Command guide for Docker

Docker is a microservice-oriented container system. Those are designed to work in any work environment, either production, development or QA, since it allows a docker (container) with a service to be deployed, and it will have all the necessary libraries for the environment, which makes it a perfect tool for application development due to its resilience and power.

Dockers are intended to be stateless; that is to say, they do not have information that varies. To achieve this, it is necessary to map the docker directories where the data that changes will be stored, and leave that on the host.

In this post, we will give you the basic commands to manage dockers, as well as the DockerFile configuration.

Commands for Docker

start docker:
$ sudo systemctl start docker 
stop docker:
sudo systemctl stop docker 
Get the IP of a container:
$ docker inspect CONTENEDOR | grep '"IPAddress"' | head -n 1 | awk -v x=2 '{ gsub("\"","");  gsub(",",""); print $x}'

Docker images

View the images:
 $ docker images 
Delete an image:
r rmi <image> 
Create an image from a container:
    $ docker commit -a “creador” –m “comentario” <contenedor> <imagen_a_crear> 
Create an image from a dockerfile:
$ docker build -t <nombre_imagen> -f <dockerfile> <path_de_destino_de_la_imagen> 
Create image from a .tar:
docker load -i archivo.tar 

Containers

View inactive containers:
$ docker ps –a 
View active containers:
$ docker ps 
Delete a container:
$ docker rm <contenedor id> 
Stop a container:
$ docker stop <contenedor id> 
Start a stopped container:
$ docker start <contenedor id>
Start a container:
$ docker run --name <contenedor> -p <puerto_origen>:<puerto_contenedor>  <imagen_que_queremos_utilizar> 
Enter a started container:
docker exec -it <contenedor> sh 
Copy a file that is external to a container, to inside the container:
$ docker cp file <container-name>:/directorio/ 
Show container log:
$ docker logs <container> 
Show container resource statistics:
$ docker stats <container> 

Instructions for Dockerfile

  • FROM <image>: initializes a new phase for the construction of the image, and indicates which image is going to be used as a base in the following instructions.
  • LABEL <key>=<value>:  adds metadata to an image in key-value pair mode.
  • ADD <origin> <destiny>:  copies new files or directories (either local or remote) to the image’s file system, at the specified destination.
  • COPY <origin> <destiny>: copies files or directories to the image’s file system, at the specified destination.
  • RUN <command>:  run the indicated command(s) in a new layer above the current one, then saves the changes.
  • ENV <key>=<value>:  defines environment variables for the image being created, from key-value pairs.
  • EXPOSE <port>:  specifies that the container will have the indicated port available to listen to requests at runtime.
  • USER <user_to_change>:  specifies the user to be used when launching the image, or for any RUN, CMD, and ENTRYPOINT commands.
  • VOLUME [“<volume>”]: create volumes with the specified name.
  • WORKDIR /path/to/workdir: marks the working directory for any RUN, CMD, COPY, ADD and ENTRYPOINT commands.
  • ARG <key>:  defines a variable that users can pass at build time to the builder with the docker build docker build –build-arg <varname>=<value> command.
  • ENTRYPOINT <command> <param1> <param2>:  allows to configure a container to be launched as an executable.

If you are interested in knowing more extensive definitions for its use, you can find them in the official Docker documentation.

Here is an example of how one of our Dockerfiles would be defined:

Dockerfile

# Select the image to use as a base
FROM openjdk:8-jdk-alpine 

# Add tags to image's metadata
LABEL module.maintainer="user@mail.es" \ 
  module.name="project"	 

# Copy all exec.jar files to the container's app.jar file
ADD *-exec.jar app.jar 

# Create the folders for the application's logs and target
RUN mkdir -p /var/log/admin-logs && \ 

mkdir ./target 
 
# Create the onesait group and user
RUN addgroup -S onesait -g 433 && adduser -u 431 -S -g onesait -h /usr/local -s /sbin/nologin onesait  
 
# Give permissions to the user and make them the owner of the folders we need
RUN chown -R onesait:onesait /usr/local && \ 
    chown -R onesait:onesait /var/log/admin-logs && \ 
    chown -R onesait:onesait ./target && \ 
    chown onesait:onesait app.jar && \ 
    chmod -R 777 ./target && \ 
    chmod -R 777 /var/log && \ 
    chmod -R 777 /usr/local 

# Define the volumes we need for the image
VOLUME ["/tmp", "/var/log/admin-logs"] 

# Indicate the user onesait as the user to be used when launching the image
USER onesait 
     
# Indicate that the image will use port 8080
EXPOSE 8080 
 
# Set value to some environment variables that we have defined
ENV JAVA_OPTS="$JAVA_OPTS -Xms1G -Xmx3G" \ 
    SERVER_NAME=localhost 


# Indicate the command with which the image will be launched when executed
ENTRYPOINT sh -c "java $JAVA_OPTS -Dspring.application.json=$ONESAIT_PROPERTIES -Djava.security.egd=file:/dev/./urandom -Dspring.profiles.active=docker -jar /app.jar" && 1 

Dockerfile Templates

Springboot

FROM openjdk:8-jdk-alpine

# Metadata
LABEL module.maintainer="user@email.es" \
	  module.name="project"	

ADD *-exec.jar app.jar

# logs folder
RUN mkdir -p /var/log/project-logs && \
	mkdir ./target
	
# create onesait user/group
RUN addgroup -S onesait -g 433 && adduser -u 431 -S -g onesait -h /usr/local -s /sbin/nologin onesait 

RUN chown -R onesait:onesait /usr/local && \
    chown -R onesait:onesait /var/log/project-logs && \
    chown -R onesait:onesait ./target && \
    chown onesait:onesait app.jar && \
    chmod -R 777 ./target && \
    chmod -R 777 /var/log && \
    chmod -R 777 /usr/local

VOLUME ["/tmp", "/var/log/project-logs"]
    
USER onesait
    
EXPOSE 8080

ENV JAVA_OPTS="$JAVA_OPTS -Xms1G -Xmx3G" \
    SERVER_NAME=localhost 

ENTRYPOINT sh -c "java $JAVA_OPTS -Dspring.application.json=$ONESAIT_PROPERTIES -Djava.security.egd=file:/dev/./urandom -Dspring.profiles.active=docker -jar /app.jar" && 1

Vue.js app

FROM  node:lts-alpine as build-stage

# Metadata
LABEL module.maintainer="user@email.es" \
  module.name="project"

WORKDIR /app

COPY package*.json ./
COPY .npmrc /root/.npmrc
COPY .npmrc ./

RUN npm config set registry https://registry.npmjs.org/ && \
    npm install

COPY . .
RUN npm run build

# production stage
FROM nginx:stable-alpine as production-stage
COPY --from=build-stage /app/dist /usr/share/nginx/html

VOLUME ["/tmp", "/var/log/nginx"]

EXPOSE 80

CMD ["nginx", "-g", "daemon off;"]

Python app

FROM python:3.6

LABEL maintainer="arquitecturaDSP@indra.es"

ENV LANG C.UTF-8
ENV LC_ALL C.UTF-8
ENV http_proxy=${HTTP_PROXY}
ENV https_proxy=${HTTP_PROXY}

# create onesait user/group
#RUN addgroup onesait -g 433 && adduser -u 431 -g onesait onesait 
RUN groupadd -r onesait && useradd --no-log-init -r -g onesait onesait

WORKDIR /app
COPY . /app

RUN chown -R onesait:onesait /usr/local && \
    chown -R onesait:onesait /app && \
    chmod -R 777 /var/log && \
    chmod -R 777 /usr/local

# Update Python tools
RUN pip install --upgrade pip setuptools wheel
RUN pip install --upgrade -r requirements.txt

USER onesait

WORKDIR /app

# Expose the application's port
EXPOSE 5000

# Start service
CMD ["gunicorn", "-b 0.0.0.0:5000", "-w 2", "wsgi:app"]

Header image: Lanju Fotografie at Unsplash

Autor

Leave a Reply

Your email address will not be published. Required fields are marked *