docker ssh + git
1. docker 설치하기
# docker 설치
$ sudo apt-key adv --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys 58118E89F3A912897C070ADBF76221572C52609D
$ sudo vi /etc/apt/sources.list.d/docker.list
# Debian Jessie
#deb https://apt.dockerproject.org/repo debian-jessie main
# Debian Stretch/Sid
#deb https://apt.dockerproject.org/repo debian-stretch main
# Ubuntu Precise
#deb https://apt.dockerproject.org/repo ubuntu-precise main
# Ubuntu Trusty (14.04 LTS)
deb https://apt.dockerproject.org/repo ubuntu-trusty main
# Ubuntu Utopic (14.10)
#deb https://apt.dockerproject.org/repo ubuntu-utopic main
# Ubuntu Vivid (15.04)
#deb https://apt.dockerproject.org/repo ubuntu-vivid main
# Ubuntu Wily (15.10)
#deb https://apt.dockerproject.org/repo ubuntu-wily main
$ sudo apt-get update
$ sudo apt-get purge lxc-docker*
$ sudo apt-get purge docker.io
$ sudo apt-get autoremove
$ sudo apt-get install docker-engine
$ sudo apt-get install bridge-utils
$ sudo usermod -a -G docker stack # stack user에 docker 그룹을 추가
$ sudo service docker restart
# Mac 에서 Docker 설치하기
$ ruby -e \
"$(curl -fsSL \ https://raw.githubusercontent.com/Homebrew/install/master/install)"
$ brew update
$ brew install caskroom/cask/brew-cask
$ brew cask install virtualbox
$ brew install docker
$ brew install boot2docker
$ boot2docker init
$ boot2docker up
To connect the Docker client to the Docker daemon, please set:
export DOCKER_HOST=tcp://192.168.59.103:2376
export DOCKER_CERT_PATH=/Users/ahnsk/.boot2docker/certs/boot2docker-vm
export DOCKER_TLS_VERIFY=1
$ $(boot2docker shellinit) # 환경변수 세팅
$ docker info
$ boot2docker ssh # vm 접속
$ boot2docker ip # vm ip
$ docker run --rm -ti ubuntu:latest /bin/bash # ubuntu 이미지 테스트
$ docker run --rm -ti fedora:latest /bin/bash # fedora 이미지 테스트
$ docker run --rm -ti centos:latest /bin/bash # centos 이미지 테스트
# Upgrade the Boot2docker VM image
$ boot2docker stop
$ boot2docker download
$ boot2docker up
$ boot2docker delete
# Docker Hub 로그인
$ docker login
Username: seungkyua
Password:
Email: seungkyua@gmail.com
$ cat ~/.docker/config.json
$ docker logout
# Docker Registry 를 insecure 로 변경
# boot2docker
$ sudo touch /var/lib/boot2docker/profile
$ sudo vi /var/lib/boot2docker/profile
EXTRA_ARGS="--insecure-registry 192.168.59.103:5000"
$ sudo /etc/init.d/docker restart
# Ubuntu
$ sudo vi /etc/default/docker
DOCKER_OPTS="--insecure-registry 192.168.59.103:5000"
$ sudo service docker restart
# Fedora
$ sudo vi /etc/sysconfig/docker
OPTIONS="--insecure-registry 192.168.59.103:5000"
$ sudo systemctl daemon-reload
$ sudo systemctl restart docker
# CoreOS
$ sudo cp /usr/lib/systemd/system/docker.service /etc/systemd/system/
$ sudo vi /etc/systemd/system/docker.service
ExecStart=/usr/lib/coreos/dockerd --daemon --host=fd:// \
$DOCKER_OPTS $DOCKER_OPT_BIP $DOCKER_OPT_MTU $DOCKER_OPT_IPMASQ \
--insecure-registry 192.168.59.103:5000
$ sudo systemctl daemon-reload
$ sudo systemctl restart docker
# Local Registry 띄우기
$ sudo mkdir -p /var/lib/registry
$ docker run -d -p 5000:5000 \
-v /var/lib/registry:/var/lib/registry \
--restart=always --name registry registry:2
# 테스트
$ docker pull ubuntu
$ docker tag ubuntu 192.168.59.103:5000/ubuntu
$ docker push 192.168.59.103:5000/ubuntu
$ docker pull 192.168.59.103:5000/ubuntu
$ docker stop registry
$ docker rm -v registry
2. docker file 만들기
# mkdir docker
# cd docker
# mkdir git-ssh
# cd git-ssh
# vi Dockerfile
FROM ubuntu:14.04
RUN apt-get -y update
RUN apt-get -y install openssh-server
RUN apt-get -y install git
# Setting openssh
RUN mkdir /var/run/sshd
RUN sed -i "s/#PasswordAuthentication yes/PasswordAuthentication no/" /etc/ssh/sshd_config
# Adding git user
RUN adduser --system git
RUN mkdir -p /home/git/.ssh
# Clearing and setting authorized ssh keys
RUN echo '' > /home/git/.ssh/authorized_keys
RUN echo 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDTFEBrNfpSIvgz7mZ+I96/UqKFCxcouoiDDS9/XPNB1Tn7LykgvHHaR5mrPOQIJ/xTFhSVWpwsmEvTLdv3QJYLB5P+UfrjY5fUmiYgGpKKr5ym2Yua2wykHgQYdT4+lLhyq3BKbnG9vgc/FQlaCWntLckJfAYnHIGYWl1yooMAOka0/pOeJ+hPF0TxLQtrjoVJWiaHLVnB8qgPiCgvSyKROvW6cs1AhY9abasUWrQ5eNsLLMY1rDWccantMjVlcUdDZuPzI4g+/MtfE3IAs7JxtmwMvCMFRMuzWTtZkZSVyqpEGDeLnPGgMNTYUwaxQhlJLtcYnNTqdyZr8ZCcz3zP stephen@Stephenui-MacBook-Pro.local' >> /home/git/.ssh/authorized_keys
# Updating shell to bash
RUN sed -i s#/home/git:/bin/false#/home/git:/bin/bash# /etc/passwd
EXPOSE 22
CMD ["/usr/sbin/sshd", "-D"]
# docker build -t git-ssh-img .
# docker run --name git-ssh -d -p 1234:22 git-ssh-img
3. docker container bash로 접속
# docker run -i -t --rm --net='host' ubuntu:14.04 bash
3. docker container 접속
# docker exec -it <containerIdOrName> bash
4. docker 모든 컨테이너 보기
# docker ps -a
5. 모든 컨테이너 삭제
# docker ps -a | awk '{print $1}' | grep -v CONTAINER | xargs sudo docker rm
6. docker 모든 <none> 이미지 삭제
# docker images | grep "<none>" | awk '{print $3}' | xargs sudo docker rmi
7. 이미지 조회 및 실행
$ sudo docker search ubuntu
$ sudo docker run --name myssh -d -p 4444:22 rastasheep/ubuntu-sshd
8. stack 사용자 docker 그룹 권한 추가
$ sudo usermod -aG docker stack
$ sudo service docker restart
$ 재로그인
9. docker 이미지 가져오기
$ docker pull ubuntu:lates
10. docker bash쉘로 실행 및 빠져나오기기
$ docker run -i -t --name hello ubuntu /bin/bash
root@bb97e5f57596:/#
Ctrl + p, Ctrl + q => 멈추지 않고 빠져나오기
$ docker attach hello => 다시 접속하기 (enter를 한번 쳐야 함)
11. nginx 설치하기
# mkdir data
# vi Dockerfile
FROM ubuntu:14.04.3
RUN apt-get update
RUN apt-get install -y nginx
RUN echo "\ndaemon off;" >> /etc/nginx/nginx.conf
RUN chown -R www-data:www-data /var/lib/nginx
VOLUME ["/data", "/etc/nginx/site-enabled", "/var/log/nginx"]
WORKDIR /etc/nginx
CMD ["nginx"]
EXPOSE 80
EXPOSE 443
# docker build -t nginx:0.1 .
# docker run --name hello-nginx -d -p 2080:80 -v /root/data:/data nginx:0.1
11. 파일 꺼내서 보기
# docker cp hello-nginx:/etc/nginx/nginx.conf ./
12. 컨테이러를 이미지로 생성
# docker commit -a "aaa <aaa@aaa.com>" -m "Initial commit" hello-nginx nginx:0.2
13. 이미지와 컨테이너 변경사항 보기
# docker diff 컨테이너ID
# docker history 이미지ID
14. 컨테이너 내부 보기
# docker inspect hello-nginx
15. docker 컨테이너의 pid 알아내기
$ docker inspect -f '{{.State.Pid}}' containerID
16. Docker 끼리 point to point 통신하기 (도커마다 네임스페이스를 만들어서 VETH 로 연결)
https://docs.docker.com/v1.7/articles/networking/#building-your-own-bridge
$ docker run -i -t --rm --net=none base /bin/bash
root@1f1f4c1f931a:/#
$ docker run -i -t --rm --net=none base /bin/bash
root@12e343489d2f:/#
# Learn the container process IDs
# and create their namespace entries
$ docker inspect -f '{{.State.Pid}}' 1f1f4c1f931a
2989
$ docker inspect -f '{{.State.Pid}}' 12e343489d2f
3004
$ sudo mkdir -p /var/run/netns
$ sudo ln -s /proc/2989/ns/net /var/run/netns/2989
$ sudo ln -s /proc/3004/ns/net /var/run/netns/3004
# Create the "peer" interfaces and hand them out
$ sudo ip link add A type veth peer name B
$ sudo ip link set A netns 2989
$ sudo ip netns exec 2989 ip addr add 10.1.1.1/32 dev A
$ sudo ip netns exec 2989 ip link set A up
$ sudo ip netns exec 2989 ip route add 10.1.1.2/32 dev A
$ sudo ip link set B netns 3004
$ sudo ip netns exec 3004 ip addr add 10.1.1.2/32 dev B
$ sudo ip netns exec 3004 ip link set B up
$ sudo ip netns exec 3004 ip route add 10.1.1.1/32 dev B
# ssh 다른 샘플
FROM ubuntu:14.04
RUN echo "deb http://archive.ubuntu.com/ubuntu/ trusty main universe" > /etc/apt/sources.list
RUN apt-get update
RUN apt-get install -y openssh-server
RUN mkdir /var/run/sshd
RUN echo 'root:screencast' | chpasswd
EXPOSE 22
CMD /usr/sbin/sshd -D
# NodeJS 샘플
$ git clone https://github.com/spkane/docker-node-hello.git
$ cd docker-node-hello
$ brew install tree
$ tree -a -I .git # Directory 를 tree 구조로 봄
$ docker build --no-cache -t example/docker-node-hello:latest .
$ docker run -d -p 8081:8080 example/docker-node-hello:latest # host 8081, docker 8080
$ echo $DOCKER_HOST
$ docker stop DOCKER_ID
# -e 옵션으로 env 넘기기
$ docker run -d -p 8081:8080 -e WHO="Seungkyu Ahn" example/docker-node-hello:latest
$ docker inspect DOCKER_ID