Работа с контейнерами Docker. Часть 2. Базовые операции с контейнерами
Андрей Маркелов
$ docker ps
$ docker run --name test alpine bash
$ docker ps -a
$ docker run --name test alpine busybox
$ docker ps -a
$ docker run -it --name ubuntu ubuntu /bin/bash
$ docker ps
$ docker pause ubuntu
$ docker ps
# mount | grep freezer
# ls /sys/fs/cgroup/freezer/system.slice/
# cat /sys/fs/cgroup/freezer/system.slice/docker-9b0117ecb82d6b792c42479d868f9c2b33409f7887cc4b419a02dde676637955.scope/freezer.state
$ docker pause ubuntu
$ docker ps
# cat /sys/fs/cgroup/freezer/system.slice/docker-9b0117ecb82d6b792c42479d868f9c2b33409f7887cc4b419a02dde676637955.scope/freezer.state
$ ps aux | grep Ds
$ docker ps -aq
$ docker images -q
$ docker rm $(docker ps -aq)
$ docker rmi $(docker images -q)
$ docker run -d -p 8888:80 --name my-httpd httpd
$ docker ps
# iptables -L DOCKER -t nat
$ curl http://10.0.2.7:8888
$ docker exec -it my-httpd bash
root@92722dc668b8:/usr/local/apache2# echo "My Apache server" > /usr/local/apache2/htdocs/index.html
root@92722dc668b8:/usr/local/apache2# exit
$ curl http://10.0.2.7:8888
$ docker run -d -P --name my-httpd httpd
$ docker port my-httpd
$ docker inspect my-httpd2 | nl
$ docker inspect -f '{{ .NetworkSettings.IPAddress}}' my-httpd2
$ docker run -dit --name my-apache-app -v "$PWD":/usr/local/apache2/htdocs/ httpd:2.4
$ mkdir mywww
$ echo "My Apache server - 2" > mywww/index.html
$ docker run -d -p 8889:80 -v /home/andrey/mywww: /usr/local/apache2/htdocs/ --name my-httpd2 httpd
$ curl http://10.0.2.7:8889
# chcon -R -t svirt_sandbox_file_t ~andrey/mywww/
$ docker stop my-httpd2
$ docker rm my-httpd2
$ docker run -itd -p 8889:80 -v /home/andrey/mywww: /usr/local/apache2/htdocs/ --name my-httpd2 httpd
$ curl http://10.0.2.7:8889
$ docker run -v /home/andrey/mywww:/usr/local/apache2/htdocs/ --name my-data httpd echo "Data container"
$ docker ps -a
$ docker run --volumes-from my-data --name test httpd cat /usr/local/apache2/htdocs/index.html
$ docker rm test
$ docker run -d -p 8889:80 --volumes-from my-data --name my-httpd3 httpd
$ curl http://10.0.2.7:8889
$ docker inspect -f '{{ .HostConfig.VolumesFrom}}' my-httpd3
$ mkdir wwwbackup
$ chcon -R -t svirt_sandbox_file_t ~andrey/wwwbackup
$ docker run --rm --volumes-from my-httpd3 -v /home/andrey/wwwbackup:/backup httpd cp /usr/local/apache2/htdocs/index.html /backup
$ ls wwwbackup/
-----------------------------------------------------------------------------------------
Оптимизация с помощью виртуализации. Организуем несколько рабочих мест из одного десктопа
Андрей Семенов
$ egrep -c "svm|vmx" /proc/cpuinfo
$ dmesg | grep IOMMU
$ sudo apt install bridge-utils
auto enp0s25
iface enp0s25 inet manual
auto xenbr0
iface xenbr0 inet static
address 192.168.1.200
network 192.168.1.0
netmask 255.255.255.0
gateway 192.168.1.1
dns-nameservers 192.168.1.1
bridge-ports enp0s25
$ sudo systemctl restart networking
$ brctl show
$ ifconfig xenbr0
$ sudo apt install git build-essential kernel-package fakeroot libncurses5-dev libssl-dev ccache
$ yes "" | make oldconfig
$ less .config | grep XEN
CONFIG_XEN_PCIDEV_FRONTEND=y
CONFIG_XEN_BLKDEV_BACKEND=y
CONFIG_XEN_NETDEV_BACKEND=y
CONFIG_INPUT_Xen_KBDDEV_FRONTEND=y
CONFIG_XEN_WDT=y
CONFIG_XEN_DEV_EVTCHN=y
CONFIG_XEN_FBDEV_FRONTEND=y
CONFIG_XENFS=y
CONFIG_XEN_GNTDEV=y
CONFIG_XEN_GRANT_DEV_ALLOC=y
CONFIG_XEN_TMEM=y
CONFIG_XEN_PCIDEV_BACKEND=y
CONFIG_XEN_PRIVCMD=y
$ make deb-pkg
$ sudo dpkg -i ./linux-*4.9.10*_amd64.deb
$ sudo apt install linux-firmware
$ sudo update-initramfs -k all -u
$ sudo update-grub
$ uname -r
$ sudo apt install build-dep xen libnl-route-3-dev libsystemd-dev
$ wget http://downloads.Xenproject.org/release/xen/4.8.0/xen-4.8.0.tar.gz
$ tar xf xen-4.8.0.tar.gz
$ cd xen-4.8.0
$ ./configure --enable-systemd --prefix=/usr --enable-rpath
$ make debball
$ sudo dpkg -i ./xen-upstream-4.8.0.deb
$ sudo/sbin/ldconfig
GRUB_DEFAULT=2
GRUB_CMDLINE_XEN_DEFAULT="dom0_mem=1536M,max:1536M"
GRUB_CMDLINE_LINUX_DEFAULT="хen-pciback.passthrough=1 intel_iommu=on хen-pciback.hide=(01:00.0)(01:00.1)(03:00.0)(00:1a.0)(00:1d.0)"
lspci | grep -e ATI -e USB
$ sudo systemctl enable Xencommons
$ sudo systemctl enable Xendomains
$ sudo update-grub
$ sudo systemctl status Xencommons
$ sudo systemctl status Xendomains
xl dmesg | grep «I/O virtualisation»
$ sudo dd if=/dev/zero of=/path/to/win7-libvirt.raw bs=1M seek=65000 count=0
$ qemu-img create -f qcow2 /path/to/win7.qcow2
xl create /path/to/xlwin7.hvm -V
xl vncviewer xlwin7
pci = ['03:00.0','01:00.1','01:00.0']
usbdevice = ['host:46d:c30']
xl create /path/to/xlwin7.hvm -V
-----------------------------------------------------------------------------------------
Разбираемся с Concourse CI
Сергей Яремчук
concourse-db:
image: postgres:9.5
environment:
POSTGRES_DB: concourse
POSTGRES_USER: concourse
POSTGRES_PASSWORD: password
PGDATA: /database
concourse-web:
image: concourse/concourse
links: [concourse-db]
command: web
ports: ["8080:8080"]
volumes: ["./keys/web:/concourse-keys"]
environment:
CONCOURSE_BASIC_AUTH_USERNAME: concourse
CONCOURSE_BASIC_AUTH_PASSWORD: password
CONCOURSE_EXTERNAL_URL: "${CONCOURSE_EXTERNAL_URL}"
CONCOURSE_POSTGRES_DATA_SOURCE: |-
postgres://concourse:changeme@concourse-db:5432/concourse?sslmode=disable
concourse-worker:
image: concourse/concourse
privileged: true
links: [concourse-web]
command: worker
volumes: ["./keys/worker:/concourse-keys"]
environment:
CONCOURSE_TSA_HOST: concourse-web
$ mkdir -p keys/web keys/worker
$ ssh-keygen -t rsa -f ./keys/web/tsa_host_key -N ''
$ ssh-keygen -t rsa -f ./keys/web/session_signing_key -N ''
$ ssh-keygen -t rsa -f ./keys/worker/worker_key -N ''
$ cp ./keys/worker/worker_key.pub ./keys/web/authorized_worker_keys
$ cp ./keys/web/tsa_host_key.pub ./keys/worker
$ export CONCOURSE_EXTERNAL_URL=http://192.168.2.100:8080
$ docker-compose up
$ chmod +x fly
$ sudo cp -v fly /usr/bin
$ fly -t lite login
$ nano hello.yml
jobs:
- name: hello-world
plan:
– task: hello
config:
platform: linux
image_resource:
type: docker-image
source: {repository: ubuntu}
run:
path: echo
args: ["Hello, world!"]
$ fly -t lite set-pipeline -p hello-world -c hello.yml
$ fly -t lite unpause-pipeline -p hello-world
$ fly -t lite containers
resources:
- name: every-1m
type: time
source: {interval: 1m}
plan:
– get: every-1m
trigger: true
$ fly -t lite set-pipeline -p hello-world -c hello.yml
$ fly -t lite get-pipeline -p hello-world
$ nano docker.yml
jobs:
- name: build_job
plan:
– get: test_dockerfile
trigger: true
resources:
- name: test_dockerfile
type: git
source:
uri: https://github.com/githubrepo/docker.git
branch: master
paths: [Dockerfile]
$ fly -t lite set-pipeline -p docker -c docker.yml
$ fly -t lite unpause-pipeline -p docker
plan:
...
– put: build_image
params: {build: test_dockerfile}
- name: build_image
type: docker-image
source:
repository: repo/build-image
email: {{docker_mail}}
username: {{docker_user}}
password: {{docker_pass}}
-----------------------------------------------------------------------------------------
WebView на службе быстрой разработки. Интегрируем функционал веб-сайта в мобильное приложение
Андрей Пахомов