Contents
- 1 Image creation
- 2 Container management
- 2.1 Start an image and keep it running
- 2.2 Connect to a running image to see the log files, etc.
- 2.3 Get the list of containers running
- 2.4 Get the last few lines of the logs of any container
- 2.5 Start/stop/restart a container
- 2.6 Get into a container to see or modify its files, change processes, …
- 2.7 Create and deploy images manually
Image creation
Keep a container running after a deployment
Add this at the bottom of the dockerfile:
ENTRYPOINT [“tail”]
CMD [“-f”,”/dev/null”]
Install network tools
RUN yum -y –nogpgcheck install iputils nc net-tools openssh-clients telnet tracerouteAdd a centos repo to a Docker image to be able to install more tools
Build an image using a proxy (locally)
When we need to download files through a proxy, e.g. from Red Hat.
docker build . –build-arg REPLACE_PROXY
Container management
Start an image and keep it running
Useful when it crashes at startup and we want to keep it running to see which files it has inside
docker run -d REPLACE_PATH/REPLACE_NAME tail -f /dev/null
Connect to a running image to see the log files, etc.
We can also use container name so we don’t need to get the id first
docker ps # to see the container id
docker exec -i -t REPLACE_CONTAINER_ID /bin/bash
Or if the image doesn’t have /bin/bash:
docker exec -i -t container_id sh
Get the list of containers running
docker ps
Get the last few lines of the logs of any container
docker logs REPLACE_CONTAINER_ID –tail REPLACE_NUMBER_LINES
Start/stop/restart a container
docker REPLACE_OPERATION REPLACE_CONTAINER_ID
Get into a container to see or modify its files, change processes, …
docker exec -it REPLACE_CONTAINER_ID bashRun commands on a container from outside
docker exec REPLACE_CONTAINER_ID bash -c “REPLACE_COMMAND_TO_RUN”
Or simply:
docker exec REPLACE_CONTAINER_ID REPLACE_COMMAND_TO_RUNCopy files from/to a container
docker cp REPLACE_CONTAINER_ID:REPLACE_FILE_PATH REPLACE_LOCAL_PATH
===========================================
Create and deploy images manually
There are some images that are not part of the business applications (only used by developers) and that don’t have frequent changes. For them there are still no pipeline jobs. They can be released manually like this:
1) Set up your user:
docker login REPLACE_DOCKER_REPOSITORY
2) Prepare the configuration of the new image (if needed):
2.1) Create a file called “Dockerfile”
FROM REPLACE_BASE_IMAGE
2.3) If you have to install tools, add the root user (see in other section below) and configure the Proxy settings, e.g.:
USER rootENV http_proxy=http://*****:*****@… \
https_proxy=http://******:******@…. \
no_proxy=*.corp,localhost,gsnetcloud.corp
This is only while you test your image, once you are confident that it works you can replace them by the standard proxy settings:
ENV http_proxy=REPLACE_PROXY:REPLACE_PORT
ENV https_proxy=REPLACE_PROXY:REPLACE_PORT
2.4) Add any other command needed
2.5) After the installing commands revert the previous commands that set the user and proxy. If not, the image will fail in Openshift because it won’t be able to run with the root user or to connect to Jenkins via the proxy:
3) Build the image:Go to the directory where the Docker file is located and run:
“docker build -t imageName .”For example:
docker build -t REPLACE_IMAGE_PATH/REPLACE_IMAGE_NAME:REPLACE_IMAGE_VERSION .4) Tag and push itLog in to Docker repository to get the commands to tag and push the imageFor example:
docker tag REPLACE_IMAGE_NAME:REPLACE_IMAGE_VERSION REPLACE_IMAGE_PATH/REPLACE_IMAGE_NAME:REPLACE_IMAGE_VERSION
docker push REPLACE_IMAGE_PATH/REPLACE_IMAGE_NAME:REPLACE_IMAGE_VERSION
5) Deploy it in OpenShift (if needed)Use a new Docker image in JenkinsIf we create a new build image we have to configure it in Jenkins so it can be used in the pipeline files. This has to be done after the previous steps of adding it to the Docker repository.1) Go to the configuration screen in Jenkins:Log in to Jenkins and then click on “Manage Jenkins” → “Configure System”2) Add a new Kubernetes Pod Template:Scroll to the bottom and click on “Add Pod Template” → “Kubernetes Pod Template”3) Copy the settings from a previous template and adapt them adding the name, labels, Docker image, etc.4) Click on the Advanced button and add the memory settings:5) Add the service account:Scroll to the bottom of the template, click on the Advanced button and set the name of the account to use. “Jenkins” is usually the one for the development environment.6) Save so you can start using it on your pipeline files, e.g.:Use of root userWe are not allowed to run images on Openshift that require root access, but we can build them as root and then change the user to a normal one so they don’t run as a privileged user.This is useful both when we have to install some tools in an image and when we want to use existing images that by default have a root user.Examples:Create a non-root userIf the Docker image is not a RHEL one, we may not have a standard non-root user. If so we can create a user with this command:Find existing non-root usersWe can see the existing ones with this command:
ENV http_proxy=
ENV https_proxy=
agent { label ‘nodejs10-protractor’ }
RUN addgroup java && adduser -S java -g java
RUN cat /etc/passwd
Usage of the Spotify plugin and similar onesIt looks as we cannot use the Spotify plugin to create and publish images because it needs to run commands on the image as root. We can try in the future to see if it has changed and we can use it as it would simplify the pipelines.Extract files from a Docker imageSometimes we have to extract some files from an image so we can use it in other, e.g. to extract the APM Wily Agent installed in the RHEL images so we can use it in bespoke images.The steps are:1) If needed, prepare the files inside the image, e.g. compressing them and figuring out in which folder they are. We can do this adding some commands to the Dockerfile:
RUN tar -zcvf wily.tar.gz /opt/wily
RUN pwd
2) Compile the image
docker build -t image_name:0.1 .
3) Run the image. We have to pass some JAVA_OPTIONS to specify the amount of memory to use or it will fail saying that it cannot reserve so much memory for the heap:
docker run -d –name fcr_container -m 600M -e JAVA_OPTIONS=’-Xmx300m’ image_name:0.1
4) Extract the files from the running image. To do so we first have to find out the image’s container id and then use a cp command to extract the file to our machine:
docker ps -a . # it will list the running Docker images, in the example its container id is: e4d70d43e88c
docker cp e4d70d43e88c:/opt/produban/wily.tar.gz .
Remove all the exited images
docker ps -aq –no-trunc -f status=exited | xargs docker rm
ImagesSome notes:
It was initially created from a RedHat image and later changed to a UBI one as those are the only ones supported now
We use microdnf to install applications as that’s the app installer that comes with them, but then added yum as we had to install some apps either skipping GPG checks or installing from a local rpm and microdnf didn’t support any of them
We change the proxies so microdnf/yum can connect to the Red Hat repositories to get rpms
FAQBuild an image using a proxy (Jenkins)Sometimes we have to build images that require using a proxy, e. g. to build the images provided by the Madrid team. We can add this to the Dockerfile:
ENV http_proxy=REPLACE_HTTP_PROXY
ENV https_proxy=REPLACE_HTTPS_PROXY
ENV no_proxy=REPLACE_NO_PROXY