docker snippets

How to start a bash shell in Docker

Tagged bash, docker, shell  Languages bash

To start a bash shell in an already running container:

docker exec -it <container id/name> bash

To start a bash shell using an image of a container that is not running:

docker run -i -t --entrypoint /bin/bash <image id>

How to access the host from a docker container

Tagged container, docker, host, ip  Languages bash

Access host from docker container IP:

# Mac
ping docker.for.mac.localhost

# Windows
ping docker.for.win.localhost

# Linux: use the hosts external IP, see:
# https://github.com/docker/for-linux/issues/264#issuecomment-385698947

Note that it’s not possible to use host networking on Mac or Windows, only Linux:

The host networking driver only works on Linux hosts, and is not supported on Docker Desktop for Mac, Docker Desktop for Windows, or Docker EE for Windows Server.

See:

Configure Docker to use a private container registry using a self-signed certificate

Tagged docker, registry, self-signed  Languages bash

How to configure Docker to use a private container registry using a self-signed certificate.

Tested on Docker version 18.09.4, build d14af54.

  • Copy self-signed certificate from the registry server to the docker server

On your laptop:

$ scp [email protected]://etc/ssl/certs/selfsigned.crt [email protected]://etc/ssl/certs/private-docker-registry.crt
  • Restart docker daemon

On the docker server:

$ sudo service docker restart
  • Login to the registry from the docker server

On the docker server:

sudo docker login -u christian registry-server
> WARNING! Your password will be stored unencrypted in /home/christian/.docker/config.json.

How to configure Kubernetes to pull images from a private Docker registry

Tagged docker, kubernetes, private, registry  Languages bash, yml

How to configure Kubernetes to pull images from a private Docker registry:

  • First configure Docker by following the steps outlined here:

https://snippets.aktagon.com/snippets/869-configure-docker-to-use-a-private-container-registry-using-a-self-signed-certificate

  • Verify that the Docker configuration contains the authentication information
sudo cat ~/.docker/config.json
{
    "auths": {
        "<registry-server>": {
            "auth": "<hash>"
        }
    },
    "HttpHeaders": {
        "User-Agent": "Docker-Client/18.09.4 (linux)"
    }
}
  • Base64 encode the config.json file
cat ~/.docker/config.json | base64 -w0 > config.base64.json
  • Create secret.yml and add the contents of config.base64.json to dockerconfigjson
apiVersion: v1
kind: Secret
metadata:
 name: registrypullsecret
data:
 .dockerconfigjson: <config.base64.json>
type: kubernetes.io/dockerconfigjson
  • Import the secret into Kubernetes
kubectl create -f secret.yml && kubectl get secrets
  • Test that the secret was imported into Kubernetes
kubectl get secrets

Simple Dockerfile for Ruby on Rails applications

Tagged docker, dockerfile, rails, ruby  Languages bash
#
# Ruby on Rails Dockerfile
#
# ## Features:
#
# - Ruby
# - Puma
# - Yarn
# - Node
# - PostgreSQL
#
# ## Configuration
#
# ```bash
# mkdir .docker
# cat << EOF > .docker/envrc.dev
# RAILS_ENV=development
# DB_HOST=localhost
# DB_NAME=app_development
# DB_USER=app
# DB_PASS=password
# EOF
# cat << EOF > .docker/envrc.prod
# RAILS_ENV=production
# DB_HOST=postgres
# DB_NAME=app_production
# DB_USER=app
# DB_PASS=password
# EOF
# ```
#
# ## Usage
#
# ```bash
# $ docker build . -t <image name>
#
# # Development
# $ docker run --network=host --env-file=.docker/envrc.dev <image name>
#
# # Production
# $ docker run -p 3000:3000 --env-file=.docker/envrc.prod <image name>
# ```
#
FROM ruby:2.6.3

# Add Yarn to apt
# RUN curl -o- -L https://yarnpkg.com/install.sh | bash
RUN curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add -
RUN echo "deb https://dl.yarnpkg.com/debian/ stable main" | tee /etc/apt/sources.list.d/yarn.list

# Install dependencies
RUN apt-get update -qq && apt-get install -y build-essential libpq-dev nodejs yarn

# Don't run as root
RUN useradd --user-group -m --home /app --shell /bin/false app
RUN chown app:app /app
RUN chmod -R 740 /app
USER app

# Set working dir
ENV RAILS_ROOT /app
WORKDIR $RAILS_ROOT

ARG RAILS_ENV
ARG DB_HOST
ARG DB_NAME
ARG DB_USER
ARG DB_PASS

# Set ENV variables
ENV RAILS_ENV ${RAILS_env}
ENV RACK_ENV ${RAILS_ENV}
ENV DB_HOST ${DB_HOST}
ENV DB_NAME ${DB_NAME}
ENV DB_USER ${DB_USER}
ENV DB_PASS ${DB_PASS}

# Add and cache Ruby & Javascript dependencies
COPY --chown=app Gemfile Gemfile
COPY --chown=app Gemfile.lock Gemfile.lock
ADD package.json yarn.lock /tmp/
# Install Ruby and Javascript dependencies
RUN gem install bundler:2.0.2
RUN bundle install --jobs 20 --retry 5 --with=$RAILS_ENV --deployment
RUN yarn install

# Add project files
COPY --chown=app . .
# Precompile assets
RUN bundle exec rake assets:precompile

RUN mkdir -p log tmp/pids

EXPOSE 3000
CMD ["bundle", "exec", "puma", "-C", "config/puma.rb"]