├── centos-install.md
├── LICENSE
├── example-docker-setup-nginx-server.md
└── README.md


/centos-install.md:
--------------------------------------------------------------------------------
 1 | ## Install Docker in CentOS
 2 | ---
 3 | ```
 4 | vi /etc/yum.repos.d/CentOS-Sources.repo
 5 | 
 6 | [extras-source]
 7 | name=CentOS-$releasever - Extras Sources
 8 | baseurl=http://vault.centos.org/centos/$releasever/extras/Source/
 9 | gpgcheck=1
10 | enabled=1
11 | gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
12 | ```
13 | 
14 | ```
15 | sudo yum install -y yum-utils \
16 |   device-mapper-persistent-data \
17 |   lvm2
18 | ```
19 | ```
20 | sudo yum-config-manager \
21 |       --add-repo \
22 |       https://download.docker.com/linux/centos/docker-ce.repo
23 | ```
24 | ```
25 | sudo yum-config-manager --enable docker-ce-edge
26 | sudo yum-config-manager --enable docker-ce-test
27 | sudo yum install docker-ce
28 | ```
29 | 
30 | ### List of docker version
31 | ```
32 | yum list docker-ce --showduplicates | sort -r
33 | ```
34 | ### Starting a docker
35 | ```
36 | service docker start
37 | 
38 | sudo systemctl start docker
39 | ```
40 | ### Hello world
41 | ```
42 | sudo docker run hello-world
43 | ```
44 | ### Test with ubuntu bash
45 | ```
46 | docker run -it ubuntu bash
47 | ```
48 | 


--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
 1 | MIT License
 2 | 
 3 | Copyright (c) 2017 miendinh
 4 | 
 5 | Permission is hereby granted, free of charge, to any person obtaining a copy
 6 | of this software and associated documentation files (the "Software"), to deal
 7 | in the Software without restriction, including without limitation the rights
 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 | 
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 | 
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 | SOFTWARE.
22 | 


--------------------------------------------------------------------------------
/example-docker-setup-nginx-server.md:
--------------------------------------------------------------------------------
 1 | ### Create Nginx Server with Docker
 2 | 
 3 | #### Step 1: Search an image
 4 | ```
 5 | docker search nginx
 6 | ```
 7 | 
 8 | #### Step 2: Pull an image
 9 | ```
10 | docker pull nginx
11 | ```
12 | #### Step 3: Create a container
13 | ```
14 | docker run -d -ti nginx bash
15 | ```
16 | - Get container name
17 | ```
18 | docker ps -l
19 | ```
20 | - Start some services in "background" docker.
21 | - "admiring_dubinsky" is the name of container of my server, change it for yours.
22 | 
23 | ```
24 | docker exec -ti admiring_dubinsky bash -c "service nginx start"
25 | ```
26 | 
27 | #### Step 4: Test
28 | 
29 | - Get container IP:
30 | ```
31 |   docker inspect <containr-ID> | grep IP
32 | ```
33 | - Is nginx running ?
34 | ```
35 |   curl <container-IP>
36 | ```
37 | #### Step 5: Port forward for external access to container.
38 | - Using iptables.
39 | 
40 | ```
41 | sysctl net.ipv4.ip_forward=1
42 | 
43 | iptables -t nat -A PREROUTING -p tcp -d 0.0.0.0/32 --dport 80 -j DNAT --to-destination <container-ip>:80
44 | 
45 | iptables -t nat -A POSTROUTING -j MASQUERADE
46 | ```
47 | 
48 | #### References
49 | 
50 | 1. https://www.debuntu.org/how-to-redirecting-network-traffic-to-a-new-ip-using-iptables/
51 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
  1 | # Docker Notes - Best Practices
  2 | 
  3 | ## Table Content
  4 | ```
  5 | 1. Docker Architecture
  6 | 3. Cheat Sheet
  7 | 4. Docker CLI
  8 | 4.1. List all docker image
  9 | 4.2 Running ubuntu bash
 10 | 4.3. List of containers
 11 | 4.4. Docker commit
 12 | 5. Running processes in container
 13 | 5.1. View output of container
 14 | 5.2. Kill a container
 15 | 6. Manage container
 16 | 6.1. Memory limits
 17 | 6.2. CPU limits
 18 | 7. Networking
 19 | 7.1. Getting container ip
 20 | 7.2. UDP ports
 21 | 8. Connecting between Containers
 22 | 8.1. host -> container
 23 | 8.2. container --> container
 24 | 9. container connects to other container directly.
 25 | 10. Listing images
 26 | 10.1. Getting images
 27 | 10.2. Removing images
 28 | 11. Volumes
 29 | 11.1. Sharing data with the host
 30 | 11.2. Sharing Data between Containers
 31 | 12. Docker Registries
 32 | 12.1. Finding Images
 33 | 13. Dockerfile
 34 | 14. References
 35 | ```
 36 | 
 37 | ## 1. Docker Architecture
 38 | ![](http://apachebooster.com/kb/wp-content/uploads/2017/09/docker-architecture.png)
 39 | 
 40 | ## 2. Setup
 41 | * [CentOS](centos-install.md)
 42 | 
 43 | ## 3. Cheat Sheet
 44 | 
 45 | https://github.com/wsargent/docker-cheat-sheet#why-docker
 46 | 
 47 | ![](http://extremeautomation.io/img/cheatsheets/cheat_sheet_docker_page_1.png)
 48 | 
 49 | ## 4. Docker CLI
 50 | 
 51 | ### 4.1. List all docker image
 52 | ```
 53 | docker images
 54 | ```
 55 | ### 4.2 Running ubuntu bash
 56 | - image --> docker run --> running container --> stopped container --> docker commit --> new images
 57 | - image is not change.
 58 | 
 59 | #### -ti = terminal keyboardInteractive
 60 | ```
 61 | docker run -ti ubuntu:latest
 62 | ```
 63 | ### 4.3. List of containers
 64 | ```
 65 | docker ps
 66 | ```
 67 | #### List of docker with format
 68 | ```
 69 | docker ps --format $FORMAT
 70 | ```
 71 | #### List all (-a)
 72 | ```
 73 | docker ps -a
 74 | ```
 75 | #### List last (-l)
 76 | ```
 77 | docker ps -l
 78 | ```
 79 | ### 4.4. Docker commit
 80 | - create new image from container
 81 | ```
 82 | docker commit <docker id | name> [<new-image-name>]
 83 | ```
 84 | - set tag for new images
 85 | ```
 86 | docker tag < sha256 > < tag-name >
 87 | ```
 88 | ex:
 89 | ```
 90 | docker tag 52caa40054059fc07e4148337efa0a937799dc25ddc6b2e9f4d7deec4cf63177 my-image
 91 | ```
 92 | test:
 93 | 
 94 | ```
 95 | docker run -ti my-image
 96 | ```
 97 | 
 98 | ## 5. Running processes in container
 99 | 
100 | * --rm : do not keep container after finish process
101 | ```
102 | docker run --rm -ti ubuntu sleep 5
103 | docker run --rm -ti ubuntu cat /etc/hosts
104 | docker run -ti ubuntu bash -c "sleep 5; echo done"
105 | ```
106 | * -d : (detach) run docker process in background
107 | ```
108 | docker run -d -ti ubuntu bash
109 | ```
110 | * attach
111 | ```
112 | docker ps -l [--format $FORMAT]
113 | docker attach <container-name>
114 | ```
115 | * detach, leave it running in background
116 | Control P + Control Q
117 | 
118 | * add another process in existed container
119 | ```
120 | docker exec -ti <container-name> <command>
121 | ```
122 | ex:
123 | ```
124 | docker exec -ti gifted_kirch bash
125 | ```
126 | 
127 | ### 5.1. View output of container
128 | ```
129 | docker logs <container-name>
130 | ```
131 | ex:
132 | ```
133 | docker run --name my-container -d ubuntu bash -c "more /etc/hosts"
134 | docker logs my-container
135 | ```
136 | ### 5.2. Kill a container
137 | ```
138 | docker kill <container-name>
139 | ```
140 | 
141 | ## 6. Manage container
142 | ### 6.1. Memory limits
143 | ```
144 | docker run --memory <maxium-allowed> <image-image> <command>
145 | ```
146 | ### 6.2. CPU limits
147 | ```
148 | docker run --cpu-shares relative to other containers
149 | docker run --cpu-quota to limit it in general
150 | ```
151 | ## 7. Networking
152 | 
153 | ![](https://goldmann.pl/images/docker-network/network.png)
154 | 
155 | ex:
156 | - echo-server ( -p port_in[:port_out] )
157 | ```
158 | docker run --rm -ti -p 45678:45678 -p 45679:45679 --name echo-server ubuntu:14.04 bash
159 | 
160 | nc -lp 45678 | nc -lp 45679
161 | ```
162 | ### 7.1. Getting container ip
163 | ```
164 | docker ps
165 | docker inspect <container-id> | grep IP
166 | ```
167 | ```
168 | nc <container-ip> <port>
169 | ```
170 | ex1:
171 | ```
172 | nc 172.17.0.2 45678
173 | nc 172.17.0.2 45679
174 | ```
175 | ex2:
176 | ```
177 | docker run --rm -ti -p 45678 -p 45679 --name echo-server ubuntu:14.04 bash
178 | 
179 | docker port echo-server
180 | ```
181 | ### 7.2. UDP ports
182 | ```
183 | docker run -p ousite-port:insite-port/protocol(tcp/udp)
184 | ```
185 | ex:
186 | ```
187 | docker run -p 1234:1234/udp
188 | ```
189 | ## 8. Connecting between Containers
190 | 
191 | Client Container-->Host Network--->Virtual Network ---> Server Container
192 | 
193 | ex:
194 | ```
195 | docker run -ti --rm -p 1234:1234 unbuntu:14.04 bash
196 | nc -lp 1234
197 | ```
198 | ### 8.1. host -> container
199 | ```
200 | docker ps -l
201 | docker inspect <container-id> | grep IP
202 | nc <container-ip> 1234
203 | ```
204 | ### 8.2. container --> container
205 | ```
206 | docker run -ti --rm ubuntu:14.04 bash
207 | nc <container-id> 1234
208 | ```
209 | ## 9. container connects to other container directly.
210 | 
211 | - server
212 | ```
213 | docker run -ti --rm --name server ubuntu:14.04 bash
214 | nc -lp 1234
215 | ```
216 | - client
217 | ```
218 | docker run --rm -ti --link server --name client ubuntu:14.04 bash
219 | nc server 1234
220 | ```
221 | - Link directly:
222 | + A service with its DB - not good
223 | + Automatically assigns a hot name
224 | + That links can break when containers restart
225 | 
226 | ### 9.1. Making Links Not Break
227 | 
228 | - Docker has private networks.
229 | - Fix the Links
230 | - Must create the networks in advance
231 | ```
232 | docker network create <network-name>
233 | ```
234 | ex:
235 | * server
236 | ```
237 | docker network create example
238 | docker run --rm -ti --net=example --name server ubuntu:14.04 bash
239 | nc
240 | nc -lp 1234
241 | ```
242 | * client
243 | ```
244 | docker run --rm -ti --link server --net=example --name client ubuntu:14.04 bash
245 | nc server 1234
246 | ```
247 | - Now kill the server and restart again.
248 | - The link between server and client does not break.
249 | 
250 | ### 9.2. Limiting access to only host
251 | 
252 | ```
253 | docker run -p 127.0.0.1:1234:1234/tcp
254 | ```
255 | 
256 | ## 10. Listing images
257 | - List downloaded images
258 | ```
259 | docker images
260 | ```
261 | - Tagging gives images
262 | ```
263 | docker commit <container-id|name> <new-image-name>[:<tag>]
264 | ```
265 | ex:
266 | ```
267 | docker ps -l
268 | docker commit b5938fe91f4c my-image-now
269 | docker images
270 | ```
271 | ### 10.1. Getting images
272 | - for offline work
273 | ```
274 | docker pull
275 | ```
276 | ### 10.2. Removing images
277 | ```
278 | docker rmi <image-name|id>
279 | ```
280 | ex:
281 | ```
282 | docker images
283 | docker rmi my-image
284 | ```
285 | 
286 | ## 11. Volumes
287 | - Sharing data between containers and containers and host.
288 | - Virtual "dicsc"
289 | - Two types:
290 |   + Persistent : Keep when container went away.
291 |   + Ephemeral: exists in container life.
292 | - Volumes is not a part of image.
293 | 
294 | ### 11.1. Sharing data with the host
295 | - like VMware.
296 | - Sharing folders with the host
297 | ex:
298 | ```
299 | mkdir /home/docker/my-volume
300 | docker run -ti -v=/home/docker/my-volume:/shared-folder ubuntu bash
301 | cd /shared-folder
302 | touch my-data
303 | Press Crtl + D
304 | 
305 | ls ./my-volume/shared-folder
306 | ```
307 | - Sharing a "single file" into a container
308 | 
309 | ### 11.2. Sharing Data between Containers
310 | * volumes-from
311 | * Shared disks that exist only as long as they are being used
312 | * Can be shared between containers
313 | 
314 | ex
315 | - Container #1
316 | ```
317 | docker run -ti -v /shared-data ubuntu bash
318 | echo "hello, is it great!" > /shared-data/my-file
319 | ```
320 | - Container #2
321 | ```
322 | docker ps -l
323 | docker run -ti --volumnes-from jovial_goodall ubuntu bash
324 | cat /shared-data/my-file
325 | ```
326 | 
327 | ## 12. Docker Registries
328 | 
329 | - Registries and distributes images.
330 | 
331 | ### 12.1. Finding Images
332 | 
333 | https://hub.docker.com
334 | 
335 | ```
336 | docker search centos
337 | ```
338 | 
339 | - Push image to the world.
340 | ```
341 | docker login
342 | docker pull centos
343 | docker tag centos:123 test/test-image-32:v123.1234
344 | docker push test/test-image-32:v123.1234
345 | ```
346 | Note: Do not push password with the image
347 | 
348 | ## 13. Dockerfile
349 | - What is it ?
350 | + code to create image
351 | 
352 | docker build -t name-of-result .
353 | 
354 | + each line takes the image of previous line and makes another images.
355 | + the previous image is unchanged.
356 | 
357 | ## 14. References
358 | 1. https://docs.docker.com/engine/reference/builder/
359 | 2. http://apachebooster.com/kb/wp-content/uploads/2017/09/docker-architecture.png
360 | 3. https://github.com/wsargent/docker-cheat-sheet#why-docker
361 | 4. http://extremeautomation.io/img/cheatsheets/cheat_sheet_docker_page_1.png
362 | 


--------------------------------------------------------------------------------