Docker Haruka Iwao Storage Solution Architect, Red Hat K.K. February 12, 2015
(@Yuryu) : Web (HPC) ( MMORPG)
Docker Web OS nginx HTML nginx OS nginx nginx RHEL RHEL OS
Docker 2 Dockerfile $ docker build -t <tag> Dockerfile ) $ docker build -t yuryu/test.
Dockerfile ) FROM registry.access.redhat.com/rhel RUN yum - y install httpd ADD index.html /var/www/html/index.html EXPOSE 80 CMD ["/usr/sbin/httpd", "- DFOREGROUND"]
Dockerfile FROM - RUN - ADD - EXPOSE - CMD - FROM registry.access.redhat.com/rhel RUN yum - y install httpd ADD index.html /var/www/html/index.html EXPOSE 80 CMD ["/usr/sbin/httpd", "- DFOREGROUND"]
Dockerfile (2) MAINTAINER - USER - WORKDIR - COPY - ADD https://docs.docker.com/reference/ builder/
$ docker run -d -P EXPOSE $ mkdir demo- apache $ cd demo- apache $ curl - L - o Dockerfile bit.ly/1fa902p $ echo Hello, Docker! > index.html $ build - t demo- apache. $ docker run - dp demo- apache
docker build [yuryu@rhel7 docker- apache]$ docker build - t demo- apache. Sending build context to Docker daemon 3.584 kb Sending build context to Docker daemon Step 0 : FROM registry.access.redhat.com/rhel - - - > e1f5733f050b Step 1 : RUN yum - y install httpd - - - > Using cache - - - > 3679b20fa9ba Step 2 : ADD index.html /var/www/html/index.html - - - > Using cache - - - > db91c285d5ad Step 3 : EXPOSE 80 - - - > Using cache - - - > c9ceb17b169f Step 4 : CMD /usr/sbin/httpd - DFOREGROUND - - - > Using cache - - - > 4e99155706f6 Successfully built 4e99155706f6
docker run ID [yuryu@rhel7 docker- apache]$ docker run - dp demo- apache 8d6b20a1e23427ad575bed1aee9cbea5406e5ed648a645e955cd6c6c6a 34ea0a [yuryu@rhel7 docker- apache]$ docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 8d6b20a1e234 demo- apache:latest "/usr/sbin/httpd - DF 4 seconds ago Up 4 seconds 0.0.0.0:49247- >80/tcp jovial_jones
$ docker run -p <host port>:<guest port> $ docker port [yuryu@rhel7 docker- apache]$ docker run - dp 80:80 demo- apache b027be3d09ace7c8cac594c14d07d3ddda5c32f15e14f8a28297714a69 723c54 [yuryu@rhel7 docker- apache]$ docker port b027be3d09ac 80/tcp - > 0.0.0.0:80
--link < >:alias EXPOSE # docker run - d - e MYSQL_ROOT_PASSWORD=root - - name mysql mysql # docker run - it - - link mysql:mysql mysql /bin/bash # env grep MYSQL_PORT MYSQL_PORT_3306_TCP_PORT=3306 MYSQL_PORT_3306_TCP=tcp://172.17.0.155:3306 MYSQL_PORT_3306_TCP_PROTO=tcp MYSQL_PORT_3306_TCP_ADDR=172.17.0.155 MYSQL_PORT=tcp://172.17.0.155:3306 # mysql - - host=$mysql_port_3306_tcp_addr - - port= $MYSQL_PORT_3306_TCP_PORT - - password=root
( ) EXPOSE link alias ALIAS_PORT_XXX ALIAS_PORT_XXX_TCP ALIAS_PORT_XXX_TCP_PROTO ALIAS_PORT_XXX_TCP_ADDR ALIAS_PORT_XXX_TCP_PORT
: VOLUME /var/lib/mysql --volumes-from < > Data-only # docker run - d - - name mysql_volume mysql echo MySQL Volume Container # docker run - - volumes- from mysql_volume - d - e MYSQL_ROOT_PASSWORD=root - - name mysql mysql Docker 1.4 docker run docker create ( )
-v <host path>:<container path> SELinux # chcon -Rt svirt_sandbox_file_t $ mkdir mysql- volume; cd mysql- volume $ sudo chcon - Rt svirt_sandbox_file_t. $ docker run - v $(pwd):/var/lib/mysql - - name mysql - e MYSQL_ROOT_PASSWORD=root - d mysql
Data-only tar $ mkdir mysql- volume; cd mysql- volume $ sudo chcon - Rt svirt_sandbox_file_t. $ sudo docker run - - volumes- from mysql_volume - v $(pwd):/ backup - - name mysql- backup fedora tar cfz /backup/mysql- backup.tar.gz /var/lib/mysql $ sudo docker run - - volumes- from mysql_volume - v $(pwd):/ backup - - name mysql- restore fedora tar xf /backup/mysql- backup.tar.gz - C /
Data only VOLUME volumes-from -v <host>:<container>
Docker CI A GitHub B C
GitHub https://github.com/yuryu/docker- jenkins- demo Red Hat Enterprise Linux
Jenkins Dockerfile FROM registry.access.redhat.com/rhel MAINTAINER Haruka Iwao RUN yum - y upgrade RUN curl - o /etc/yum.repos.d/jenkins.repo http://pkg.jenkins- ci.org/redhat/jenkins.repo RUN rpm - - import https://jenkins- ci.org/redhat/jenkins- ci.org.key RUN yum - y install jenkins java git docker ADD run- jenkins.sh /root/run- jenkins.sh EXPOSE 8080 CMD /root/run- jenkins.sh
run-jenkins.sh #!/bin/sh JENKINS_HOME="/var/lib/jenkins" JENKINS_USER="jenkins" JENKINS_JAVA_OPTIONS="- Djava.awt.headless=true" JENKINS_PORT="8080" JENKINS_HANDLER_MAX="100" JENKINS_HANDLER_IDLE="20" JAVA_CMD="/usr/bin/java $JENKINS_JAVA_OPTIONS - DJENKINS_HOME=$JENKINS_HOME - jar /usr/lib/jenkins/jenkins.war" OPTIONS="- - httpport=$jenkins_port - - handlercountmax=$jenkins_handler_max - - handlercountmaxidle=$jenkins_handler_idle " cd "$JENKINS_HOME" exec runuser - u $JENKINS_USER - - $JAVA_CMD $OPTIONS
Slave Dockerfile FROM registry.access.redhat.com/rhel MAINTAINER Haruka Iwao RUN yum - y upgrade RUN yum - y swap - - remove fakesystemd - - install systemd systemd- libs RUN yum - y install openssh- server java- 1.7.0- openjdk RUN adduser jenkins RUN echo "jenkins:jenkins" chpasswd RUN ssh- keygen - f /etc/ssh/ssh_host_rsa_key - N '' - t rsa RUN ssh- keygen - f /etc/ssh/ssh_host_dsa_key - N '' - t dsa RUN ssh- keygen - f /etc/ssh/ssh_host_ecdsa_key - N '' - t ecdsa RUN yum - y install gcc gcc- c++ automake autoconf make git libtool EXPOSE 22 CMD ["/usr/sbin/sshd", "- D"]
Slave RHEL systemd fakesystemd systemd systemd yum -y swap -- remove fakesystemd -- install systemd systemd-libs systemd init
Jenkins Docker Plugin Jenkins Docker
Docker TCP listen Jenkins /etc/sysconfig/docker! OPTIONS=- - selinux- enabled - H tcp://172.17.42.1:5555 - H fd://
Jenkins Data-only Jenkins $ docker run - d - v /var/lib/jenkins - - name jenkins- home yuryu/demo- jenkins echo Data- only container for jenkins $ docker run - - volumes- from jenkins- home - d - p 8080:8080 yuryu/demo- jenkins
Jenkins Manage Jenkins > Configure System
Docker Manage Jenkins > Docker
autoconf / gtest C https://github.com/yuryu/gtest- demo
configure
commit
cadvisor Docker https://github.com/google/cadvisor
cadvisor
cadvisor # setenforce Permissive $ docker run \ - - volume=/:/rootfs:ro \ - - volume=/var/run:/var/run:rw \ - - volume=/sys:/sys:ro \ - - volume=/var/lib/docker/:/var/lib/docker:ro \ - - publish=8080:8080 \ - - detach=true \ - - name=cadvisor \ - - volume=/cgroup:/cgroup \ google/cadvisor:latest