1.Managing Containers

login Atomic : ssh [email protected]

-bash-4.2# docker search -s 1 fedora             ---above one
-bash-4.2# docker pull rhel7
-bash-4.2# docker load -i rhel-server-docker.tar.gz    ---load hard disk image
-bash-4.2# docker images
-bash-4.2# docker rmi fedora:rawhide
-bash-4.2# docker inspect rhel7
-bash-4.2# docker tag 10acc31def5d rhel7/latest:latest-kc4
-bash-4.2# docker save rhel7/latest:latest-kc4 > /var/tmp/kc4.tar
-bash-4.2# tar tvf /var/tmp/kcr.tar
-bash-4.2# docker run -p 8080:80 -ti rhel7/latest:latest-kc4  /bin/bash
-bash-4.2# exit
-bash-4.2# docker ps 
-bash-4.2# docker kill c1b891b8f004

2.Building a Custom Image with Dockerfile

-bash-4.2# mkdir webserver-image
-bash-4.2# cd webserver-image
-bash-4.2# vi Dockerfile
            # Specify the base image to use
            FROM registry.access.redhat.com/rhel7

            MAINTAINER  Your Name

            #Get the necessary software to run a web server
            RUN yum --disablerepo='*'  --enablerepo=rhel-7-server-rpms install -y httpd
            RUN echo 'container.example.com' > /etc/hostname

            #create custom content (a personal index.html.file)
            RUN echo 'Custom web server for student 0' >> /var/www/html/index.html

-bash-4.2# docker build -t rhel_httpd1 . ---run dockerfile and create custom image
-bash-4.2# docker run -p 80:80 -ti rhel_httpd1:latest /usr/sbin/httpd -DFOREGROUND
-bash-4.2# curl http://servera.pod0.example.com
-bash-4.2# cd ..
-bash-4.2# cp -a webserver-image webhome-image
-bash-4.2# cd webhome-image
-bash-4.2# vi Dockerfile
-bash-4.2# grep HOME Dockerfile

RUN echo "$HOME is where the heart is" >> /var/www/html/index.html

-bash-4.2# docker build -t rhel_httpd2 .
-bash-4.2# docker run -p 80:80 -ti rhel_httpd2:latest /usr/sbin/httpd -DFOREGROUND
-bash-4.2# curl http://servera.pod0.example.com

3.Deploying a Private Container Image Registry

ssh [email protected]
[root@workstation~]# yum install -y docker-registry

  • Use openssl to generate a private key

[root@workstation~]# openssl genrsa -out /etc/pki/tls/private/self.key 1024

  • Use the newly created private key to generate a self-signed certificate.
    [root@workstation~]# openssl req -new -key /etc/pki/tls/private/self.key -x509 -out /etc/pki/tls/certs/self.crt

    Country Name[XX]: US
    State or Province Name (full name)[]: North Carolina
    Locality Name [Default City]: Raleigh
    Organization Name[Default Company Ltd]: Example
    Organizational Unit Name(eg,section)[]:Training
    Common Name[]:workstation.pod0.example.com
    Email  Address[]: [email protected]
  • Configure the docker-registry service to use the newly create self-signed certificate

    [root@workstation~]# cp /usr/lib/systemd/system/docker-registry.service /etc/systemd/system/
    [root@workstation~]# vi /etc/systemd/system/docker-registry.service

    ExecStart=/usr/bin/gunicorn --certfile /etc/pki/tls/certs/self.crt --keyfile /etc/pki/tls/private/self.key --access-logfile - --debug ...........

    [root@workstation~]# systemctl enable docker-registry.service
    [root@workstation~]# systemctl start docker-registry.service
    [root@workstation~]# systemctl status docker-registry.service
    [root@workstation~]# firewall-cmd --zone=public --add-port=5000/tcp
    [root@workstation~]# firewall-cmd --zone=public --add-port=5000/tcp --permanent
    -bash-4.2# hostname
    -bash-4.2# docker tag rhel7/latest:latest-kc4 workstation.pod0.example.com:5000/rhel_httpd1
    -bash-4.2# docker push workstation.pod0.example.com:5000/rhel_httpd1
    -bash-4.2# mkdir /etc/docker/certs.d/workstation.pod0.example.com:5000
    -bash-4.2# scp [email protected]:/etc/pki/tls/certs/self.crt /etc/docker/certs.d/workstation.pod0.example.com\:5000/ca.crt
    -bash-4.2# docker push workstation.pod0.example.com:5000/rhel_httpd1

chapter 5 deploying multitiered applications with containers

-bash-4.2# hostname
-bash-4.2# cd /var/tmp
-bash-4.2# curl -O http://cla***oom.example.com/materials/docker-images/webserver-all-in-one.tar.xz
-bash-4.2# docker load -i webserver-all-in-one.tar.xz
-bash-4.2# docker run -p 8080:80 -d rhel7:webserver-all-in-one /usr/local/bin/app_start
Firefox http://servera.pod0.example.com:8080/cgi-bin/action
[student@workstation~]# yum install -y httpd tools
[student@workstation~]# ab -n 100 -c 10 http://servera.pod0.example.com:8080/cgi-bin/action
-bash-4.2# docker exec -ti CONTAINER_ID tail -f /var/log/httpd/error_log
Use ab to simulate a DDos type of attack.

-bash-4.2# cd /var/tmp
-bash-4.2# curl -O http://cla***oom.example.com/materials/docker-images/webserver.tar.xz
-bash-4.2# curl -O http://cla***oom.example.com/materials/docker-images/db.tar.xz
-bash-4.2# docker load -i webserver.tar.xz
-bash-4.2# docker load -i db.tar.xz
-bash-4.2# docker run -p 80:80 -d rhel7:webserver
-bash-4.2# docker run -p 3306:3306 -d rhel7:db
-bash-4.2# docker ps
-bash-4.2# docker inspect CONTAINER_ID
-bash-4.2# docker exec -ti CONTAINER_ID /bin/bash
bash-4.2# TERM=linux mysql -u root -p ---redhat