I have the opportunity to build a Docker micro-service architecture in my current job, a lot of people will share their experience of using Docker, I think I will be no exception. So I've summed up some of the things that you might use in your daily use of Docker.
1. Deployment of multiple Docker instances on a single host
If you want to run multiple Docker containers on a single host, this is especially useful if you want to set different TLS settings, network settings, log settings, and store driver-specific containers. For example, we are currently running a standard to set up two Docker daemon processes. A running consul provides DNS resolution and is stored as a cluster as a different Docker container.
For example:
# Start a Docker daemon and bind to a specific port Docker daemon-h tcp://$IP: 5000--storage-opt dm.fs=xfs \ P '/ Var/run/docker1.pid "\ g"/var/lib/docker1 "\--exec-root="/var/run/docker1 # and start another daemon Daemon-h tcp://$IP: 5001--storage-opt dm.fs=xfs \ s devicemapper \--storage-opt Dm.thinpooldev=/dev/mapper/doc Ker--vg-docker--pool \ P "/var/run/docker2.pid" \ G "/var/lib/docker2"--exec-root= "/var/run/docker2"--clus ter-store=consul://$IP: 8500 \--cluster-advertise= $IP: 2376 # Start a docker daemon and bind to a specific port Docke
Rdaemon-h tcp://$IP: 5000--storage-opt dm.fs=xfs \ P "/var/run/docker1.pid" \ g "/var/lib/docker1" \ --exec-root= "/var/run/docker1 # and start another daemon Docker daemon-h tcp://$IP: 5001--storage-opt dm.fs=xfs \ S
Devicemapper \--storage-opt dm.thinpooldev=/dev/mapper/docker--vg-docker--pool \ P "/var/run/docker2.pid" \ -G "/var/lib/docker2"--exec-root= "/var/run/docker2"--cluster-store=consul://$IP: 8500 \--cluster-advertise= $IP: 2376
2. Use of Docker exec
Docker exec is a very important tool that a lot of people will use, perhaps you use Docker not just for your upgrades, production and test environments, but also for running databases on local machines, server KeyStore, etc., which are able to run directly in the context of the container to run commands that are very convenient.
We did a lot of Cassandra and checked to see if the table contained the correct data. If you just want to execute a quick cql query, Docker exec is awesome:
$ docker PS--format ' table {. id}}\t {{. names}}\t {{. Status} '
CONTAINER ID NAMES status
682f47f97fce cassandra up 2 minutes
4c45aea49180 Consul Up 2 minutes
$ docker exec-ti 682f47f97fce cqlsh--color Connected to
Test Cluster at 127.0.0.1:9042.
[Cqlsh 5.0.1 | Cassandra 2.2.3 | CQL Spec 3.3.1 | Native Protocol V4] Use help with help
.
Cqlsh>
$ dockerps--format ' table {. id}}\t {{. names}}\t {{. Status} '
Containerid NAMES status
682f47f97fce cassandra up 2 minutes
4c45aea49180 Consul Up 2 minutes
$ dockerexec-ti 682f47f97fce cqlsh--color connectedto testclusterat
.
[Cqlsh 5.0.1 | Cassandra 2.2.3 | Cqlspec 3.3.1 | Native Protocolv4] Use
helpfor help.
Cqlsh>
Or simply access any other tool available in the Nodetool or mirror:
$ docker exec-ti 682f47f97fce nodetool status datacenter:datacenter1 ======================= Status=Up/ Down |/state=normal/leaving/joining/moving --Address Load tokens owns Host ID Rack UN 192.168.99.100 443.34 KB 256 ? 8f9f4a9c-5c4d-4453-b64b-7e01676361ff rack1 Note:non-system keyspaces don ' t have the same replication settings, Effective ownership information $ dockerexec-ti 682f47f97fce nodetoolstatus datacenter:datacenter1 = ====================== status=up/down |/state=normal/leaving/joining/moving --Address Load Tokens Owns HostID Rack UN 192.168.99.100 443.34 KB 256 ? 8f9f4a9c-5c4d-4453-b64b-7e01676361ff rack1 Note:non-systemkeyspacesdon ' t havethesamereplicationsettings, Effectiveownershipinformation
This can of course be applied to a mirror bundled with any (Client) tool. I personally think this will be simpler than all client and local updates.
3. Inspection and JQ of Docker
The
is more of a JQ skill than a docker technique. If you haven't heard of JQ, it's a great tool for parsing JSON at the command line. Because we can see what's going on inside the container without having to use the format specifier.
# Get Network information: $ docker Inspect 4c45aea49180 | JQ '. [].networksettings.networks ' {"bridge": {"EndpointId": " ba1b6efba16de99f260e0fa8892fd4685dbe2f79cba37ac0114195e9fad66075 "," Gateway ":" 172.17.0.1 "," IPAddress ":" 172.17.0.2 "," Ipprefixlen ":" Ipv6gateway ":" "," globalipv6address ":" "," Globalipv6prefixlen ": 0," macaddres S ":" 02:42:ac:11:00:02 "}} # Get the arguments with which the container is started $ docker Inspect 4c45aea49180 | JQ '. []. Args ' ["-server", "-advertise", "192.168.99.100", "-bootstrap-expect", "1"] # get all the mounted volumes 11:22 $ d Ocker Inspect 4c45aea49180 | JQ '. []. Mounts ' [{' Name ': ' a8125ffdf6c4be1db4464345ba36b0417a18aaa3a025267596e292249ca4391f ', ' Source ': '/mnt/sda1/var/lib
/docker/volumes/a8125ffdf6c4be1db4464345ba36b0417a18aaa3a025267596e292249ca4391f/_data "," Destination ":"/data ", "Driver": "Local", "Mode": "", "RW": true}] # Get network information: $ dockerinspect 4c45aea49180 | JQ '. [].Networksettings.networks ' {bridge ': {"EndpointId": " ba1b6efba16de99f260e0fa8892fd4685dbe2f79cba37ac0114195e9fad66075 "," Gateway ":" 172.17.0.1 "," IPAddress ":" 172.17.0.2 "," Ipprefixlen ":" Ipv6gateway ":" "," globalipv6address ":" "," Globalipv6prefixlen ": 0," macaddres S ":" 02:42:ac:11:00:02 "}} # Get the arguments with which the container is started $ dockerinspect 4c45aea49180 | JQ '. []. Args ' ["-server", "-advertise", "192.168.99.100", "-bootstrap-expect", "1"] # get all the mounted volumes 11:22 $ d Ockerinspect 4c45aea49180 | JQ '. []. Mounts ' [{' Name ': ' a8125ffdf6c4be1db4464345ba36b0417a18aaa3a025267596e292249ca4391f ', ' Source ': '/mnt/sda1/var/lib
/docker/volumes/a8125ffdf6c4be1db4464345ba36b0417a18aaa3a025267596e292249ca4391f/_data "," Destination ":"/data ",
"Driver": "Local", "Mode": "", "RW": true}]
Of course, it's also good to query the JSON generated by other types of (Docker-esque) APIs (e.g Marathon, Mesos, consul etc.) JQ provides a very wide range of APIs for accessing and processing JSON. More information can be found here: https://stedolan.github.io/jq/
4. Extend existing containers and register locally
There are a number of mirrors in the Docker hub that can be used in a variety of different usage scenarios. We note that although there are many mirrors available, there are many times when we may not make any changes to them. For example, better health check consul, through system variables or other configuration of command-line parameters, to better set up or increase our cluster, this is not easy to do. If we come across this is just creating our own Docker mirror and push it into our local registry. That's what we usually do.
For example, we would like to have JQ in our Consul mirror so that we can easily check if our service is normal.
From Progrium/consul USER root add bin/jq/bin/jq add scripts/health-check.sh/bin/health-check.sh
Fromprogrium/consul userroot addbin/jq/bin/jq addscripts/health-check.sh/bin/health-check.sh
We have health check scripts and JQ we can do health check from our own consul image. We also have a local registry run mirror after the creation, we just mark the generated mirror and push it to our local registry
$ docker build. ... $ docker Tag A3157e9edc18 <local-registry>/consul-local:some-tag $ docker Push <local-registry>/ Consul-local:some-tag
$ dockerbuild. ... $ dockertaga3157e9edc18 <local-registry>/consul-local:some-tag $ dockerpush <local-registry>/ Consul-local:some-tag
Now, it's available to our developers. And can also be used in our different test environments.
5. Access to remote host Docker
Docker's CLI is a very cool tool, and one of the big features is that you can use it to easily access multiple Docker daemons, even if they are on different hosts. All you have to do is set the DOCKER_HOST environment variable to point to Docker Daemon's listening address. If the port is accessible, you can direct the Docker on the remote host, which runs a Docker daemon with you and set it to pass docker-machine almost the same principle.
$ docker-machine ENV Demo export docker_tls_verify= "1" export docker_host= "tcp://192.168.99.100:2376" Export docker_cert_path= "/users/jos/.docker/machine/machines/demo" Export docker_machine_name= "Demo"
$ Docker-machineenvdemo exportdocker_tls_verify= "1" exportdocker_host= "tcp://192.168.99.100:2376" Exportdocker_cert_path= "/users/jos/.docker/machine/machines/demo" exportdocker_machine_name= "Demo"
But you don't have to limit yourself Docker daemons the process through the docker-machine boot. If you have the control of your background program running, as well as the secure network, you can easily control all of it from a single machine.
6. Simple Host Directory Mount
When you are using your container, you sometimes need to get some data inside the container. You can copy it, or by using the SSH command. In most cases, however, it is easiest to add a host directory to the container. You can easily complete the operation by executing the following command:
$ mkdir/users/jos/temp/samplevolume/ $ ls/users/jos/temp/samplevolume/ $ docker run-v/Users/jos/temp/ Samplevolume/:/samplevolume-it--rm busybox $ docker run-v/users/jos/temp/samplevolume/:/samplevolume-it--RM BusyBox /# ls samplevolume/ /# Touch Samplevolume/hello /# ls samplevolume/ Hello /# exit $ ls /users/jos/temp/samplevolume/ Hello
$ mkdir/users/jos/temp/samplevolume/ $ ls/users/jos/temp/samplevolume/ $ dockerrun-v/Users/jos/temp/ Samplevolume/:/samplevolume-it--rmbusybox $ dockerrun-v/users/jos/temp/samplevolume/:/samplevolume-it-- Rmbusybox /# ls samplevolume/ /# Touch Samplevolume/hello /# ls samplevolume/ Hello /# exit< c21/>$ ls/users/jos/temp/samplevolume/ Hello
You can see that the directory we specified is installed in the container, and we have all the files on the host and visible in the container. We can also use inspect to see what is installed.
$ Docker Inspect 76465cee5d49 | JQ '. []. Mounts '
[
{'
Source ': '/users/jos/temp/samplevolume ',
' destination ': '/samplevolume ',
' Mode ' : "",
"RW": True
}
]
$ Dockerinspect 76465cee5d49 | JQ '. []. Mounts '
[
{'
Source ': '/users/jos/temp/samplevolume ',
' destination ': '/samplevolume ',
' Mode ":",
"RW": True
}
]
We can see more features and how to use it at Docker website: https://docs.docker.com/engine/userguide/dockervolumes/
7. Add DNS resolution to your container
As I mentioned before, we can manage the container through consul. Consul is a service software that supports distributed and highly available service discovery and configuration sharing for multiple data centers, providing service discovery and health checks for containers. For service Discovery Consul provides either the rest API or the traditional DNS, his greatness is that when you run a specific mirror, you can specify your container DNS server.
When you have a consul run (or other DNS server) you can add it to your Docker daemon just like this:
Docker run-d--dns $IP _consul--dns-search service.consul <rest of confguration>
dockerrun-d--dns $IP _consul--dns-searchservice.consul <restofconfguration>
Now we can solve the IP address of all containers registered with Consul name, for example in our environment we have a Cassandra cluster. Each Cassandra will register itself with the name "Cassandra" our consul cluster. The coolest thing is that we're just addressing the card Cassandra address based on the hostname (without using the Docker link)
$ docker exec-ti 00c22e9e7c4e bash daemon@00c22e9e7c4e:/opt/docker$ ping Cassandra Ping Cassandra.service.consul (192.168.99.100): Data bytes bytes from 192.168.99.100:icmp_seq=0 ttl=64 time=0.053 m S- bytes from 192.168.99.100:icmp_seq=1 ttl=64 time=0.077 ms ^c---cassandra.service.consul ping statistics- - 2 packets transmitted, 2 packets received, 0% packet loss round-trip Min/avg/max/stddev = 0.053/0.065/0.077/0.0 Ms daemon@00c22e9e7c4e:/opt/docker$
$ dockerexec-ti 00c22e9e7c4e bash daemon@00c22e9e7c4e:/opt/docker$ Pingcassandra PINGcassandra.service.consul (192.168.99.100): databytes bytesfrom 192.168.99.100:icmp_seq=0 ttl=64 time= 0.053 Ms Bytesfrom 192.168.99.100:icmp_seq=1 ttl=64 time=0.077 ms ^c--- Cassandra.service.consulpingstatistics--- 2 packetstransmitted, 2 packetsreceived, 0% packetloss Round-tripmin/avg/max/stddev = 0.053/0.065/0.077/0.000 ms daemon@00c22e9e7c4e:/opt/docker$
8. Docker-ui is a great way to view and gain insight into your container
It is not difficult to see what happens with the Docker container using the Docker CLI. Many times, although you don't need the full functionality of the Docker CLI, just want to quickly browse through the container run and see what happens. Docker UI (Https://github.com/crosbymichael/dockerui) is such a great project, and he is open source.
With this tool, you can see the most important thing for a particular Docker Deamon container and mirror.
9. Container can't start? Overwrite The Entry point you just need to start from bash.
Sometimes a container just doesn't do what you want it to do, you've recreated the Docker mirror, you run it several times at startup, but somehow the application doesn't respond, and the log shows no useful information. The easiest way to debug is to overwrite the entry point to see what's happening inside the container and see if the file permissions are correct. Whether the copy entered the mirrored file is correct, or any other error that may occur. Fortunately, Docker has a simple solution for doing so. You can start your container from one of the selected entry points:
$ docker Run-ti--entrypoint=bash Cassandra root@896757f0bfd4:/# ls bin Dev etc Lib Mediaopt root sbin sys usr boot docker-entrypoint.sh home lib64 mntproc run SRV tmp var root@896757f0bfd4 :/#
$ dockerrun-ti--entrypoint=bashcassandra root@896757f0bfd4:/# ls bin dev etc libmediaopt Root sbin sys usr boot docker-entrypoint.sh home lib64 mntproc run SRV tmp var root@896757f0bfd4:/#
10. An event that listens for a container:
When you write your own script, or just want to know what's going on, you can run your mirror Docker the event command, and it's easy to write a script for this.
This is the case where we didn't use the Docker Compose and swarm yet and Docker 1.9 network layer features, Docker a cool tool with a great set of tools. In the future I hope Docker is getting better, and I will show you some Docker cooler things.
Thank you for reading, I hope to help you, thank you for your support for this site!
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
