Guia definitivo de Docker
curl -fsSL https://get.docker.com/ | bash
sudo groupadd docker
sudo gpasswd -a $USER docker
sudo setfacl -m user:$USER:rw /var/run/docker.sock
https://gist.github.com/rg3915/215567b490c973cd98900cb0a883ef69
Com isso você não precisa ficar digitando sudo na frente dos comandos do docker.
docker version
Mas caso você esteja numa máquina sem as devidas permissões, você precisa digitar
sudo docker version
docker container ls
docker container ls -a
docker run hello-world
docker container ls
docker ps (este comando é obsoleto)
docker container ls -a
docker container run -it nginx
Nota: sair com CTRL + P, Q, vai para segundo plano
Se você digitar CTRL + C o container "pára" e "morre".
docker images
-
-dpara rodar em background, ideal para uma aplicação web (só um exemplo), onde você pode liberar o terminal. -
-itpara executar interatividade com terminal -
/bin/bashpara que possa executar o terminal -
ubuntué o nome da imagem a ser executada, caso não exista será feito o download do dockerhub.
docker run -it ubuntu /bin/bash # sem o modo daemon
CTRL + D
CTRL + P, Q
docker attach CONTAINER ID
docker container run -d -p 8080:80 nginx *
onde 8080 é o host e 80 é a porta do container.
curl 0:8080
docker container exec -it ID bash ou /bin/bash dependendo da imagem.
docker container rm -f ID
docker create ubuntu
docker stop CONTAINER ID
docker start CONTAINER ID
docker pause CONTAINER ID
docker unpause CONTAINER ID
docker logs CONTAINER ID
docker top CONTAINER ID
docker stats CONTAINER ID
docker rm -f CONTAINER ID
docker stop $(docker ps -a -q)
Leia mais em https://blog.baudson.de/blog/stop-and-remove-all-docker-containers-and-images
docker rm $(docker ps -a -q)
docker image rm IMAGE ID
docker run -it -v /volume /bin/bash
docker inspect CONTAINER ID -f {{.Mounts}}
docker run -it -v /$HOME/meu_dir:/volume
docker image ls
docker service update --image linuxtips/nginx-prometheus-exporter:2.0.0 giropops
O Swarm é um orquestrador de containers.
Balanceamento de carga, alta disponibilidade, cluster, service, escalar.
docker swarm init
docker node ls
docker swarm join ...
docker swarm join-token manager
docker swarm join-token worker
docker node promote HOSTNAME # manager
docker node demote HOSTNAME # worker
Para que o cluster funcione é necessário que tenha mais que 51% de managers.
docker node inspect HOSTNAME
Faz balanceamento de carga.
docker swarm init
docker service create --name nginx -p 8080:80 --replicas 5 nginx
docker service ls
docker service ps nginx
docker service logs -f nginx
docker service rm nginx
0.2 são 20% de 1 Core.
docker service create \
--name nginx \
-p 8080:80 \
--replicas 1 \
--limit-cpu 0.2 \
--limit-memory 64M nginx
docker container stats ID
Ex: 1
docker service scale nginx=10
Ex: 2
docker service create --name nginx -p 8080:80 linuxtips/nginx-prometheus-exporter:1.0.0
Ex: 3
docker service scale giropops=10
docker service update --image linuxtips/nginx-prometheus-exporter:1.0.0:2.0.0 giropops
github.com/badtuxx/giropops-monitoring
Dockerfile é para criar a imagem.
docker-compose é para criar a stack (conjunto) de aplicações.
Gerenciador de containers.
docker run -d \
--name myportainer \
-p 9000:9000 \
--restart always \
-v /var/run/docker.sock:/var/run/docker.sock \
-v /opt/portainer:/data \
portainer/portainer
https://docs.docker.com/engine/reference/builder/
Ex: Adaptado de containerized-python-development-part-1.
Importante: No tutorial não fala sobre o
app.run(debug=True, host="0.0.0.0")
importante para a aplicação funcionar no navegador, fora do container.
A partir dai você pode testar acessando a aplicação em
Dica: para conferir quais portas estão expostas você pode digitar
netstat -atunp # ou
netstat -atunp | grep '5000\|8000\|8080\|9000'
echo "Flask==1.1.2" > requirements.txt
cat << EOF > server.py
from flask import Flask
app = Flask(__name__)
@app.route("/")
def hello():
return "Hello World!"
if __name__ == "__main__":
app.run(debug=True, host="0.0.0.0")
EOFcat << EOF > Dockerfile
ARG PYTHON_VERSION='3.8'
# set base image (host OS)
FROM python:3.8
ENV PYTHONUNBUFFERED 1
# set the working directory in the container
WORKDIR /code
# copy the dependencies file to the working directory
COPY requirements.txt .
# install dependencies
RUN pip install -r requirements.txt
# copy the content of the local src directory to the working directory
COPY app.py .
# Expose port
EXPOSE 5000
# command to run on container start
CMD [ "python", "app.py", "--host 0.0.0.0" ]
EOFdocker build -t my-flask-image:1.0 .
Isto requer um comando especial, leia tutorial.sh.
docker image build -t my-flask-image:2.0 \
--compress --force-rm --no-cache \
--rm --squash .docker image ls
É recomendável criar uma rede antes.
docker network create mynetwork
docker network ls
docker container run -d \
--name flask-project \
--hostname flask-project \
--network mynetwork \
-p 5000:5000 \
my-flask-image:1.0docker container logs flask-project docker container exec -it flask-project bash
sudo curl -L "https://github.com/docker/compose/releases/download/1.26.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
sudo chmod +x /usr/local/bin/docker-compose
docker-compose --version
https://docs.docker.com/compose/install/
Crie uma pasta nginx e copie app.conf para dentro dela.
mkdir nginx
cat << EOF > nginx/app.conf
server {
listen 80;
server_name 127.0.0.1;
location / {
proxy_pass http://app:5000;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $http_host;
}
}
EOFObs: Repare que requirements.txt contém o gunicorn.
echo "gunicorn==20.0.4" >> requirements.txt
Em seguida crie o docker-compose.yml
cat << EOF > docker-compose.yml
version: '3.7'
services:
app:
build:
context: .
dockerfile: Dockerfile
container_name: flask-app
hostname: app
stdin_open: true
restart: always
expose:
- '5000'
command: gunicorn -b 0.0.0.0:5000 app:app
networks:
- mynetwork
nginx:
image: nginx
container_name: nginx
hostname: nginx
ports:
- '80:80'
volumes:
- ./nginx:/etc/nginx/conf.d
depends_on:
- app
networks:
- mynetwork
networks:
mynetwork:
EOFdocker-compose up --build -d
Volumes montados em diferentes nós.
curl -sSL https://rexray.io/install | sh -s -- stable
Editar
vim /etc/rexray/config.yml
rexray:
logLevel: debug
libstorage:
# for AWS
service: ebs
integration:
volume:
fileMode: 0777
operations:
mount:
preempt: true
server:
services:
ebs:
driver: ebs
ebs:
accessKey:
secretKey:
region: us-east-1systemctl restart rexray
systemctl status rexray
cd giropops-monitoring/
vim docker-compose.yml
version: '3'
services:
prometheus:
image: linuxtips/prometheus_alpine
volumes:
- prometheus_c:/etc/prometheus/
- prometheus_d:/var/lib/prometheus
deploy:
update_config:
parallelism: 1
delay: 10s
order: stop-first
rollback_config:
parallelism: 1
delay: 10s
monitor: 60s
order: start-first
resources:
limits:
cpus: '0.50'
memory: 512M
reservations:
cpus: '0.25'
memory: 128M
networks:
- backend
ports:
- 9090:9090
node-exporter:
image: linuxtips/node-exporter_alpine
hostname: '{{.Node.ID}}'
volumes:
- /proc:/usr/proc
- /sys:/usr/sys
- /:/rootfs
deploy:
mode: global
update_config:
parallelism: 1
delay: 10s
order: stop-first
networks:
- backend
ports:
- 9100:9100
alertmanager:
image: linuxtips/alertmanager_alpine
deploy:
update_config:
parallelism: 1
delay: 10s
order: stop-first
volumes:
- alertmanager_c:/etc/alertmanager/
networks:
- backend
ports:
- 9093:9093
cadvisor:
image: google/cadvisor
hostname: '{{.Node.ID}}'
deploy:
update_config:
parallelism: 1
delay: 10s
order: stop-first
volumes:
- /:/rootfs:ro
- /var/run:/var/run:rw
- /sys:/sys:ro
- /var/lib/docker/:/var/lib/docker:ro
- /var/run/docker.sock:/var/run/docker.sock:ro
networks:
- backend
ports:
- 8080:8080
grafana:
image: grafana/grafana
deploy:
update_config:
parallelism: 1
delay:10s
order: stop-first
volumes:
- grafana_d:/grafana/data/grafana.db
env_file:
- grafana.config
networks:
- backend
- frontend
ports:
- 3000:3000
networks:
frontend:
backend:
volumes:
alertmanager_c:
external: true
grafana_d:
external: true
prometheus_c:
external: true
prometheus_d:
external: truedocker volume create --driver rexray alertmanager_c
docker volume create --driver rexray grafana_d
docker volume create --driver rexray prometheus_c
docker volume create --driver rexray prometheus_d
docker volume ls
vim conf/alertmanager/config.yml
route:
receiver: 'slack'
receivers:
- name: 'slack'
slack_configs:
- send_resolved: true
username: 'you_name'
channel: '#canal'
api_url: 'https://hooks.slack.com/services/......'vim conf/prometheus/prometheus.yml
rexray volume mount alertmanager_c
rexray volume mount grafana_d
rexray volume mount prometheus_c
rexray volume mount prometheus_d
$ df -h
cp conf/prometheus/* /var/lib/rexray/volumes/prometheus_c/data/
cp conf/alertmanager/* /var/lib/rexray/volumes/alertmanager_c/data/
https://docs.docker.com/engine/swarm/stack-deploy/
docker stack deploy -c docker-compose.yml giropops
docker stack ls
docker stack ps giropops
docker service ls
https://github.com/badtuxx/giropops-monitoring
https://rexray.readthedocs.io/en/stable/
vim /etc/rexray/config.yml
*** AWS instance profile (variáveis de ambiente)
docker volume create --driver rexray grafana_d
$ df -h
docker stack deploy -c docker-compose.yml giropops
docker stack ps giropops
docker service ls