Lab setup data from the Pluralsight course on:
Managing Docker Images
The Complete Obsolete Guide to Generative AI (from Manning) is a lighthearted look at programming with AI, as well as a rock-solid resource for getting the most out of these insanely powerful services. Let it be your guide to analyzing massive data sources, summarize pages and pages of text, and scour the live internet.
Set up the basic Docker environment
sudo nano /etc/group [add your username to the "docker" group line] sudo systemctl status docker docker images sudo su cd /var/lib/docker/aufs/layers
Building and pushing images
docker images docker search ubuntu/golang docker pull alpine:latest docker images docker history alpine docker history ubuntu less dockerfile ######### # Dockerfile contents: FROM ubuntu:16.04 RUN apt-get update RUN apt-get install -y apache2 ADD index.html /var/www/html/ CMD /usr/sbin/apache2ctl -D FOREGROUND EXPOSE 80 ######### nano index.html Welcome to my website docker build -t webserver . docker images docker run -d webserver docker network inspect bridge curl 172.17.0.2 docker ps docker stop [container-name] docker ps docker login docker images docker tag webserver dbclinton/webserver docker push dbclinton/newerserver Image best practices docker run -dit ubuntu docker ps docker commit [4ae439cb5601] myimage docker images docker pull centos:6.6 mkdir experiment cd experiment nano dockerfile docker build -t manylines . nano dockerfile docker build -t oneline . docker images docker rmi manylines oneline ######### # dockerfile manyline: FROM ubuntu:16.04 RUN apt-get update && apt-get install -y curl RUN mkdir -p /opt/jboss/wildfly RUN cd /tmp RUN curl -O https://download.jboss.org/wildfly/10.1.0.Final/wildfly-10.1.0.Final.tar.gz RUN tar xf wildfly-10.1.0.Final.tar.gz RUN mv wildfly-10.1.0.Final /opt/jboss/wildfly RUN rm wildfly-10.1.0.Final.tar.gz ######### ######### # dockerfile oneline: FROM ubuntu:16.04 RUN apt-get update && apt-get install -y curl RUN mkdir -p /opt/jboss/wildfly && cd /tmp && curl -O https://download.jboss.org/wildfly/10.1.0.Final/wildfly-10.1.0.Final.tar.gz && tar xf wildfly-10.1.0.Final.tar.gz && mv wildfly-10.1.0.Final /opt/jboss/wildfly && rm wildfly-10.1.0.Final.tar.gz #########
Open a CentOS firewall
firewall-cmd --zone=public --add-port=5000/tcp firewall-cmd --zone=public --add-port=5000/tcp --permanent
Install and run Docker Registry
apt update apt install docker-registry systemctl start docker-registry systemctl status docker-registry docker-register --version ls sudo su dpkg -i docker-registry_2.4.1~ds1-2_amd64.deb systemctl start docker-registry systemctl status docker-registry docker-registry --version systemctl enable docker-registry docker run hello-world docker images docker tag hello-world localhost:5000/hello-world:latest docker images docker push localhost:5000/hello-world:latest docker rmi -f hello-world localhost:5000/hello-world:latest docker images docker pull localhost:5000/hello-world:latest docker images curl localhost:5000/v2/_catalog [from a different machine:] curl 192.168.1.17:5000/v2/_catalog
Docker Registry storage
sudo su cd /var/lib/docker/docker-registry cd docker/registry/v2/repositories docker volume create myvolume docker volume ls
Configure CA certificates
curl 192.168.1.17:5000/v2/_catalog docker pull 192.168.1.17:5000/hello-world:latest # if you received an intermediate certificate: cat stuff.crt intermediate-stuff.pem > certs/stuff.crt ----------- docker run -d -p 5000:5000 --restart=always --name registry \ -v `pwd`/certs:/certs \ -e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/stuff.crt \ -e REGISTRY_HTTP_TLS_KEY=/certs/stuff.key \ registry ########### # Dockerfile: FROM registry ADD /certs/ /home/ ENV REGISTRY_HTTP_TLS_CERTIFICATE=/certs/stuff.crt REGISTRY_HTTP_TLS_KEY=/certs/stuff.key EXPOSE 5000 ########### cd /etc/docker ls cd registry ls sudo nano config.yml [Enter this in the http section after addr:] tls: certificate: /home/ubuntu/certs/stuff.crt key: /home/ubuntu/certs/stuff.key ----------- docker run -d -p 5000:5000 --restart=always --name registry \ -v `pwd`/config.yml:/etc/docker/registry/config.yml \ registry
Configure self-signed certificates
[To change the command line prompt on client machine: run PS1='docker-client:\w\$ '] sudo nano /etc/hosts add 192.168.1.17 stuff.com [on server machine; run PS1='docker-server:\w\$ '] mkdir certs openssl req -newkey rsa:4096 -nodes \ -sha256 -keyout certs/stuff.key \ -x509 -days 365 -out certs/stuff.crt [enter values; CN as stuff.com is the most important] less /etc/docker/registry/config.yml sudo systemctl restart docker-registry cd certs [if necessary] scp stuff.crt ubuntu@192.168.1.19:/home/ubuntu/ [From client] mv stuff.crt ca.crt sudo su mkdir -p /etc/docker/certs.d/stuff.com:5000/ cp ca.crt /etc/docker/certs.d/stuff.com:5000/ systemctl restart docker docker pull stuff.com:5000/hello-world:latest curl stuff.com:5000/v2/_catalog curl https:stuff.com:5000/v2/_catalog curl --insecure https://192.168.1.16:5000/v2/_catalog
Configure login authentication
[server] mkdir auth docker run --entrypoint htpasswd registry -Bbn newuser mypassword >> auth/htpasswd sudo nano /etc/docker/registry/config.yml auth: htpasswd: realm: basic-realm path: /home/ubuntu/auth/htpasswd sudo systemctl restart docker-registry [client] [from client - make sure that alpine has been pulled] docker images docker tag alpine stuff.com:5000/alpine-local docker push stuff.com:5000/alpine-local docker login stuff.com:5000 docker push stuff.com:5000/alpine-local
Configure Docker Content Trust
sudo nano /etc/profile export DOCKER_CONTENT_TRUST=1 echo $DOCKER_CONTENT_TRUST export DOCKER_CONTENT_TRUST=1 echo $DOCKER_CONTENT_TRUST [browse to: https://hub.docker.com/r/xataz/redis/] docker pull xataz/redis export echo DOCKER_CONTENT_TRUST=0 docker pull xataz/redis [make sure busybox image has been pulled] [make sure root key has been saved to ~/docker/trust/private/root_keys/] docker login docker tag swarm dbclinton/swarm:latest docker push dbclinton/swarm:latest sudo apt install notary notary -s https://notary.docker.io -d ~/.docker/trust list docker.io/library/alpine notary --help
Use the Docker Cloud CLI
docker login sudo apt install python-pip pip install --upgrade pip pip install docker-cloud docker-cloud --help docker-cloud repository inspect dbclinton/myrepo docker tag busybox dbclinton/myrepo:latest docker push dbclinton/myrepo:latest docker-cloud repository inspect dbclinton/myrepo docker-cloud stack create -f docker-cloud.yml
Docker Cloud Stack .yml example:
image: dockercloud/haproxy links: - web ports: - "80:80" roles: - global web: image: dockercloud/quickstart-python links: - redis target_num_containers: 4 redis: image: redis