Skip to content

Instantly share code, notes, and snippets.

@s1lvester

s1lvester/docker_tips.md

Last active October 26, 2016 06:52
Show Gist options
  • Save s1lvester/49cd6cbbba4df8cda69e053f5b174c06 to your computer and use it in GitHub Desktop.
Save s1lvester/49cd6cbbba4df8cda69e053f5b174c06 to your computer and use it in GitHub Desktop.
Download ZIP
Docker hints
Raw
docker_tips.md

Docker Tips

As one can guess, just some write-along on things I learned and used while trying to get along with docker. If anything is grossly wrong - feel free to correct me. Markus.

Garbage Collection

# for containers
docker rm $(docker ps -aq)

# for images
docker rmi $(docker images --filter dangling=true --quiet)

Networking

virtual-lan and bridging to host-LAN

Docker > 1.12.x implements the new "macvlan" network-driver. This means we now can have bridged containers into the host-LAN - and avoid having to port-forward the third and fourth web server port on the docker-host (who can even remember those?). While this is not advisable for every container (like db-backends) it's a nice option for containers that interact with the user-world.

docker network create -d macvlan \
    --subnet=192.168.5.0/24 \
    --gateway=192.168.5.1 \
    --ip-range=192.168.5.10/26 \
    -o parent=eth0 \
    testnet

TODO:

  • Right now I can set a hostname via --name=mycontainer --hostname=myhostname when instantiating the container from an image but this doesn't always result in correct hostnames in my router.
  • DHCP? Right now getting IPs is erratic .5.2 - .5.x. Does docker even check if the IP has a lease?
  • Difference between macvlan and ipvlan (still in experimental repo as of 10/2016)

Network-Storage

There are a couple of options to get host-storage into the container. Since my rancher-os is a vm itself, running on my freenas-box, mounting everything into the rancheros isn't really feasible because all the goodies of managing shares in the freenas-box would be lost. Rancheros comes with its own solution called "Convoy" but just from looking at it this seems way to complicated. Also: I'm not using rancher (the system-service and web-ui to orchestrate containers), just rancheros.

In comes "docker-volume-netshare" which can do "just a simple nfs-mount, man." It's a simple service (single binary) which runs on the docker-host and creates docker-volumes from netshares (hence the name).

# 1. start the daemon
sudo docker-volume-netshare --verbose --options="defaults,rw,nolock" nfs

# Now we have multiple options on how to get the nfs-mount into containers.

# 2.1. via -v while instantiating
docker run <foo> -v <ip>/<share_path>:/<path_inside_container> 
# NOTE the lack of a colon between ip and share-path

# 2.2. via a data container
docker create -v <ip>/<share_path>/<path_inside_container> \
    --name=<container_name_1> \
    --volume-driver=nfs \
    alpine /bin/true
# this creates a non-running container that uses one (or more when using multiple -v params) netshares.

# We can then inherit these shares into another container via:
docker run <foo> --name=<container-name_2> --volumes-from=<container_name_1>

# 2.3. via named volumes
docker volume create -d nfs \
    --name=<bar> \
    -o share=<ip>:<share_path> \ # NOTE the colon!
    -o create=true
# create=true means that subdirs are created implicitly (<share_path>/<bar>)

docker run <foo> -v <bar>:/<path_inside_container>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment