You are here: start » tools » docker

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
tools:docker [2022/06/29 12:51] – [Miscellaneous] darrontools:docker [2025/02/09 20:09] (current) – external edit 127.0.0.1
Line 1: Line 1:
 ====Docker==== ====Docker====
  
-Docker is similar to [[:tools:lxc|LXC]], however it is geared to running a single +Docker is similar to [[:tools:lxc|LXC]], however it is geared to running a single application within its jailed system rather than being a lightweight VM. It's like having a chroot management system enhanced with networking.
-application within its jailed system rather than being a lightweight +
-VM. It's like having a chroot management system enhanced with networking.+
  
-Docker has a lot of pre-built applications, and due to this the docker ecosystem +This page details the latest version of docker for Debian bookworm. For older use cases see on docker for Debian [[tools:docker-bullseye|bullseye]].
-is a security nightmare and cannot really be recommended unless you  +
-skip this and create your own builds from base O/S images such as Alpine Linux.+
  
-On this page are demos of using Docker on Linux. One container +===Uninstall===
-is an install of Laravel and another is Alpine Linux. The installation +
-of Laravel should demonstrate the security issues when using pre-built docker +
-images.+
  
-Alpine Linux is further configured for PHP8, composer and Symfony. This +Debian's version of docker is too old so ensure it'not installed.
-is not for production, just for development and not fully configured here, yet. +
- +
-Later a build is investigated containing WordPress using Alpine Linux +
-and accessed via a proxy with nginx. +
- +
-===Environment=== +
- +
-VirtualBox virtual machine manager or Xen virtual machine. +
- +
-===Operating System=== +
- +
-Devuan Chimaera on VirtualBox or Debian Bullseye on Xen. +
- +
-===Docker=== +
- +
-==Install==+
  
 <code> <code>
-apt-get install apparmor +apt-get remove --purge docker.io docker-compose docker-doc podman-docker containerd runc
-apt-get install docker.io +
-apt-get install docker-compose+
 </code> </code>
  
-==User== +Clean up and reboot if an old version was removed.
- +
-Add your login user to the docker group with vigr and vigr -s and relog. +
- +
-==Run==+
  
 <code> <code>
-/etc/init.d/docker start+apt-get autoremove 
 +reboot
 </code> </code>
  
-===Laravel===+===Install===
  
-<code> +[[https://docs.docker.com/engine/install/debian/#install-using-the-repository|Install using the apt repository]]
-wget "https://laravel.build/example-app" -O example-app.sh +
-sh ./example-app.sh +
-cd example-app +
-./vendor/bin/sail up +
-</code> +
- +
-===Alpine Linux=== +
- +
-Alpine Linux is a lightweight Linux ideal for running inside a container. +
- +
-==Install== +
- +
-Fetch the image and create the container.+
  
 <code> <code>
-docker pull alpine:latest +sudo apt-get update 
-docker create ----name alpine_linux alpine:latest +sudo apt-get install ca-certificates curl 
-</code>+sudo install -m 0755 -d /etc/apt/keyrings 
 +sudo curl -fsSL https://download.docker.com/linux/debian/gpg -o /etc/apt/keyrings/docker.asc 
 +sudo chmod a+r /etc/apt/keyrings/docker.asc
  
-==Start==+echo \ 
 +  "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/debian \ 
 +  $(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \ 
 +  sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
  
-Start Alpine Linux. +sudo apt-get update 
- +sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
-<code> +
-docker start alpine_linux+
 </code> </code>
  
-==Shell==+===Setup===
  
-Connect to a shell within Alpine Linux.+[[https://docs.docker.com/engine/install/linux-postinstall/|Linux post-installation steps for Docker Engine]]
  
 <code> <code>
-docker exec -it alpine_linux /bin/sh+sudo groupadd docker 
 +sudo usermod -aG docker $USER
 </code> </code>
  
-==Stop== +===Reboot===
- +
-Stop Alpine Linux+
  
 <code> <code>
-docker stop alpine_linux+reboot
 </code> </code>
  
-==Delete== +===Test===
- +
-How do delete Alpine Linux if necessary.+
  
 <code> <code>
-docker rm alpine_linux+docker --version 
 +Docker version 27.5.1, build 9f9e405
 </code> </code>
- 
-===PHP8=== 
- 
-==Install== 
  
 <code> <code>
-docker exec -it alpine_linux /bin/sh +docker compose version 
-apk update +Docker Compose version v2.32.4
-apk upgrade +
-apk add php8 php8-fpm php8-opcache php8-cli php8-ctype php8-iconv php8-session php8-simplexml php8-tokenizer php8-openssl php8-phar +
-ln -sf /usr/bin/php8 /usr/local/bin/php +
-exit+
 </code> </code>
- 
-===Composer=== 
- 
-==Git== 
  
 <code> <code>
-docker exec -it alpine_linux apk add git+ip addr show docker0 
 +4: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default 
 +    link/ether 02:42:ae:18:42:ab brd ff:ff:ff:ff:ff:ff 
 +    inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0 
 +       valid_lft forever preferred_lft forever
 </code> </code>
- 
-==Install== 
- 
-Visit the composer downloads page to find the composer installer script. 
- 
-[[https://getcomposer.org/download/?lang=php|Composer Downloads]] 
- 
-Save the script as composer-installer.sh 
  
 <code> <code>
-php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');" +docker run hello-world
-php -r "if (hash_file('sha384', 'composer-setup.php') === '55ce33d7678c5a611085589f1f3ddf8b3c52d662cd01d4ba75c0ee0459970c2200a51f492d557530c71c15d8dba01eae') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;" +
-php composer-setup.php +
-php -r "unlink('composer-setup.php');" +
-</code>+
  
-Run the saved script.+Hello from Docker! 
 +This message shows that your installation appears to be working correctly.
  
-<code> +To generate this message, Docker took the following steps: 
-sh composer-installer.sh + 1. The Docker client contacted the Docker daemon. 
-Installer verified + 2. The Docker daemon pulled the "hello-world" image from the Docker Hub
-All settings correct for using Composer +    (amd64) 
-Downloading...+ 3. The Docker daemon created a new container from that image which runs the 
 +    executable that produces the output you are currently reading. 
 + 4The Docker daemon streamed that output to the Docker client, which sent it 
 +    to your terminal.
  
-Composer (version 2.3.5) successfully installed to/root/composer.phar +To try something more ambitious, you can run an Ubuntu container with
-Use it: php composer.phar + $ docker run -it ubuntu bash
-</code>+
  
-Move the blob into your path.+Share images, automate workflows, and more with a free Docker ID: 
 + https://hub.docker.com/
  
-<code> +For more examples and ideas, visit: 
-mv composer.phar /usr/local/bin/+ https://docs.docker.com/get-started/
 </code> </code>
  
-===Symfony=== 
- 
-==Install== 
- 
-Fetch the symfony blob. 
- 
-<code> 
-wget "https://github.com/symfony-cli/symfony-cli/releases/download/v5.4.8/symfony-cli_linux_amd64.tar.gz" 
-tar zxvf symfony-cli_linux_amd64.tar.gz 
-</code> 
- 
-Move the blob into your path. 
- 
-<code> 
-mv symfony /usr/local/bin/ 
-</code> 
- 
-==Application== 
- 
-Create a symfony application. 
- 
-<code> 
-symfony new --webapp my_project 
-</code> 
- 
-===Fixed IP address=== 
- 
-==Bridge== 
- 
-Create a network bridge using docker. 
- 
-<code> 
-docker network create --subnet=10.44.0.0/24 vlan 
-</code> 
- 
-==Run== 
- 
-Create and run the container. The option d starts the container in the background and t assigns a pseudo tty. 
- 
-<code> 
-docker pull alpine:latest 
-docker run -d -t --net vlan --ip 10.44.0.10 --name alpine_linux alpine 
-</code> 
- 
-==Command== 
- 
-Run a command in the container 
- 
-<code> 
-docker exec -it alpine_linux /sbin/ifconfig eth0 
-eth0      Link encap:Ethernet  HWaddr XX:XX:XX:XX:XX:XX 
-          inet addr:10.44.0.10  Bcast:10.44.0.255  Mask:255.255.255.0 
-          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1 
-          RX packets:10 errors:0 dropped:0 overruns:0 frame:0 
-          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 
-          collisions:0 txqueuelen:0 
-          RX bytes:876 (876.0 B)  TX bytes:0 (0.0 B) 
-</code> 
- 
-==Stop== 
- 
-Stop container 
- 
-<code> 
-docker stop alpine_linux 
-</code> 
- 
-==Restart== 
- 
-Restart container 
- 
-<code> 
-docker start alpine_linux 
-</code> 
- 
-===WordPress=== 
- 
-==Proxy== 
- 
-Install nginx in the main host. 
- 
-<code> 
-apt install nginx-full php php-cli php-fpm 
-</code> 
- 
-Use proxy_pass to direct a https URL to the container. 
- 
-Eg. 
-<code> 
-location / { 
- proxy_pass http://x.x.x.x:80; 
- proxy_set_header Host $host; 
- proxy_set_header X-Real-IP $remote_addr; 
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 
- proxy_set_header X-Forwarded-Proto https; 
- proxy_set_header X-Forwarded-Port 443; 
- proxy_buffering off; 
-} 
-</code> 
- 
-==Apache2== 
- 
-Install apache2 in the container. 
- 
-__Install__ 
-<code> 
-docker exec -it alpine_linux sh 
-apk update 
-apk upgrade 
-apk add php8 php8-apache2 php8-mysqli php8-mysqlnd php8-opcache php8-cli php8-ctype php8-iconv php8-session php8-simplexml php8-tokenizer php8-openssl php8-phar php8-curl php8-dom php8-exif php8-fileinfo php8-pecl-imagick php8-mbstring php8-zip php8-gb php-intl 
-ln -sf /usr/bin/php8 /usr/local/bin/php 
-exit 
-</code> 
- 
-__Config__ 
- 
-At the least edit the Listen and ServerName directives in /etc/apache2/httpd.conf 
- 
-<code> 
-Listen *:80 
-ServerName WordPress 
-ServerAdmin root 
-ServerTokens Prod 
-ServerSignature Off 
-</code> 
- 
-__Logging__ 
- 
-Use mod remoteip resolve client ip address. 
- 
-__Newer apache2__ 
-<code> 
-RemoteIPProxyProtocol On 
-RemoteIPProxyProtocolExceptions 127.0.0.1 X.X.X.X/24 
-RemoteIPHeader X-Forwarded-For 
-RemoteIPTrustedProxy X.X.X.X 
-</code> 
- 
-__Older apache2__ 
-<code> 
-RemoteIPHeader X-Real-IP 
-RemoteIPTrustedProxy X.X.X.X 
-LogFormat "%a %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined 
-</code> 
- 
-__Run__ 
- 
-Start apache2 in the container. 
- 
-<code> 
-docker exec -it alpine_linux /usr/sbin/httpd -DFOREGROUND 
-</code> 
- 
-To keep this process up, start it from RUNIT or similar in the main docker host. 
- 
-__run__ 
-<code> 
-/usr/bin/docker start alpine_linux 
-exec /usr/bin/docker exec -e TZ=UTC -e PHP_INI_SCAN_DIR=/etc/php8/conf.d -t alpine_linux /usr/sbin/httpd -DFOREGROUND 
-</code> 
- 
-__finish__ 
-<code> 
-/usr/bin/docker stop alpine_linux 
-</code> 
- 
-==WordPress== 
- 
-Install WordPress in the container. 
- 
-<code> 
-docker exec -it alpine_linux sh 
-cd /var/www/localhost 
-wget "https://wordpress.org/latest.zip" -d htdocs 
-unzip latest.zip 
-chown -R apache:apache htdocs/wordpress 
-exit 
-</code> 
- 
-The URL will become https://example.com/wordpress/ and the setup URL will be 
-https://example.com/wordpress/wp-admin/setup-config.php 
- 
-If a MySQL server is not available then MySQL must be started in another 
-container in the same network. 
- 
-Add custom config values to support proxy. 
-<code> 
-define('FORCE_SSL_ADMIN', true); 
-// in some setups HTTP_X_FORWARDED_PROTO might contain 
-// a comma-separated list e.g. http,https 
-// so check for https existence 
-if (strpos($_SERVER['HTTP_X_FORWARDED_PROTO'], 'https') !== false) 
-$_SERVER['HTTPS']='on'; 
- 
-define('FS_METHOD','direct'); 
-</code> 
- 
- 
-===Miscellaneous=== 
- 
-==Copy file== 
- 
-<code> 
-docker cp .vimrc alpine_linux:/root/.vimrc 
-</code> 
- 
-==Apache log rotation== 
- 
-<code> 
-#! /bin/sh 
- 
-# Apache log rotation. 
-# 
-# Dmb May 1999 - Jun 2022. 
- 
-# Alpine Linux: 
-# 
-# apk add apache2-utils webalizer 
-# 
-# 0 1 * * *  /usr/bin/docker exec alpine_linux /root/rotatelog 1>/dev/null 2>/dev/null 
- 
-umask 022 
- 
-LOGDIR="/var/log/apache2" 
-WEBLOG="access.log" 
-LOGFILES="$WEBLOG error.log" 
-STATDIR="stats" 
- 
-cd $LOGDIR 
- 
-for f in $LOGFILES 
-do 
-        if test -f $f; then 
- 
-                test -f $f.6.gz && mv $f.6.gz $f.7.gz 
-                test -f $f.5.gz && mv $f.5.gz $f.6.gz 
-                test -f $f.4.gz && mv $f.4.gz $f.5.gz 
-                test -f $f.3.gz && mv $f.3.gz $f.4.gz 
-                test -f $f.2.gz && mv $f.2.gz $f.3.gz 
-                test -f $f.1.gz && mv $f.1.gz $f.2.gz 
-                test -f $f.0 && mv $f.0 $f.1 && gzip $f.1 
- 
-                cp -p $f $f.0 
- 
-                cat /dev/null >$f 
-        fi 
-done 
- 
-if test -f $WEBLOG.0; then 
- 
-        TMPLOG=`mktemp /tmp/logresolve.XXXXXXXXXX` 
- 
-        logresolve < $WEBLOG.0 > $TMPLOG 
- 
-        mkdir -p $STATDIR 
- 
-        webalizer -Q -p -n"localhost" -o$STATDIR $TMPLOG 
- 
-        rm -f $TMPLOG 
-fi 
- 
-exit 0 
-</code> 
- 
-==Clone== 
- 
-__First stop the container to commit any changes__ 
- 
-The commit creates a tagged version of the container which 
-has any changes made since installation. 
- 
-<code> 
-docker stop alpine_lunux 
-docker commit alpine_linux wordpress:v1 
-</code> 
- 
-__Container can be restarted now__ 
- 
-<code> 
-docker start alpine_linux 
-</code> 
- 
-__Save the docker container as an image__ 
- 
-This saves the container at the specified commit tag for import 
-elsewhere. 
- 
-<code> 
-docker save -o wordpress_v1.tar wordpress:v1 
-</code> 
- 
-Container image can now be used elsewhere. 
 ===Resources=== ===Resources===
  
 [[https://docs.docker.com/get-started/|Docker HOWTO]] [[https://docs.docker.com/get-started/|Docker HOWTO]]
 +
 +[[https://docs.docker.com/develop/develop-images/dockerfile_best-practices/|Dockerfile Tips]]