systeme:docker
Différences
Ci-dessous, les différences entre deux révisions de la page.
Les deux révisions précédentesRévision précédenteProchaine révision | Révision précédente | ||
systeme:docker [2016/10/31 11:02] – root | systeme:docker [2018/02/23 21:27] (Version actuelle) – root | ||
---|---|---|---|
Ligne 29: | Ligne 29: | ||
* [[https:// | * [[https:// | ||
* [[https:// | * [[https:// | ||
+ | |||
+ | Activation namespace user pour remappinf des uid entre le conteneur et la machine hôte avec : **userns-remap** : | ||
+ | * https:// | ||
+ | * https:// | ||
===== Plugins ===== | ===== Plugins ===== | ||
Ligne 428: | Ligne 432: | ||
On créer un fichier [[# | On créer un fichier [[# | ||
< | < | ||
- | $ docker build -t ouruser/sinatra:v2 . | + | $ docker build -t gigi206/apache2_php5:v1 . |
+ | $ docker tag gigi206/ | ||
+ | $ docker push gigi206/ | ||
+ | </ | ||
+ | |||
+ | ==== docker save ==== | ||
+ | [[https:// | ||
+ | < | ||
+ | $ docker save localhost: | ||
+ | </ | ||
+ | |||
+ | ==== docker load ==== | ||
+ | [[https:// | ||
+ | < | ||
+ | $ cat exampleimage.tgz | docker import - exampleimagelocal: | ||
</ | </ | ||
Ligne 665: | Ligne 683: | ||
=== docker service inspect === | === docker service inspect === | ||
- | [[https:// | + | [[https:// |
< | < | ||
$ docker service inspect redis --pretty | $ docker service inspect redis --pretty | ||
Ligne 692: | Ligne 710: | ||
< | < | ||
$ docker service update --limit-cpu 2 redis | $ docker service update --limit-cpu 2 redis | ||
+ | </ | ||
+ | |||
+ | ===== Dockerfile ===== | ||
+ | * [[https:// | ||
+ | |||
+ | ==== FROM ==== | ||
+ | [[https:// | ||
+ | < | ||
+ | MAINTAINER < | ||
+ | </ | ||
+ | |||
+ | ==== MAINTAINER ==== | ||
+ | [[https:// | ||
+ | < | ||
+ | FROM < | ||
+ | FROM < | ||
+ | FROM < | ||
+ | </ | ||
+ | |||
+ | ==== RUN ==== | ||
+ | [[https:// | ||
+ | < | ||
+ | RUN < | ||
+ | RUN [" | ||
+ | </ | ||
+ | |||
+ | ==== CMD ==== | ||
+ | [[https:// | ||
+ | < | ||
+ | CMD < | ||
+ | CMD [" | ||
+ | </ | ||
+ | |||
+ | Si un [[# | ||
+ | < | ||
+ | CMD [" | ||
+ | </ | ||
+ | |||
+ | ==== LABEL ==== | ||
+ | [[https:// | ||
+ | < | ||
+ | LABEL " | ||
+ | LABEL com.example.label-with-value=" | ||
+ | LABEL version=" | ||
+ | LABEL description=" | ||
+ | that label-values can span multiple lines." | ||
+ | LABEL multi.label1=" | ||
+ | LABEL multi.label1=" | ||
+ | multi.label2=" | ||
+ | other=" | ||
+ | </ | ||
+ | |||
+ | ==== EXPOSE ==== | ||
+ | [[https:// | ||
+ | < | ||
+ | EXPOSE < | ||
+ | </ | ||
+ | |||
+ | ==== ENV ==== | ||
+ | [[https:// | ||
+ | < | ||
+ | ENV myName John Doe | ||
+ | ENV myDog Rex The Dog | ||
+ | ENV myCat fluffy | ||
+ | ENV myName=" | ||
+ | myCat=fluffy | ||
+ | </ | ||
+ | |||
+ | ==== ADD ==== | ||
+ | [[https:// | ||
+ | < | ||
+ | ADD < | ||
+ | ADD ["< | ||
+ | </ | ||
+ | |||
+ | < | ||
+ | ADD hom* /mydir/ | ||
+ | </ | ||
+ | |||
+ | <note info> | ||
+ | '' | ||
+ | </ | ||
+ | |||
+ | ==== COPY ==== | ||
+ | [[https:// | ||
+ | < | ||
+ | COPY < | ||
+ | COPY ["< | ||
+ | </ | ||
+ | |||
+ | <note info> | ||
+ | A la différence de [[#ADD]], '' | ||
+ | </ | ||
+ | |||
+ | ==== ENTRYPOINT ==== | ||
+ | [[https:// | ||
+ | < | ||
+ | ENTRYPOINT [" | ||
+ | ENTRYPOINT command param1 param2 | ||
+ | </ | ||
+ | |||
+ | <note info> | ||
+ | Si l'on définit également [[#CMD]] alors qu'un '' | ||
+ | </ | ||
+ | |||
+ | ==== VOLUME ==== | ||
+ | [[https:// | ||
+ | < | ||
+ | VOLUME < | ||
+ | VOLUME ["< | ||
+ | </ | ||
+ | |||
+ | ==== USER ==== | ||
+ | [[https:// | ||
+ | < | ||
+ | USER daemon | ||
+ | </ | ||
+ | |||
+ | ==== WORKDIR ==== | ||
+ | [[https:// | ||
+ | < | ||
+ | WORKDIR / | ||
+ | </ | ||
+ | |||
+ | ==== ARG ==== | ||
+ | [[https:// | ||
+ | < | ||
+ | FROM busybox | ||
+ | USER ${user: | ||
+ | ARG user | ||
+ | USER $user | ||
+ | </ | ||
+ | |||
+ | Variables prédéfinies : | ||
+ | * HTTP_PROXY | ||
+ | * http_proxy | ||
+ | * HTTPS_PROXY | ||
+ | * https_proxy | ||
+ | * FTP_PROXY | ||
+ | * ftp_proxy | ||
+ | * NO_PROXY | ||
+ | * no_proxy | ||
+ | |||
+ | ==== ONBUILD ==== | ||
+ | [[https:// | ||
+ | < | ||
+ | ONBUILD ADD . /app/src | ||
+ | ONBUILD RUN / | ||
+ | </ | ||
+ | |||
+ | < | ||
+ | Pratique pour lancer une commande sur notre image si elle a été forkée... | ||
+ | </ | ||
+ | ==== STOPSIGNAL ==== | ||
+ | [[https:// | ||
+ | < | ||
+ | STOPSIGNAL signal | ||
+ | </ | ||
+ | |||
+ | ==== HEALTHCHECK ==== | ||
+ | [[https:// | ||
+ | < | ||
+ | HEALTHCHECK [OPTIONS] CMD command | ||
+ | HEALTHCHECK --interval=5m --timeout=3s \ | ||
+ | CMD curl -f http:// | ||
+ | </ | ||
+ | |||
+ | OPTIONS : | ||
+ | * --interval=DURATION (default: 30s) | ||
+ | * --timeout=DURATION (default: 30s) | ||
+ | * --retries=N (default: 3) | ||
+ | |||
+ | '' | ||
+ | * 0: success - the container is healthy and ready for use | ||
+ | * 1: unhealthy - the container is not working correctly | ||
+ | * 2: reserved - do not use this exit code | ||
+ | |||
+ | ==== SHELL ==== | ||
+ | [[https:// | ||
+ | < | ||
+ | SHELL [" | ||
+ | SHELL ["/ | ||
</ | </ | ||
Ligne 784: | Ligne 984: | ||
=== docker-compose version === | === docker-compose version === | ||
[[https:// | [[https:// | ||
+ | |||
+ | ==== Syntaxe docker-compose.yml ==== | ||
+ | === build === | ||
+ | [[https:// | ||
+ | |||
+ | 2 moyens : | ||
+ | * A partir de Dockerfile | ||
+ | * ou d'un dossier | ||
+ | |||
+ | < | ||
+ | build: | ||
+ | context: ./dir | ||
+ | dockerfile: Dockerfile-alternate | ||
+ | args: | ||
+ | buildno: 1 | ||
+ | </ | ||
+ | |||
+ | < | ||
+ | build: ./dir | ||
+ | image: webapp:tag | ||
+ | </ | ||
+ | |||
+ | '' | ||
+ | |||
+ | === args === | ||
+ | [[https:// | ||
+ | < | ||
+ | build: | ||
+ | context: . | ||
+ | args: | ||
+ | buildno: 1 | ||
+ | password: secret | ||
+ | </ | ||
+ | |||
+ | Et dans notre '' | ||
+ | < | ||
+ | ARG buildno | ||
+ | ARG password | ||
+ | |||
+ | RUN echo "Build number: $buildno" | ||
+ | RUN script-requiring-password.sh " | ||
+ | </ | ||
+ | |||
+ | === capadd-capdrop === | ||
+ | [[https:// | ||
+ | < | ||
+ | cap_add: | ||
+ | - ALL | ||
+ | |||
+ | cap_drop: | ||
+ | - NET_ADMIN | ||
+ | - SYS_ADMIN | ||
+ | </ | ||
+ | |||
+ | === command === | ||
+ | [[https:// | ||
+ | < | ||
+ | 2 formats : | ||
+ | command: bundle exec thin -p 3000 | ||
+ | </ | ||
+ | |||
+ | < | ||
+ | command: [bundle, exec, thin, -p, 3000] | ||
+ | </ | ||
+ | |||
+ | === cgroup_parent === | ||
+ | [[https:// | ||
+ | < | ||
+ | cgroup_parent: | ||
+ | </ | ||
+ | |||
+ | === container_name === | ||
+ | [[https:// | ||
+ | < | ||
+ | container_name: | ||
+ | </ | ||
+ | |||
+ | === devices === | ||
+ | [[https:// | ||
+ | < | ||
+ | devices: | ||
+ | - "/ | ||
+ | </ | ||
+ | |||
+ | === depends_on === | ||
+ | [[https:// | ||
+ | < | ||
+ | devices: | ||
+ | version: ' | ||
+ | services: | ||
+ | web: | ||
+ | build: . | ||
+ | depends_on: | ||
+ | - db | ||
+ | - redis | ||
+ | redis: | ||
+ | image: redis | ||
+ | db: | ||
+ | image: postgres | ||
+ | </ | ||
+ | |||
+ | <note info> | ||
+ | '' | ||
+ | </ | ||
+ | |||
+ | === dns === | ||
+ | [[https:// | ||
+ | < | ||
+ | dns: 8.8.8.8 | ||
+ | dns: | ||
+ | - 8.8.8.8 | ||
+ | - 9.9.9.9 | ||
+ | </ | ||
+ | |||
+ | === dns_search === | ||
+ | [[https:// | ||
+ | < | ||
+ | dns_search: example.com | ||
+ | dns_search: | ||
+ | - dc1.example.com | ||
+ | - dc2.example.com | ||
+ | </ | ||
+ | |||
+ | === tmpfs === | ||
+ | [[https:// | ||
+ | < | ||
+ | tmpfs: /run | ||
+ | tmpfs: | ||
+ | - /run | ||
+ | - /tmp | ||
+ | </ | ||
+ | |||
+ | === entrypoint === | ||
+ | [[https:// | ||
+ | < | ||
+ | entrypoint: / | ||
+ | </ | ||
+ | |||
+ | < | ||
+ | entrypoint: | ||
+ | - php | ||
+ | - -d | ||
+ | - zend_extension=/ | ||
+ | - -d | ||
+ | - memory_limit=-1 | ||
+ | - vendor/ | ||
+ | </ | ||
+ | |||
+ | === env_file === | ||
+ | [[https:// | ||
+ | < | ||
+ | env_file: .env | ||
+ | |||
+ | env_file: | ||
+ | - ./ | ||
+ | - ./ | ||
+ | - / | ||
+ | </ | ||
+ | |||
+ | < | ||
+ | # Set Rails/Rack environment | ||
+ | RACK_ENV=development | ||
+ | </ | ||
+ | |||
+ | <note info> | ||
+ | Si vous spécifier l' | ||
+ | </ | ||
+ | |||
+ | === environment === | ||
+ | [[https:// | ||
+ | < | ||
+ | environment: | ||
+ | RACK_ENV: development | ||
+ | SHOW: ' | ||
+ | SESSION_SECRET: | ||
+ | |||
+ | environment: | ||
+ | - RACK_ENV=development | ||
+ | - SHOW=true | ||
+ | - SESSION_SECRE | ||
+ | </ | ||
+ | |||
+ | <note info> | ||
+ | Si vous spécifier l' | ||
+ | </ | ||
+ | |||
+ | === expose === | ||
+ | [[https:// | ||
+ | < | ||
+ | expose: | ||
+ | - " | ||
+ | - " | ||
+ | </ | ||
+ | |||
+ | <note info> | ||
+ | Voir également [[#ports]]. | ||
+ | </ | ||
+ | |||
+ | === extends === | ||
+ | [[https:// | ||
+ | < | ||
+ | extends: | ||
+ | file: common.yml | ||
+ | service: webapp | ||
+ | </ | ||
+ | |||
+ | <note info> | ||
+ | '' | ||
+ | </ | ||
+ | |||
+ | === external_links === | ||
+ | [[https:// | ||
+ | < | ||
+ | external_links: | ||
+ | - redis_1 | ||
+ | - project_db_1: | ||
+ | - project_db_1: | ||
+ | </ | ||
+ | |||
+ | <note info> | ||
+ | Voir aussi [[#links]] | ||
+ | </ | ||
+ | |||
+ | === extra_hosts === | ||
+ | [[https:// | ||
+ | < | ||
+ | extra_hosts: | ||
+ | - " | ||
+ | - " | ||
+ | </ | ||
+ | |||
+ | === image === | ||
+ | [[https:// | ||
+ | < | ||
+ | image: ubuntu: | ||
+ | </ | ||
+ | |||
+ | === labels === | ||
+ | [[https:// | ||
+ | < | ||
+ | labels: | ||
+ | com.example.description: | ||
+ | com.example.department: | ||
+ | com.example.label-with-empty-value: | ||
+ | |||
+ | labels: | ||
+ | - " | ||
+ | - " | ||
+ | - " | ||
+ | </ | ||
+ | |||
+ | === links === | ||
+ | [[https:// | ||
+ | < | ||
+ | web: | ||
+ | links: | ||
+ | - db | ||
+ | - db:database | ||
+ | - redis | ||
+ | </ | ||
+ | |||
+ | <note info> | ||
+ | Voir aussi [[# | ||
+ | </ | ||
+ | |||
+ | === logging === | ||
+ | [[https:// | ||
+ | < | ||
+ | logging: | ||
+ | driver: syslog | ||
+ | options: | ||
+ | syslog-address: | ||
+ | </ | ||
+ | |||
+ | <note info> | ||
+ | [[https:// | ||
+ | </ | ||
+ | |||
+ | === network_mode === | ||
+ | [[https:// | ||
+ | < | ||
+ | network_mode: | ||
+ | network_mode: | ||
+ | network_mode: | ||
+ | network_mode: | ||
+ | network_mode: | ||
+ | </ | ||
+ | |||
+ | === networks === | ||
+ | [[https:// | ||
+ | < | ||
+ | services: | ||
+ | some-service: | ||
+ | networks: | ||
+ | - some-network | ||
+ | - other-network | ||
+ | </ | ||
+ | |||
+ | === aliases === | ||
+ | [[https:// | ||
+ | < | ||
+ | services: | ||
+ | some-service: | ||
+ | networks: | ||
+ | - some-network | ||
+ | - other-network | ||
+ | </ | ||
+ | |||
+ | === ipv4_address, | ||
+ | [[https:// | ||
+ | < | ||
+ | services: | ||
+ | app: | ||
+ | image: busybox | ||
+ | command: ifconfig | ||
+ | networks: | ||
+ | app_net: | ||
+ | ipv4_address: | ||
+ | ipv6_address: | ||
+ | </ | ||
+ | |||
+ | === pid === | ||
+ | [[https:// | ||
+ | < | ||
+ | pid: " | ||
+ | </ | ||
+ | |||
+ | <note info> | ||
+ | [[https:// | ||
+ | </ | ||
+ | |||
+ | === ports === | ||
+ | [[https:// | ||
+ | < | ||
+ | ports: | ||
+ | - " | ||
+ | - " | ||
+ | - " | ||
+ | - " | ||
+ | - " | ||
+ | - " | ||
+ | - " | ||
+ | </ | ||
+ | |||
+ | <note info> | ||
+ | Voir également [[# | ||
+ | </ | ||
+ | |||
+ | === security_opt === | ||
+ | [[https:// | ||
+ | < | ||
+ | security_opt: | ||
+ | - label: | ||
+ | - label: | ||
+ | </ | ||
+ | |||
+ | === stop_signal === | ||
+ | [[https:// | ||
+ | < | ||
+ | stop_signal: | ||
+ | </ | ||
+ | |||
+ | === ulimits === | ||
+ | [[https:// | ||
+ | < | ||
+ | ulimits: | ||
+ | nproc: 65535 | ||
+ | nofile: | ||
+ | soft: 20000 | ||
+ | hard: 40000 | ||
+ | </ | ||
+ | |||
+ | === volumes, volume_driver === | ||
+ | [[https:// | ||
+ | < | ||
+ | volumes: | ||
+ | # Just specify a path and let the Engine create a volume | ||
+ | - / | ||
+ | |||
+ | # Specify an absolute path mapping | ||
+ | - / | ||
+ | |||
+ | # Path on the host, relative to the Compose file | ||
+ | - ./ | ||
+ | |||
+ | # User-relative path | ||
+ | - ~/ | ||
+ | |||
+ | # Named volume | ||
+ | - datavolume:/ | ||
+ | </ | ||
+ | |||
+ | === volumes_from === | ||
+ | [[https:// | ||
+ | < | ||
+ | volumes_from: | ||
+ | - service_name | ||
+ | - service_name: | ||
+ | - container: | ||
+ | - container: | ||
+ | </ | ||
+ | |||
+ | === cpu_shares, cpu_quota, cpuset, domainname, hostname, ipc, mac_address, | ||
+ | [[https:// | ||
+ | < | ||
+ | cpu_shares: 73 | ||
+ | cpu_quota: 50000 | ||
+ | cpuset: 0,1 | ||
+ | |||
+ | user: postgresql | ||
+ | working_dir: | ||
+ | |||
+ | domainname: foo.com | ||
+ | hostname: foo | ||
+ | ipc: host | ||
+ | mac_address: | ||
+ | |||
+ | mem_limit: 1000000000 | ||
+ | memswap_limit: | ||
+ | privileged: true | ||
+ | |||
+ | restart: always | ||
+ | |||
+ | read_only: true | ||
+ | shm_size: 64M | ||
+ | stdin_open: true | ||
+ | tty: true | ||
+ | </ | ||
systeme/docker.1477911724.txt.gz · Dernière modification : 2016/10/31 11:02 de root