Docker

From The Munich Maker Lab's Wiki
Revision as of 23:32, 28 February 2017 by JanS (talk | contribs)
Jump to navigation Jump to search

We currently have one docker host, running a bunch of different containers.

Hosts

docker01

  • Debian jessie minimal
  • Access: Matthias, Severin, Heiko, JanS


Containers

  • Applications
    • Zabbix (currently inactive)
    • Bind (DNS)
    • SignMan for Wall of Monitors
    • GitServices
    • Freeboard dashboards
    • OpenVPN
    • Node Red (currently not active>

All listed applications are started automatically using systemd unit files.

severin@docker01:~$ date
Tue Nov 15 23:09:36 CET 2016
severin@docker01:~$ docker ps
CONTAINER ID        IMAGE                                    COMMAND                  CREATED             STATUS              PORTS                                                              NAMES
6b8521a38ef4        kylemanna/openvpn                    "ovpn_run"               About a minute ago   Up About a minute   1194/udp, 0.0.0.0:1194->1194/tcp                                   openvpn
a32a902612d8        monitoringartist/zabbix-3.0-xxl:latest   "/config/bootstrap.sh"   7 minutes ago       Up 6 minutes        80/tcp, 10052/tcp, 162/udp, 0.0.0.0:10051->10051/tcp               zabbix
1e6224a17328        sameersbn/bind:latest                    "/sbin/entrypoint.sh "   6 hours ago         Up 6 hours          0.0.0.0:53->53/tcp, 0.0.0.0:10000->10000/tcp, 0.0.0.0:53->53/udp   bind
f8a81a6f9046        jwilder/nginx-proxy                      "/app/docker-entrypoi"   7 hours ago         Up 7 hours          0.0.0.0:80->80/tcp, 443/tcp                                        nginx-proxy
511c8852e487        monitoringartist/zabbix-db-mariadb       "/run.sh"                7 hours ago         Up 7 hours          3306/tcp                                                           zabbix-db
299d52a61bc6        tiefpunkt/signman                        "flask run --host=0.0"   7 hours ago         Up 7 hours          8080/tcp                                                           signman
d15878ea59ec        nginx:alpine                             "nginx -g 'daemon off"   7 hours ago         Up 7 hours          80/tcp, 443/tcp                                                    dashboard
568f32781b73        siedi/zabbix-autossh                     "/autossh-start.sh za"   7 hours ago         Up 7 hours          10050/tcp                                                          mars-tunnel
0c253eb3eb5e        siedi/zabbix-autossh                     "/autossh-start.sh za"   7 hours ago         Up 7 hours          10050/tcp                                                          jupiter-tunnel
ec838d62508d        munichmakerlab/hourcounter               "flask run --host=0.0"   7 hours ago         Up 7 hours          8080/tcp                                                           hourcounter

Bind (DNS)

docker run --name bind -d --restart=always \
  --publish 53:53/tcp --publish 53:53/udp --publish 10000:10000/tcp \
  --volume /srv/bind:/data \
  --env ROOT_PASSWORD=<PASSWORD> \
  sameersbn/bind:latest

Docker image with Bind as DNS Server and Webmin for Administration. See details at http://www.damagehead.com/blog/2015/04/28/deploying-a-dns-server-using-docker/

Node RED

docker run ---name nodered d --restart=always \
  --publish 1880:1880 \
  --volume /srv/node-red:/data \
  nodered/node-red-docker

nginx-proxy

https://github.com/jwilder/nginx-proxy

docker run -d -p 80:80 -v /var/run/docker.sock:/tmp/docker.sock:ro jwilder/nginx-proxy

Freeboard

Dasboards: https://github.com/Freeboard/freeboard.git

mkdir /srv/dashboard
cd /srv/dashboard
git clone https://github.com/Freeboard/freeboard.git
docker run -it --rm -v /srv/dashboard/freeboard:/data digitallyseamless/nodejs-bower-grunt bash
> npm install
> grunt
> exit

docker run -d \
  --name dashboard \
  -v /srv/dashboard/freeboard:/usr/share/nginx/html:ro \
  -e VIRTUAL_HOST=dashboard,dashboard.intern.munichmakerlab.de \
  nginx:alpine

SignMan

git clone https://github.com/tiefpunkt/signman.git
docker build -t "tiefpunkt/signman" signman/server

docker run -d \
  --name signman \
  -v /srv/signman:/data:rw \
  -e VIRTUAL_HOST=signman,signman.intern.munichmakerlab.de \
  tiefpunkt/signman

GitServices

git clone https://github.com/munichmakerlab/docker-nginx-php-gitautopull.git
docker build -t "spaceweb" docker-nginx-php-gitautopull

/usr/bin/docker run --name gitservices \
  --volume /srv/gitservices:/var/www/html:rw \
  -e VIRTUAL_HOST=services,services.intern.munichmakerlab.de \
  spaceweb

HourCounter

docker run -d \
  --name=hourcounter \
  -v /srv/hourcounter:/data \
  -e "VIRTUAL_HOST=hourcounter,hourcounter.intern.munichmakerlab.de" \
  munichmakerlab/hourcounter

Zabbix

See Zabbix

OpenVPN

See OpenVPN

Service Setup

To have a docker container automatically started at boot time, add a systemd service.

1. Create a new service file

(Important note: Do remove the -d flag from the docker run command, otherwise the service will start all over again

sudo vi /lib/systemd/system/docker-<container>.service
[Unit] 
Description=Dashboards
After=docker.service
Requires=docker.service

[Service]
TimeoutStartSec=0
Restart=always
ExecStartPre=-/usr/bin/docker kill dashboard
ExecStartPre=-/usr/bin/docker rm dashboard
ExecStart=/usr/bin/docker run --name dashboard \
                                -v /srv/dashboard/freeboard:/usr/share/nginx/html:ro \
                                -e VIRTUAL_HOST=dashboard,dashboard.intern.munichmakerlab.de \
                                nginx:alpine
ExecStop=/usr/bin/docker stop -t 5 dashboard
#ExecStopPost=/usr/bin/docker rm dashboard

[Install]
WantedBy=multi-user.target

2. Reload Systemd-Daemon

sudo systemctl daemon-reload

3. Start Service

sudo systemctl start docker-<container>.service

4. Enable at Boot

sudo systemctl enable docker-<container>.service This actually creates a symlink to /etc/systemd/system/multi-user/...

To view the logs of the startup, you can use

sudo journalctl -f -u docker-<container>

Docker commands

Access the bash in a container (when it is provided, or run any other command):

docker exec -ti <container_name> /bin/bash

Get the list of networks:

docker network list

Old container clean up

docker rm $(docker ps --filter=status=exited --filter=status=created -q)

Image clean up

docker rmi $(docker images -a --filter=dangling=true -q)

Volume clean up

docker volume rm $(docker volume ls -qf dangling=true)