Skip to content

Build Containers

Build process

Command Sample
docker build -t <name>:<tag> <build-directory> docker build -t python_devel:2 .
docker tag <name>:<tag> <repo>:<tag> docker tag python_devel:2 marcolancini/python_devel:2
docker push <repo>:<tag> docker push marcolancini/python_devel:2
eval $(minikube docker-env) && make build-image Build image directly on minikube

Dockerfile

Command Notes
FROM <baseimage>
RUN <command>
  • Execute command as you would at a command prompt
  • The results of the RUN are persisted to the image
  • Example: RUN mkdir -p /src/ app
COPY <src> <dest> Copy files from the directory containing the Dockerfile to the container's image
ADD <src> <dest> Like COPY but:
  • can get remote files: ADD http://www.example.com/webapp.jar /opt/
  • will automatically unpack zip files and tar archives: ADD ./assets.zip /var/www/htdocs/assets/
VOLUME /data A specific directory should be a volume (same as "-v")
EXPOSE <port>
  • Declaring a port with EXPOSE is not enough to make it public
  • The Dockerfile doesn't control on which port a service gets exposed:
    • docker run -p <port> ... = that port becomes public (even if it was not declared with EXPOSE)
    • docker run -P ... = all ports declared with EXPOSE become public
ENV <VAR> <VALUE> Environment variables that should be set in any container launched from the image (same as "-e")
CMD
  • Default command to run when a container is launched
  • Can be overridden by what specified in the command line
  • Example: CMD ["nginx", "-g", "daemon off;"]
ENTRYPOINT
  • Defines a base command (and its parameters) for the container
  • The command line arguments are appended to those parameters
CMD + ENTRYPOINT
  • ENTRYPOINT defines a base command (and its parameters) for the container
  • If we don't specify extra command-line arguments when starting the container, the value of CMD is appended (default parameters)
  • Otherwise, our extra command-line arguments are used instead of CMD

Data Container (docker ...)

Command Notes
create -v /config --name dataContainer alpine Create Data Container (-v = where to save data)
run --volumes-from dataContainer ubuntu --volumes-from = mount volumes from other containers inside the container being launched
cp config.conf dataContainer:/config/ Copy files
export dataContainer > dataContainer.tar
import dataContainer.tar
Backup&Restore

Communication (docker ...)

Sample Notes
run --link <container-name|id>:<alias> alpine
run -it --link redis28:redis alpine telnet redis 6379
Connect to a data source
network create PROD Create network layer
run -d --name prod-es-1 --net-alias proxy --net PROD nginx
run -d --name prod-es-2 --net-alias proxy --net PROD nginx
  • --net-alias = doesn't block the name "proxy" (for multiple instances)
  • Provides round robin DNS
network connect --alias db PROD redis connect =  attach existing containers to the network

When creating a network, extra options can be provided:

--internal Disables outbound traffic (the network won't have a default gateway)
--gateway Indicates which address to use for the gateway (when outbound traffic is allowed)
--subnet (in CIDR notation) Indicates the subnet to use
--ip-range (in CIDR notation) Indicates the subnet to allocate from
--aux-address Allows to specify a list of reserved addresses (which won't be allocated to containers)

Set container IP address (the IP address has to be within the subnet used for the container):

  • $ docker network create --subnet 10.66.0.0/16 pubnet
  • $ docker run --net pubnet --ip 10.66.66.66 -d nginx

Docker compose (docker-compose ...)

Command Notes
up
  • Start containers
  • -p <projname> = manually specify project name (otherwise inferred from folder)
scale <name>=1 Autoscale
stop Stop containers
rm Remove containers and volumes
down --volumes Autoscale
run web env
  • Run one-off commands
  • For example, to see what environment variables are available to the web service
logs web Show logs for one container
ports:
- 4000:4000
  • Ports shared among different services started by the docker-compose
  • Ports exposed to the host machine to a random port or a given port
expose:
- "80"
- "4000"
  • Ports are not exposed to host machines, only exposed to other services