Docker: Difference between revisions
Jump to navigation
Jump to search
(Created page with "We currently have one docker host, running a bunch of different containers. == Hosts == === coreos10 === * CoreOS * Access: Matthias, Severin Reconfigure (SSH-Keys etc.): s...") |
|||
| (9 intermediate revisions by 3 users not shown) | |||
| Line 2: | Line 2: | ||
== Hosts == | == Hosts == | ||
=== | === docker01 === | ||
* | * CentOS 7.8 | ||
* Access: | * Access: Severin | ||
== Containers == | == Containers == | ||
* Applications | * Applications | ||
** Zabbix | ** <del>Zabbix</del> (currently inactive) | ||
** Bind (DNS) | ** Bind (DNS) | ||
** Node Red | ** SignMan for Wall of Monitors | ||
** GitServices | |||
** Freeboard dashboards | |||
** OpenVPN | |||
** <del>Node Red</del> (currently not active> | |||
All listed applications are started automatically using systemd unit files. | |||
<pre style="overflow:scroll; white-space: pre;"> | |||
severin@docker01:~$ date | |||
Tue Nov 15 23:09:36 CET 2016 | |||
severin@docker01:~$ docker ps | |||
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES | |||
6b8521a38ef4 kylemanna/openvpn "ovpn_run" About a minute ago Up About a minute 1194/udp, 0.0.0.0:1194->1194/tcp openvpn | |||
a32a902612d8 monitoringartist/zabbix-3.0-xxl:latest "/config/bootstrap.sh" 7 minutes ago Up 6 minutes 80/tcp, 10052/tcp, 162/udp, 0.0.0.0:10051->10051/tcp zabbix | |||
1e6224a17328 sameersbn/bind:latest "/sbin/entrypoint.sh " 6 hours ago Up 6 hours 0.0.0.0:53->53/tcp, 0.0.0.0:10000->10000/tcp, 0.0.0.0:53->53/udp bind | |||
f8a81a6f9046 jwilder/nginx-proxy "/app/docker-entrypoi" 7 hours ago Up 7 hours 0.0.0.0:80->80/tcp, 443/tcp nginx-proxy | |||
511c8852e487 monitoringartist/zabbix-db-mariadb "/run.sh" 7 hours ago Up 7 hours 3306/tcp zabbix-db | |||
299d52a61bc6 tiefpunkt/signman "flask run --host=0.0" 7 hours ago Up 7 hours 8080/tcp signman | |||
d15878ea59ec nginx:alpine "nginx -g 'daemon off" 7 hours ago Up 7 hours 80/tcp, 443/tcp dashboard | |||
568f32781b73 siedi/zabbix-autossh "/autossh-start.sh za" 7 hours ago Up 7 hours 10050/tcp mars-tunnel | |||
0c253eb3eb5e siedi/zabbix-autossh "/autossh-start.sh za" 7 hours ago Up 7 hours 10050/tcp jupiter-tunnel | |||
ec838d62508d munichmakerlab/hourcounter "flask run --host=0.0" 7 hours ago Up 7 hours 8080/tcp hourcounter | |||
</pre> | |||
=== Bind (DNS) === | |||
docker run --name bind -d --restart=always \ | |||
--publish 53:53/tcp --publish 53:53/udp --publish 10000:10000/tcp \ | |||
--volume /srv/bind:/data \ | |||
--env ROOT_PASSWORD=<PASSWORD> \ | |||
sameersbn/bind:latest | |||
Docker image with Bind as DNS Server and Webmin for Administration. See details at http://www.damagehead.com/blog/2015/04/28/deploying-a-dns-server-using-docker/ | |||
=== Node RED === | |||
docker run ---name nodered d --restart=always \ | |||
--publish 1880:1880 \ | |||
--volume /srv/node-red:/data \ | |||
nodered/node-red-docker | |||
=== nginx-proxy === | |||
https://github.com/jwilder/nginx-proxy | |||
<pre> | |||
docker run -d -p 80:80 -v /var/run/docker.sock:/tmp/docker.sock:ro jwilder/nginx-proxy | |||
</pre> | |||
=== Freeboard === | |||
Dasboards: https://github.com/Freeboard/freeboard.git | |||
<pre> | |||
mkdir /srv/dashboard | |||
cd /srv/dashboard | |||
git clone https://github.com/Freeboard/freeboard.git | |||
docker run -it --rm -v /srv/dashboard/freeboard:/data digitallyseamless/nodejs-bower-grunt bash | |||
> npm install | |||
> grunt | |||
> exit | |||
docker run -d \ | |||
--name dashboard \ | |||
-v /srv/dashboard/freeboard:/usr/share/nginx/html:ro \ | |||
-e VIRTUAL_HOST=dashboard,dashboard.intern.munichmakerlab.de \ | |||
nginx:alpine | |||
</pre> | |||
=== SignMan === | |||
<pre> | |||
git clone https://github.com/tiefpunkt/signman.git | |||
docker build -t "tiefpunkt/signman" signman/server | |||
docker run -d \ | |||
--name signman \ | |||
-v /srv/signman:/data:rw \ | |||
-e VIRTUAL_HOST=signman,signman.intern.munichmakerlab.de \ | |||
tiefpunkt/signman | |||
</pre> | |||
=== GitServices === | |||
<pre> | |||
git clone https://github.com/munichmakerlab/docker-nginx-php-gitautopull.git | |||
docker build -t "spaceweb" docker-nginx-php-gitautopull | |||
/usr/bin/docker run --name gitservices \ | |||
--volume /srv/gitservices:/var/www/html:rw \ | |||
-e VIRTUAL_HOST=services,services.intern.munichmakerlab.de \ | |||
spaceweb | |||
</pre> | |||
=== HourCounter === | |||
<pre> | |||
docker run -d \ | |||
--name=hourcounter \ | |||
-v /srv/hourcounter:/data \ | |||
-e "VIRTUAL_HOST=hourcounter,hourcounter.intern.munichmakerlab.de" \ | |||
munichmakerlab/hourcounter | |||
</pre> | |||
=== Zabbix === | |||
See [[Zabbix]] | |||
=== OpenVPN === | |||
See [[OpenVPN]] | |||
== Service Setup == | |||
To have a docker container automatically started at boot time, add a systemd service. | |||
1. Create a new service file | |||
(Important note: Do remove the -d flag from the docker run command, otherwise the service will start all over again | |||
<pre> | |||
sudo vi /lib/systemd/system/docker-<container>.service | |||
</pre> | |||
<pre> | |||
[Unit] | |||
Description=Dashboards | |||
After=docker.service | |||
Requires=docker.service | |||
[Service] | |||
TimeoutStartSec=0 | |||
Restart=always | |||
ExecStartPre=-/usr/bin/docker kill dashboard | |||
ExecStartPre=-/usr/bin/docker rm dashboard | |||
ExecStart=/usr/bin/docker run --name dashboard \ | |||
-v /srv/dashboard/freeboard:/usr/share/nginx/html:ro \ | |||
-e VIRTUAL_HOST=dashboard,dashboard.intern.munichmakerlab.de \ | |||
nginx:alpine | |||
ExecStop=/usr/bin/docker stop -t 5 dashboard | |||
#ExecStopPost=/usr/bin/docker rm dashboard | |||
[Install] | |||
WantedBy=multi-user.target | |||
</pre> | |||
2. Reload Systemd-Daemon | |||
<code>sudo systemctl daemon-reload</code> | |||
3. Start Service | |||
<code>sudo systemctl start docker-<container>.service</code> | |||
4. Enable at Boot | |||
<code>sudo systemctl enable docker-<container>.service</code> | |||
This actually creates a symlink to /etc/systemd/system/multi-user/... | |||
To view the logs of the startup, you can use | |||
<code>sudo journalctl -f -u docker-<container></code> | |||
== Docker commands == | |||
Access the bash in a container (when it is provided, or run any other command): | |||
<pre>docker exec -ti <container_name> /bin/bash</pre> | |||
Get the list of networks: | |||
<pre>docker network list</pre> | |||
Old container clean up | |||
<pre>docker rm $(docker ps --filter=status=exited --filter=status=created -q)</pre> | |||
Image clean up | |||
<pre>docker rmi $(docker images -a --filter=dangling=true -q)</pre> | |||
Volume clean up | |||
<pre>docker volume rm $(docker volume ls -qf dangling=true)</pre> | |||
[[Category:Infrastructure]] | [[Category:Infrastructure]] | ||
Latest revision as of 11:25, 4 July 2020
We currently have one docker host, running a bunch of different containers.
Hosts
docker01
- CentOS 7.8
- Access: Severin
Containers
- Applications
Zabbix(currently inactive)- Bind (DNS)
- SignMan for Wall of Monitors
- GitServices
- Freeboard dashboards
- OpenVPN
Node Red(currently not active>
All listed applications are started automatically using systemd unit files.
severin@docker01:~$ date Tue Nov 15 23:09:36 CET 2016 severin@docker01:~$ docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 6b8521a38ef4 kylemanna/openvpn "ovpn_run" About a minute ago Up About a minute 1194/udp, 0.0.0.0:1194->1194/tcp openvpn a32a902612d8 monitoringartist/zabbix-3.0-xxl:latest "/config/bootstrap.sh" 7 minutes ago Up 6 minutes 80/tcp, 10052/tcp, 162/udp, 0.0.0.0:10051->10051/tcp zabbix 1e6224a17328 sameersbn/bind:latest "/sbin/entrypoint.sh " 6 hours ago Up 6 hours 0.0.0.0:53->53/tcp, 0.0.0.0:10000->10000/tcp, 0.0.0.0:53->53/udp bind f8a81a6f9046 jwilder/nginx-proxy "/app/docker-entrypoi" 7 hours ago Up 7 hours 0.0.0.0:80->80/tcp, 443/tcp nginx-proxy 511c8852e487 monitoringartist/zabbix-db-mariadb "/run.sh" 7 hours ago Up 7 hours 3306/tcp zabbix-db 299d52a61bc6 tiefpunkt/signman "flask run --host=0.0" 7 hours ago Up 7 hours 8080/tcp signman d15878ea59ec nginx:alpine "nginx -g 'daemon off" 7 hours ago Up 7 hours 80/tcp, 443/tcp dashboard 568f32781b73 siedi/zabbix-autossh "/autossh-start.sh za" 7 hours ago Up 7 hours 10050/tcp mars-tunnel 0c253eb3eb5e siedi/zabbix-autossh "/autossh-start.sh za" 7 hours ago Up 7 hours 10050/tcp jupiter-tunnel ec838d62508d munichmakerlab/hourcounter "flask run --host=0.0" 7 hours ago Up 7 hours 8080/tcp hourcounter
Bind (DNS)
docker run --name bind -d --restart=always \ --publish 53:53/tcp --publish 53:53/udp --publish 10000:10000/tcp \ --volume /srv/bind:/data \ --env ROOT_PASSWORD=<PASSWORD> \ sameersbn/bind:latest
Docker image with Bind as DNS Server and Webmin for Administration. See details at http://www.damagehead.com/blog/2015/04/28/deploying-a-dns-server-using-docker/
Node RED
docker run ---name nodered d --restart=always \ --publish 1880:1880 \ --volume /srv/node-red:/data \ nodered/node-red-docker
nginx-proxy
https://github.com/jwilder/nginx-proxy
docker run -d -p 80:80 -v /var/run/docker.sock:/tmp/docker.sock:ro jwilder/nginx-proxy
Freeboard
Dasboards: https://github.com/Freeboard/freeboard.git
mkdir /srv/dashboard cd /srv/dashboard git clone https://github.com/Freeboard/freeboard.git docker run -it --rm -v /srv/dashboard/freeboard:/data digitallyseamless/nodejs-bower-grunt bash > npm install > grunt > exit docker run -d \ --name dashboard \ -v /srv/dashboard/freeboard:/usr/share/nginx/html:ro \ -e VIRTUAL_HOST=dashboard,dashboard.intern.munichmakerlab.de \ nginx:alpine
SignMan
git clone https://github.com/tiefpunkt/signman.git docker build -t "tiefpunkt/signman" signman/server docker run -d \ --name signman \ -v /srv/signman:/data:rw \ -e VIRTUAL_HOST=signman,signman.intern.munichmakerlab.de \ tiefpunkt/signman
GitServices
git clone https://github.com/munichmakerlab/docker-nginx-php-gitautopull.git docker build -t "spaceweb" docker-nginx-php-gitautopull /usr/bin/docker run --name gitservices \ --volume /srv/gitservices:/var/www/html:rw \ -e VIRTUAL_HOST=services,services.intern.munichmakerlab.de \ spaceweb
HourCounter
docker run -d \ --name=hourcounter \ -v /srv/hourcounter:/data \ -e "VIRTUAL_HOST=hourcounter,hourcounter.intern.munichmakerlab.de" \ munichmakerlab/hourcounter
Zabbix
See Zabbix
OpenVPN
See OpenVPN
Service Setup
To have a docker container automatically started at boot time, add a systemd service.
1. Create a new service file
(Important note: Do remove the -d flag from the docker run command, otherwise the service will start all over again
sudo vi /lib/systemd/system/docker-<container>.service
[Unit]
Description=Dashboards
After=docker.service
Requires=docker.service
[Service]
TimeoutStartSec=0
Restart=always
ExecStartPre=-/usr/bin/docker kill dashboard
ExecStartPre=-/usr/bin/docker rm dashboard
ExecStart=/usr/bin/docker run --name dashboard \
-v /srv/dashboard/freeboard:/usr/share/nginx/html:ro \
-e VIRTUAL_HOST=dashboard,dashboard.intern.munichmakerlab.de \
nginx:alpine
ExecStop=/usr/bin/docker stop -t 5 dashboard
#ExecStopPost=/usr/bin/docker rm dashboard
[Install]
WantedBy=multi-user.target
2. Reload Systemd-Daemon
sudo systemctl daemon-reload
3. Start Service
sudo systemctl start docker-<container>.service
4. Enable at Boot
sudo systemctl enable docker-<container>.service
This actually creates a symlink to /etc/systemd/system/multi-user/...
To view the logs of the startup, you can use
sudo journalctl -f -u docker-<container>
Docker commands
Access the bash in a container (when it is provided, or run any other command):
docker exec -ti <container_name> /bin/bash
Get the list of networks:
docker network list
Old container clean up
docker rm $(docker ps --filter=status=exited --filter=status=created -q)
Image clean up
docker rmi $(docker images -a --filter=dangling=true -q)
Volume clean up
docker volume rm $(docker volume ls -qf dangling=true)
