Play Docker(2)

TurnToJPG -->

Continue, but this time for further topics:


From to find more interesting images:
Use opensuse:

$ sudo docker pull opensuse
$ sudo docker images
$ sudo docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             VIRTUAL SIZE
opensuse            latest              758c78b4040c        3 weeks ago         622.7 MB
opensuse            13.2                758c78b4040c        3 weeks ago         622.7 MB
opensuse            harlequin           758c78b4040c        3 weeks ago         622.7 MB
$ sudo docker run -i -t opensuse /bin/bash
:/ # yzpper in vim

After installed commit the changes and verify:

$ sudo docker run -i -t install_vim_suse /bin/bash
:/ # which vim

Now we export it to tar file:

$ sudo docker ps
$ sudo docker export 7b594d048b0b>~/opensuse_vim.tar
$ ls -l -h ~/opensuse_vim.tar
-rw-r--r--  1 Trusty root 704M Jan 27 22:39 opensuse_vim.tar

Made changes after we exported the tar file.

$ sudo tar xvf opensuse_vim.tar
$ sudo touch ./root/I_Want_You_See_This_File
$ sudo rm -f opensuse_vim.tar
$ sudo tar cvf opensuse_vim_modified.tar ./*
$ ls -l -h *.tar
-rw-r--r-- 1 root root 704M Jan 27 22:45 opensuse_vim_modified.tar

Import the tar file into the images:

$ sudo cat ./opensuse_vim_modified.tar | sudo docker import - Trusty/opensuse_vim_modified:v1.0
$ sudo docker images
$ sudo docker images
REPOSITORY                   TAG                 IMAGE ID            CREATED             VIRTUAL SIZE
Trusty/opensuse_vim_modified   v1.0                c18f7e43c419        47 seconds ago      724 MB
$ sudo docker run -i -t Trusty/opensuse_vim_modified:v1.0 /bin/bash
:/ # ls /root/
I_Want_You_See_This_File  bin

Now we could see the modified files has been ported to our running containers.
Even you could docker import from remote url:

$sudo docker import example/imagerepo


Run app inside the container

First pull the images training/webapp back:

$ sudo docker pull training/webapp
$ sudo docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             VIRTUAL SIZE
training/webapp     latest              31fa814ba25a        8 months ago        278.6 MB

Quickly enter the container and examine what’s inside the pandora box:

$ sudo docker run -i -t training/webapp /bin/bash
root@f19ca7c18763:/opt/webapp# cat /etc/issue
Ubuntu 12.04.4 LTS \n \l

root@f19ca7c18763:/opt/webapp# ls
Procfile  requirements.txt
root@f19ca7c18763:/opt/webapp# cat | more
import os

from flask import Flask

It’s a flask based webapp.
Manually run the and use another terminal for testing it:

root@f19ca7c18763:/opt/webapp# python
 * Running on
$ sudo docker exec -it f19ca7c18763 /bin/bash
root@f19ca7c18763:/opt/webapp# which curl
root@f19ca7c18763:/opt/webapp# curl
Hello world!root@f19ca7c18763:/opt/webapp# 

When you use curl, you will see in the first terminal it will indicates the request has been solved.
Or you could directly request the page in host machine, via: curl, the result will be the same.

Expose to World

Randomly let our container map to host’s port via:

$ sudo docker run -d -P --name web training/webapp python
$ sudo docker ps -l
CONTAINER ID        IMAGE                    COMMAND             CREATED             STATUS              PORTS                     NAMES
8781cf98cc68        training/webapp:latest   "python"     6 seconds ago       Up 5 seconds>5000/tcp   web                 

Then on Internet, we could directly fetch the HelloWorld now.

~% curl
Hello world!%          

Inspect the name of the running container:

$ sudo docker inspect -f "{{ .State.StartedAt }}" 8781cf98cc68
$ sudo docker inspect -f "{{ .State.Pid }}" 8781cf98cc68
$ sudo docker inspect -f "{{ .Name }}" 8781cf98cc68

We got the name, then we could directly read the logs using this name:

$ sudo docker logs -f web
 * Running on - - [28/Jan/2015 04:27:30] "GET / HTTP/1.1" 200 - - - [28/Jan/2015 06:00:18] "GET / HTTP/1.1" 200 - - - [28/Jan/2015 06:00:24] "GET / HTTP/1.1" 200 -

Using -p for specify the host port and container port mapping:

$ sudo docker run -d -p 5000:5000 --name web1 training/webapp python
$ sudo docker ps
CONTAINER ID        IMAGE                    COMMAND             CREATED             STATUS              PORTS                    NAMES
2a0692015ba7        training/webapp:latest   "python"     3 seconds ago       Up 3 seconds>5000/tcp   web1 

The test could be curl the 5000 port of the remote machine, while the logs could be found using -f web1.
Examine the port mapping using following command:

$ sudo docker run -d -P --name web3 training/webapp python
$ sudo docker port web3 5000

-p could be added as multiple ports, like:

$ sudo docker run -d -p 5000:5000 -p 3000:80 training/webapp python

Docker Container Linking

Pull back a new images and run it as daemon:

$ sudo docker run -d --name db training/postgres
$ sudo docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             VIRTUAL SIZE
training/postgres   latest              258105bea10d        7 months ago        364.5 MB
training/webapp     latest              31fa814ba25a        8 months ago        278.6 MB
$ sudo docker ps 
CONTAINER ID        IMAGE                      COMMAND                CREATED             STATUS              PORTS                     NAMES
ff6603d47552        training/postgres:latest   "su postgres -c '/us   14 seconds ago      Up 14 seconds       5432/tcp                  db                  
f94368f3d091        training/webapp:latest     "python"        9 minutes ago       Up 9 minutes>5000/tcp   web3                

Remove the existing web3 container, and create a new one which links to container db:

$ sudo docker rm -f f94368f3d091
$ sudo docker run -d -P --name web4 --link db:db training/webapp python
$ sudo docker ps
CONTAINER ID        IMAGE                      COMMAND                CREATED             STATUS              PORTS                     NAMES
0cf8f0adcb3d        training/webapp:latest     "python"        4 seconds ago       Up 3 seconds>5000/tcp   web4                
ff6603d47552        training/postgres:latest   "su postgres -c '/us   2 minutes ago       Up 2 minutes        5432/tcp                  db  

Examine the link infos when entering the container itself:

$ sudo docker exec -i -t 0cf8f0adcb3d  /bin/bash
root@0cf8f0adcb3d:/opt/webapp# env

Use ip address show to examine the ip address.
Why they could be linked?
Also when you enter the web machine, cat its /etc/hosts, will see the db named:

root@0cf8f0adcb3d:/opt/webapp# cat /etc/hosts	0cf8f0adcb3d	localhost
::1	localhost ip6-localhost ip6-loopback
fe00::0	ip6-localnet
ff00::0	ip6-mcastprefix
ff02::1	ip6-allnodes
ff02::2	ip6-allrouters	db

Advance Networking

Secret of DNS/hostname/hosts:

root@0cf8f0adcb3d:/opt/webapp# mount
/dev/vda1 on /etc/resolv.conf type ext4 (rw,relatime,data=ordered)
/dev/vda1 on /etc/hostname type ext4 (rw,relatime,data=ordered)
/dev/vda1 on /etc/hosts type ext4 (rw,relatime,data=ordered)

Once the variables changes the container’s corresponding name will also be changed.


Container Visit WAN:
Use sysctl’s ip_forward, check it via:

$ cat /proc//sys/net/ipv4/ip_forward

1 means that we could forward our traffic flow from WAN to

WAN visit Container:

$ sudo docker run -d -p 5000:5000 --name web5 training/webapp python
$ sudo iptables -t nat -nL
Chain DOCKER (2 references)
target     prot opt source               destination         
DNAT       tcp  --              tcp dpt:49155 to:
DNAT       tcp  --              tcp dpt:5000 to:

The last one is added via our run command.