Docker
We currently have one docker host, running a bunch of different containers.
Hosts
docker01
- CentOS 7.8
- Access: Severin
Containers
- Applications
Zabbix(currently inactive)- Bind (DNS)
- SignMan for Wall of Monitors
- GitServices
- Freeboard dashboards
- OpenVPN
Node Red(currently not active>
All listed applications are started automatically using systemd unit files.
severin@docker01:~$ date Tue Nov 15 23:09:36 CET 2016 severin@docker01:~$ docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 6b8521a38ef4 kylemanna/openvpn "ovpn_run" About a minute ago Up About a minute 1194/udp, 0.0.0.0:1194->1194/tcp openvpn a32a902612d8 monitoringartist/zabbix-3.0-xxl:latest "/config/bootstrap.sh" 7 minutes ago Up 6 minutes 80/tcp, 10052/tcp, 162/udp, 0.0.0.0:10051->10051/tcp zabbix 1e6224a17328 sameersbn/bind:latest "/sbin/entrypoint.sh " 6 hours ago Up 6 hours 0.0.0.0:53->53/tcp, 0.0.0.0:10000->10000/tcp, 0.0.0.0:53->53/udp bind f8a81a6f9046 jwilder/nginx-proxy "/app/docker-entrypoi" 7 hours ago Up 7 hours 0.0.0.0:80->80/tcp, 443/tcp nginx-proxy 511c8852e487 monitoringartist/zabbix-db-mariadb "/run.sh" 7 hours ago Up 7 hours 3306/tcp zabbix-db 299d52a61bc6 tiefpunkt/signman "flask run --host=0.0" 7 hours ago Up 7 hours 8080/tcp signman d15878ea59ec nginx:alpine "nginx -g 'daemon off" 7 hours ago Up 7 hours 80/tcp, 443/tcp dashboard 568f32781b73 siedi/zabbix-autossh "/autossh-start.sh za" 7 hours ago Up 7 hours 10050/tcp mars-tunnel 0c253eb3eb5e siedi/zabbix-autossh "/autossh-start.sh za" 7 hours ago Up 7 hours 10050/tcp jupiter-tunnel ec838d62508d munichmakerlab/hourcounter "flask run --host=0.0" 7 hours ago Up 7 hours 8080/tcp hourcounter
Bind (DNS)
docker run --name bind -d --restart=always \ --publish 53:53/tcp --publish 53:53/udp --publish 10000:10000/tcp \ --volume /srv/bind:/data \ --env ROOT_PASSWORD=<PASSWORD> \ sameersbn/bind:latest
Docker image with Bind as DNS Server and Webmin for Administration. See details at http://www.damagehead.com/blog/2015/04/28/deploying-a-dns-server-using-docker/
Node RED
docker run ---name nodered d --restart=always \ --publish 1880:1880 \ --volume /srv/node-red:/data \ nodered/node-red-docker
nginx-proxy
https://github.com/jwilder/nginx-proxy
docker run -d -p 80:80 -v /var/run/docker.sock:/tmp/docker.sock:ro jwilder/nginx-proxy
Freeboard
Dasboards: https://github.com/Freeboard/freeboard.git
mkdir /srv/dashboard cd /srv/dashboard git clone https://github.com/Freeboard/freeboard.git docker run -it --rm -v /srv/dashboard/freeboard:/data digitallyseamless/nodejs-bower-grunt bash > npm install > grunt > exit docker run -d \ --name dashboard \ -v /srv/dashboard/freeboard:/usr/share/nginx/html:ro \ -e VIRTUAL_HOST=dashboard,dashboard.intern.munichmakerlab.de \ nginx:alpine
SignMan
git clone https://github.com/tiefpunkt/signman.git docker build -t "tiefpunkt/signman" signman/server docker run -d \ --name signman \ -v /srv/signman:/data:rw \ -e VIRTUAL_HOST=signman,signman.intern.munichmakerlab.de \ tiefpunkt/signman
GitServices
git clone https://github.com/munichmakerlab/docker-nginx-php-gitautopull.git docker build -t "spaceweb" docker-nginx-php-gitautopull /usr/bin/docker run --name gitservices \ --volume /srv/gitservices:/var/www/html:rw \ -e VIRTUAL_HOST=services,services.intern.munichmakerlab.de \ spaceweb
HourCounter
docker run -d \ --name=hourcounter \ -v /srv/hourcounter:/data \ -e "VIRTUAL_HOST=hourcounter,hourcounter.intern.munichmakerlab.de" \ munichmakerlab/hourcounter
Zabbix
See Zabbix
OpenVPN
See OpenVPN
Service Setup
To have a docker container automatically started at boot time, add a systemd service.
1. Create a new service file
(Important note: Do remove the -d flag from the docker run command, otherwise the service will start all over again
sudo vi /lib/systemd/system/docker-<container>.service
[Unit]
Description=Dashboards
After=docker.service
Requires=docker.service
[Service]
TimeoutStartSec=0
Restart=always
ExecStartPre=-/usr/bin/docker kill dashboard
ExecStartPre=-/usr/bin/docker rm dashboard
ExecStart=/usr/bin/docker run --name dashboard \
-v /srv/dashboard/freeboard:/usr/share/nginx/html:ro \
-e VIRTUAL_HOST=dashboard,dashboard.intern.munichmakerlab.de \
nginx:alpine
ExecStop=/usr/bin/docker stop -t 5 dashboard
#ExecStopPost=/usr/bin/docker rm dashboard
[Install]
WantedBy=multi-user.target
2. Reload Systemd-Daemon
sudo systemctl daemon-reload
3. Start Service
sudo systemctl start docker-<container>.service
4. Enable at Boot
sudo systemctl enable docker-<container>.service
This actually creates a symlink to /etc/systemd/system/multi-user/...
To view the logs of the startup, you can use
sudo journalctl -f -u docker-<container>
Docker commands
Access the bash in a container (when it is provided, or run any other command):
docker exec -ti <container_name> /bin/bash
Get the list of networks:
docker network list
Old container clean up
docker rm $(docker ps --filter=status=exited --filter=status=created -q)
Image clean up
docker rmi $(docker images -a --filter=dangling=true -q)
Volume clean up
docker volume rm $(docker volume ls -qf dangling=true)
