Docker funciona como um hipervisor no entanto ele usa linux como base e cada container e um conjuto de processos isolador para suportar uma aplicação, compartilham o mesmo kernel -
Embedded Files
Para não usar sudo toda vez
root@localhost:/home/vagrant# sudo usermod -aG docker $USER
Repositorios de imagem - docker hub
docker pull ubuntu - baixa a imagem docker
docker ps - mostra as imagens rodando
Para stopar e para startar o container em execução
vagrant@localhost ~ $ sudo su
root@localhost:/home/vagrant# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
041b119c8d7d google/cadvisor:latest "/usr/bin/cadvisor -l" About a minute ago Up About a minute 0.0.0.0:8080->8080/tcp cadvisor
root@localhost:/home/vagrant# docker stop 041b119c8d7d
041b119c8d7d
root@localhost:/home/vagrant# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
root@localhost:/home/vagrant# docker start 041b119c8d7d
041b119c8d7d
root@localhost:/home/vagrant# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
041b119c8d7d google/cadvisor:latest "/usr/bin/cadvisor -l" 2 minutes ago Up 3 seconds 0.0.0.0:8080->8080/tcp cadvisor
root@localhost:/home/vagrant#
Executando em modo interativo o bash do container
root@localhost:/home/vagrant# docker run -it ubuntu bash
Pausar container
root@localhost:/home/vagrant# docker pause 041b119c8d7d
041b119c8d7d
root@localhost:/home/vagrant# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
041b119c8d7d google/cadvisor:latest "/usr/bin/cadvisor -l" 10 minutes ago Up 8 minutes (Paused) 0.0.0.0:8080->8080/tcp cadvisor
root@localhost:/home/vagrant# docker unpause 041b119c8d7d
041b119c8d7d
root@localhost:/home/vagrant# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
041b119c8d7d google/cadvisor:latest "/usr/bin/cadvisor -l" 10 minutes ago Up 8 minutes 0.0.0.0:8080->8080/tcp cadvisor
root@localhost:/home/vagrant#
criando um exemplo de aplicação web
-d, --detach Run container in background and print container ID
root@localhost:/home/vagrant# docker run -d dockersamples/static-site
Unable to find image 'dockersamples/static-site:latest' locally
latest: Pulling from dockersamples/static-site
fdd5d7827f33: Pull complete
a3ed95caeb02: Pull complete
716f7a5f3082: Pull complete
7b10f03a0309: Pull complete
aff3ab7e9c39: Pull complete
Digest: sha256:daa686c61d7d239b7977e72157997489db49f316b9b9af3909d9f10fd28b2dec
Status: Downloaded newer image for dockersamples/static-site:latest
bab344ada3e40f348d18d6ca59f863622a351b4a5a1c4a1e57dc815117af5414
root@localhost:/home/vagrant# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
bab344ada3e4 dockersamples/static-site "/bin/sh -c 'cd /usr/" 41 seconds ago Up 39 seconds 80/tcp, 443/tcp romantic_agnesi
fb93654ec47a google/cadvisor:latest "/usr/bin/cadvisor -l" 17 minutes ago Up 17 minutes 0.0.0.0:8080->8080/tcp cadvisor
root@localhost:/home/vagrant#
usando -P mapea a porta entre o container e o nossa maquina local
root@localhost:/home/vagrant# docker run -d -P dockersamples/static-site
244fa12b36fec230eedac22ecb62df1b9fa37ff5a5c28b37f4def778921e3771
root@localhost:/home/vagrant# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
244fa12b36fe dockersamples/static-site "/bin/sh -c 'cd /usr/" 3 seconds ago Up 3 seconds 0.0.0.0:32769->80/tcp, 0.0.0.0:32768->443/tcp small_brattain
fb93654ec47a google/cadvisor:latest "/usr/bin/cadvisor -l" 19 minutes ago Up 19 minutes 0.0.0.0:8080->8080/tcp cadvisor
root@localhost:/home/vagrant#
Mapeamento da aplicação no container
root@localhost:/home/vagrant# docker port 244fa12b36fe
443/tcp -> 0.0.0.0:32768
80/tcp -> 0.0.0.0:32769
root@localhost:/home/vagrant#
root@localhost:/home/vagrant#
MAPEAR PORTAS USAR -p (minusculo)
root@localhost:/home/vagrant# docker run -d -p 8081:80 dockersamples/static-site
66104f9d08b5fc5c63ca827cbca4fb09492f32e3ae4e4e42bfae34977c997e22
root@localhost:/home/vagrant#
root@localhost:/home/vagrant# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
66104f9d08b5 dockersamples/static-site "/bin/sh -c 'cd /usr/" 35 seconds ago Up 34 seconds 443/tcp, 0.0.0.0:8081->80/tcp gigantic_thompson
244fa12b36fe dockersamples/static-site "/bin/sh -c 'cd /usr/" 6 minutes ago Up 6 minutes 0.0.0.0:32769->80/tcp, 0.0.0.0:32768->443/tcp small_brattain
fb93654ec47a google/cadvisor:latest "/usr/bin/cadvisor -l" 26 minutes ago Up 26 minutes 0.0.0.0:8080->8080/tcp cadvisor
root@localhost:/home/vagrant#
80 - refere ao container - 8081 a maquina
root@localhost:/home/vagrant# docker port 66104f9d08b5
80/tcp -> 0.0.0.0:8081
root@localhost:/home/vagrant#
Imagem - conjunto de camadas essas camadas podem ser usadas em outras imagens reutilizando
Readonly *
root@localhost:/home/vagrant# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
ubuntu latest 27941809078c 2 weeks ago 77.82 MB
hello-world latest feb5d9fea6a5 9 months ago 13.26 kB
swarm latest 942fd5fd357e 5 years ago 19.47 MB
weaveworks/plugin 1.6.1 e812ec383f9b 5 years ago 86.75 MB
weaveworks/weaveexec 1.6.1 d8de7c1d6306 5 years ago 74.38 MB
weaveworks/weave 1.6.1 ea7dc57bc86d 5 years ago 28.2 MB
google/cadvisor latest 533a7b5c4db6 5 years ago 46.39 MB
weaveworks/weavedb latest 9de1af088a49 6 years ago 244 B
dockersamples/static-site latest f589ccde7957 6 years ago 190.5 MB
diogomonica/docker-bench-security latest c6b75f77217b 6 years ago 50.7 MB
Inspecionar a imagem
root@localhost:/home/vagrant# docker inspect f589ccde7957
Container = imagem + camada read+write
CRIAR IMAGENS
Dockerfile
FROM ubuntu:16.04
RUN apt-get update && apt-get install nginx -y
COPY arquivo_teste /tmp/arquivo_teste
CMD bash
Criar imagem
──(root㉿kali)-[/home/vagrant]
└─# docker image build -t lucasfontiniteste/app-ubuntu .
Tal comando tem a opção “-t”, serve para informar o nome da imagem a ser criada.
Após vc criar a conta no dockerhub e logar -
docker push <nomedaimagem>
e ela sobe para o repositorio
No arquivo acima, utilizamos quatro instruções:
FROM para informar qual imagem usaremos como base, nesse caso foi ubuntu:16.04.
RUN para informar quais comandos serão executados nesse ambiente para efetuar as mudanças necessárias na infraestrutura do sistema. São como comandos executados no shell do ambiente, igual ao modelo por commit, mas nesse caso foi efetuado automaticamente e, é completamente rastreável, já que esse Dockerfile será armazenado no sistema de controle de versão.
COPY é usado para copiar arquivos da estação onde está executando a construção para dentro da imagem. Usamos um arquivo de teste apenas para exemplificar essa possibilidade, mas essa instrução é muito utilizada para enviar arquivos de configuração de ambiente e códigos para serem executados em serviços de aplicação.
CMD para informar qual comando será executado por padrão, caso nenhum seja informado na inicialização de um container a partir dessa imagem. No exemplo, colocamos o comando bash, se essa imagem for usada para iniciar um container e não informamos o comando, ele executará o bash.
Persistencia de dados no docker
Permite que os dados criados no container se refletem no diretoria do host real
No meu pc
──(root㉿kali)-[/home/vagrant/volume-docker]
└─# ls
arquivo_teste ronaldo.txt
-v mapea o volume
┌──(root㉿kali)-[/home/vagrant/volume-docker]
└─# docker run -it -v /home/vagrant/volume-docker:/app ubuntu bash
dentro do container
root@86c0957df642:/# ls
app bin boot dev etc home lib lib32 lib64 libx32 media mnt opt proc root run sbin srv sys tmp usr var
root@86c0957df642:/# cd app
root@86c0957df642:/app# ls
arquivo_teste ronaldo.txt
root@86c0957df642:/app#
Acessar um container existente
Acessar um container existente
└─# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
8de3af750145 ubuntu "bash" About a minute ago Up About a minute ubuntu-luca
a55387507efc ubuntu "bash" 33 minutes ago Up 33 minutes thirsty_meitner
┌──(root㉿kali)-[/home/vagrant]
└─# docker attach 8de3af750145
root@8de3af750145:/#
SEGUNDA OPÇÃO --MOUNT - FAZ A MESMA COISA E É A BOA PRATICA
┌──(root㉿kali)-[/home/vagrant/volume-docker]
└─# docker run -it --mount type=bind,source=/home/vagrant/volume-docker/,target=/app ubuntu bash
root@8a32be1fb8e5:/# ls
app bin boot dev etc home lib lib32 lib64 libx32 media mnt opt proc root run sbin srv sys tmp usr var
root@8a32be1fb8e5:/# cd app
root@8a32be1fb8e5:/app# touch teste
root@8a32be1fb8e5:/app# exit
exit
┌──(root㉿kali)-[/home/vagrant/volume-docker]
└─# ls
arquivo_teste ronaldo.txt teste
┌──(root㉿kali)-[/home/vagrant/volume-docker]
└─#
Volumes -
Criar volumes
└─# docker volume create meu-volume
Onde fica armazena na minha maquina?
┌──(root㉿kali)-[/var/lib/docker/volumes]
└─# ls
backingFsBlockDev metadata.db meu-volume
Utilizando no container
└─# docker run -it -v meu-volume:/app ubuntu bash
──(root㉿kali)-[/var/lib/docker/volumes]
└─# ls
backingFsBlockDev metadata.db meu-volume
O volume esta espelhado a pasta app do container e os dados se persistem na maquina host
┌──(root㉿kali)-[/var/lib/docker/volumes]
└─# docker run -it -v meu-volume:/app ubuntu bash
root@87fb77fa3f42:/# ls
app bin boot dev etc home lib lib32 lib64 libx32 media mnt opt proc root run sbin srv sys tmp usr var
root@87fb77fa3f42:/# cd app
root@87fb77fa3f42:/app# ls
textevolume.txt
┌──(root㉿kali)-[/var/…/docker/volumes/meu-volume/_data]
└─# ls
textevolume.txt
Criando volume direto via --mount
Criando volume direto via --mount
┌──(root㉿kali)-[/var/…/docker/volumes/meu-volume/_data]
└─# docker run -it --mount source=meu-novo-volume,target=/app-lucas ubuntu bash
root@7e7d2a07886c:/# ls
app-lucas bin boot dev etc home lib lib32 lib64 libx32 media mnt opt proc root run sbin srv sys tmp usr var
root@7e7d2a07886c:/# cd app-lucas/
root@7e7d2a07886c:/app-lucas# ls
┌──(root㉿kali)-[/var/…/docker/volumes/meu-volume/_data]
└─# docker volume ls
DRIVER VOLUME NAME
local meu-novo-volume
local meu-volume
┌──(root㉿kali)-[/var/…/docker/volumes/meu-volume/_data]
Volumes que são temporarios (apenas em RAM)
┌──(root㉿kali)-[/var/…/docker/volumes/meu-volume/_data]
└─# docker run -it --tmpfs=/app-lucas ubuntu bash
root@863db9135b8e:/# ls
app-lucas bin boot dev etc home lib lib32 lib64 libx32 media mnt opt proc root run sbin srv sys tmp usr var
root@863db9135b8e:/#
Docker inspect - mostra todos os atributos do container - network, volumes ...
exemplo
┌──(root㉿kali)-[/home/vagrant]
└─# docker inspect 3c48772400ec
[
{
"Id": "3c48772400ecb6cdd0e98390456d84c543559e77bb576abed33c16031d64ca03",
"Created": "2022-06-29T01:47:27.321841162Z",
"Path": "bash",
"Args": [],
"State": {
"Status": "running",
"Running": true,
"Paused": false,
"Restarting": false,
"OOMKilled": false,
"Dead": false,
"Pid": 26708,
"ExitCode": 0,
"Error": "",
"StartedAt": "2022-06-29T01:47:27.977501379Z",
"FinishedAt": "0001-01-01T00:00:00Z"
},
"Image": "sha256:27941809078cc9b2802deb2b0bb6feed6c236cde01e487f200e24653533701ee",
"ResolvConfPath": "/var/lib/docker/containers/3c48772400ecb6cdd0e98390456d84c543559e77bb576abed33c16031d64ca03/resolv.conf",
"HostnamePath": "/var/lib/docker/containers/3c48772400ecb6cdd0e98390456d84c543559e77bb576abed33c16031d64ca03/hostname",
"HostsPath": "/var/lib/docker/containers/3c48772400ecb6cdd0e98390456d84c543559e77bb576abed33c16031d64ca03/hosts",
"LogPath": "/var/lib/docker/containers/3c48772400ecb6cdd0e98390456d84c543559e77bb576abed33c16031d64ca03/3c48772400ecb6cdd0e98390456d84c543559e77bb576abed33c16031d64ca03-json.log",
"Name": "/awesome_mcnulty",
"RestartCount": 0,
"Driver": "overlay2",
"Platform": "linux",
"MountLabel": "",
"ProcessLabel": "",
"AppArmorProfile": "docker-default",
"ExecIDs": null,
"HostConfig": {
"Binds": null,
"ContainerIDFile": "",
"LogConfig": {
"Type": "json-file",
"Config": {}
},
"NetworkMode": "default",
"PortBindings": {},
"RestartPolicy": {
"Name": "no",
"MaximumRetryCount": 0
},
"AutoRemove": false,
"VolumeDriver": "",
"VolumesFrom": null,
"CapAdd": null,
"CapDrop": null,
"CgroupnsMode": "private",
"Dns": [],
"DnsOptions": [],
"DnsSearch": [],
"ExtraHosts": null,
"GroupAdd": null,
"IpcMode": "private",
"Cgroup": "",
"Links": null,
"OomScoreAdj": 0,
"PidMode": "",
"Privileged": false,
"PublishAllPorts": false,
"ReadonlyRootfs": false,
"SecurityOpt": null,
"UTSMode": "",
"UsernsMode": "",
"ShmSize": 67108864,
"Runtime": "runc",
"ConsoleSize": [
0,
0
],
"Isolation": "",
"CpuShares": 0,
"Memory": 0,
"NanoCpus": 0,
"CgroupParent": "",
"BlkioWeight": 0,
"BlkioWeightDevice": [],
"BlkioDeviceReadBps": null,
"BlkioDeviceWriteBps": null,
"BlkioDeviceReadIOps": null,
"BlkioDeviceWriteIOps": null,
"CpuPeriod": 0,
"CpuQuota": 0,
"CpuRealtimePeriod": 0,
"CpuRealtimeRuntime": 0,
"CpusetCpus": "",
"CpusetMems": "",
"Devices": [],
"DeviceCgroupRules": null,
"DeviceRequests": null,
"KernelMemory": 0,
"KernelMemoryTCP": 0,
"MemoryReservation": 0,
"MemorySwap": 0,
"MemorySwappiness": null,
"OomKillDisable": null,
"PidsLimit": null,
"Ulimits": null,
"CpuCount": 0,
"CpuPercent": 0,
"IOMaximumIOps": 0,
"IOMaximumBandwidth": 0,
"Mounts": [
{
"Type": "volume",
"Source": "meu-novo-volume",
"Target": "/app-lucas"
}
],
"MaskedPaths": [
"/proc/asound",
"/proc/acpi",
"/proc/kcore",
"/proc/keys",
"/proc/latency_stats",
"/proc/timer_list",
"/proc/timer_stats",
"/proc/sched_debug",
"/proc/scsi",
"/sys/firmware"
],
"ReadonlyPaths": [
"/proc/bus",
"/proc/fs",
"/proc/irq",
"/proc/sys",
"/proc/sysrq-trigger"
]
},
"GraphDriver": {
"Data": {
"LowerDir": "/var/lib/docker/overlay2/8ef5d454d34ac3029d6c12901178980d65d92069214ca858a5c016b7b995245e-init/diff:/var/lib/docker/overlay2/27882942fa8a809b25d3a5db0de35e8881b3956c7672649962314d84347458ac/diff",
"MergedDir": "/var/lib/docker/overlay2/8ef5d454d34ac3029d6c12901178980d65d92069214ca858a5c016b7b995245e/merged",
"UpperDir": "/var/lib/docker/overlay2/8ef5d454d34ac3029d6c12901178980d65d92069214ca858a5c016b7b995245e/diff",
"WorkDir": "/var/lib/docker/overlay2/8ef5d454d34ac3029d6c12901178980d65d92069214ca858a5c016b7b995245e/work"
},
"Name": "overlay2"
},
"Mounts": [
{
"Type": "volume",
"Name": "meu-novo-volume",
"Source": "/var/lib/docker/volumes/meu-novo-volume/_data",
"Destination": "/app-lucas",
"Driver": "local",
"Mode": "z",
"RW": true,
"Propagation": ""
}
],
"Config": {
"Hostname": "3c48772400ec",
"Domainname": "",
"User": "",
"AttachStdin": true,
"AttachStdout": true,
"AttachStderr": true,
"Tty": true,
"OpenStdin": true,
"StdinOnce": true,
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
],
"Cmd": [
"bash"
],
"Image": "ubuntu",
"Volumes": null,
"WorkingDir": "",
"Entrypoint": null,
"OnBuild": null,
"Labels": {}
},
"NetworkSettings": {
"Bridge": "",
"SandboxID": "d261f9ffadc218a39840466840bac65db1c2111f9104d5b3cc7ca9b718aeb5f4",
"HairpinMode": false,
"LinkLocalIPv6Address": "",
"LinkLocalIPv6PrefixLen": 0,
"Ports": {},
"SandboxKey": "/var/run/docker/netns/d261f9ffadc2",
"SecondaryIPAddresses": null,
"SecondaryIPv6Addresses": null,
"EndpointID": "48bcfe65d308709e7c423262574634330531f7505764a820c5cc2e08ec47e72a",
"Gateway": "172.17.0.1",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"IPAddress": "172.17.0.2",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"MacAddress": "02:42:ac:11:00:02",
"Networks": {
"bridge": {
"IPAMConfig": null,
"Links": null,
"Aliases": null,
"NetworkID": "198547dabde36d04fa4ec77ee90984e560a1cc990f731677da7d32e4f5fcc200",
"EndpointID": "48bcfe65d308709e7c423262574634330531f7505764a820c5cc2e08ec47e72a",
"Gateway": "172.17.0.1",
"IPAddress": "172.17.0.2",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "02:42:ac:11:00:02",
"DriverOpts": null
}
}
}
}
]
┌──(root㉿kali)-[/home/vagrant]
Redes entre os containers
Redes entre os containers
┌──(root㉿kali)-[/home/vagrant]
└─# docker network ls
NETWORK ID NAME DRIVER SCOPE
198547dabde3 bridge bridge local
91d5f3e5fdfe host host local
34428154c342 none null local
┌──(root㉿kali)-[/home/vagrant]
Os containers Por padrão quando são criados são em bridge na mesma rede e tem conectividade enntre eles
Criando redes bridge
──(root㉿kali)-[/var/…/docker/volumes/meu-volume/_data]
└─# docker network create minhabridge
7fc30b5a464ce6a3ff61aca4c016e3c29c1221da5e4a17315459a3e7cdc7b69b
┌──(root㉿kali)-[/var/…/docker/volumes/meu-volume/_data]
└─# docker network ls
NETWORK ID NAME DRIVER SCOPE
198547dabde3 bridge bridge local
91d5f3e5fdfe host host local
7fc30b5a464c minhabridge bridge local
34428154c342 none null local
┌──(root㉿kali)-[/var/…/docker/volumes/meu-volume/_data]
└─#
cria na rede bridge
└─# docker run -it --network minhabridge --name ubuntu-lucas2 --mount source=meu-novo-volume,target=/app-lucas ubuntu bash
Removendo containers
docker rm $(docker ps -q) --force
exemplo de docker file crie dentro da pasta da aplicacao um arquivo chamado dockerfile com esses dados
e depois de um # docker build -t nome-da-imagem .
FROM node:14
# DEFINE ARGUMENTO NO TEMPO DE BUILD DA IMAGEM
ARG PORT=6000
EXPOSE $PORT
# DEFINE VARIAVEL DE AMBIENTE
ENV PORT=$PORT
WORKDIR /app-node
# COPY source dest
COPY . .
# EXECUTADO NA CRIACAO DA IMAGEM
RUN npm install
ENTRYPOINT nmp start
# COLOCA O DOCKERFILE DENTRO DA PASTA DO PROJETO E EXECUTA O COMANDO NO DIRETORIO ATUAL:
# docker build -t nome-da-imagem .
Page updated
Google Sites
Report abuse