Docker

From Chorke Wiki
Jump to navigation Jump to search 
sudo usermod -aG docker $USER
newgrp docker

mkdir "$HOME/.docker"
sudo chown "$USER":"$USER" "$HOME/.docker" -R
sudo chmod g+rwx "$HOME/.docker" -R

sudo systemctl daemon-reload
sudo systemctl restart docker.service

Windows 10 Home

# powershell
dism.exe /online /enable-feature /featurename:Microsoft-Windows-Subsystem-Linux /all /norestart
dism.exe /online /enable-feature /featurename:VirtualMachinePlatform /all /norestart
wsl --set-default-version 2

# powershell
docker pull hello-world
docker run -it --rm --name hello hello-world:latest

# gitbash
winpty docker pull hello-world
winpty docker run -it --rm --name hello hello-world:latest

Networking

cat << EOF | sudo tee /etc/docker/daemon.json >/dev/null
{
    "bip"  : "10.20.13.1/24",
    "mtu"  : 1500,
    "dns"  : [
        "10.19.83.100",
        "10.19.83.1"
    ],
    "debug": true
}
EOF

cat << EOF | sudo tee /etc/docker/daemon.json >/dev/null
{
    "mtu"   : 1500,
    "debug" : true,
    "experimental": false,
    "default-address-pools" :[{
        "base"  : "10.20.0.0/16",
        "size"  : 24
    }]
}
EOF

apt install -y iputils
iptables -t nat -S

service docker stop
service docker start

docker run --rm --detach --publish 1983:80 nginx
docker run --rm --detach --net=host nginx

docker run --rm --detach --publish 1983:80 --net=ckn.b00 --ip 10.20.15.10 nginx
docker run --rm --detach --publish 1983:80 --net=ckn.b01 --ip 10.20.16.10 nginx

Bridge

docker network create \
--driver bridge \
--gateway  10.20.15.1 \
--subnet   10.20.15.0/24 \
--opt com.docker.network.driver.mtu=1500 \
--opt com.docker.network.bridge.enable_icc=true \
--opt com.docker.network.bridge.enable_ip_masquerade=true \
--opt com.docker.network.bridge.host_binding_ipv4=0.0.0.0 \
--opt com.docker.network.bridge.name=ckn.b00 ckn.b00

MAC VLAN

Bridge mode 

docker network create \
--driver macvlan \
--gateway  10.20.20.1 \
--subnet   10.20.20.0/24 \
--opt parent=wlan0 ckn.v00

802.1q trunk bridge mode 

docker network create \
--driver macvlan \
--gateway  10.20.20.1 \
--subnet   10.20.20.0/24 \
--ip-range 10.20.20.240/28 \
--opt parent=wlan0.01 ckn.v01

docker network inspect ckn.v00
docker network connect ckn.v00 nginx

docker exec -it nginx ls -lah /sys/class/net/
docker exec -it nginx cat /etc/resolv.conf
docker inspect nginx|grep "IPAddress"
docker exec -it nginx cat /etc/hosts

curl -v http://10.20.20.240:1983
curl -v http://localhost:1983
curl -v http://10.20.20.240

docker network disconnect bridge nginx
docker network disconnect ckn.v00 nginx

IP VLAN

docker network create -d ipvlan \
--subnet=10.20.1.0/24 \
--subnet=10.20.2.0/24 \
--gateway=10.20.1.254 \
--gateway=10.20.2.254 \
--opt ipvlan_mode=l2 ckn.i00

Cache or Mirror

mkdir -p /etc/docker/registry
cat <<EOF > /etc/docker/registry/config.yml
proxy:
  remoteurl: https://hub.chorke.org
  username: academia
  password: sadaqah!
EOF

Add Tag & Push

RFIND_FILL="s|docker.chorke.com|docker.chorke.org|";\
OLD_IMAGES="$(docker images --format 'table {{.Repository}}:{{.Tag}}'|grep chorke)";\
for OLD_IMAGE in ${OLD_IMAGES};do\
    NEW_IMAGE="$(echo ${OLD_IMAGE}|sed ${RFIND_FILL})";\
    docker tag  ${OLD_IMAGE} ${NEW_IMAGE} &&\
    docker push ${NEW_IMAGE} &&\
    docker rmi  ${NEW_IMAGE} &&\
    docker rmi  ${OLD_IMAGE};\
done

Troubleshoot

docker run --rm --net=host busybox nslookup google.com
docker run --rm --net=host alpine cat /etc/resolv.conf
docker run --rm --net=host alpine nslookup google.com
docker run --rm --net=host alpine ping google.com
docker run --rm --net=host alpine cat /etc/hosts
docker run --rm --net=host alpine ifconfig
docker run --rm --net=host alpine ip addr
docker run --rm --net=host alpine route

docker run --rm busybox nslookup google.com
docker run --rm alpine cat /etc/resolv.conf
docker run --rm alpine nslookup google.com
docker run --rm alpine ping google.com
docker run --rm alpine cat /etc/hosts
docker run --rm alpine ifconfig
docker run --rm alpine ip addr
docker run --rm alpine route

docker run --add-host=host.docker.internal:host-gateway\
 -it --rm alpine ping host.docker.internal

docker run --add-host=host.docker.internal:host-gateway\
 -it --rm alpine sh

docker logs    crawler
docker logs -f crawler

export DOCKER_OPTS="--dns 8.8.8.8 --dns 8.8.4.4 --iptables=false --ip-forward=false"
firewall-cmd --permanent --zone=trusted --change-interface=docker0
firewall-cmd --reload
systemctl restart docker

systemctl stop docker
rm -fr /var/lib/docker
rm -fr /etc/docker
pkill docker

iptables -t nat -F
ifconfig docker0 down
brctl delbr docker0
systemctl start docker

vim /etc/selinux/config
shutdown -r now
setenforce 0
sestatus

devil most things for docker0 bridge
sudo apt remove netscript-2.4
sudo apt purge  netscript-2.4
sudo apt autoremove

Ryzen AMD-V

Yes, AMD Ryzen 9 3900x supports virtualization. Almost every processors released since a long time have Virtualization. For Windows it's Vt-x or SVM(in some AMD motherboard vtx is renamed as SVM).

Images Path

Ubuntu: /var/lib/docker/
Fedora: /var/lib/docker/
Debian: /var/lib/docker/
Windows: C:\ProgramData\DockerDesktop
MacOS: ~/Library/Containers/com.docker.docker/Data/vms/0/

Knowledge

docker network ls
docker network prune
docker network rm ckn.b00 ckn.b01

docker inspect nginx|grep "IPAddress"
docker network inspect bridge|grep "Gateway"

docker rm $(docker ps -a -q)
docker stop $(docker ps -a -q)

docker inspect nginx
docker update --restart=no nginx

docker run --rm -dit --network \
none --name alpine alpine:latest ash;\
docker exec -it alpine ip link show

docker network create --driver bridge \
--opt com.docker.network.bridge.name=ckn.b00 ckn.b00

docker network connect ckn.b00 nginx
docker exec -it nginx cat /etc/hosts
docker inspect nginx|grep "IPAddress"
docker exec -it nginx cat /etc/resolv.conf
docker exec -it nginx ls -lah /sys/class/net/
docker run --add-host=host.docker.internal:host-gateway\
 --rm alpine ping host.docker.internal

docker cp ~/.m2/settings.xml alpine:/root/.m2/settings.xml
docker cp alpine:/root/.m2/settings.xml ~/.m2/settings.xml

docker network disconnect bridge nginx
docker network disconnect ckn.b00 nginx
docker exec -it nginx ls -lah /sys/class/net/

docker run -itd --network=ckn.b00 nginx
docker network disconnect ckn.b00 nginx
docker network connect --alias db --alias mysql ckn.b00 mysql

docker inspect -f '{{.Name}} - {{.NetworkSettings.IPAddress }}' $(docker ps -aq)
docker ps --filter volume=remote-volume --format "table {{.ID}}\t{{.Mounts}}"
docker ps --filter volume=/data --format "table {{.ID}}\t{{.Mounts}}"
docker ps --format "table {{.ID}}\t{{.Labels}}"
docker ps --format '{{.Names}}\t{{.Image}}'
docker ps --format "{{.ID}}: {{.Command}}"
docker ps --filter publish=80/udp

Reference

Retrieved from "https://cdn.chorke.org/weke/index.php?title=Docker&oldid=10663"