Wednesday, 24 July 2019

How to Promote(Master) and Demote(Worker) a docker swarm node by Raj Gupta

Master:-

To get more details about any node run the inspect command like below for Worker01

[root@ip-172-31-40-90 ~]# docker node inspect u9sg7rw8yvb75o5ybrnppeglo
[
    {
        "ID": "u9sg7rw8yvb75o5ybrnppeglo",
        "Version": {
            "Index": 33
        },
        "CreatedAt": "2019-07-24T09:41:36.258168494Z",
        "UpdatedAt": "2019-07-24T09:41:36.330025943Z",
        "Spec": {
            "Labels": {},
            "Role": "worker",
            "Availability": "active"
        },
        "Description": {
            "Hostname": "ip-172-31-43-91",
            "Platform": {
                "Architecture": "x86_64",
                "OS": "linux"
            },
            "Resources": {
                "NanoCPUs": 1000000000,
                "MemoryBytes": 1033723904
            },
            "Engine": {
                "EngineVersion": "18.06.1-ce",


-----------------------------------------------------------------------------------------

Now to Promote(Master) any node run the below command (promoted both worker node as master)

[root@ip-172-31-40-90 ~]# docker node promote af3y6rhgp328s777kw26g7co2 u9sg7rw8yvb75o5ybrnppeglo
Node af3y6rhgp328s777kw26g7co2 promoted to a manager in the swarm.
Node u9sg7rw8yvb75o5ybrnppeglo promoted to a manager in the swarm.
[root@ip-172-31-40-90 ~]# docker node ls
ID                            HOSTNAME            STATUS              AVAILABILITY        MANAGER STATUS      ENGINE VERSION
af3y6rhgp328s777kw26g7co2     ip-172-31-35-189    Ready               Active              Reachable           18.06.1-ce
rby7qdb8hc3ebuuy78vpl0i4v *   ip-172-31-40-90     Ready               Active              Leader              18.06.1-ce
u9sg7rw8yvb75o5ybrnppeglo     ip-172-31-43-91     Ready               Active              Reachable           18.06.1-ce
[root@ip-172-31-40-90 ~]#

Now we can run any command(like ls) on any node because both worker node become as master also

-------------------------------------------------------------------------------------------------------

Likewise we can Demote(Worker) any node just change promote command to demote

[root@ip-172-31-40-90 ~]# docker node demote af3y6rhgp328s777kw26g7co2 u9sg7rw8yvb75o5ybrnppeglo
Manager af3y6rhgp328s777kw26g7co2 demoted in the swarm.
Manager u9sg7rw8yvb75o5ybrnppeglo demoted in the swarm.
[root@ip-172-31-40-90 ~]# docker node ls
ID                            HOSTNAME            STATUS              AVAILABILITY        MANAGER STATUS      ENGINE VERSION
af3y6rhgp328s777kw26g7co2     ip-172-31-35-189    Ready               Active                                  18.06.1-ce
rby7qdb8hc3ebuuy78vpl0i4v *   ip-172-31-40-90     Ready               Active              Leader              18.06.1-ce
u9sg7rw8yvb75o5ybrnppeglo     ip-172-31-43-91     Ready               Active                                  18.06.1-ce
[root@ip-172-31-40-90 ~]#





Worker01:-




Worker02:-

How to add and remove node from docker swarm by Raj Gupta

Note:- We can run any command on only on master not on any worker node, If you run any command on any worker node it will give error.

it will good if Master is in number:- (n-1)/2   -----3,5,7


Master:-

If you want to know the master or worker token key then run below command

Key to join as worker:-

[root@ip-172-31-40-90 ~]# docker swarm join-token worker
To add a worker to this swarm, run the following command:

    docker swarm join --token SWMTKN-1-4z0bipbsxzoy2ccn5m22eiems1w0a5du8rlyt6nbvdq3pfegm8-1z76g4wwivmk1s0cp8dethxav 172.31.40.90:2377

Key to join as master:-

[root@ip-172-31-40-90 ~]# docker swarm join-token manager
To add a manager to this swarm, run the following command:

    docker swarm join --token SWMTKN-1-4z0bipbsxzoy2ccn5m22eiems1w0a5du8rlyt6nbvdq3pfegm8-5go59kirhawvq08kdot5umv0m 172.31.40.90:2377

[root@ip-172-31-40-90 ~]#


[root@ip-172-31-40-90 ~]# docker node ls
ID                            HOSTNAME            STATUS              AVAILABILITY        MANAGER STATUS      ENGINE VERSION
q0yqpe0fsihtmoaj1834s1tnf     ip-172-31-35-189    Ready               Active                                  18.06.1-ce
rby7qdb8hc3ebuuy78vpl0i4v *   ip-172-31-40-90     Ready               Active              Leader              18.06.1-ce
pzcz2fs38ks9vrwecn30txuv9     ip-172-31-43-91     Ready               Active                                  18.06.1-ce
[root@ip-172-31-40-90 ~]#

After Worker02 left

[root@ip-172-31-40-90 ~]# docker node ls
ID                            HOSTNAME            STATUS              AVAILABILITY        MANAGER STATUS      ENGINE VERSION
q0yqpe0fsihtmoaj1834s1tnf     ip-172-31-35-189    Ready               Active                                  18.06.1-ce
rby7qdb8hc3ebuuy78vpl0i4v *   ip-172-31-40-90     Ready               Active              Leader              18.06.1-ce
pzcz2fs38ks9vrwecn30txuv9     ip-172-31-43-91     Down                Active                                  18.06.1-ce
[root@ip-172-31-40-90 ~]#

To remove the Down node(Worker02)

[root@ip-172-31-40-90 ~]# docker node rm pzcz2fs38ks9vrwecn30txuv9
pzcz2fs38ks9vrwecn30txuv9
[root@ip-172-31-40-90 ~]# docker node ls
ID                            HOSTNAME            STATUS              AVAILABILITY        MANAGER STATUS      ENGINE VERSION
q0yqpe0fsihtmoaj1834s1tnf     ip-172-31-35-189    Ready               Active                                  18.06.1-ce
rby7qdb8hc3ebuuy78vpl0i4v *   ip-172-31-40-90     Ready               Active              Leader              18.06.1-ce
[root@ip-172-31-40-90 ~]#

Now to remove active node

[root@ip-172-31-40-90 ~]# docker node rm -f q0yqpe0fsihtmoaj1834s1tnf
q0yqpe0fsihtmoaj1834s1tnf
[root@ip-172-31-40-90 ~]# docker node ls
ID                            HOSTNAME            STATUS              AVAILABILITY        MANAGER STATUS      ENGINE VERSION
rby7qdb8hc3ebuuy78vpl0i4v *   ip-172-31-40-90     Ready               Active              Leader              18.06.1-ce
[root@ip-172-31-40-90 ~]#


Now again to add both worker node run the below command in both worker machine 

docker swarm join --token SWMTKN-1-4z0bipbsxzoy2ccn5m22eiems1w0a5du8rlyt6nbvdq3pfegm8-1z76g4wwivmk1s0cp8dethxav 172.31.40.90:2377

After running the above line in both the worker 

ID                            HOSTNAME            STATUS              AVAILABILITY        MANAGER STATUS      ENGINE VERSION
af3y6rhgp328s777kw26g7co2     ip-172-31-35-189    Ready               Active                                  18.06.1-ce
rby7qdb8hc3ebuuy78vpl0i4v *   ip-172-31-40-90     Ready               Active              Leader              18.06.1-ce
u9sg7rw8yvb75o5ybrnppeglo     ip-172-31-43-91     Ready               Active                                  18.06.1-ce
[root@ip-172-31-40-90 ~]#

again both worker added to cluster 

Worker01:-

After removing forcefully also by master here it will show active ,So to make it inactive run the below command

[root@ip-172-31-35-189 ~]# docker swarm leave
Node left the swarm.
[root@ip-172-31-35-189 ~]#

[root@ip-172-31-35-189 ~]# docker swarm join --token SWMTKN-1-4z0bipbsxzoy2ccn5m22eiems1w0a5du8rlyt6nbvdq3pfegm8-1z76g4wwivmk1s0cp8dethxav 172.31.40.90:2377
This node joined a swarm as a worker.
[root@ip-172-31-35-189 ~]#





Worker02:-

To leave the cluster 

[root@ip-172-31-43-91 ~]# docker swarm leave

Node left the swarm.
[root@ip-172-31-43-91 ~]# docker info
Swarm: inactive

[root@ip-172-31-43-91 ~]# docker swarm join --token SWMTKN-1-4z0bipbsxzoy2ccn5m22eiems1w0a5du8rlyt6nbvdq3pfegm8-1z76g4wwivmk1s0cp8dethxav 172.31.40.90:2377
This node joined a swarm as a worker.
[root@ip-172-31-43-91 ~]#



How to install Docker Swarm by Raj Gupta

Take 3 amazon EC2 server in which we are going to make one server as master and reaming two server  as worker

Note:-  docker mast be already install in all the server



keep all machine in same network so that they are able to ping each other

Master:-

[root@ip-172-31-40-90 ~]# docker info
Swarm: inactive

[root@ip-172-31-40-90 ~]# docker swarm init
Swarm initialized: current node (rby7qdb8hc3ebuuy78vpl0i4v) is now a manager.

To add a worker to this swarm, run the following command:

    docker swarm join --token SWMTKN-1-4z0bipbsxzoy2ccn5m22eiems1w0a5du8rlyt6nbvdq3pfegm8-1z76g4wwivmk1s0cp8dethxav 172.31.40.90:2377

To add a manager to this swarm, run 'docker swarm join-token manager' and follow the instructions.

[root@ip-172-31-40-90 ~]# docker node ls
ID                            HOSTNAME            STATUS              AVAILABILITY        MANAGER STATUS      ENGINE VERSION
rby7qdb8hc3ebuuy78vpl0i4v *   ip-172-31-40-90     Ready               Active              Leader              18.06.1-ce
[root@ip-172-31-40-90 ~]#

After running the above red mark command on all worker 

[root@ip-172-31-40-90 ~]# docker node ls
ID                            HOSTNAME            STATUS              AVAILABILITY        MANAGER STATUS      ENGINE VERSION
q0yqpe0fsihtmoaj1834s1tnf     ip-172-31-35-189    Ready               Active                                  18.06.1-ce
rby7qdb8hc3ebuuy78vpl0i4v *   ip-172-31-40-90     Ready               Active              Leader              18.06.1-ce
pzcz2fs38ks9vrwecn30txuv9     ip-172-31-43-91     Ready               Active                                  18.06.1-ce
[root@ip-172-31-40-90 ~]#

So both the node are added with master as worker

[root@ip-172-31-40-90 ~]# docker info
Swarm: active


Worker01:-

[root@ip-172-31-35-189 ~]# docker info
Swarm: inactive

[root@ip-172-31-35-189 ~]#  docker swarm join --token SWMTKN-1-4z0bipbsxzoy2ccn5m22eiems1w0a5du8rlyt6nbvdq3pfegm8-1z76g4wwivmk1s0cp8dethxav 172.31.40.90:2377
This node joined a swarm as a worker.
[root@ip-172-31-35-189 ~]#

[root@ip-172-31-35-189 ~]# docker info
Swarm: active


Worker02:-

[root@ip-172-31-43-91 ~]# docker info
Swarm: inactive

[root@ip-172-31-43-91 ~]# docker swarm join --token SWMTKN-1-4z0bipbsxzoy2ccn5m22eiems1w0a5du8rlyt6nbvdq3pfegm8-1z76g4wwivmk1s0cp8dethxav 172.31.40.90:2377
This node joined a swarm as a worker.
[root@ip-172-31-43-91 ~]#

[root@ip-172-31-43-91 ~]# docker info
Swarm: active




Tuesday, 23 July 2019

Docker Command Part-30 By Raj Gupta


To use scale command and create docker container as per our requirement

[root@ip-172-31-93-32 ~]# vi docker-compose.yml
[root@ip-172-31-93-32 ~]# cat docker-compose.yml
version: '3'
services:
  webapp1:
    image: nginx
  webapp2:
    image: nginx
[root@ip-172-31-93-32 ~]# docker-compose up -d
Recreating root_webapp1_1 ... done
Creating root_webapp2_1   ... done
[root@ip-172-31-93-32 ~]# docker-compose ps
     Name              Command          State   Ports
------------------------------------------------------
root_webapp1_1   nginx -g daemon off;   Up      80/tcp
root_webapp2_1   nginx -g daemon off;   Up      80/tcp
[root@ip-172-31-93-32 ~]# docker-compose scale webapp1=4 webapp2=2
WARNING: The scale command is deprecated. Use the up command with the --scale flag instead.
Starting root_webapp1_1 ... done
Creating root_webapp1_2 ... done
Creating root_webapp1_3 ... done
Creating root_webapp1_4 ... done
Starting root_webapp2_1 ... done
Creating root_webapp2_2 ... done

Total 6(4+2) container are created

[root@ip-172-31-93-32 ~]# docker-compose ps
     Name              Command          State   Ports
------------------------------------------------------
root_webapp1_1   nginx -g daemon off;   Up      80/tcp
root_webapp1_2   nginx -g daemon off;   Up      80/tcp
root_webapp1_3   nginx -g daemon off;   Up      80/tcp
root_webapp1_4   nginx -g daemon off;   Up      80/tcp
root_webapp2_1   nginx -g daemon off;   Up      80/tcp
root_webapp2_2   nginx -g daemon off;   Up      80/tcp

Now to delete all

[root@ip-172-31-93-32 ~]# docker-compose down
Stopping root_webapp2_2 ... done
Stopping root_webapp1_2 ... done
Stopping root_webapp1_3 ... done
Stopping root_webapp1_4 ... done
Stopping root_webapp1_1 ... done
Stopping root_webapp2_1 ... done
Removing root_webapp2_2                ... done
Removing root_webapp1_2                ... done
Removing root_webapp1_3                ... done
Removing root_webapp1_4                ... done
Removing root_webapp1_1                ... done
Removing root_webapp2_1                ... done
Removing root_webapp1_run_816095b9c49c ... done
Removing network root_default
[root@ip-172-31-93-32 ~]#

------------------------------------------------------------------------------

Top command:- It will give the all the running process 

[root@ip-172-31-93-32 ~]# docker-compose up -d
Creating network "root_default" with the default driver
Creating root_webapp1_1 ... done
Creating root_webapp2_1 ... done
[root@ip-172-31-93-32 ~]# docker-compose top
root_webapp1_1
UID    PID   PPID    C   STIME   TTY     TIME                        CMD
--------------------------------------------------------------------------------------------
root   332   32749   0   08:57   ?     00:00:00   nginx: master process nginx -g daemon off;
101    471   332     0   08:57   ?     00:00:00   nginx: worker process

root_webapp2_1
UID    PID   PPID   C   STIME   TTY     TIME                        CMD
-------------------------------------------------------------------------------------------
root   380   358    0   08:57   ?     00:00:00   nginx: master process nginx -g daemon off;
101    508   380    0   08:57   ?     00:00:00   nginx: worker process
[root@ip-172-31-93-32 ~]#

Docker Command Part-29 By Raj Gupta

To kill all the running container created by docker compose

[root@ip-172-31-93-32 ~]# docker-compose kill
Killing root_webapp1_1 ... done
[root@ip-172-31-93-32 ~]# docker-compose ps
     Name              Command           State     Ports
--------------------------------------------------------
root_webapp1_1   nginx -g daemon off;   Exit 137


Now again if we want to start

[root@ip-172-31-93-32 ~]# docker-compose start
Starting webapp1 ... done
[root@ip-172-31-93-32 ~]# docker-compose ps
     Name              Command          State          Ports
--------------------------------------------------------------------
root_webapp1_1   nginx -g daemon off;   Up      0.0.0.0:8000->80/tcp
[root@ip-172-31-93-32 ~]#

---------------------------------------------------------------------------------------------------------------
To know our docker container port 80 is mapped with which port outside world

[root@ip-172-31-93-32 ~]# docker-compose port webapp1 80
0.0.0.0:8000

-------------------------------------------------------------------------------------------------

To see the log coming to docker container 

[root@ip-172-31-93-32 ~]# docker-compose logs -f


-------------------------------------------------------------------------------

To get the help use 

[root@ip-172-31-93-32 ~]# docker-compose --help

----------------------------------------------------------------------------------------------

To run any command in the container use the exec command

[root@ip-172-31-93-32 ~]# docker-compose ps
     Name              Command          State          Ports
--------------------------------------------------------------------
root_webapp1_1   nginx -g daemon off;   Up      0.0.0.0:8000->80/tcp
[root@ip-172-31-93-32 ~]# docker container ls -a
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                  NAMES
c834fe29a103        nginx               "nginx -g 'daemon of…"   16 minutes ago      Up 13 minutes       0.0.0.0:8000->80/tcp   root_webapp1_1
[root@ip-172-31-93-32 ~]# docker-compose exec webapp1 ls     --------This ran ls command inside running container webapp1
bin   dev  home  lib64  mnt  proc  run   srv  tmp  var
boot  etc  lib   media  opt  root  sbin  sys  usr
[root@ip-172-31-93-32 ~]#


-----------------------------------------------------------------------------------------------

[root@ip-172-31-93-32 ~]# docker-compose run webapp1 ls
bin   dev  home  lib64  mnt  proc  run   srv  tmp  var
boot  etc  lib   media  opt  root  sbin  sys  usr
[root@ip-172-31-93-32 ~]# docker-compose ps
     Name              Command          State          Ports
--------------------------------------------------------------------
root_webapp1_1   nginx -g daemon off;   Up      0.0.0.0:8000->80/tcp
[root@ip-172-31-93-32 ~]# docker container ls -a
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS                      PORTS                  NAMES
10d52c52b364        nginx               "ls"                     23 seconds ago      Exited (0) 22 seconds ago                          root_webapp1_run_816095b9c49c
c834fe29a103        nginx               "nginx -g 'daemon of…"   22 minutes ago      Up 19 minutes               0.0.0.0:8000->80/tcp   root_webapp1_1
[root@ip-172-31-93-32 ~]#


Note:-- So difference between run and exec is that

exec command ------> run the command in the same running container
run command--------> run the command in new container and after running the command kill the container

---------------------------------------------------------------------------------------------------------
To restart the container 

[root@ip-172-31-93-32 ~]# docker-compose restart
Restarting root_webapp1_1 ... done
[root@ip-172-31-93-32 ~]#

---------------------------------------------------------------------------------------------------------------

To download the image from docker hub 

[root@ip-172-31-93-32 ~]# docker-compose pull
Pulling webapp1 ... done
[root@ip-172-31-93-32 ~]#

----------------------------------------------------------------------------------------------------------

To check the docker compose version

[root@ip-172-31-93-32 ~]# docker-compose --version
docker-compose version 1.24.0, build 0aa59064
[root@ip-172-31-93-32 ~]#



Monday, 22 July 2019

Docker Command Part-28 By Raj Gupta

To list down image

[root@ip-172-31-95-65 ~]# docker-compose images
Container   Repository   Tag   Image Id   Size
----------------------------------------------
[root@ip-172-31-95-65 ~]# docker-compose up -d
Creating root_webapp2_1 ... done
Creating root_webapp1_1 ... done
[root@ip-172-31-95-65 ~]# docker-compose images
  Container      Repository    Tag       Image Id      Size
------------------------------------------------------------
root_webapp1_1   nginx        latest   98ebf73aba75   104 MB
root_webapp2_1   nginx        latest   98ebf73aba75   104 MB
[root@ip-172-31-95-65 ~]#

To check the status

[root@ip-172-31-95-65 ~]# docker-compose ps
     Name              Command          State          Ports
--------------------------------------------------------------------
root_webapp1_1   nginx -g daemon off;   Up      0.0.0.0:8000->80/tcp
root_webapp2_1   nginx -g daemon off;   Up      0.0.0.0:8002->80/tcp

To pause the docker conatiner

[root@ip-172-31-95-65 ~]# docker-compose pause
Pausing root_webapp2_1 ... done
Pausing root_webapp1_1 ... done
[root@ip-172-31-95-65 ~]# docker-compose ps
     Name              Command          State           Ports
---------------------------------------------------------------------
root_webapp1_1   nginx -g daemon off;   Paused   0.0.0.0:8000->80/tcp
root_webapp2_1   nginx -g daemon off;   Paused   0.0.0.0:8002->80/tcp

To unpause the docker container

[root@ip-172-31-95-65 ~]# docker-compose unpause
Unpausing root_webapp1_1 ... done
Unpausing root_webapp2_1 ... done
[root@ip-172-31-95-65 ~]# docker-compose ps
     Name              Command          State          Ports
--------------------------------------------------------------------
root_webapp1_1   nginx -g daemon off;   Up      0.0.0.0:8000->80/tcp
root_webapp2_1   nginx -g daemon off;   Up      0.0.0.0:8002->80/tcp
[root@ip-172-31-95-65 ~]#

Docker Command Part-27 By Raj Gupta

The create command will only create the container but it will not run the container and not create any network

[root@ip-172-31-95-65 ~]# mv docker-compose2.yml docker-compose.yml
[root@ip-172-31-95-65 ~]# docker-compose create
[root@ip-172-31-95-65 ~]# docker network ls
NETWORK ID          NAME                DRIVER              SCOPE
7263963a2ee3        bridge              bridge              local
6e7b7c015f1e        host                host                local
a8d46c14262d        none                null                local
[root@ip-172-31-95-65 ~]# docker container ls
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                  NAMES

----------------------------------------------------------------------------------------

To remove the container use the rm command

[root@ip-172-31-95-65 ~]# docker-compose rm
Going to remove root_webapp2_1
Are you sure? [yN] y
Removing root_webapp2_1 ... done
[root@ip-172-31-95-65 ~]#

---------------------------------------------------------------------

To create the container and also network run the below command but it will not run the container

[root@ip-172-31-95-65 ~]# docker-compose up --no-start

------------------------------------------------------------------------------------------------

To start the all stop container use the below command.

[root@ip-172-31-95-65 ~]# docker-compose start

To stop the running container

[root@ip-172-31-95-65 ~]# docker-compose stop

To remove use

[root@ip-172-31-95-65 ~]# docker-compose rm



Docker Command Part-26 By Raj Gupta

When ever we run the docker compose command then it will find the file docker-compose.yml file, If it will not found then it will give the error

[root@ip-172-31-95-65 ~]# mv docker-compose.yml docker-compose2.yml
[root@ip-172-31-95-65 ~]# ls
docker-compose2.yml
[root@ip-172-31-95-65 ~]# docker-compose up
ERROR:
        Can't find a suitable configuration file in this directory or any
        parent. Are you in the right directory?

        Supported filenames: docker-compose.yml, docker-compose.yaml

[root@ip-172-31-95-65 ~]#


If you want to give any other name in place of docker-compose.yml then

[root@ip-172-31-95-65 ~]# docker-compose -f docker-compose2.yml up -d
root_webapp1_1 is up-to-date
root_webapp2_1 is up-to-date

In this case it will not look for default file(docker-compose.yml) in place of it what ever file you will give it will take that one only.

[root@ip-172-31-95-65 ~]# docker-compose -f docker-compose2.yml down
Stopping root_webapp2_1 ... done
Stopping root_webapp1_1 ... done
Removing root_webapp2_1 ... done
Removing root_webapp1_1 ... done
Removing network root_default
[root@ip-172-31-95-65 ~]#

------------------------------------------------------------------------------------------

Docker compose will take json format code also  you can convert yml to json in below link 


[root@ip-172-31-95-65 ~]# vi docker-compose.json
[root@ip-172-31-95-65 ~]# cat docker-compose.json
{
   "version": "3",
   "services": {
      "webapp1": {
         "image": "nginx",
         "ports": [
            "8000:80"
         ]
      },
      "webapp2": {
         "image": "nginx",
         "ports": [
            "8001:80"
         ]
      }
   }
}
[root@ip-172-31-95-65 ~]# docker-compose -f docker-compose.json up -d
Creating network "root_default" with the default driver
Creating root_webapp1_1 ... done
Creating root_webapp2_1 ... done

Docker Command Part-25 By Raj Gupta

                           How to create nginx container by using docker compose


[ec2-user@ip-172-31-95-65 ~]$ sudo -i
[root@ip-172-31-95-65 ~]# vi docker-compose.yml
[root@ip-172-31-95-65 ~]# cat docker-compose.yml
version: '3'
services:
  webapp1:
    image: nginx
    ports:
      - "8000:80"

[root@ip-172-31-95-65 ~]# docker-compose up -d     ------To run the docker compose file
[root@ip-172-31-95-65 ~]# docker container ls
CONTAINER ID        IMAGE               COMMAND                  CREATED              STATUS              PORTS                  NAMES
89992e0f59e7        nginx               "nginx -g 'daemon of…"   About a minute ago   Up About a minute   0.0.0.0:8000->80/tcp   root_webapp1_1
[root@ip-172-31-95-65 ~]# docker network ls
NETWORK ID          NAME                DRIVER              SCOPE
7263963a2ee3        bridge              bridge              local
6e7b7c015f1e        host                host                local
a8d46c14262d        none                null                local
3c94972e3a5f        root_default        bridge              local


Now to delete all the resource which are created by docker compose file

[root@ip-172-31-95-65 ~]# docker-compose down
Stopping root_webapp1_1 ... done
Removing root_webapp1_1 ... done
Removing network root_default
[root@ip-172-31-95-65 ~]#


-------------------------------------------------------------------------------------------------------------

Now create two container by use of docker compose

[root@ip-172-31-95-65 ~]# vi docker-compose.yml
[root@ip-172-31-95-65 ~]# cat docker-compose.yml
version: '3'
services:
  webapp1:
    image: nginx
    ports:
      - "8000:80"
  webapp2:
    image: nginx
    ports:
      - "8001:80"


[root@ip-172-31-95-65 ~]# docker-compose  up


If you change any particlar line then only taht container will re-create and reaming will be same like i am going to cahne port nuber of conatiner two

[root@ip-172-31-95-65 ~]# vi docker-compose.yml
[root@ip-172-31-95-65 ~]# cat docker-compose.yml
version: '3'
services:
  webapp1:
    image: nginx
    ports:
      - "8000:80"
  webapp2:
    image: nginx
    ports:
      - "8002:80"
[root@ip-172-31-95-65 ~]# docker-compose up -d
root_webapp1_1 is up-to-date
Recreating root_webapp2_1 ... done





Docker Command Part-24 By Raj Gupta

                                    WordPress By using Docker Container

We are going to create 2-tiers container  ( web and database ) like WordPress

Database :-

[root@ip-172-31-95-65 ~]# docker container run --name some-mysql -e MYSQL_ROOT_PASSWORD=mypassword -d mysql:5.7

061d5275947a25c9b3ae75d3cefb2cb97f5e65246c6dd86b72bd71bb73942c52
[root@ip-172-31-95-65 ~]# docker container inspect 061

So database IP is  "IPAddress": "172.17.0.2",

Now Web tiers

[root@ip-172-31-95-65 ~]# docker container run --name some-wordpress -e WORDPRESS_DB_HOST=172.17.0.2:3306 -e WORDPRESS_DB_USER=root -e WORDPRESS_DB_PASSWORD=mypassword -d wordpress

30e5b2fc98ee47d9f63ca52b85dae9ee294e14a8fae91b2e70294bc8b7213dae

[root@ip-172-31-95-65 ~]# docker container inspect 30e

So WordPress IP is "IPAddress": "172.17.0.3",

So WordPress installation done by using container
Now to access this container from outside we need to do port mapping



Friday, 19 July 2019

Docker Command Part-23 By Raj Gupta

How to access private  repository/registry insecure(HTTP) way without any issue

When you are going to create your own private repository then only secure repository(HTTPS) are allowed by docker, expect for 127.0.0.0/8 this is insecure but by default it allowed by docker.

Other then this you can allow by doing below 

[root@ip-172-31-93-16 ~]# cd /etc/docker/
[root@ip-172-31-93-16 docker]# vi daemon.json
[root@ip-172-31-93-16 docker]# cat daemon.json
{
  "insecure-registries" : ["10.0.2.15:5000"]
}
[root@ip-172-31-93-16 docker]# service docker restart
Stopping docker:                                           [  OK  ]
Starting docker:        .                                  [  OK  ]
[root@ip-172-31-93-16 docker]#


Now this will allow this also



------------------------------------------------------------------------------------------------------------

How to make private  repository/registry secure(HTTPS) in other word how to add certificate to private repository/registry to make secure access

[root@ip-172-31-93-16 ~]# mkdir certs
[root@ip-172-31-93-16 ~]# openssl req -newkey rsa:4096 -nodes -sha256 -keyout certs/domain.key -x509 -days 365 -out certs/domain.crt
Generating a 4096 bit RSA private key
..................................++
...............................................................................................................................................++
writing new private key to 'certs/domain.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:
State or Province Name (full name) []:
Locality Name (eg, city) [Default City]:
Organization Name (eg, company) [Default Company Ltd]:
Organizational Unit Name (eg, section) []:
Common Name (eg, your name or your server's hostname) []:repo.docker.local
Email Address []:
[root@ip-172-31-93-16 ~]#

[root@ip-172-31-93-16 ~]# ls
certs
[root@ip-172-31-93-16 ~]# cd certs/
[root@ip-172-31-93-16 certs]# ls
domain.crt  domain.key
[root@ip-172-31-93-16 certs]# cd /etc/docker/
[root@ip-172-31-93-16 docker]# ls
key.json
[root@ip-172-31-93-16 docker]# mkdir certs.d
[root@ip-172-31-93-16 docker]# ls
certs.d  key.json
[root@ip-172-31-93-16 docker]# cd certs.d/
[root@ip-172-31-93-16 certs.d]# mkdir repo.docker.local:5000
[root@ip-172-31-93-16 certs.d]# cd .
[root@ip-172-31-93-16 certs.d]# cd
[root@ip-172-31-93-16 ~]# ls
certs
[root@ip-172-31-93-16 ~]# cp certs/domain.crt /etc/docker/certs.d/repo.docker.local\:5000/ca.crt
[root@ip-172-31-93-16 ~]# service docker restart
Stopping docker:                                           [  OK  ]
Starting docker:        .                                  [  OK  ]
[root@ip-172-31-93-16 ~]#

Now create repository with secure 

[root@ip-172-31-93-16 ~]# docker container run -d -p 5000:5000 --name secure_registry -v $(pwd)/certs/:/certs -e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/domain.crt -e  REGISTRY_HTTP_TLS_KEY=/certs/domain.key registry
7bfd9f1aea673a98f37a211c37bc727b92c1ab3aae613103eb897613c9cd0de6
[root@ip-172-31-93-16 ~]#

Now we are going to push one image

[root@ip-172-31-93-16 ~]# docker image ls
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
mariadb             latest              f55f3a2a2d81        3 days ago          354MB
registry            latest              f32a97de94e1        4 months ago        25.8MB
[root@ip-172-31-93-16 ~]#


[root@ip-172-31-93-16 ~]# docker image tag mariadb repo.docker.local:5000/mariadb
[root@ip-172-31-93-16 ~]# docker image ls
REPOSITORY                       TAG                 IMAGE ID            CREATED             SIZE
mariadb                          latest              f55f3a2a2d81        3 days ago          354MB
repo.docker.local:5000/mariadb   latest              f55f3a2a2d81        3 days ago          354MB
registry                         latest              f32a97de94e1        4 months ago        25.8MB
[root@ip-172-31-93-16 ~]#

[root@ip-172-31-93-16 ~]# docker image push repo.docker.local:5000/mariadb
The push refers to repository [repo.docker.local:5000/mariadb]
An image does not exist locally with the tag: repo.docker.local:5000/mariadb
[root@ip-172-31-93-16 ~]#


To resolve above we need to add repo.docker.local in path /etc/hosts

[root@ip-172-31-93-16 ~]# vi /etc/hosts
[root@ip-172-31-93-16 ~]# cat /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost6 localhost6.localdomain6
172.31.93.16 repo.docker.local
[root@ip-172-31-93-16 ~]#

Now we are able to push the image to private repository in secure away

[root@ip-172-31-93-16 ~]# docker image push repo.docker.local:5000/mariadb
The push refers to repository [repo.docker.local:5000/mariadb]
0a9738aacc8d: Pushed
189fe2319039: Pushed
0aff0ac22d66: Pushed
6c7632269b32: Pushed
829531ae5233: Pushed
69faac9fc0dc: Pushed
3419e6db06bd: Pushed
00f4fc732ccd: Pushed
68ed6b608570: Pushed
38d8a1d432cd: Pushed
75e70aa52609: Pushed
dda151859818: Pushed
fbd2732ad777: Pushed
ba9de9d8475e: Pushed
latest: digest: sha256:86bbf5dffd86bca75ba91cec9a3e08ae3efbef1af233fc19d6b4924079e83f33 size: 3240
[root@ip-172-31-93-16 ~]#


                       Now our Secure docker repository setup are done

----------------------------------------------------------------------------------------------------------------


                                        Docker Registry with basic authentication 


[root@ip-172-31-93-16 ~]# mkdir auth
[root@ip-172-31-93-16 ~]# docker container run --entrypoint htpasswd registry -bnB raj password >auth/htpasswd
[root@ip-172-31-93-16 ~]# cat auth/htpasswd
raj:$2y$05$rIV1sexUtv8yPsLZFxEd.uTENSP6Ik95S/y0MZpIiXVu6LGQ44JrO

[root@ip-172-31-93-16 ~]# docker container run -d \
>  -p 5000:5000 \
>  --name registry_basic \
>  -v "$(pwd)"/auth:/auth \
>  -v "$(pwd)"/certs:/certs \
>  -e "REGISTRY_AUTH=htpasswd" \
>  -e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm" \
>  -e "REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd \
>  -e "REGISTRY_HTTP_TLS_CERTIFICATE=/certs/domain.crt \
>  -e "REGISTRY_HTTP_TLS_KEY=/certs/domain.key \
>  registry

Now our privite repositry is scure so to access it we need to logging into it

[root@ip-172-31-93-16 ~]# docker login repo.docker.local:5000
Username: raj
Password:
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store

Login Succeeded
[root@ip-172-31-93-16 ~]#
[root@ip-172-31-93-16 ~]# docker image push repo.docker.local:5000/mariadb
The push refers to repository [repo.docker.local:5000/mariadb]
0a9738aacc8d: Layer already exists
189fe2319039: Layer already exists
0aff0ac22d66: Layer already exists
6c7632269b32: Layer already exists
829531ae5233: Layer already exists
69faac9fc0dc: Layer already exists
3419e6db06bd: Layer already exists
00f4fc732ccd: Layer already exists
68ed6b608570: Layer already exists
38d8a1d432cd: Layer already exists
75e70aa52609: Layer already exists
dda151859818: Layer already exists

Now we are able to push our image to secure repository 

Docker Command Part-22 By Raj Gupta

How we  can create own private repository like docker hub to pull and push own image

[root@ip-172-31-93-16 ~]# docker container run -d -p 5000:5000 --name simple_registry registry
[root@ip-172-31-93-16 ~]# docker container ls
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                    NAMES
2f2ccf162441        registry            "/entrypoint.sh /etc…"   22 seconds ago      Up 22 seconds       0.0.0.0:5000->5000/tcp   simple_registry

[root@ip-172-31-93-16 ~]# docker pull redis
[root@ip-172-31-93-16 ~]# docker image ls
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
redis               latest              598a6f110d01        7 days ago          118MB
registry            latest              f32a97de94e1        4 months ago        25.8MB
[root@ip-172-31-93-16 ~]# docker image tag redis 127.0.0.1:5000/redis
[root@ip-172-31-93-16 ~]# docker container ls
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                    NAMES
2f2ccf162441        registry            "/entrypoint.sh /etc…"   12 minutes ago      Up 12 minutes       0.0.0.0:5000->5000/tcp   simple_registry
[root@ip-172-31-93-16 ~]# docker image ls
REPOSITORY             TAG                 IMAGE ID            CREATED             SIZE
127.0.0.1:5000/redis   latest              598a6f110d01        7 days ago          118MB
redis                  latest              598a6f110d01        7 days ago          118MB
registry               latest              f32a97de94e1        4 months ago        25.8MB
[root@ip-172-31-93-16 ~]# docker image push 127.0.0.1:5000/redis
The push refers to repository [127.0.0.1:5000/redis]
ecfdefa27746: Pushed
178539e30c1b: Pushed
866b8e9e04ba: Pushed
0cd777ef23ac: Pushed
ec2fceb1c8e2: Pushed
d8a33133e477: Pushed
latest: digest: sha256:9815a0d456dbbef05a5fd5efe4406db003d32a2f91de40f01b62457562e1d7f6 size: 1572

you can verify on below location on local system the redis image will be there
http://127.0.0.1:5000/v2/_catalog

Now we are going to delete redis image from system then going to pull from my own repository

[root@ip-172-31-93-16 ~]# docker image ls
REPOSITORY             TAG                 IMAGE ID            CREATED             SIZE
127.0.0.1:5000/redis   latest              598a6f110d01        7 days ago          118MB
redis                  latest              598a6f110d01        7 days ago          118MB
registry               latest              f32a97de94e1        4 months ago        25.8MB
[root@ip-172-31-93-16 ~]# docker image rm redis
Untagged: redis:latest
Untagged: redis@sha256:8888f6cd2509062a377e903e17777b4a6d59c92769f6807f034fa345da9eebcf
[root@ip-172-31-93-16 ~]# docker container ls
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                    NAMES
2f2ccf162441        registry            "/entrypoint.sh /etc…"   21 minutes ago      Up 21 minutes       0.0.0.0:5000->5000/tcp   simple_registry


[root@ip-172-31-93-16 ~]# docker image pull 127.0.0.1:5000/redis
Using default tag: latest
latest: Pulling from redis
Digest: sha256:9815a0d456dbbef05a5fd5efe4406db003d32a2f91de40f01b62457562e1d7f6
Status: Image is up to date for 127.0.0.1:5000/redis:latest

 

Thursday, 18 July 2019

Docker Command Part-21 By Raj Gupta

How to attach a container to multiple network(multiple NIC card)


[root@ip-172-31-40-217 ~]# docker network ls
NETWORK ID          NAME                DRIVER              SCOPE
39450de642d6        bridge              bridge              local
f6345e9bd840        host                host                local
514a936c83c1        none                null                local
5e62d8b1f783        test                bridge              local
70b88d7ee77d        test2               bridge              local
[root@ip-172-31-40-217 ~]# docker container run -it --network bridge ubuntu:14.04 bash
root@581ec2e1364b:/# ifconfig
eth0      Link encap:Ethernet  HWaddr 02:42:ac:11:00:04
          inet addr:172.17.0.4  Bcast:172.17.255.255  Mask:255.255.0.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:8 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:656 (656.0 B)  TX bytes:0 (0.0 B)

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

root@581ec2e1364b:/#


Now we are going connect test network also with our container

[root@ip-172-31-40-217 ~]# docker network connect test 581ec2e1364b
[root@ip-172-31-40-217 ~]# docker container exec -it 581ec2e1364b bash
root@581ec2e1364b:/# ipconfig
bash: ipconfig: command not found
root@581ec2e1364b:/# ifconfig
eth0      Link encap:Ethernet  HWaddr 02:42:ac:11:00:04
          inet addr:172.17.0.4  Bcast:172.17.255.255  Mask:255.255.0.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:12 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:936 (936.0 B)  TX bytes:0 (0.0 B)

eth1      Link encap:Ethernet  HWaddr 02:42:ac:12:00:02
          inet addr:172.18.0.2  Bcast:172.18.255.255  Mask:255.255.0.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:13 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:1046 (1.0 KB)  TX bytes:0 (0.0 B)

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)


Now we have two NIC card(eth0 and eth1)



Now if you want to detach any network from your container then


[root@ip-172-31-40-217 ~]# docker network disconnect test 581ec2e1364b
[root@ip-172-31-40-217 ~]# docker container exec -it 581ec2e1364b bash
root@581ec2e1364b:/# ifconfig
eth0      Link encap:Ethernet  HWaddr 02:42:ac:11:00:04
          inet addr:172.17.0.4  Bcast:172.17.255.255  Mask:255.255.0.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:13 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:1006 (1.0 KB)  TX bytes:0 (0.0 B)

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

root@581ec2e1364b:/#


Now we have only one NIC card


-------------------------------------------------------------------------------------------------

If you want to delete any network then 

[root@ip-172-31-40-217 ~]# docker network ls
NETWORK ID          NAME                DRIVER              SCOPE
39450de642d6        bridge              bridge              local
f6345e9bd840        host                host                local
514a936c83c1        none                null                local
5e62d8b1f783        test                bridge              local
70b88d7ee77d        test2               bridge              local
[root@ip-172-31-40-217 ~]# docker network rm test
test
[root@ip-172-31-40-217 ~]# docker network ls
NETWORK ID          NAME                DRIVER              SCOPE
39450de642d6        bridge              bridge              local
f6345e9bd840        host                host                local
514a936c83c1        none                null                local
70b88d7ee77d        test2               bridge              local
[root@ip-172-31-40-217 ~]#


To remove all networks not used by at least one container use the below command 

[root@ip-172-31-40-217 ~]# docker network prune
WARNING! This will remove all networks not used by at least one container.
Are you sure you want to continue? [y/N] y
[root@ip-172-31-40-217 ~]#



[root@ip-172-31-40-217 ~]# docker network --help

Usage:  docker network COMMAND

Manage networks

Commands:
  connect     Connect a container to a network
  create      Create a network
  disconnect  Disconnect a container from a network
  inspect     Display detailed information on one or more networks
  ls          List networks
  prune       Remove all unused networks
  rm          Remove one or more networks

Run 'docker network COMMAND --help' for more information on a command.

Docker Command Part-20 By Raj Gupta

[root@ip-172-31-40-217 ~]# docker network ls
NETWORK ID          NAME                DRIVER              SCOPE
39450de642d6        bridge              bridge              local
f6345e9bd840        host                host                local
514a936c83c1        none                null                local


1. If we create any container by default it will attached with bridge network.
2. you can also create your custom network and attach your container to custom network.
3. If you attach your container with host network then all the property of host computer network will assign
4. if you do not want to assign any network to your container then use null network



[root@ip-172-31-40-217 ~]# docker container run -it --network=none ubuntu:14.04 bash
root@9d3666594a18:/# ifconfig
lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

root@9d3666594a18:/#

Docker Command Part-19 By Raj Gupta

whenever you give network name as host then whatever you create container it will use same network as your host computer network


[root@ip-172-31-40-217 ~]# docker network ls
NETWORK ID          NAME                DRIVER              SCOPE
39450de642d6        bridge              bridge              local
f6345e9bd840        host                host                local
514a936c83c1        none                null                local

[root@ip-172-31-40-217 ~]# docker container run -it --network=host ubuntu:14.04 bash
root@ip-172-31-40-217:/# ifconfig     ------ This will give same output as your host computer


at a time host driver can attach with only one network

[root@ip-172-31-40-217 ~]# docker network create -d host test
Error response from daemon: network with name test already exists
[root@ip-172-31-40-217 ~]#


The main benefit of using host network is we do not need to do port mapping to access the any web server running in container we can access it by using the host ip directly ( in below case by using public ip ec2 server without opening any port

[root@ip-172-31-40-217 ~]# docker container run -itd --network=host nginx
111c466853a3d4118390f0a559a7cf3d0bc86302c4134265148a86bc8abed720

http://100.26.207.208/     -------we able to access it



Docker Command Part-18 By Raj Gupta

How to ping a container by using container id


[root@ip-172-31-40-217 ~]# docker network create test2
70b88d7ee77d84967516ec50b184eebc54695076a93ca706ea17e8f2079959e0
[root@ip-172-31-40-217 ~]# docker container run -it --network=test2 ubuntu:14.04 bash
root@18ae8aa73cbf:/# hostname
18ae8aa73cbf
root@18ae8aa73cbf:/# [root@ip-172-31-40-217 ~]#
[root@ip-172-31-40-217 ~]# docker container run -it --network=test2 ubuntu:14.04 bash
root@daf01887e65e:/# ping 18ae8aa73cbf
PING 18ae8aa73cbf (172.19.0.2) 56(84) bytes of data.
64 bytes from 18ae8aa73cbf.test2 (172.19.0.2): icmp_seq=1 ttl=255 time=0.070 ms
64 bytes from 18ae8aa73cbf.test2 (172.19.0.2): icmp_seq=2 ttl=255 time=0.047 ms
64 bytes from 18ae8aa73cbf.test2 (172.19.0.2): icmp_seq=3 ttl=255 time=0.052 ms
64 bytes from 18ae8aa73cbf.test2 (172.19.0.2): icmp_seq=4 ttl=255 time=0.056 ms
64 bytes from 18ae8aa73cbf.test2 (172.19.0.2): icmp_seq=5 ttl=255 time=0.053 ms
64 bytes from 18ae8aa73cbf.test2 (172.19.0.2): icmp_seq=6 ttl=255 time=0.050 ms
64 bytes from 18ae8aa73cbf.test2 (172.19.0.2): icmp_seq=7 ttl=255 time=0.052 ms
^C
--- 18ae8aa73cbf ping statistics ---
7 packets transmitted, 7 received, 0% packet loss, time 6151ms
rtt min/avg/max/mdev = 0.047/0.054/0.070/0.008 ms
root@daf01887e65e:/#


So its pinging by using host name....It means DNS is enable by default in custom network(network created by us but not in default network) ....We can also ping by using container ID, container name, 


If you want by default DNS is enable whenever you create container without giving any network name then first we need to delete default network(bridge) then create your custom network with same name(bridge) ..then what ever container will create it will attach with your custom network(bridge) by default.. 

Docker Command Part-17 By Raj Gupta

How to create own network in docker container

[root@ip-172-31-40-217 ~]# docker network create -d bridge test
5e62d8b1f783f6b0f6cad70f5b74bc992010c56bed543073b17ca56051f219eb
[root@ip-172-31-40-217 ~]# docker network ls
NETWORK ID          NAME                DRIVER              SCOPE
39450de642d6        bridge              bridge              local
f6345e9bd840        host                host                local
514a936c83c1        none                null                local
5e62d8b1f783        test                bridge              local
[root@ip-172-31-40-217 ~]#
[root@ip-172-31-40-217 ~]# ifconfig
br-5e62d8b1f783 Link encap:Ethernet  HWaddr 02:42:70:A0:F7:87
          inet addr:172.18.0.1  Bcast:172.18.255.255  Mask:255.255.0.0
          UP BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)

Now attach docker to our own created network

[root@ip-172-31-40-217 ~]# docker container run -it --network test ubuntu:14.04 bash
root@75b823d59160:/#
root@75b823d59160:/# ifconfig
eth0      Link encap:Ethernet  HWaddr 02:42:ac:12:00:02
          inet addr:172.18.0.2  Bcast:172.18.255.255  Mask:255.255.0.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:17 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:1326 (1.3 KB)  TX bytes:0 (0.0 B)


above connected with below virtual network on system..Once container deleted below entry also deleted

[root@ip-172-31-40-217 ~]# ifconfig
veth8193796 Link encap:Ethernet  HWaddr B2:01:04:AC:7F:D4
          inet6 addr: fe80::b001:4ff:feac:7fd4/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:12 errors:0 dropped:0 overruns:0 frame:0
          TX packets:28 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:1064 (1.0 KiB)  TX bytes:2280 (2.2 KiB)

Docker Command Part-16 By Raj Gupta

[root@ip-172-31-40-217 ~]# docker network ls
NETWORK ID          NAME                DRIVER              SCOPE
39450de642d6        bridge              bridge              local
f6345e9bd840        host                host                local
514a936c83c1        none                null                local
[root@ip-172-31-40-217 ~]# docker network inspect bridge

 "Containers": {},       -----no container attached till now to bridge network

[root@ip-172-31-40-217 ~]# docker container ls
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES
[root@ip-172-31-40-217 ~]#
[root@ip-172-31-40-217 ~]# docker container run -itd nginx
Unable to find image 'nginx:latest' locally
latest: Pulling from library/nginx
0a4690c5d889: Pull complete
9719afee3eb7: Pull complete
44446b456159: Pull complete
Digest: sha256:b4b9b3eee194703fc2fa8afa5b7510c77ae70cfba567af1376a573a967c03dbb
Status: Downloaded newer image for nginx:latest
d6110871fab5dbd0503bdde818e597e40860f7397ed868f1d7da72afe3edbefd
[root@ip-172-31-40-217 ~]# docker container ls
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS               NAMES
d6110871fab5        nginx               "nginx -g 'daemon of…"   23 seconds ago      Up 22 seconds       80/tcp              suspicious_hamilton


[root@ip-172-31-40-217 ~]# docker network inspect bridge

 "Containers": {
            "d6110871fab5dbd0503bdde818e597e40860f7397ed868f1d7da72afe3edbefd": {
                "Name": "suspicious_hamilton",
                "EndpointID": "af174e6c181f987c4c24318b911eb067b7f2442f9ea151179041c46038ab179f",
                "MacAddress": "02:42:ac:11:00:02",
                "IPv4Address": "172.17.0.2/16",
                "IPv6Address": ""
            }
        },


Now one container attached with bridge network


[root@ip-172-31-40-217 ~]# docker container run -it ubuntu:14.04 bash
root@12848ca91085:/#
root@12848ca91085:/# ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=47 time=1.62 ms
64 bytes from 8.8.8.8: icmp_seq=2 ttl=47 time=1.64 ms
64 bytes from 8.8.8.8: icmp_seq=3 ttl=47 time=1.63 ms
64 bytes from 8.8.8.8: icmp_seq=4 ttl=47 time=1.63 ms

This means that this container has internet access. 





Wednesday, 17 July 2019

Docker Command Part-15 By Raj Gupta

How to bind any folder from local system to any container to access it. This will just create a link to folder in place of copying all the data, So in this away we can avoid copy same data in multiple place and same the memory

[root@ip-172-31-93-105 ~]# mkdir bind
[root@ip-172-31-93-105 ~]# ld
ld: no input files
[root@ip-172-31-93-105 ~]# ls
bind
[root@ip-172-31-93-105 ~]# cd bind/
[root@ip-172-31-93-105 bind]# vi index.html
[root@ip-172-31-93-105 bind]# cat index.html
<html>
<head>
       <title>test</title>
</head>
<body>
      <h1 align="center">Docker BindMount Point</h1>
</body>
</html>

[root@ip-172-31-93-105 bind]# pwd
/root/bind

[root@ip-172-31-93-105 bind]# docker container run -it -v /root/bind:/tmp/test/ ubuntu:14.04 bash
root@212c5cb66eb3:/#
[root@ip-172-31-93-105 bind]# pwd
/root/bind
[root@ip-172-31-93-105 bind]# docker container run -rm -it -v
unknown shorthand flag: 'r' in -rm
See 'docker container run --help'.
[root@ip-172-31-93-105 bind]# docker container run -it -v /root/bind:/tmp/test/ ubuntu:14.04 bash
Unable to find image 'ubuntu:14.04' locally
14.04: Pulling from library/ubuntu
a7344f52cb74: Pull complete
515c9bb51536: Pull complete
e1eabe0537eb: Pull complete
4701f1215c13: Pull complete
Digest: sha256:2f7c79927b346e436cc14c92bd4e5bd778c3bd7037f35bc639ac1589a7acfa90
Status: Downloaded newer image for ubuntu:14.04
root@212c5cb66eb3:/# cd /tmp/
root@212c5cb66eb3:/tmp# ls
test
root@212c5cb66eb3:/tmp# cd test/
root@212c5cb66eb3:/tmp/test# ls
index.html
root@212c5cb66eb3:/tmp/test# cat index.html
<html>
<head>
       <title>test</title>
</head>
<body>
      <h1 align="center">Docker BindMount Point</h1>
</body>
</html>
root@212c5cb66eb3:/tmp/test#

if you change any thing in local system same will reflect in container also

Note:-

In place of this command

docker container run -it -v /root/bind:/tmp/test/ ubuntu:14.04 bash

You can also use

docker container run -it --mount type=bind,source= /root/bind,target=/tmp/test/ ubuntu:14.04 bash

Docker Command Part-15 By Raj Gupta

If you are going to create a volume that does not exit like below abc...then it will simply going to create a volume with same same

[root@ip-172-31-93-105 ~]# docker volume ls
DRIVER              VOLUME NAME
local               8c275dfbba8a8134169997142989597ca98a91afdc8bcde841e0fa3dea9f6770
local               bcf7678ec0c851930453fad10b43763caebc4c2e71d6c758863484f8060ad96f
local               e700479341274ebe6837f6f4c20f564a6c93d91cf16490c5d825b2081c1ee07f
[root@ip-172-31-93-105 ~]# docker container run -d --name mysql1 -v abc:/var/lib/mysq4 -e MYSQL_ALLOW_EMPTY_PASSWORD=true mysql
8e578149e45721964154480f9b8ca9d4d6132a98623d092a4f3d9ba9c1607090
[root@ip-172-31-93-105 ~]# docker container ls
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                 NAMES
8e578149e457        mysql               "docker-entrypoint.s…"   28 seconds ago      Up 27 seconds       3306/tcp, 33060/tcp   mysql1
[root@ip-172-31-93-105 ~]# docker volume ls
DRIVER              VOLUME NAME
local               488241083b58309e800e51e6e586b5dae695b5969333231c8928d0b7e9cf56f1
local               8c275dfbba8a8134169997142989597ca98a91afdc8bcde841e0fa3dea9f6770
local               abc
local               bcf7678ec0c851930453fad10b43763caebc4c2e71d6c758863484f8060ad96f
local               e700479341274ebe6837f6f4c20f564a6c93d91cf16490c5d825b2081c1ee07f
[root@ip-172-31-93-105 ~]#


----------------------------------------------------------------------------------------------------

To delete or remove the volume used below command 

To delete one by one
[root@ip-172-31-93-105 ~]# docker volume ls
DRIVER              VOLUME NAME
local               488241083b58309e800e51e6e586b5dae695b5969333231c8928d0b7e9cf56f1
local               8c275dfbba8a8134169997142989597ca98a91afdc8bcde841e0fa3dea9f6770
local               abc
local               bcf7678ec0c851930453fad10b43763caebc4c2e71d6c758863484f8060ad96f
local               e700479341274ebe6837f6f4c20f564a6c93d91cf16490c5d825b2081c1ee07f
local               mytest

[root@ip-172-31-93-105 ~]# docker volume rm 488241083b58309e800e51e6e586b5dae695b5969333231c8928d0b7e9cf56f1

488241083b58309e800e51e6e586b5dae695b5969333231c8928d0b7e9cf56f1
[root@ip-172-31-93-105 ~]# docker volume ls
DRIVER              VOLUME NAME
local               8c275dfbba8a8134169997142989597ca98a91afdc8bcde841e0fa3dea9f6770
local               92217cb240d362ca3b62fa07ffebf50e28e67b31f907d8b87e51cceb340cafb2
local               abc
local               bcf7678ec0c851930453fad10b43763caebc4c2e71d6c758863484f8060ad96f
local               e700479341274ebe6837f6f4c20f564a6c93d91cf16490c5d825b2081c1ee07f
local               mytest
local               xyz



To delete more then one at same time
[root@ip-172-31-93-105 ~]# docker volume ls
DRIVER              VOLUME NAME
local               92217cb240d362ca3b62fa07ffebf50e28e67b31f907d8b87e51cceb340cafb2
local               abc
local               bcf7678ec0c851930453fad10b43763caebc4c2e71d6c758863484f8060ad96f
local               e700479341274ebe6837f6f4c20f564a6c93d91cf16490c5d825b2081c1ee07f
local               mytest
local               xyz
[root@ip-172-31-93-105 ~]# docker volume rm abc mytest
abc
mytest
[root@ip-172-31-93-105 ~]# docker volume ls
DRIVER              VOLUME NAME
local               92217cb240d362ca3b62fa07ffebf50e28e67b31f907d8b87e51cceb340cafb2
local               bcf7678ec0c851930453fad10b43763caebc4c2e71d6c758863484f8060ad96f
local               e700479341274ebe6837f6f4c20f564a6c93d91cf16490c5d825b2081c1ee07f
local               xyz


-----------------------------------------------------------------------------------------------------
To delete all unused volume that volume not used by any container use prune command

[root@ip-172-31-93-105 ~]# docker volume prune
WARNING! This will remove all local volumes not used by at least one container.
Are you sure you want to continue? [y/N] y
Deleted Volumes:
bcf7678ec0c851930453fad10b43763caebc4c2e71d6c758863484f8060ad96f

Total reclaimed space: 183.6MB

[root@ip-172-31-93-105 ~]# docker volume ls
DRIVER              VOLUME NAME
local               92217cb240d362ca3b62fa07ffebf50e28e67b31f907d8b87e51cceb340cafb2
local               e700479341274ebe6837f6f4c20f564a6c93d91cf16490c5d825b2081c1ee07f
local               xyz
[root@ip-172-31-93-105 ~]#


-----------------------------------------------------------------------------------------

To remove the used volume of running container ...First we need to kill the container then we need to remove it then only we are able to delete volume


[root@ip-172-31-93-105 ~]# docker container ls
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                 NAMES
ee6ecf5b36f6        mysql               "docker-entrypoint.s…"   33 minutes ago      Up 33 minutes       3306/tcp, 33060/tcp   mysql1
[root@ip-172-31-93-105 ~]# docker container kill ee6ecf5b36f6
ee6ecf5b36f6
[root@ip-172-31-93-105 ~]# docker container ls
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES
[root@ip-172-31-93-105 ~]# docker volume ls
DRIVER              VOLUME NAME
local               92217cb240d362ca3b62fa07ffebf50e28e67b31f907d8b87e51cceb340cafb2
local               e700479341274ebe6837f6f4c20f564a6c93d91cf16490c5d825b2081c1ee07f
local               xyz
[root@ip-172-31-93-105 ~]# docker container ls  -a
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS                       PORTS               NAMES
ee6ecf5b36f6        mysql               "docker-entrypoint.s…"   37 minutes ago      Exited (137) 2 minutes ago                       mysql1
52dd7437728e        mysql               "docker-entrypoint.s…"   3 hours ago         Exited (1) 3 hours ago                           admiring_shtern
[root@ip-172-31-93-105 ~]# docker container rm ee6ecf5b36f6 52dd7437728e
ee6ecf5b36f6
52dd7437728e
[root@ip-172-31-93-105 ~]# docker container ls -a
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES
[root@ip-172-31-93-105 ~]# docker volume prune
WARNING! This will remove all local volumes not used by at least one container.
Are you sure you want to continue? [y/N] y
Deleted Volumes:
xyz
92217cb240d362ca3b62fa07ffebf50e28e67b31f907d8b87e51cceb340cafb2
e700479341274ebe6837f6f4c20f564a6c93d91cf16490c5d825b2081c1ee07f

Total reclaimed space: 183.6MB
[root@ip-172-31-93-105 ~]# docker volume ls
DRIVER              VOLUME NAME
[root@ip-172-31-93-105 ~]#