Obtaining the Docker image
First, get the basic Docker image. The Docker image is published on the Docker Hub Registry (https://hub.docker.com/).
You can search for published images with the docker search command. An example of searching the image of CentOS is here.
# docker search centos
INDEX NAME DESCRIPTION STARS OFFICIAL AUTOMATED
docker.io docker.io/centos The official build of CentOS. 1842 [OK]
docker.io docker.io/ansible/centos7-ansible Ansible on Centos7 63 [OK]
docker.io docker.io/jdeathe/centos-ssh CentOS-6 6.7 x86_64 / EPEL/IUS Repos / Ope… 14 [OK]
docker.io docker.io/jdeathe/centos-ssh-apache-php CentOS-6 6.7 x86_64 / Apache / PHP / PHP M… 11 [OK]
docker.io docker.io/million12/centos-supervisor Base CentOS-7 with supervisord launcher, h… 9 [OK]
docker.io docker.io/blalor/centos Bare-bones base CentOS 6.5 image 8 [OK]
docker.io docker.io/nimmis/java-centos This is docker images of CentOS 7 with dif… 7 [OK]
docker.io docker.io/torusware/speedus-centos Always updated official CentOS docker imag… 7 [OK]
docker.io docker.io/consol/centos-xfce-vnc Centos container with “headless” VNC sessi… 5 [OK]
docker.io docker.io/jdeathe/centos-ssh-mysql CentOS-6 6.7 x86_64 / MySQL. 4 [OK]
docker.io docker.io/nathonfowlie/centos-jre Latest CentOS image with the JRE pre-insta… 3 [OK]
docker.io docker.io/centos/mariadb55-centos7 2 [OK]
docker.io docker.io/nickistre/centos-lamp LAMP on centos setup 2 [OK]
docker.io docker.io/feduxorg/centos-postgresql Centos Image with postgres 1 [OK]
docker.io docker.io/layerworx/centos CentOS container with etcd, etcdctl, confd… 1 [OK]
docker.io docker.io/lighthopper/orientdb-centos A Dockerfile for creating an OrientDB imag… 1 [OK]
docker.io docker.io/nathonfowlie/centos-jira JIRA running on the latest version of CentOS 1 [OK]
docker.io docker.io/softvisio/centos Centos 1 [OK]
docker.io docker.io/yajo/centos-epel CentOS with EPEL and fully updated 1 [OK]
docker.io docker.io/blacklabelops/centos Blacklabelops Centos 7 base image without … 0 [OK]
docker.io docker.io/januswel/centos yum update-ed CentOS image 0 [OK]
docker.io docker.io/jsmigel/centos-epel Docker base image of CentOS w/ EPEL installed 0 [OK]
docker.io docker.io/lighthopper/openjdk-centos A Dockerfile for creating an OpenJDK image… 0 [OK]
docker.io docker.io/pdericson/centos Docker image for CentOS 0 [OK]
docker.io docker.io/timhughes/centos Centos with systemd installed and running 0 [OK]
Various images are released to various people. What is displayed as “OK” in the OFFICIAL column is the official image of CentOS. Several applications that have been installed in advance have been released.
To download the Docker image, use the docker pull command. An example of execution when downloading the image of CentOS 7 is here.
# docker pull centos
Using default tag: latest
Trying to pull repository docker.io/library/centos … latest: Pulling from library/centos
47d44cb6f252: Pull complete
838c1c5c4f83: Pull complete
5764f0a31317: Pull complete
60e65a8e4030: Pull complete
library/centos:latest: The image you are pulling has been verified. Important: image verification is a tech preview feature and should not be relied on to provide security.
Digest: sha256:8072bc7c66c3d5b633c3fddfc2bf12d5b4c2623f7004d9eed6aae70e0e99fbd7
Status: Downloaded newer image for docker.io/centos:latest
As in this example, several images are downloaded in batches. You can check downloaded images as follows.
# docker images
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
?docker.io/centos latest 60e65a8e4030 3 weeks ago 196.6 MB
?
The Docker image is specified by separating the repository and the tag with “:”. For example, the image of CentOS 7 in ? is used under the name docker.io / centos: latest.
Create Container
Invoking a container refers to starting a process on this image. Docker expands the specified image and uses it as a container file system set.
To create a container, use the docker run command. We use it in the following
docker run [<options>] <image> <command> [<arg>]
Specify the image to be used with the command to move on the image and its argument with and.
Here is the command to create a container named “centos7” that starts bash with the image docker.io /centos:latest.
# docker run -it –name centos7 docker.io/centos:latest /bin/bash
[root@b18de31e55ec /]#ls
anaconda-post.log bin dev etc home lib lib64 lost+found media mnt opt proc root run sbin srv sys tmp usr var
In this example, docker run is appended with “-it” as an option. This is a designation of assigning TTY (terminal · console) in interactive mode.
You can execute the ls command etc. in the started container. Of course you can also use vi etc. to modify the file.
The container will only run while the started /bin/bash process is running. That is, the container stops when you exit this shell.
· Container stop
[root@b18de31e55ec /]# exit
If you want to return the operation to the original shell without stopping the container, you can exit the container’s TTY with Ctrl-P + Ctrl-q.
Reconnect to container
# docker attach centos7
[root@b18de31e55ec /]#
[root@b18de31e55ec /]# ls
anaconda-post.log bin dev etc home lib lib64 lost+found media mnt opt proc root run sbin srv sys tmp usr var
To connect to a running container, execute the docker attach command with the container name as follows.
Confirming Container in Operation
To check the active container, use the docker ps command.
# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b18de31e55ec docker.io/centos:latest “/bin/bash” 9 minutes ago Up 9 minutes centos7
# docker ps -a
8cc776959b0f docker.io/centos:latest “/bin/bash” 5 seconds ago Exited (0) 1 seconds ago centos7a
b18de31e55ec docker.io/centos:latest “/bin/bash” 14 minutes ago Up 14 minutes centos7
Confirm container information
If you want to know the detailed state of the container of Docker, use docker inspect.
You can check the process specified when starting Docker, the resources allocated to the container, and so on.
# docker inspect centos7
[
{
“Id”: “b18de31e55ec5c02721193fab1d815f9b5fd3d32eebad4b86330b792a5ce2c0a”,
“Created”: “2016-01-19T11:17:47.272087891Z”,
“Path”: “/bin/bash”,
“Args”: [],
“State”: {
“Running”: true,
“Paused”: false,
“Restarting”: false,
“OOMKilled”: false,
“Dead”: false,
“Pid”: 2563,
“ExitCode”: 0,
“Error”: “”,
“StartedAt”: “2016-01-19T11:17:47.685386072Z”,
“FinishedAt”: “0001-01-01T00:00:00Z”
},
“Image”: “60e65a8e4030022260a4f84166814b2683e1cdfc9725a9c262e90ba9c5ae2332”,
“NetworkSettings”: {
“Bridge”: “”,
“EndpointID”: “4aeb09fdcce86c3d8c76115f222657844dc4fa7ca0d56d8b997e6d1708d42717”,
“Gateway”: “172.17.42.1”,
“GlobalIPv6Address”: “”,
“GlobalIPv6PrefixLen”: 0,
“HairpinMode”: false,
“IPAddress”: “172.17.0.1”,
“IPPrefixLen”: 16,
“IPv6Gateway”: “”,
“LinkLocalIPv6Address”: “”,
“LinkLocalIPv6PrefixLen”: 0,
“MacAddress”: “02:42:ac:11:00:01”,
“NetworkID”: “b1d897f4c186fdaffcebd0ed10a57721ed871efad61bba223f74d362ddd47b31”,
“PortMapping”: null,
“Ports”: {},
“SandboxKey”: “/var/run/docker/netns/b18de31e55ec”,
“SecondaryIPAddresses”: null,
“SecondaryIPv6Addresses”: null
},
“ResolvConfPath”: “/var/lib/docker/containers/b18de31e55ec5c02721193fab1d815f9b5fd3d32eebad4b86330b792a5ce2c0a/resolv.conf”,
“HostnamePath”: “/var/lib/docker/containers/b18de31e55ec5c02721193fab1d815f9b5fd3d32eebad4b86330b792a5ce2c0a/hostname”,
“HostsPath”: “/var/lib/docker/containers/b18de31e55ec5c02721193fab1d815f9b5fd3d32eebad4b86330b792a5ce2c0a/hosts”,
“LogPath”: “/var/lib/docker/containers/b18de31e55ec5c02721193fab1d815f9b5fd3d32eebad4b86330b792a5ce2c0a/b18de31e55ec5c02721193fab1d815f9b5fd3d32eebad4b86330b792a5ce2c0a-json.log”,
“Name”: “/centos7”,
“RestartCount”: 0,
“Driver”: “devicemapper”,
“ExecDriver”: “native-0.2”,
“MountLabel”: “”,
“ProcessLabel”: “”,
“AppArmorProfile”: “”,
“ExecIDs”: null,
“HostConfig”: {
“Binds”: null,
“ContainerIDFile”: “”,
“LxcConf”: [],
“Memory”: 0,
“MemorySwap”: 0,
“CpuShares”: 0,
“CpuPeriod”: 0,
“CpusetCpus”: “”,
“CpusetMems”: “”,
“CpuQuota”: 0,
“BlkioWeight”: 0,
“OomKillDisable”: false,
“MemorySwappiness”: -1,
“Privileged”: false,
“PortBindings”: {},
“Links”: null,
“PublishAllPorts”: false,
“Dns”: null,
“DnsSearch”: null,
“ExtraHosts”: null,
“VolumesFrom”: null,
“Devices”: [],
“NetworkMode”: “default”,
“IpcMode”: “”,
“PidMode”: “”,
“UTSMode”: “”,
“CapAdd”: null,
“CapDrop”: null,
“GroupAdd”: null,
“RestartPolicy”: {
“Name”: “no”,
“MaximumRetryCount”: 0
},
“SecurityOpt”: null,
“ReadonlyRootfs”: false,
“Ulimits”: null,
“LogConfig”: {
“Type”: “json-file”,
“Config”: {}
},
“CgroupParent”: “”,
“ConsoleSize”: [
0,
0
]
},
“GraphDriver”: {
“Name”: “devicemapper”,
“Data”: {
“DeviceId”: “7”,
“DeviceName”: “docker-253:1-67259332-b18de31e55ec5c02721193fab1d815f9b5fd3d32eebad4b86330b792a5ce2c0a”,
“DeviceSize”: “107374182400”
}
},
“Mounts”: [],
“Config”: {
“Hostname”: “b18de31e55ec”,
“Domainname”: “”,
“User”: “”,
“AttachStdin”: true,
“AttachStdout”: true,
“AttachStderr”: true,
“ExposedPorts”: null,
“PublishService”: “”,
“Tty”: true,
“OpenStdin”: true,
“StdinOnce”: true,
“Env”: null,
“Cmd”: [
“/bin/bash”
],
“Image”: “docker.io/centos:latest”,
“Volumes”: null,
“VolumeDriver”: “”,
“WorkingDir”: “”,
“Entrypoint”: null,
“NetworkDisabled”: false,
“MacAddress”: “”,
“OnBuild”: null,
“Labels”: {}
}
}
]
Container stopped
You can also stop running containers from the host side. Execute the following docker stop command with the container name specified.
# docker stop centos7
centos7
When this process is executed, TERM signal and KILL signal are sent to the container process. In other words, it will kill the container process.
Launch container
You can also move the suspended container again. Execute the docker start command with the container name as follows.
docker start centos7
centos7
Restart container
To restart a running container, use the docker restart command. When this command is executed, the process of the container is forcibly terminated and restarted.
# docker restart centos7
centos7
Container commit
Even if you edit a file in a container, deleting all the containers will delete the changes. However, you can store the state of the container as a new image.
Storage is done with the docker commit.
Docker commit saves the container in the specified local repository. Tags can also be specified. In addition, you can attach a creator with the -a option and a message with the -m option.
Here is an example of storing a container called centos7 in a repository named localrepo.
# docker commit -a Mohan Ramadoss -m “CentOS 7 test image” centos7 localrepo:test
32f79088593dc06e79c3fed9e0732ec7a35f179034e6faf3f4b11db906fee925
# docker images localrepo
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
localrepo test 32f79088593d 15 seconds ago 196.6 MB
Delete Container
To delete the container you created, use docker rm.
If you delete a container, all the files created inside the container will be destroyed, so you need to save it as a new image with docker commit beforehand if storage is necessary.
# docker rm -f centos7
centos7
docker rm -f cents7
Containerization of application environment and disclosure of services
Docker can manage images with a much smaller size than virtual machines such as KVM. Therefore, you can save the execution environment of the application, applications and contents together as a Docker image, and can also perform version management and so on.
We will explain containerization of the application environment and disclosure of the service using an example of building a WWW server and contents environment on the Docker container.
In addition, we will create it in the following procedure.
(1) Create a container to be the source of the WWW server
(2) Set up the WWW server
(3) Placing WWW contents
(4) Save the image (Containerized)
(5) Create a new container with the saved image and check the operation
(6) Publication of container service
In future examples of execution there are things to run on containers and things to run on hosts. Because it is confusing, specify what you should run on the host side (on the host) and what you should do on the container are (on the container).
(1) Create a container to be the source of the WWW server
First, create a container that will be the source of the WWW server. Launch / bin / bash using the official image of centos7. At this time, share the volume to pass the WWW contents from the host. Share the directory containing the WWW contents (/ home / admin / html in this case)
# docker run -it –name webserver-devel –volume=/home/admin/html:/mnt centos:7 /bin/bash
Unable to find image ‘centos:7’ locally
Trying to pull repository docker.io/library/centos … 7: Pulling from library/centos
f5079557f135: Pull complete
42c2aa730369: Pull complete
0e0217391d41: Pull complete
47d44cb6f252: Already exists
library/centos:7: The image you are pulling has been verified. Important: image verification is a tech preview feature and should not be relied on to provide security.
Digest: sha256:8dcd2ec6183f3f4a94d4f9552ce76091624760edefcaa39a9e04441f9e2ad9f6
Status: Downloaded newer image for docker.io/centos:7
Explanation about mounting the host volume
We are mounting the host’s volume (/home/admin/html) to /mnt of the container using the -volume option. Mounting the host volume can be used for the following applications.
Passing files from the host to the container
Sharing files among containers
Storing Container Data
Files created with containers are deleted when the container is deleted, but if you change the file in the mounted area, it will be reflected on the host side as it is.
(2) Set up the WWW server
Install the WWW server in the created container.
[root@168f748a722c /]# yum install httpd
Loaded plugins: fastestmirror, ovl
base | 3.6 kB 00:00:00
extras | 3.4 kB 00:00:00
updates | 3.4 kB 00:00:00
(1/4): base/7/x86_64/group_gz | 155 kB 00:00:00
(2/4): extras/7/x86_64/primary_db | 101 kB 00:00:00
(3/4): base/7/x86_64/primary_db | 5.3 MB 00:00:00
(4/4): updates/7/x86_64/primary_db | 3.1 MB 00:00:06
Determining fastest mirrors
* base: ftp.iij.ad.jp
* extras: ftp.iij.ad.jp
* updates: ftp.iij.ad.jp
Resolving Dependencies
–> Running transaction check
—> Package httpd.x86_64 0:2.4.6-40.el7.centos will be installed
–> Processing Dependency: httpd-tools = 2.4.6-40.el7.centos for package: httpd-2.4.6-40.el7.centos.x86_64
–> Processing Dependency: system-logos >= 7.92.1-1 for package: httpd-2.4.6-40.el7.centos.x86_64
–> Processing Dependency: /etc/mime.types for package: httpd-2.4.6-40.el7.centos.x86_64
–> Processing Dependency: libaprutil-1.so.0()(64bit) for package: httpd-2.4.6-40.el7.centos.x86_64
–> Processing Dependency: libapr-1.so.0()(64bit) for package: httpd-2.4.6-40.el7.centos.x86_64
–> Running transaction check
—> Package apr.x86_64 0:1.4.8-3.el7 will be installed
—> Package apr-util.x86_64 0:1.5.2-6.el7 will be installed
—> Package centos-logos.noarch 0:70.0.6-3.el7.centos will be installed
—> Package httpd-tools.x86_64 0:2.4.6-40.el7.centos will be installed
—> Package mailcap.noarch 0:2.1.41-2.el7 will be installed
–> Finished Dependency Resolution
Dependencies Resolved
==========================================================================================================================================
Package Arch Version Repository Size
==========================================================================================================================================
Installing:
httpd x86_64 2.4.6-40.el7.centos base 2.7 M
Installing for dependencies:
apr x86_64 1.4.8-3.el7 base 103 k
apr-util x86_64 1.5.2-6.el7 base 92 k
centos-logos noarch 70.0.6-3.el7.centos base 21 M
httpd-tools x86_64 2.4.6-40.el7.centos base 82 k
mailcap noarch 2.1.41-2.el7 base 31 k
Transaction Summary
==========================================================================================================================================
Install 1 Package (+5 Dependent packages)
Total download size: 24 M
Installed size: 31 M
Is this ok [y/d/N]: y
Downloading packages:
warning: /var/cache/yum/x86_64/7/base/packages/apr-util-1.5.2-6.el7.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID f4a80eb5: NOKEY
Public key for apr-util-1.5.2-6.el7.x86_64.rpm is not installed
(1/6): apr-util-1.5.2-6.el7.x86_64.rpm | 92 kB 00:00:00
(2/6): apr-1.4.8-3.el7.x86_64.rpm | 103 kB 00:00:00
(3/6): httpd-2.4.6-40.el7.centos.x86_64.rpm | 2.7 MB 00:00:00
(4/6): httpd-tools-2.4.6-40.el7.centos.x86_64.rpm | 82 kB 00:00:00
(5/6): mailcap-2.1.41-2.el7.noarch.rpm | 31 kB 00:00:00
(6/6): centos-logos-70.0.6-3.el7.centos.noarch.rpm | 21 MB 00:00:02
——————————————————————————————————————————————
Total 7.7 MB/s | 24 MB 00:00:03
Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
Importing GPG key 0xF4A80EB5:
Userid : “CentOS-7 Key (CentOS 7 Official Signing Key) <security@centos.org>”
Fingerprint: 6341 ab27 53d7 8a78 a7c2 7bb1 24c6 a8a7 f4a8 0eb5
Package : centos-release-7-2.1511.el7.centos.2.10.x86_64 (@CentOS)
From : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
Is this ok [y/N]: y
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : apr-1.4.8-3.el7.x86_64 1/6
Installing : apr-util-1.5.2-6.el7.x86_64 2/6
Installing : httpd-tools-2.4.6-40.el7.centos.x86_64 3/6
Installing : centos-logos-70.0.6-3.el7.centos.noarch 4/6
Installing : mailcap-2.1.41-2.el7.noarch 5/6
Installing : httpd-2.4.6-40.el7.centos.x86_64 6/6
Verifying : httpd-2.4.6-40.el7.centos.x86_64 1/6
Verifying : httpd-tools-2.4.6-40.el7.centos.x86_64 2/6
Verifying : apr-1.4.8-3.el7.x86_64 3/6
Verifying : mailcap-2.1.41-2.el7.noarch 4/6
Verifying : apr-util-1.5.2-6.el7.x86_64 5/6
Verifying : centos-logos-70.0.6-3.el7.centos.noarch 6/6
Installed:
httpd.x86_64 0:2.4.6-40.el7.centos
Dependency Installed:
apr.x86_64 0:1.4.8-3.el7 apr-util.x86_64 0:1.5.2-6.el7 centos-logos.noarch 0:70.0.6-3.el7.centos
httpd-tools.x86_64 0:2.4.6-40.el7.centos mailcap.noarch 0:2.1.41-2.el7
Complete!
[root@168f748a722c /]# cp -a /etc/httpd/conf/httpd.conf /etc/httpd/conf/httpd.conf_org
[root@168f748a722c /]# vi /etc/httpd/conf/httpd.conf
3) Placing WWW contents
Place the WWW contents in the Docker container. Copy the file from the host volume mounted at / mnt. However, it is impossible to access the file with the limitation of SELinux under normal conditions.
(This can also be said to prevent containers from adversely affecting hosts). Therefore, we first change the content text temporarily on the host side.
# chcon -R system_u:object_r:docker_var_lib_t:s0 /home/admin/html
# vi /home/admin/html/index.html
test
Copy it to the appropriate directory in the Docker container.
[root@168f748a722c]# cp -rp /mnt/* /var/www/html/
restorecon -R /home/admin/html
(4) Save the image (Containerized)
When the setting of the WWW server is finished and the contents are placed, the container is stopped and docker commit is executed on the host side to save the image of the container.
[root@168f748a722c]# exit
# docker commit -a Mohan -m “CentOS 7 webserver” webserver-devel localrepo:webserver-1
3e8ac2d724a929d2696a796ac6a9a06e90cfe847bc106f93c11ff6bfa874fc52
# docker rm webserver-devel
webserver-devel
(5) Create a new container with the saved image and check the operation.
Using the saved image, create a container for the WWW server for operation check.
In this container, start up the WWW server (/usr/sbin/httpd).
# docker rm webserver-devel
webserver-devel
# docker run -d –name webserver –expose=80 localrepo:webserver-1 /usr/sbin/httpd -D FOREGROUND
09a84be4de6be2a33831a338ebd780cf1c582be3c999aa8b1ee8ea928da31665
The WWW server should now be running on the container. In this state, access the 80 port of the container from the host and check the operation.
· IP address survey
The IP address assigned to the container can be checked with docker inspect.
# docker inspect webserver | grep -i addres
“IPAddress”: “172.17.0.4”,
# ping 172.17.0.4
PING 172.17.0.4 (172.17.0.4) 56(84) bytes of data.
64 bytes from 172.17.0.4: icmp_seq=1 ttl=64 time=0.098 ms
64 bytes from 172.17.0.4: icmp_seq=2 ttl=64 time=0.196 ms
^C
— 172.17.0.4 ping statistics —
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 0.098/0.147/0.196/0.049 ms
# nmap 172.17.0.4
Starting Nmap 6.40 ( http://nmap.org ) at 2016-02-23 10:31 JST
Nmap scan report for 172.17.0.4
Host is up (0.0000090s latency).
Not shown: 999 closed ports
PORT STATE SERVICE
80/tcp open http
Nmap done: 1 IP address (1 host up) scanned in 0.12 seconds
(6) Publication of container service
If there is no problem by checking the operation, you can publish the container service to the outside. We will terminate the container once and delete it.
# docker rm -f webserver
webserver
Next, create a container of an official WWW server. At this time, connect the port of the host and the port of the container with -publish.
By doing this, you can connect to the WWW server of the container from the outside through host port 80.
# docker run -d –name webserver –expose=80 –publish 80:80 localrepo:webserver-1 /usr/sbin/httpd -D FOREGROUND
9daf1f23ca7cf7c2fcbf9c571f7b714f7e1b3b29948dc16cb5983823a5c5f19c
Summary
What did you think?
If you actually start using Docker, you can think of it as a test environment. It is to make the best use of Docker’s taste while suppressing risk. It is possible to easily return to the original environment by first constructing the setting necessary for testing and saving it as a Docker image.
And as a next step, we recommend using Docker for development environment. As errors do not occur depending on the environment, for example, if an external company is added to the development team, as long as the development environment can be distributed as a state (container) that can be distributed, the time to get development to start It should be saved.
As a final step, it may be possible to use WEB service etc. as the actual environment introduced this time. You can take advantage of the light operation, you can restore every environment when you need it again by imaging the container and saving it when the publication period is over.
Given these advantages, it should be worth considering the introduction of Docker, so I’d appreciate it if you touch Docker with reference to this article.
Well then.
It will be successful if the contents are displayed by accessing with the browser. (192.168.0.3 is the IP address of the host OS.)
Recent Comments