellodocker.js 33 | ``` 34 | 35 | ``` 36 | #hellodocker.js 37 | /* File System Object */ 38 | var fs = require('fs'); 39 | /* Read File */ 40 | fs.readFile('data/DATA', 'utf8', function(err, contents) { 41 | console.log(contents); 42 | }); 43 | ``` 44 | 45 | 46 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Basics of Containerization using Docker and Orchestration using Kubernetes 2 | 3 | # How to Collaborate: 4 | 5 | 1. Fork the repository to your own GitHub account. 6 | 7 | 2. Clone the repository to your local machine 8 | ``` 9 | $ git clone "https://www.github.com/{Username}/Docker-Kubernetes.git" 10 | ``` 11 | where username is your GitHub account username. 12 | 13 | 3. Create a branch where you can do your local work. 14 | Never work on **master** branch as we do not allow master commits except by admins. 15 | ``` 16 | $ git branch {branchname} 17 | $ git checkout branchname 18 | ``` 19 | 20 | 4. Do your work and stage your changes. 21 | ``` 22 | $ git add 23 | ``` 24 | 25 | 5. Commit you changes with a commit message containing your name, file(s) worked upon, changes added. 26 | ``` 27 | $ git commit -m "Name| files| Changes" 28 | ``` 29 | 30 | 6. Push changes to your forked repository 31 | ``` 32 | $ git push -u origin branchname 33 | ``` 34 | 35 | # Synchronize forked repository with Upstream repository 36 | 37 | 1. Create upstream as our repository 38 | ``` 39 | $ git remote add upstream "https://www.github.com/NishkarshRaj/Docker-Kubernetes.git" 40 | ``` 41 | 42 | 2. Fetch upstream changes in local machine 43 | ``` 44 | $ git fetch upstream 45 | ``` 46 | 47 | 3. Switch to master branch 48 | ``` 49 | $ git checkout master 50 | ``` 51 | 52 | 4. Merge changes in local machine 53 | ``` 54 | $ git merge upstream/master 55 | ``` 56 | 57 | 5. Push changes to your forked GitHub repository 58 | ``` 59 | $ git push -f origin master 60 | ``` 61 | 62 | -------------------------------------------------------------------------------- /Docker-Practical/2_Basics.md: -------------------------------------------------------------------------------- 1 | # Pull an Ubuntu Linux image and run it in Interactive mode 2 | 3 | ``` 4 | $ docker run -it ubuntu 5 | ``` 6 | 7 | ![ubuntu](img/2_ubuntu.png) 8 | 9 | To exit the container, use the **exit** keyword. 10 | 11 | # Seeing the active (Up) docker containers 12 | 13 | ``` 14 | $ docker ps 15 | ``` 16 | or 17 | ``` 18 | $ docker container ls 19 | ``` 20 | 21 | ![ps](img/2_ps.png) 22 | 23 | Shows the active containers with following 24 | * Repository 25 | * Tag 26 | * Image ID 27 | * Date of creation 28 | * Size in Mb 29 | 30 | Here, we see no active containers because after exit, the container is destroyed. 31 | But is the container cached in memory for faster creation next time? 32 | Yes, it can be seen using following command: 33 | 34 | ``` 35 | $ docker ps -a 36 | ``` 37 | 38 | It shows the Docker containers created till now irrespective or being up or being exited. 39 | 40 | # Docker Images in the local machine 41 | 42 | Docker pulls(downloads) the docker machines to the local machine then accesses it to create containers. 43 | Storing the docker image in local FS is important because they can be easily cached next time. 44 | 45 | ``` 46 | $ docker images 47 | ``` 48 | or 49 | ``` 50 | $ docker image ls 51 | ``` 52 | 53 | ![img](img/2_image.png) 54 | 55 | # Inspecting a Docker Image 56 | 57 | * See the Image ID using: 58 | 59 | ``` 60 | $ docker images 61 | ``` 62 | 63 | * Inspect the image using 64 | 65 | ``` 66 | $ docker inspect {first three letters of image ID or entire Image ID} 67 | ``` 68 | 69 | ![Inspect1](img/2_inspect.png) 70 | 71 | We can see **Image Layering** with following screenshot of the Inspected image. 72 | 73 | ![Inspect2](img/2_inspect1.png) 74 | 75 | 76 | -------------------------------------------------------------------------------- /Docker-Practical/4_Enter_container.md: -------------------------------------------------------------------------------- 1 | # Open Container in Interactive Mode 2 | 3 | **Docker Run command we used till now:** 4 | 5 | ``` 6 | $ docker run {image name} 7 | ``` 8 | It created a container that performed its task and deleted after execution. 9 | What if we want to retain a container in active state so that it shows in UP state on **docker ps**. 10 | 11 | ``` 12 | $ docker run -itd {image name} 13 | ``` 14 | * it: Interactive mode 15 | * d: Daemon or detached mode: won't open container in front but opens it as a daemon (background process) 16 | 17 | # Stopping an active Docker Container and Removing it 18 | 19 | ## Docker Stop: 20 | 21 | If Docker container is up and running we can stop it using docker stop 22 | 23 | * Check Running Docker containers 24 | 25 | ``` 26 | $ docker ps 27 | ``` 28 | 29 | * Stop Docker containers 30 | 31 | ``` 32 | $ docker stop {container name, container id or first three letters of container id} 33 | ``` 34 | 35 | ![img](img/4_d.png) 36 | 37 | ## Docker rm 38 | 39 | Docker stop just stop an container from execution -> changes its state from UP to Exit state but still its temp files are stored for caching 40 | This can be seen by using the following command: 41 | 42 | ``` 43 | $ docker ps -a 44 | ``` 45 | 46 | We can remove that using the following command: 47 | 48 | ``` 49 | $ docker rm {container name or id or first three letters of id} 50 | ``` 51 | 52 | ![img](img/4_stop_rm.png) 53 | 54 | # How to Enter a Daemon container to Interactive mode 55 | 56 | ``` 57 | $ docker attach {Image ID or first three letters} 58 | ``` 59 | 60 | # How to exit and destroy container 61 | 62 | ``` 63 | # exit 64 | ``` 65 | 66 | # How to exit with container still in UP mode 67 | 68 | **Press Ctrl+P+Q** 69 | 70 | ![img](img/4_end.png) 71 | -------------------------------------------------------------------------------- /Kubernetes-Theory/README.md: -------------------------------------------------------------------------------- 1 | # Kubernetes 2 | 3 | ![img](img/Kubernetes.png) 4 | 5 | ## The need for Kubernetes (or Orchestration tool in general) 6 | 7 | For complex applications, for keeping modularity, large number of containers were needed to be managed where one container did one modular task in isolation and communicated with other via some API. 8 | This management issue lead to the need of orchestration tool. 9 | Kubernetes is one of the first and also the most used orchestration tool for containers developed by Google. 10 | 11 | ### Orchestration tools: 12 | 13 | 1. Kubernetes 14 | 2. Nomad 15 | 3. Docker Swarm 16 | 4. Mesos 17 | 18 | ## Features of Orchestration System 19 | 20 | **1. Scheduling:** 21 | * Resources per need dynamically -> optimize resource usage. 22 | * By label -> priortize 23 | 24 | **2. Replication:** Replication in distributed storage is needed for backup so that uptime is maximized. 25 | 26 | **3. Handling failures:** Create alerts and feedback mechanisms for failure, downtime or resource usage above threshold. 27 | 28 | **4. Discovery:** Since containers work in isolation and do not know about existence of other containers, orchestration tool must find the containers for communication. 29 | 30 | **5. Inspection:** Monitor health and status of the containers. 31 | 32 | **6. Load balancing:** Balance the load by equal distribution on all containers and scaling according to needs. 33 | 34 | **7. Auto scaling:** Auto-scaling is a replication factor which maintains a certain number of replicas of container in the cluster. 35 | If one or more cluster fails or goes down, another replica is created to maintain the replica factor. 36 | 37 | ## Kubernetes Architecture 38 | 39 | ![img](img/K8_arch.png) 40 | 41 | Master-Slave Architecture: 42 | 43 | **Master (Orchestration System)** 44 | * Kube-API Server 45 | * Kube-Controller Manager 46 | * Cloud-Controller Manager 47 | * ETCD Data Store 48 | * Kube Scheduler 49 | 50 | **Slave (Node)** 51 | * Pod 52 | * Containers 53 | * Kubelet 54 | * Kube proxies 55 | -------------------------------------------------------------------------------- /Docker-Theory/Monolithic_Microservice_architecture.md: -------------------------------------------------------------------------------- 1 | # Monolithic Architecture 2 | 3 | * All the application executables, dependencies and configurations are bundled in a single package. 4 | * Non-modular sequential approach. 5 | * Multiple phases cannot be done simultaneously. Thus first document -> design -> code -> test. 6 | This leads to delay and also downtime for human efforts. 7 | Cannot perform parallel tasks. 8 | * All the modules (yes, different modules still exist but they are not independent) must be written in same programming language. 9 | * If a change is made to one module, we have to make changes to all the modules and perform regression testing. 10 | This increases the build time and downtime as all services have to stopped if changes are to be made. 11 | * If central bundle falls, entire service stops => Fault intolerant 12 | 13 | ``` 14 | Since 1990's, the working and consumer environment has changed from 15 | -> Mainframe 16 | -> PC 17 | -> Virtual Computers 18 | -> Cloud Computing (Remote virtualization services on demand) 19 | -> Containerization (Docker etc.) 20 | -> Serverless Orchestartion (Kubernetes) 21 | ``` 22 | 23 | # Benefits of Monolithic Architecture: 24 | 25 | **1. Simple to Develop:** 26 | * no or negligible modularity 27 | * configure dependencies once 28 | * one single programming languages (all on same page) 29 | 30 | **2. Simple to Test:** 31 | * Same language 32 | * Test all at once (only blackbox without unit testing and return to developer for white box testing) 33 | 34 | **3. Simple to Scale** (only Software not hardware) 35 | * Increase resource 36 | 37 | **4. Simple to Deploy** 38 | 39 | # Disadvantages of Monolithic Architecture: 40 | 41 | **1. Difficult to maintain:** If one module is changed, then all modules have to be changed (Regression testing) 42 | 43 | **2. Fault Intolerant:** If the server fails, all services stop. 44 | 45 | **3. Highly coupled code:** Code is highly coupled and thus one change affects large number of modules. 46 | Also, high coupling means code base in integrated and thus large LOC are present which makes it less readable and understandable. 47 | 48 | **4. Difficult to patch:** Highly static system; changes are difficult to be incorporated. 49 | 50 | **5. Huge downtime for changes:** Change in one module needs entire server and all other modules to be stopped leading to huge downtime. 51 | 52 | **6. Low adaptability to new tools and technologies:** One biggest case of losing huge market share due to poor adaptability is of Nokia in mobile market. 53 | 54 | ``` 55 | Monolithic architecture is still used in Mainframe and Banking sectors because the data is very valuable, voluminous and dynamic and shift of architecture would need huge downtime and would involve huge risks. 56 | ``` 57 | 58 | # Basics of Cloud Computing 59 | 60 | ``` 61 | -> On Demand services 62 | -> Remote resources 63 | -> Virtualization 64 | -> Fast access to resources -> No time to buy and set up H/W 65 | -> Reliable -> Negligible downtime due to mirroring 66 | ``` 67 | 68 | # Microservices Architecture 69 | 70 | * Loose coupling: Highly cohesive yet independent modules 71 | * Microservice: Independend and standalone module performing unique tasks. 72 | * Different DB instance for all modules -> Logging -> only merging with master DB common for all when needed 73 | * Different programming languages can be used for different modules only interface must be unique and problem solving must be done. 74 | * Distributed Development and use of new technologies especially Cloud Computing and Virtualization. 75 | * High scalability (both for H/W and S/W): Replication and time sharing 76 | * Faster rate of deployment as Agile is followed: Small changes yet incremental 77 | * All modules communicate using IPC (Inter process Communication) using API (generally REST API) gateways. 78 | * Version Control is followed: No downtime, the production environment just needs to be shifted from one place to another using load balancers. 79 | 80 | # Advantages of Microservice architecture: 81 | 82 | **1. Scalability:** 83 | * Easy to Scale both H/W and S/W 84 | * Partial Scalability: Scale only those modules that need it. 85 | 86 | **2. Adapting to latest technologies** Independence leads to flexibility 87 | 88 | **3. Negligible Downtime:** If the server fails, all components do not fail as they may be hosted remotely on different servers and also have mirror images. 89 | 90 | **4. Agile Development:** Working in parallel on different modules and different phases rather than working sequentially. 91 | 92 | **5. Use of standard API for communication** 93 | 94 | **6. No boundation on programming languages:** The working is important, background programming language is irrelevant for microservices. 95 | 96 | # Microservices versus Monolithic architecture 97 | 98 | Monolithic is still applicable for Big Data and ML applications which are difficult to shift to Microsercive architecture because they change very fast yet need huge downtime for the actual shift and also has huge risk implications. 99 | 100 | 101 | 102 | -------------------------------------------------------------------------------- /Kubernetes-Practical/Pod/README.md: -------------------------------------------------------------------------------- 1 | # Creating a Kubernetes POD: A Practical Guide 2 | 3 | ## Preparation 4 | For this guide you'll need the following installed: 5 | - [kubectl](https://kubernetes.io/docs/tasks/tools/install-kubectl/) 6 | - [Minikube](https://kubernetes.io/docs/tasks/tools/install-minikube/) 7 | 8 | ## Make sure hyperV is running (Windows Only) 9 | 10 | We need Windows virtualization features enabled for us to run minikube. To see if HyperV is enabled, run the following command in Powershell as an administrator. 11 | 12 | ```cmd 13 | Enable-WindowsOptionalFeature -Online -FeatureName Microsoft-Hyper-V -All 14 | ``` 15 | 16 | If HyperV wasn't active before, go ahead and restart your computer. 17 | 18 | ## Setting up minikube 19 | 20 | Start up minikube with the following command. 21 | 22 | ```cmd 23 | minikube start --vm-driver=hyperv 24 | ``` 25 | 26 | And if you want to set hyperv as the default. 27 | 28 | ```cmd 29 | minikube config set vm-driver hyperv 30 | ``` 31 | 32 | ## Describing the Pod 33 | 34 | Next, we'll need to get our pod file setup. This is described using YAML. 35 | 36 | ``` yaml 37 | apiVersion: v1 38 | kind: Pod 39 | metadata: 40 | name: nishkarsh 41 | spec: 42 | containers: 43 | - name: nishkarsh 44 | image: nginx 45 | ``` 46 | 47 | With the yaml file setup, we can use kubectl to create the deployment. 48 | 49 | ```cmd 50 | kubectl create -f nginx.yaml 51 | ``` 52 | 53 | You should get an output similar to this: 54 | 55 | ```cmd 56 | PS C:\Users\Dublin\Documents\GitHub\Docker-Kubernetes\Kubernetes-Practical\Pod> kubectl create -f nginx.yaml 57 | pod/nishkarsh created 58 | ``` 59 | 60 | ## Checking the Pod 61 | 62 | To check the pod, run the following kubectl command: 63 | 64 | ```cmd 65 | kubectl get pods 66 | ``` 67 | 68 | And you should get an output similar to the below: 69 | 70 | ```cmd 71 | PS C:\Users\Dublin\Documents\GitHub\Docker-Kubernetes\Kubernetes-Practical\Pod> kubectl get pods 72 | NAME READY STATUS RESTARTS AGE 73 | nishkarsh 1/1 Running 0 25s 74 | ``` 75 | 76 | To check a specific pods status, we can run a describe for a particular pod. 77 | 78 | ```cmd 79 | kubectl describe pod nishkarsh 80 | ``` 81 | 82 | The syntax for the kubectl command is ``` kubectl describe pod POD-NAME ``` 83 | 84 | And get a more detailed output of its metadata and associated events. 85 | 86 | ```cmd 87 | PS C:\Users\Dublin\Documents\GitHub\Docker-Kubernetes\Kubernetes-Practical\Pod> kubectl describe pod nishkarsh 88 | Name: nishkarsh 89 | Namespace: default 90 | Priority: 0 91 | PriorityClassName: 92 | Node: minikube/172.17.50.52 93 | Start Time: Wed, 09 Oct 2019 21:50:58 -0500 94 | Labels: 95 | Annotations: 96 | Status: Running 97 | IP: 172.18.0.10 98 | Containers: 99 | nishkarsh: 100 | Container ID: docker://55597268f41d9a24a0d2803dd27d10dfcb746955111d0418f6cc5b0341647281 101 | Image: nginx 102 | Image ID: docker-pullable://nginx@sha256:aeded0f2a861747f43a01cf1018cf9efe2bdd02afd57d2b11fcc7fcadc16ccd1 103 | Port: 104 | Host Port: 105 | State: Running 106 | Started: Wed, 09 Oct 2019 21:51:00 -0500 107 | Ready: True 108 | Restart Count: 0 109 | Environment: 110 | Mounts: 111 | /var/run/secrets/kubernetes.io/serviceaccount from default-token-5bwbx (ro) 112 | Conditions: 113 | Type Status 114 | Initialized True 115 | Ready True 116 | ContainersReady True 117 | PodScheduled True 118 | Volumes: 119 | default-token-5bwbx: 120 | Type: Secret (a volume populated by a Secret) 121 | SecretName: default-token-5bwbx 122 | Optional: false 123 | QoS Class: BestEffort 124 | Node-Selectors: 125 | Tolerations: node.kubernetes.io/not-ready:NoExecute for 300s 126 | node.kubernetes.io/unreachable:NoExecute for 300s 127 | Events: 128 | Type Reason Age From Message 129 | ---- ------ ---- ---- ------- 130 | Normal Scheduled default-scheduler Successfully assigned default/nishkarsh to minikube 131 | Normal Pulling 67s kubelet, minikube Pulling image "nginx" 132 | Normal Pulled 66s kubelet, minikube Successfully pulled image "nginx" 133 | Normal Created 66s kubelet, minikube Created container nishkarsh 134 | Normal Started 66s kubelet, minikube Started container nishkarsh 135 | ``` 136 | 137 | ## Deleting the Pod 138 | 139 | To delete the pod, run the following command: 140 | 141 | ```cmd 142 | kubectl delete pods nishkarsh 143 | ``` 144 | 145 | And you'll get the following message: 146 | 147 | ```cmd 148 | PS C:\Users\Dublin\Documents\GitHub\Docker-Kubernetes\Kubernetes-Practical\Pod> kubectl delete pods nishkarsh 149 | pod "nishkarsh" deleted 150 | ``` 151 | -------------------------------------------------------------------------------- /Kubernetes-Practical/RBAC/README.md: -------------------------------------------------------------------------------- 1 | # Kubernetes RBAC within a namespace: A Practical Guide 2 | 3 | ## Preparation 4 | For this guide you'll need the following installed: 5 | - [kubectl](https://kubernetes.io/docs/tasks/tools/install-kubectl/) 6 | - [Minikube](https://kubernetes.io/docs/tasks/tools/install-minikube/) 7 | 8 | ## Make sure hyperV is running (Windows Only) 9 | 10 | We need Windows virtualization features enabled for us to run minikube. To see if HyperV is enabled, run the following command in Powershell as an administrator. 11 | 12 | ```cmd 13 | Enable-WindowsOptionalFeature -Online -FeatureName Microsoft-Hyper-V -All 14 | ``` 15 | 16 | If HyperV wasn't active before, go ahead and restart your computer. 17 | 18 | ## Setting up minikube 19 | 20 | Start up minikube with the following command. 21 | 22 | ```cmd 23 | minikube start 24 | ``` 25 | 26 | ## Setting up RBAC 27 | 28 | With the RBAC yaml file, we can use kubectl to create the Namespace, ServiceAccount, Role, RoleBinding and Pod. 29 | 30 | ```cmd 31 | kubectl apply -f rbac.yaml 32 | ``` 33 | 34 | You should get an output similar to this: 35 | 36 | ```cmd 37 | namespace/rbac-example-namespace created 38 | serviceaccount/rbac-example-serviceaccount created 39 | role.rbac.authorization.k8s.io/rbac-example-role created 40 | rolebinding.rbac.authorization.k8s.io/rbac-example-rolebinding created 41 | pod/nginx created 42 | ``` 43 | 44 | ## Verify RBAC permissions 45 | 46 | The rbac-example-role only allows `get`, `watch` and `list` permissions for pods in the `rbac-example-namespace.` 47 | To verify if the RBAC permissions are working we will create a new context with a test-user and authenticate with the serviceaccount token. 48 | 49 | To get the token for the rbac-example-serviceaccount, run the following kubectl commands: 50 | 51 | ```cmd 52 | kubectl describe serviceaccount rbac-example-serviceaccount -n rbac-example-namespace 53 | ``` 54 | 55 | You should get an output similar to this: 56 | 57 | ```cmd 58 | Name: rbac-example-serviceaccount 59 | Namespace: rbac-example-namespace 60 | Labels: 61 | Annotations: Image pull secrets: 62 | Mountable secrets: rbac-example-serviceaccount-token-bdhbq 63 | Tokens: rbac-example-serviceaccount-token-bdhbq 64 | Events: 65 | ``` 66 | 67 | Copy the serviceaccount token name, in this case `rbac-example-serviceaccount-token-bdhbq` and get the token value: 68 | 69 | ```cmd 70 | kubectl describe secrets rbac-example-serviceaccount-token-bdhbq -n rbac-example-namespace 71 | ``` 72 | 73 | You should get an output similar to this: 74 | 75 | ```cmd 76 | Name: rbac-example-serviceaccount-token-bdhbq 77 | Namespace: rbac-example-namespace 78 | Labels: 79 | Annotations: kubernetes.io/service-account.name: rbac-example-serviceaccount 80 | kubernetes.io/service-account.uid: 123210a4-1f50-4b26-bf6d-ca638a16a6ba 81 | 82 | Type: kubernetes.io/service-account-token 83 | 84 | Data 85 | ==== 86 | token: eyJhbGciOiJSUzI1NiIsImtpZCI6IjVrbURYNzdRV3ZkY1BqeS1PUEJ5aUdZUGhhanhGRFZXeEtNS2Z0U1FzMWcifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJyYmFjLWV4YW1wbGUtbmFtZXNwYWNlIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZWNyZXQubmFtZSI6InJiYWMtZXhhbXBsZS1zZXJ2aWNlYWNjb3VudC10b2tlbi1iZGhicSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50Lm5hbWUiOiJyYmFjLWV4YW1wbGUtc2VydmljZWFjY291bnQiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC51aWQiOiIxMjMyMTBhNC0xZjUwLTRiMjYtYmY2ZC1jYTYzOGExNmE2YmEiLCJzdWIiOiJzeXN0ZW06c2VydmljZWFjY291bnQ6cmJhYy1leGFtcGxlLW5hbWVzcGFjZTpyYmFjLWV4YW1wbGUtc2VydmljZWFjY291bnQifQ.MGXfCughpcRREHCygQGTNwRQyPsA-zfeIZt765qgr_DcrgVnWRhNh_-gvThxIK8I4jCes5Cp51dXkvLInKPbMiAGgDcMXJVhwyf4eLQCb6_RwYaUm05LcYodFx_bj1unhKaJlJp0JrY8vh29iaM7rIPLLjlBOhGlmSwPFfz_5cwu6BHM2Q5Go37ysd839JuXjJUSz70Ee0EVQXRYG5gUriclhOyD2sFnQ8b7yOnCwVoCXrq1cvWwYPcJjRmhVZdQS3vcLkcmihZMlQzxf73yCN_v78BBJTsa98PiyKCqNN0CJ6wYLjxR4C_5brrF-vCnoR3_JJ_t4sZ0XJ64y0nNwA 87 | ca.crt: 1066 bytes 88 | namespace: 22 bytes 89 | ``` 90 | 91 | Copy the value of the token from the Data field and set it as a variable 92 | 93 | ```cmd 94 | TOKEN=eyJhbGciOiJSUzI1NiIsImtpZCI6IjVrbURYNzdRV3ZkY1BqeS1PUEJ5aUdZUGhhanhGRFZXeEtNS2Z0U1FzMWcifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJyYmFjLWV4YW1wbGUtbmFtZXNwYWNlIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZWNyZXQubmFtZSI6InJiYWMtZXhhbXBsZS1zZXJ2aWNlYWNjb3VudC10b2tlbi1iZGhicSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50Lm5hbWUiOiJyYmFjLWV4YW1wbGUtc2VydmljZWFjY291bnQiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC51aWQiOiIxMjMyMTBhNC0xZjUwLTRiMjYtYmY2ZC1jYTYzOGExNmE2YmEiLCJzdWIiOiJzeXN0ZW06c2VydmljZWFjY291bnQ6cmJhYy1leGFtcGxlLW5hbWVzcGFjZTpyYmFjLWV4YW1wbGUtc2VydmljZWFjY291bnQifQ.MGXfCughpcRREHCygQGTNwRQyPsA-zfeIZt765qgr_DcrgVnWRhNh_-gvThxIK8I4jCes5Cp51dXkvLInKPbMiAGgDcMXJVhwyf4eLQCb6_RwYaUm05LcYodFx_bj1unhKaJlJp0JrY8vh29iaM7rIPLLjlBOhGlmSwPFfz_5cwu6BHM2Q5Go37ysd839JuXjJUSz70Ee0EVQXRYG5gUriclhOyD2sFnQ8b7yOnCwVoCXrq1cvWwYPcJjRmhVZdQS3vcLkcmihZMlQzxf73yCN_v78BBJTsa98PiyKCqNN0CJ6wYLjxR4C_5brrF-vCnoR3_JJ_t4sZ0XJ64y0nNwA 95 | ``` 96 | 97 | ## Create a user entry 98 | 99 | To create a user entry in kubeconfig, run the following command: 100 | 101 | ```cmd 102 | kubectl config set-credentials test-user --token=$TOKEN 103 | ``` 104 | 105 | You should get an output similar to this: 106 | 107 | ```cmd 108 | User "test-user" set. 109 | ``` 110 | 111 | ## Create a new context 112 | 113 | To create a new context in kubeconfig, run the following command: 114 | 115 | ```cmd 116 | kubectl config set-context test-rbac --cluster=minikube --user=test-user 117 | ``` 118 | 119 | You should get an output similar to this: 120 | 121 | ```cmd 122 | Context "test-rbac" created. 123 | ``` 124 | 125 | ## Use the new context 126 | 127 | To switch to the new context we created, run the following command: 128 | 129 | ```cmd 130 | kubectl config use-context test-rbac 131 | ``` 132 | 133 | You should get an output similar to this: 134 | 135 | ```cmd 136 | Switched to context "test-rbac". 137 | ``` 138 | 139 | ## Verification 140 | 141 | We can now verify if the RBAC permissions we defined are working. 142 | 143 | Listing pods in the `rbac-example-namespace` should work, run the following command to verify: 144 | 145 | ```cmd 146 | kubectl get pods -n rbac-example-namespace 147 | ``` 148 | 149 | You should get an output similar to this: 150 | 151 | ```cmd 152 | NAME READY STATUS RESTARTS AGE 153 | nginx 1/1 Running 0 32s 154 | ``` 155 | 156 | But listing pods across all namespaces should be forbidden, run the following command to verify: 157 | 158 | ```cmd 159 | kubectl get pods --all-namespaces 160 | ``` 161 | 162 | You should get an output similar to this: 163 | 164 | ```cmd 165 | Error from server (Forbidden): pods is forbidden: User "system:serviceaccount:rbac-example-namespace:rbac-example-serviceaccount" cannot list resource "pods" in API group "" at the cluster scope 166 | ``` 167 | 168 | Creating new namespaces should also be forbidden, run the following command to verify: 169 | 170 | ```cmd 171 | kubectl create namespace testing 172 | ``` 173 | 174 | You should get an output similar to this: 175 | 176 | ```cmd 177 | Error from server (Forbidden): namespaces is forbidden: User "system:serviceaccount:rbac-example-namespace:rbac-example-serviceaccount" cannot create resource "namespaces" in API group "" at the cluster scope 178 | ``` 179 | -------------------------------------------------------------------------------- /Kubernetes-Theory/Kubernetes-101.md: -------------------------------------------------------------------------------- 1 | # Kubernetes 101 2 | 3 | ## Introduction 4 | 5 | * Greek word Kubernetes - Helmsman - Orchestrator 6 | * K8s - 8 characters between K and S in Kubernetes 7 | 8 | ### What is Kubernetes 9 | * Container Management / Orchestration tool 10 | * Developed by Google 11 | * Managed by CNCF 12 | * Open Source 13 | * Written in Golang 14 | 15 | 16 | ### What is Container Orchestration Engine 17 | 18 | * **Container Management/Orchestration Tool:** It is used to automate the deploying, scaling and management of containers or group of containers. 19 | 20 | **CMS Tools Example:** 21 | 1. Kubernetes 22 | 2. Apache Mesos Marathon 23 | 3. Docker Swarm 24 | 25 | **CMS Manages:** 26 | 1. Deployment 27 | 2. Scheduling 28 | 3. Scaling 29 | 4. Load Balancing 30 | 31 | ### Why Kubernetes 32 | * Different management needs of CMS 33 | 1. Deployment 34 | 2. Scheduling 35 | 3. Scaling 36 | 4. Load Balancing 37 | 5. Batch execution 38 | 6. Rollbacks 39 | 7. Monitoring 40 | 41 | * Organizing large number of containers 42 | 43 | ![img](img/K1.png) 44 | 45 | ## Features of Kubernetes 46 | 47 | ### 1. Automatic Bin Packing 48 | 49 | * Servers are also called as bins. 50 | * We have to optimize the packing of software on servers in most efficient way. 51 | * Automated packing and scheduling based on specified requirements and resources available. 52 | 53 | **Pods:** Collection of containers 54 | 55 | * Kuberenetes does not have direct communication with container 56 | * Kubernetes wraps container or group of them in a pod. 57 | * Pod or group of pods are stored on node. 58 | 59 | **Nodes:** Working or Master device. Pods run on nodes. 60 | 61 | * We can specify the reosources needed for pods and containers and these specifications are used by Kubernetes for better packing. 62 | 63 | ### 2. Service Discovery and Load Balancing 64 | 65 | * **Pods:** Consists of 66 | 1. application container(s) 67 | 2. volumes 68 | 3. Unique IP 69 | 70 | ![pods](img/Pods.png) 71 | 72 | * **Services:** Collection of related Pods in a higher-level wrapping. 73 | Uniquely identified by DNS name. 74 | **Services can consist of replica of same pod which can be used for load balancing.** 75 | Services are used for Network and communication. 76 | 77 | ![Services](img/Services.png) 78 | 79 | ![Load Balancing](img/lb.png) 80 | 81 | ### 3. Storage Orchestration 82 | 83 | * Volume definition inside pods. 84 | * One volume for one pod 85 | * Volume can be: 86 | 1. Docker volume 87 | 2. Local Storage 88 | 3. Cloud storage 89 | 4. Network Storage (NFS) 90 | 91 | ### 4. Self-Healing 92 | 93 | **Self Healing done by Replication Controller** 94 | * If container fails - restart container 95 | * If node dies - replace and reschedule containers on other nodes 96 | * If container does not respond to health check - Kill the container and use alternate container 97 | 98 | ### 5. Automated Rollouts and Rollbacks 99 | 100 | **Rollout:** Deploy changes to the application or its configuration 101 | 102 | **Rollback** Revert the changes and restore to previous stable state. 103 | 104 | * Kubernetes does automated rollout and rollback, that too by guarenteeing **ZERO DOWNTIME** 105 | 106 | ### 6. Secret and Configuration Management 107 | 108 | **Special Kubernetes Objects: Difference between them - Isolation from containers** 109 | 1. Secrets 110 | 2. Config Maps 111 | 112 | 1. Secrets 113 | * Sensitive data 114 | * Managed and created outside pods but in same node 115 | * Makes sensitive data portable and easy to manage 116 | 117 | 2. ConfigMaps 118 | * configuration 119 | * Managed and created outside pods but in same node 120 | * Makes configurations portable and easy to manage 121 | 122 | ![Secrets](img/Secrets.png) 123 | 124 | **Notes:** 125 | 126 | * Special Kubernetes objects are stored in ETCD, a key-value datastore. 127 | * Max size limit for Secrets file is 1 MB 128 | 129 | ### 7. Batch Execution 130 | 131 | **Batch jobs:** Requires an executable/process to run to completion. 132 | * Kubernetes uses **Run to completion** jobs for batch processing 133 | * One job creates one or more pods. 134 | * During job execution, if any container or pod fails, **Job Controller** will reschedule the container, pod or node. 135 | * Can run multiple pods in parallel 136 | * Scaling pods up/down. 137 | * After the completion of job, pods will move from running to shut down state. 138 | 139 | ### 8. Horizontal Scaling 140 | * Scale up or down. 141 | * scaling can be done by: 142 | 143 | 1. Command line 144 | 2. Automatically based on CPU storage 145 | 3. Kubernetes UI (Dashboard) 146 | 147 | * Tools involved: 148 | 1. Replication Controller 149 | 2. Manifest file 150 | 3. Horizontal Pod Autoscaler 151 | 152 | **Replication Controller (RC or RCS)** Creates pods/containers and their specified amount of replicas. 153 | It ensures that the specified amount of replicas always exists and if some container/pods go down, they are automatically replaced. 154 | 155 | **Manifest file:** It specifies the number of replicas to be maintained by the Replication Controller 156 | 157 | **Horizontal Pod Autoscaler:** automatically scales the number of pods to be maintained by observing the CPU Utilization with custom metrics. 158 | * Monitors every **15 seconds** (default time; can be modified) 159 | 160 | **Note: RC is used for maintaining replicas and two other components tell the amount of replications** 161 | * Manifest file is static file with fixed number of replicas 162 | * Horizontal Pod Autoscaler gives replication factor dynamically based on resource availability. 163 | 164 | ![Scaling](img/scale.png) 165 | 166 | ## Architecture of Kubernetes 167 | 168 | ![Basic Architecture](img/Arch2.png) 169 | 170 | **Analogy:** Master-Worker architecture 171 | * Master - Manager node 172 | * Slaves - Worker nodes 173 | * **Cluster:** Master nodes + worker nodes (formerly also refered as Minions) 174 | * When we deploy Kubernetes, we get a cluster. 175 | * A cluster consists of machines called nodes. 176 | * A cluster has at least one worker node and at least one master node 177 | * More than one masters can be there - failover and higher availability 178 | * More than one clusters can be there 179 | * One node contains multiple pods 180 | 181 | **Node:** Physical Machine/ Virtual Machine/ Cloud 182 | * Node consists of Pods 183 | * Pods consists of containers 184 | 185 | ![Pods and Nodes](img/Arch1.png) 186 | 187 | **Note:** In Latest Kubernetes version (v1.16): 188 | * Maximum Nodes: 5000 189 | * Maximum Pods: 1,50,000 190 | * Maximum Containers: 3,00,000 191 | * Maximum Pods per node: 100 192 | 193 | ### More about Kubernetes Architecture 194 | 195 | #### 4 Components of Master Node 196 | 197 | * Responsible for managing the cluster 198 | * Monitors the pods and nodes 199 | * when the node fails, moves the workload of the failed node to another workload. 200 | 201 | **Components of Master Node** 202 | 203 | ![Master](img/Master.png) 204 | 205 | **1. API Server:** for all communications (JSON over HTTP API) 206 | * Front-end for Kubernetes Control Panel 207 | * User can access API Server using 208 | i) Command line: **KubeCTL** - KuberCTL is written in Golang 209 | ii) Dashboard Kubernetes UI 210 | 211 | **2. Scheduler** - schedules pods on nodes 212 | * Schedules pods across multiple nodes 213 | * Scheduler obtains information about pods from ETCD via the API server and resource usage data from each worker. 214 | 215 | **3. Controller Manager** - runs controller 216 | * Different controllers 217 | 218 | **3.1) Kube-controller Manager** 219 | * Tells scheduler to act when node becomes unavailable 220 | * Ensure Pods count is same as replication factor. 221 | * Create end points, service accounts and API Access Tokens 222 | * Checks health of the container 223 | * Controllers run watch-loops continuously to compare the cluster's desired state (from configuration) to its current state (obtained from etcd data store via the API Server) 224 | 225 | * Different components of Kube-control manager 226 | 227 | 3.1.1) Node Controller - Monitor nodes - checks health 228 | 229 | 3.1.2) Replication Controller - checks replication factor 230 | 231 | 3.1.3) Endpoints Controller - maintains services and configurations 232 | 233 | 3.1.4) Service Account and Token Controllers - maintain accounts and namespaces 234 | 235 | **Note:** All the controllers are separate processes but to reduce complexity, they are compiled into a single binary and run in single process. 236 | 237 | **3.2) Cloud-controller Manager** 238 | * Node becomes unavailable on cloud 239 | 240 | 3.2.1) Node Controller - checks health and delete inresponsive nodes 241 | 242 | 3.2.2) Route Controller - setup routes in cloud infrastructure 243 | 244 | 3.2.3) Service Controller - creating, updating and deleting cloud provider load balancers. 245 | 246 | 3.2.4) Volume Controller - creating, attaching, and mounting volumes. 247 | 248 | * We can disable the controller loops by setting **--cloud-provider** flag to external. 249 | 250 | **4. ETCD: Key-value database** 251 | * Open Source 252 | * Distributed Database from CoreOS 253 | * Consistent 254 | * Highly available 255 | * Key-value Datastore 256 | * Single source for secrets and configurations for Kubernetes Cluster 257 | * Only the API Server can directly access the ETCD Store. 258 | * ETCD can be stored on Master but it can be configured externally. 259 | 260 | ![Master Node](img/Master1.png) 261 | 262 | #### 3 Components of Worker Node 263 | 264 | * Every worker node must have a container runtime, like Docker. 265 | 266 | * Components of Worker Node 267 | 268 | **1) Kubelet:** Agent on each worker node 269 | * Interaction with Master node via API Server. 270 | * Makes sure that pods are running 271 | * **PodSpecs** are used for reference. 272 | * Local Health Check - first tries to restart pod on same node or else creates another node. 273 | * **Kubelet only manages containers made by Kubernetes and not the other ones in the system** 274 | 275 | **2) Kube-Proxy** 276 | * Networking Agent - Core Networking component 277 | * Interacts with the network 278 | * Exposes service to outside world 279 | * Daemon process 280 | * Interacts with master via API Server for updates to services and endpoints. 281 | 282 | **3) Container Runtime:** Pods and Containers 283 | - Docker, ContainerD, Cri-o, RKTlet etc. 284 | 285 | * Kubernetes does not have own capability to create containers 286 | 287 | #### Add-Ons 288 | 289 | **1. Dashboard:** Web based user interace 290 | 291 | **2. Monitoring:** Collects cluster-level container metrics and saves them to central data store. 292 | 293 | **3. Logging:** stores container logs in a central log store for analysis 294 | 295 | **4. DNS:** Each service is assigned a unique DNS 296 | 297 | #### How Master and Worker Interact 298 | 299 | ![Full Architecture](img/full.png) 300 | 301 | -------------------------------------------------------------------------------- /Docker-Theory/Docker-101.md: -------------------------------------------------------------------------------- 1 | # More about Dockers 2 | 3 | ## Docker Basics 4 | 5 | * Portability - Same working on different platforms and devices. 6 | 7 | * Docker is used throughtout the SDLC Lifecycle but its most important significance plays in deployment. 8 | 9 | * Software Stack - A software consists of 10 | 1. Frontend 11 | 2. Backend 12 | 3. Database 13 | 4. Dependencies and Environment configurations 14 | We have to configure all of them in different environments to run it everywhere. 15 | 16 | * Containers are standard packaging - organization - transport - portability. 17 | 18 | ## Docker Architecture 19 | 20 | ### General Workflow of Docker 21 | 22 | * Dockerfile - Docker Image - Docker Container - DockerHub 23 | * Pull Image in different devices via the repository and run the container anywhere. 24 | 25 | ### Containerization vs Virtualization 26 | 27 | * Hypervisor vs Container Runtime 28 | * Guest OS vs Parent Kernel sharing 29 | * Resource allocation vs On demand resource allocation 30 | 31 | ![img](img/containervm.png) 32 | 33 | ### Docker Architecture - Client Server Architecture 34 | 35 | * Client - Command Line Interface 36 | * Server - Docker Daemon - containers run on server => Server = Docker Daemon + Containers 37 | * Docker Engine - Client + Server 38 | * Docker Client and Server interact via commands or Rest API. 39 | 40 | ## Advantages of Docker 41 | * Build Once - Run everywhere 42 | * Portable - Supported by AWS, GCP etc 43 | * Easy to Share - central hub repository 44 | * Version Controlling 45 | * Isolation 46 | * Standard Packaging 47 | * Improved productivity 48 | 49 | ## Docker Installation on Linux 64 bits 50 | 51 | * Connect to Linux 52 | 53 | * Install Docker 54 | 55 | ``` 56 | $ sudo apt-get -y update 57 | $ sudo apt-get -y install docker 58 | $ docker --version 59 | $ docker info 60 | ``` 61 | * Start Docker 62 | 63 | ``` 64 | $ sudo service docker start 65 | $ docker info 66 | ``` 67 | 68 | * Add User to Docker 69 | 70 | ``` 71 | $ sudo usermod -a -G docker [username] 72 | ``` 73 | 74 | * Stop Docker 75 | ``` 76 | $ sudo service docker stop 77 | ``` 78 | 79 | * Uninstall Docker 80 | ``` 81 | $ apt remove docker 82 | ``` 83 | 84 | ### Resources 85 | 86 | https://get.docker.com/ 87 | https://docs.docker.com/engine/install/binaries/ 88 | 89 | ## Basic Docker Commands 90 | 91 | ### Basic commands 92 | 93 | * Version, client, golang version - detailed 94 | 95 | ``` 96 | $ docker version 97 | ``` 98 | 99 | * One line Docker version information 100 | 101 | ``` 102 | $ docker --version 103 | $ docker -v 104 | ``` 105 | 106 | * Detailed Docker information along with current state on parent OS 107 | 108 | ``` 109 | $ docker info 110 | ``` 111 | 112 | * Help command to know about other commands 113 | ``` 114 | $ docker --help 115 | ``` 116 | ``` 117 | $ docker [command] --help 118 | ``` 119 | 120 | * Login to DockerHub 121 | 122 | ``` 123 | $ docker login 124 | ``` 125 | 126 | ### Images commands 127 | 128 | * Docker Pull 129 | 130 | ``` 131 | $ docker pull [image name] # Fetches from repository 132 | ``` 133 | ``` 134 | $ docker images -q # All IDs of image 135 | ``` 136 | ``` 137 | $ docker images -a # All information of cached images 138 | ``` 139 | 140 | * Delete images 141 | ``` 142 | $ docker rmi [-f] [space separated image names or ID] 143 | ``` 144 | 145 | ### Containers commands 146 | 147 | * PS - list containers 148 | ``` 149 | $ docker ps # Running containers 150 | ``` 151 | ``` 152 | $ docker ps -a # All containers 153 | ``` 154 | 155 | * Run - Check image locally, if not present, pull from Hub and launch a container. 156 | ``` 157 | $ docker run [image name] 158 | ``` 159 | ``` 160 | $ docker run -it [image] # Interactive mode 161 | ``` 162 | 163 | * Docker start 164 | ``` 165 | $ docker start [image name] # Not running but fully provisioned 166 | ``` 167 | 168 | * Docker Stop 169 | ``` 170 | $ docker stop [image name] 171 | ``` 172 | 173 | ### System commands 174 | 175 | * Stats command - Resource utilization 176 | ``` 177 | $ docker stats 178 | ``` 179 | 180 | * Disk utilization 181 | 182 | ``` 183 | $ docker system df 184 | ``` 185 | 186 | * Prune - delete all unused data but not the dangling images 187 | * Prune --all (dangling images - not having any running container) 188 | ``` 189 | $ docker system prune # Outputs total resource regained especially in terms of memory 190 | ``` 191 | 192 | ## Docker Images 193 | 194 | ### What are Images 195 | 196 | * Images are template to create docker containers 197 | * Containers are runtime artifacts 198 | 199 | 200 | ``` 201 | $ docker images # list images 202 | ``` 203 | ``` 204 | $ docker images --help # Check the basic command usage 205 | ``` 206 | 207 | ### How to Pull an image 208 | ``` 209 | $ docker pull [image name] # Pulls latest image by default 210 | ``` 211 | 212 | ``` 213 | $ docker pull [image name]:[tags] # Downloads specific tags 214 | ``` 215 | 216 | ``` 217 | $ docker images -q # Shows all numeric IDs of local images # --quiet 218 | ``` 219 | 220 | ``` 221 | $ docker images -f "dangling=false" # Filter -- filter 222 | ``` 223 | 224 | ``` 225 | $ docker image --all # All images 226 | ``` 227 | 228 | ### How to run a container from the image 229 | 230 | ``` 231 | $ docker run [image name] 232 | ``` 233 | 234 | ``` 235 | $ docker run -it --name [container name] [image] [bash] 236 | ``` 237 | 238 | ### Basic Commands 239 | 240 | * Inspect Images - Shows layers - Images are STACK of layers. 241 | ``` 242 | $ docker inspect [image name] 243 | ``` 244 | 245 | * Inspect Containers 246 | ``` 247 | $ docker inspect [container name] 248 | ``` 249 | 250 | * Stopped related containers needed to delete image - use force 251 | ``` 252 | $ docker rmi [-f] [image name] 253 | ``` 254 | 255 | ## Docker Containers 256 | * Running instance of Docker Images 257 | 258 | ![image](img/arch.png) 259 | 260 | 261 | ### How to create containers 262 | ``` 263 | $ docker run [image name] # Inbuilt Pull feature 264 | ``` 265 | 266 | ``` 267 | $ docker ps # Running containers 268 | ``` 269 | 270 | ``` 271 | $ docker ps -a # All containers 272 | ``` 273 | 274 | ``` 275 | $ docker run --name [name of container] -it [image name] 276 | ``` 277 | 278 | * Start containers 279 | * Stop containers 280 | * Pause containers - lock container - takes on input from user and stops every tasks! 281 | ``` 282 | $ docker pause [container name] # From another terminal 283 | ``` 284 | 285 | * Unpause containers 286 | ``` 287 | $ docker unpause [container name] 288 | ``` 289 | 290 | * Top command - PID, commands, name etc. 291 | ``` 292 | $ docker top [container name] 293 | ``` 294 | 295 | * Statistics 296 | ``` 297 | $ docker stats [container name] 298 | ``` 299 | 300 | * Attach to running container - attach to start or running state only 301 | ``` 302 | $ docker attach [container name or ID] 303 | ``` 304 | 305 | * Kill a container - Running containers only 306 | ``` 307 | $ docker kill [container name or ID] 308 | ``` 309 | 310 | * Remove container 311 | ``` 312 | $ docker rm [container name or ID] 313 | ``` 314 | 315 | * History of containers linked to local image 316 | ``` 317 | $ docker history [image name] 318 | ``` 319 | 320 | ## How to run Jenkins on Docker Containers 321 | * How to Start Jenkins on Docker 322 | * How to set Jenkins home on parent OS 323 | 324 | * Pull the Jenkins Image 325 | ``` 326 | $ docker pull jenkins 327 | ``` 328 | 329 | * Run the Docker container to launch Jenkins on parent OS 330 | ``` 331 | $ docker run -p 8080:8080 -p 50000:50000 jenkins # [Export Host port]:[Server port] 332 | ``` 333 | * 8080: Web Brower hosting 334 | * 50000: Jenkins API Communication linking 335 | 336 | * Create a persistent storage for Jenkins - Docker Volume 337 | ``` 338 | $ docker run -p 8080:8080 -p 50000:50000 -v [local storage]:[destination storage] jenkins 339 | ``` 340 | 341 | * Unlock Jenkins home on parent OS web Interface 342 | * Set a password - Settings - Users - Configure - Change Password 343 | * Create a simple job to execute Shell command - `$ls` 344 | * New terminal since Jenkins running via Docker on other terminal 345 | * Stop the Docker container of Jenkins 346 | * Check if the job present on the local storage 347 | * Delete the container permanently 348 | * Create another container with same Jenkins home directory of local parent!! 349 | 350 | **BCD!! Jenkins jobs and different configurations are kept intact when we use the same local storage for linking** 351 | 352 | **BCD!! Volume Mapping - Create Volume via Docker CLI - "/var/lib/docker/volumes" but we can directly link a local folder as well.** 353 | 354 | ## Dockerfiles 355 | 356 | Text file with instruction to **build** the Docker Images 357 | 358 | ``` 359 | $ vim Dockerfile 360 | ``` 361 | 362 | ```Dockerfile 363 | # Comments 364 | FROM [image name]/[SCRATCH] # Scratch is an empty image 365 | MAINTAINER [User name] <[Email]> # Optional 366 | RUN [command] # Execute on Build 367 | CMD ["echo","Hello World"]# Execute on container launch 368 | ``` 369 | 370 | * Build the Docker Image 371 | ``` 372 | $ docker build [path] 373 | ``` 374 | 375 | * Build Image with tag 376 | ``` 377 | $ docker build -t [image name] [path] 378 | ``` 379 | 380 | * Run the image 381 | ``` 382 | $ docker run [image ID] 383 | ``` 384 | 385 | ### References 386 | 387 | https://github.com/wsargent/docker-cheat-sheet#dockerfile 388 | 389 | https://docs.docker.com/engine/reference/builder/#environment-replacement 390 | 391 | 392 | ## Docker Compose - Microservice Architecture 393 | 394 | * tool for defining & running multi-container docker applications 395 | * use yaml files to configure application services (docker-compose.yml) 396 | * can start all services with a single command : `docker compose up` 397 | * can stop all services with a single command : `docker compose down` 398 | * can scale up and down selected services/containers of the compose when required 399 | 400 | ### Install Docker Compose 401 | 402 | * Already installed on Mac and Windows 403 | 404 | ``` 405 | $ docker compose -v # or --version 406 | ``` 407 | ``` 408 | $ docker compose version 409 | ``` 410 | 411 | * **Way 1) Download via GitHub** 412 | ``` 413 | $ curl -L https://github.com/docker/compose/releases/download/1.25.4/docker-compose-`uname -s`-`uname -m` -o /usr/local/bin/docker-compose 414 | $ chmod +x /usr/local/bin/docker-compose 415 | ``` 416 | 417 | * **Way 2) Download using pip** 418 | ``` 419 | $ pip install -U docker-compose 420 | ``` 421 | 422 | ## Create Docker compose 423 | ``` 424 | $ vi docker-compose.yaml 425 | ``` 426 | 427 | * 2 space identation 428 | 429 | ``` 430 | version: [version number] # Note docker compose file version must be compatible with Docker Engine version 431 | services: 432 | [container name]: 433 | [image]: [image name] 434 | [container name]: 435 | [image]: [image name] 436 | ``` 437 | 438 | * Check validity of yaml file - correct syntax or not 439 | ``` 440 | $ docker-compose config 441 | ``` 442 | 443 | * Launch all containers 444 | ``` 445 | $ docker-compose up [-d] 446 | ``` 447 | 448 | * Check containers 449 | ``` 450 | $ docker-compose ps 451 | ``` 452 | 453 | * Down the service 454 | ``` 455 | $ docker-compose down 456 | ``` 457 | 458 | * Scale specific containers 459 | ``` 460 | $ docker-compose --scale [c1]=n [c2]=m 461 | ``` 462 | 463 | ## Docker Volumes 464 | 465 | * Volumes are used for persistent data generated by the container even after the container is destroyed 466 | 467 | ### Use of Docker volumes 468 | 469 | * Decoupling container from storage 470 | * Share volume (storage/data) among different containers 471 | * Attach volume to container 472 | * On deleting container volume does not delete 473 | 474 | ### Using Docker Volumes 475 | 476 | ``` 477 | $ docker volume --help 478 | ``` 479 | 480 | * Create Volume 481 | ``` 482 | $ docker create volume [volume name] 483 | ``` 484 | 485 | * List volumes 486 | ``` 487 | $ docker volume ls 488 | ``` 489 | 490 | * Inspect volume 491 | ``` 492 | $ docker volume inspect [volume name] 493 | ``` 494 | 495 | * Remove volume 496 | ``` 497 | $ docker volume rm [volume name] 498 | ``` 499 | 500 | * Delete all unsued volues 501 | ``` 502 | $ docker volume prune 503 | ``` 504 | 505 | * Attach volume on container creation 506 | ``` 507 | $ docker run [-v/--volume/--mount] [volume name]:[destination] [image name] 508 | ``` 509 | 510 | **Note: We can use advanced volume drivers to store the docker volumes on remote or cloud storage** 511 | 512 | ### Bind Mounts - Linking physical location with container rather than Docker volume 513 | ``` 514 | $ docker run -v [source folder]:[destination folder] [image name] 515 | ``` 516 | This source folder, if not already created, is created by the command. 517 | 518 | **Note: Delete All containers** 519 | ``` 520 | $ docker container prune 521 | ``` 522 | 523 | **Note: Delete all running containers** 524 | ``` 525 | $ docker rm $(ps -aq) 526 | ``` 527 | 528 | 529 | --------------------------------------------------------------------------------