Docker

Training Material

1
Sensitivity: Internal & Restricted
 DOCKER

Docker is a tool designed to make it easier to create, deploy, and run applications by using containers.
Containers allow a developer to package up an application with all of the parts it needs, such as libraries and
other dependencies, and deploy it as one package. By doing so, thanks to the container, the developer can
rest assured that the application will run on any other Linux machine regardless of any customized settings
that machine might have that could differ from the machine used for writing and testing the code.

Advantages:
Docker is a tool that is designed to benefit both developers and system administrators, making it a part of
many DevOps (Developers + Operations) toolchains. For developers, it means that they can focus on writing
code without worrying about the system that it will ultimately be running on. It also allows them to get a
head start by using one of thousands of programs already designed to run in a Docker container as a part of
their application. For operations staff, Docker gives flexibility and potentially reduces the number of systems
needed because of its small footprint and lower overhead.

Containers can be thought of as necessitating three categories of software:

Builder: Technology used to build a container.
Engine: Technology used to run a container.
Orchestration: Technology used to manage many containers.
Sensitivity: Internal & Restricted
MICROSERVICES

Sensitivity: Internal & Restricted

Sensitivity: Internal & Restricted
Sensitivity: Internal & Restricted
Docker Containers

Sensitivity: Internal & Restricted

Sensitivity: Internal & Restricted
 DOCKER ARCHITECTURE
Docker Client:
Docker users can interact with Docker through a client. When any docker commands runs, the client sends them to
dockerd daemon, which carries them out. Docker API is used by Docker commands. Docker client can communicate
with more than one daemon.

Sensitivity: Internal & Restricted

 DOCKER ARCHITECTURE
Docker Registries
It is the location where the Docker images are stored. It can be a public docker registry or a private docker registry. Docker
Hub is the default place of docker images, its stores’ public registry. You can also create and run your own registry.
When you execute docker pull or docker run commands, the required docker image is pulled from the configured registry.
When you execute docker push command, the docker image is stored on the configured registry

Docker Objects:
When you are working with Docker, you use images, containers, volumes, networks; all these are Docker objects.
Images:
Docker images are read-only templates with instructions to create a docker container. Docker image can be pulled from a
Docker hub and used as it is, or you can add additional instructions to the base image and create a new and modified docker
image. You can create your own docker images also using a dockerfile. Create a dockerfile with all the instructions to create a
container and run it; it will create your custom docker image
Containers
After you run a docker image, it creates a docker container. All the applications and their environment run inside this container.
We can use Docker API or CLI to start, stop, delete a docker container.
Below is a sample command to run a ubuntu docker container:
docker run –it ubuntu /bin/bash

Sensitivity: Internal & Restricted

 DOCKER ARCHITECTURE

Volumes
The persisting data generated by docker and used by Docker containers are stored in Volumes. They are completely managed by
docker through docker CLI or Docker API. Volumes work on both Windows and Linux containers. Rather than persisting data in a
container’s writable layer, it is always a good option to use volumes for it. Volume’s content exists outside the lifecycle of a
container, so using volume does not increase the size of a container.
We can use -v or –mount flag to start a container with a volume.
docker run -d --name mynginx -v myvolume:/app nginx:latest
Networks
Docker networking is a passage through which all the isolated container communicate. There are mainly five network drivers in
docker:
Bridge: It is the default network driver for a container. You use this network when your application is running on standalone
containers, i.e. multiple containers communicating with same docker host.
Host: This driver removes the network isolation between docker containers and docker host. It is used when you don’t need any
network isolation between host and container.
Overlay: This network enables swarm services to communicate with each other. It is used when the containers are running on
different Docker hosts or when swarm services are formed by multiple applications.
None: This driver disables all the networking.
macvlan: This driver assigns MAC address to containers to make them look like physical devices. The traffic is routed between
containers through their MAC addresses. This network is used when you want the containers to look like a physical device, for
example, while migrating a VM setup.

Sensitivity: Internal & Restricted

•

Docker Installation on Linux:

sudo yum update –y
sudo yum install docker

• [Link]

Sensitivity: Internal & Restricted

docker search – Searches the Docker Hub for images

docker run – Runs a command in a new container.

List All Running Containers

List All Containers Ever Created

List Only Container IDs – Quiet Output

Sensitivity: Internal & Restricted

docker exec – Runs a command in a run-time container

docker exec -it <container_id_or_name> /bin/bash

-i (interactive) flag to keep stdin open  

-t to allocate a terminal

docker -d ubuntu_ 0f727e027da2 /tmp/execWorks

This will create a new file /tmp/execWorks inside the running container ubuntu_bash, in the background(-d)

docker stop – Stops one or more running containers

Sensitivity: Internal & Restricted

docker stop ----time=30 foo

When using docker stop the only thing you can control is the number of seconds that the Docker daemon will wait
before sending the SIGKILL:

SIGKILL goes straight to the kernel which will terminate the process

docker kill ----signal=SIGINT foo

By default, the docker kill command doesn't give the container process an opportunity to exit gracefully -- it simply
issues a SIGKILL to terminate the container. However, it does accept a --signal flag which will let you send
something other than a SIGKILL to the container process

For example, if you wanted to send a SIGINT (the equivalent of a Ctrl-C on the terminal) to the container "foo" you
could use the following
docker rm ----force foo

The final option for stopping a running container is to use the --force or -f flag in conjunction with the docker
rm command. Typically, docker rm is used to remove an already stopped container, but the use of the -f flag will
cause it to first issue a SIGKILL.

Sensitivity: Internal & Restricted

 The final option for stopping a running container is to use the --force or -f flag in conjunction with the docker
rm command. Typically, docker rm is used to remove an already stopped container, but the use of the -f flag will cause it
to first issue a SIGKILL.

docker start – Starts one or more stopped containers

To show Container information like IP address

To show log of a Container

Sensitivity: Internal & Restricted

docker run
Assign name and allocate pseudo-TTY (--name, -it)

Set working directory (-w)

The -w lets the command being executed inside directory given, here /path/to/dir/. If the path does not
exist it is created inside the container.
Mount volume (-v)
docker run -v `pwd`:`pwd` -w `pwd` -i -t ubuntu pwd

The -v flag mounts the current working directory into the container. The -w lets the command being executed
inside the current working directory, by changing into the directory to the value returned by pwd. So this
combination executes the command using the container, but inside the current working directory .

Sensitivity: Internal & Restricted

 docker run -v /host/path:/container/pat

Publish or expose port (-p, --expose)

sudo docker run -p 80:80 nginx

This binds port 80 of the container to TCP port 80 on [Link] of the host machine.

docker run --expose 80 ubuntu bash

This exposes port 80 of the container without publishing the port to the host system’s interfaces.
Set environment variables (-e, --env, --env-file)

Use the -e, --env, and --env-file flags to set simple (non-array) environment variables in

the container you’re running, or overwrite variables that are defined in the Dockerfile
of the image you’re running.

docker run --env VAR1=value1 --env VAR2=value2 ubuntu env | grep VAR

Sensitivity: Internal & Restricted

 $
Vi [Link]
# This is a comment
VAR1=value1
VAR2=value2

docker run --env-file [Link] ubuntu env | grep VAR

Create Volumes
create volumes using the docker volume create command
docker volume create --name my-vol

Attach to a container at run-time e

docker run -d -v my-vol:/data debian

This example will mount the my-vol volume at /data inside the container

Sensitivity: Internal & Restricted

 v flag — mounting a specific directory from the host into a container
docker run -v /home/adrian/data:/data debian ls /data

Will mount the directory /home/adrian/data on the host as /data inside the container. 

Docker inspect volume_name (will give the volume location)
Deleting Volumes

docker rm -v command
docker volume rm $(docker volume ls -q)
Deleting Containers
docker rm <container ID>

docker rm $(docker ps -a -q)- Delete all the containers

Sensitivity: Internal & Restricted

Deleting Images
docker images  to check the images list
docker rmi image-name  Delete specific image
docker rmi $(docker images -q)  Delete all the images

Removing All Unused Objects

The docker system prune command will remove all stopped containers, all dangling images, and all unused
networks

docker system prune

If you also want to remove all unused volumes, pass the --volumes flag

docker system prune --volumes

If you also want to check disk space utilized by docker

docker system df
If you also want to delete all unused containers and images

docker system prune -a

Sensitivity: Internal & Restricted
Commit container
docker run -it --name ubuntu-ctr ubuntu

root@d46fcc9f410e:/# apt-get install git (apt-get update then run install git)
Come out from the container with out exiting (Ctrl + p , Ctrl + q) and create new image for the container

docker commit d46fcc9f410e ubuntu-git-image:v1

History of the image

docker history ubuntu-git-image:v1

Sensitivity: Internal & Restricted

Export container as tar file
docker export 6d7419b4f450 > [Link]

Import as tar file as image:

docker import - new-ubuntu-git-image < [Link]

Export image as tar file

docker save -o [Link] ubuntu-git-image

Sensitivity: Internal & Restricted

Load the image from tar file
docker load < [Link]

Copy local machine content to docker and vice versa

Step 1 : Stop the container

Step 2 : docker cp source_path containerid:destination_path
docker cp containerid:source_path destination_path
Step 3 : Start the container and verify

Sensitivity: Internal & Restricted

Check the process Information
docker top containerid

Check the stats

docker stats containerid

Creating alias

Sensitivity: Internal & Restricted

Managing images in Docker HUB
Step 1 : Create account in docker hub ([Link])
Step 2 : Create repository
Step 2 : Login to the account
Step 3 : Select the image from docker images
Step 4 : tag the image
Step 5 : Push to docker hub

Login to docker account

Tag the image

docker tag ubuntu dockerhub/sundarrajboobalan/ubuntu-git-image:v1

Tag format : Registry name/repository/image:version

Registry name is [Link] for public and it is optional, if we did not pass docker will take
Repository is name of the repository where images are stored
Image with version (if version not mentioned then it will take it as latest)

Sensitivity: Internal & Restricted

Push the image to Docker Hub

docker push sundarrajboobalan/dockerhub/ubuntu-git-image:v1

Sensitivity: Internal & Restricted

Wordpress Site setup
Create MYSQL Container
docker run --name wordpresssql -e MYSQL_ROOT_PASSWORD=password -d mysql:5.5

Create Wordpress Containter and link with SQL container

docker run --name mywp --link wordpresssql:mysql -P -d wordpress
mywp: is the container name
wordpresssql:mysql (mysql is alias name)
-P : expose all the ports which are used in the image
-d : run as daemon
wordpress : image name of wordpress

Sensitivity: Internal & Restricted

Launch the Word press site
Go to browser then give, hostname or IP:Port number of container

Sensitivity: Internal & Restricted

Jenkins setup
[root@ip-172-31-21-153 docker]# docker run \
> -u root \
> --rm \
> -d \
> -p 8080:8080 \
> -p 50000:50000 \
> -v jenkins-data:/var/jenkins_home \
> -v /var/run/[Link]:/var/run/[Link] \
> jenkinsci/blueocean

Jenkinsci/blueocean is the image name for Jenkins

-v : mounting data
-p : port export

Sensitivity: Internal & Restricted

Launch Jenkins
Go to Browser they type hostname or IP:Port number

Sensitivity: Internal & Restricted

 Dockerfile
A Dockerfile is a script that contains collections of commands and instructions that will be automatically
executed in sequence in the docker environment for building a new docker image.
FROM
FROM directive is probably the most crucial amongst all others for Dockerfiles. It defines the base image
to use to start the build process. It can be any image, including the ones you have created previously. If a
FROM image is not found on the host, Docker will try to find it (and download) from the Docker Hub or
other container repository. It needs to be the first command declared inside a Dockerfile.
Example:
# Usage: FROM [image name]
FROM ubuntu

MAINTAINER
Optional, it contains the name of the maintainer of the image.
Example:
# Usage: MAINTAINER [name]
MAINTAINER authors_name

RUN
The RUN command is the central executing directive for Dockerfiles. It takes a command as its argument
and runs it to form the image. Unlike CMD, it actually is used to build the image (forming another layer on
top of the previous one which is committed). Sensitivity: Internal & Restricted
 Example:
# Usage: RUN [command]
RUN aptitude install -y riak
USER
The USER directive is used to set the UID (or username) which is to run the container based on the
image being built.
Example:
# Usage: USER [UID]
USER 751

VOLUME
The VOLUME command is used to enable access from your container to a directory on the host
machine (i.e. mounting it).
Example:
# Usage: VOLUME ["/dir_1", "/dir_2" ..]
VOLUME ["/my_files"]

ENV
The ENV command is used to set the environment variables (one or more). These variables consist
of “key value” pairs which can be accessed within the container by scripts and applications alike.
This functionality of Docker offers an enormous amount of flexibility for running programs.
Example:
# Usage: ENV key value
ENV SERVER_WORKS 4 Sensitivity: Internal & Restricted
ENTRYPOINT
ENTRYPOINT argument sets the concrete default application that is used every time a container is created
using the image. For example, if you have installed a specific application inside an image and you will use
this image to only run that application, you can state it with ENTRYPOINT and whenever a container is
created from that image, your application will be the target.
If you couple ENTRYPOINT with CMD, you can remove "application" from CMD and just leave "arguments"
which will be passed to the ENTRYPOINT.
Example:
ENTRYPOINT echo
OR
CMD "Hello docker!"
ENTRYPOINT echo
EXPOSE
The EXPOSE command is used to associate a specified port to enable networking between the running
process inside the container and the outside world (i.e. the host).
Example:
Usage: EXPOSE [port]
EXPOSE 8080
ADD / COPY
The ADD command gets two arguments: a source and a destination. It basically copies the files from the
source on the host into the container's own filesystem at the set destination. If, however, the source is a
URL (e.g. [Link] then the contents of the URL are downloaded and placed at the
destination.
Usage: ADD [source directory or URL] [destination directory], EX : ADD /my_app_folder /my_app_folder
Sensitivity: Internal & Restricted
ENTRYPOINT
Define the default command that will be executed when the container is running.

WORKDIR
The WORKDIR directive is used to set where the command defined with CMD is to be executed.
Example:
# Usage: WORKDIR /path
WORKDIR ~/

CMD
The command CMD, similarly to RUN, can be used for executing a specific command. However, unlike RUN
it is not executed during build, but when a container is instantiated using the image being built. Therefore,
it should be considered as an initial, default command that gets executed (i.e. run) with the creation of
containers based on the image.
To clarify: an example for CMD would be running an application upon creation of a container which is
already installed using RUN (e.g. RUN apt-get install …) inside the image. This default application execution
command that is set with CMD becomes the default and replaces any command which is passed during the
creation.
Example:
Usage 1: CMD application "argument", "argument", ..
CMD "echo" "Hello docker!"

Sensitivity: Internal & Restricted

Apache Server
Dockerfile
FROM httpd:2.4
COPY ./public-html/ /usr/local/apache2/htdocs/
[Link] file in public-html directory

<html>
<body>
Hi There - Static page served by Apache Server
</body>
</html>

Build image
docker build -t my-apache2 .

Create Container
docker run -p 80:80 --name my-apache2-1 my-apache2

Open browser of the host at [Link] you will see the website up and running
Login to container and verify
docker exec -it <container id> /bin/bash
Sensitivity: Internal & Restricted
Java Example
mkdir java-app
create [Link] file with below content
class Hello{
public static void main(String[] args){
[Link]("This is java app \n by using Docker");
}
}
create Dockerfile with below content

FROM java:8
COPY . /var/www/java
WORKDIR /var/www/java
RUN javac [Link]
CMD ["java", "Hello"]

Build Image
docker build -t java-app .
Create Container

docker run java-app

Sensitivity: Internal & Restricted
Save the Docker Image file so that it can be copied and used in other machines

docker save –o /root/[Link] java-appl

Run the following command to load Docker image in another machine

docker load –i /root/[Link]
Run the Docker image
docker run java-app

Ubuntu Example
Dockerfile
FROM ubuntu
docker build -t ubuntu-in-docker .
docker run -td ubuntu (to run) (if fails check images)
docker ps -a(to check container id)
docker exec -it <container id> bash (to enter into ubuntu)
ctrl+d (to come out)

Sensitivity: Internal & Restricted

Apache Setup
Dockerfile
FROM centos
MAINTAINER sundar <sundarrajboobalan@[Link]>
RUN yum -y install httpd
ADD [Link] /var/www/html/[Link]
CMD ["/usr/sbin/httpd","-D","FOREGROUND"]
EXPOSE 80
[Link]
[root@ip-172-31-30-113 apache]# cat [Link]
<header>
<h1>Docker Add is neat</h1>
</header>
Build image
docker build -t webwithdb .
Create Container
docker run -d -p 81:80 webwithdb

Sensitivity: Internal & Restricted

 Attach Volume

docker run -v /path/to/host/directory:/path/inside/the/container image

docker run -d -p 82:80 -v /root/docker/apache:/var/www/html webwithdb

Open browser and check with port 82

Sensitivity: Internal & Restricted

 Difference between Entrypoint and CMD
Entrypoint is static which can’t be modified while launching the container

CMD is not static it can be overwritten with command line arguments while launching the container

Note : While launching the container if we want to overwrite entrypoint then –entrypoint option has to be used

Codebase to check the Dockerfiles : [Link]

Sensitivity: Internal & Restricted

 Docker Compose
Docker Compose is used to run multiple containers as a single service. For example,
suppose you had an application which required NGNIX and MySQL, you could create one file
which would start both the containers as a service without the need to start each one
separately.
Step 1 — Installing Docker
yum -y install docker docker-registry
usermod -aG docker $(whoami)
systemctl enable docker
systemctl start docker
Step 2 — Installing Docker Compose
sudo yum install epel-release
yum install gcc python-devel krb5-devel krb5-workstation
yum install python-pip -y
sudo pip install docker-compose
sudo yum upgrade python*
sudo curl -L "[Link] -
s)-$(uname -m)" -o /usr/local/bin/docker-compose
sudo chmod +x /usr/local/bin/docker-compose
sudo ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose
docker-compose -v Sensitivity: Internal & Restricted
 Testing Docker Compose

mkdir hello-world
cd hello-world
vi [Link]
unixmen-compose-test:
image: hello-world

sudo docker-compose up

Troubleshoot:
If docker-compose is not running
Check the owner info of the file
sudo ls -la /var/run/[Link]
If it is with root then change it to
sudo chown ec2-user /var/run/[Link]

Sensitivity: Internal & Restricted

 Run in the background.
docker-compose up -d

To show group of Docker containers (both stopped and currently running)

docker-compose ps

To stop all running Docker containers for an application group

docker-compose stop
Note : above command in the same directory as the [Link]
To check syntax errors
docker-compose config

To remove old containers

docker-compose rm

Compose and WordPress

mkdir word-press
cd word-press
Vi [Link]
Sensitivity: Internal & Restricted
version: '3.3'

services:
db:
image: mysql:5.7
volumes:
- db_data:/var/lib/mysql
restart: always
environment:
MYSQL_ROOT_PASSWORD: somewordpress
MYSQL_DATABASE: wordpress
MYSQL_USER: wordpress
MYSQL_PASSWORD: wordpress

wordpress:
depends_on:
- db
image: wordpress:latest
ports:
- "8000:80"
restart: always
environment:
WORDPRESS_DB_HOST: db:3306
WORDPRESS_DB_USER: wordpress
WORDPRESS_DB_PASSWORD: wordpress
volumes:
db_data:
Sensitivity: Internal & Restricted
Verify in the browser

docker exec -it workdpress_db_

mysql -u wordpress -p

Sensitivity: Internal & Restricted

Docker Swarm

Sensitivity: Internal & Restricted

Sensitivity: Internal & Restricted
 Docker Swarm
Docker Swarm is a clustering and scheduling tool for Docker containers. With Swarm, IT administrators and developers
can establish and manage a cluster of Docker nodes as a single virtual system. 
Swarm setup
Prerequisites
2 or more - Ubuntu 16.04 Server (If AWS machines change the security group to allow traffic)
manager    
worker01  
worker02
Root privileges
Edit vim /etc/hosts on both machines add below lines change the ip address
root@ip-172-31-24-107:~# cat /etc/hosts
[Link] manager
[Link] worker01
[Link] worker02

ping all the nodes using 'hostname' instead using IP address

ping -c 3 manager
ping -c 3 worker01
Ping –c3 worker02
Sensitivity: Internal & Restricted
Install Docker-ce on all the machines
sudo apt install apt-transport-https software-properties-common ca-certificates -y

Add the Docker key and the Docker-ce repository to our servers

curl -fsSL [Link] | sudo apt-key add -

sudo echo "deb [arch=amd64] [Link] xenial stable" >
/etc/apt/[Link].d/[Link]

Update the repository and install Docker-ce packages

sudo apt update
sudo apt install docker-ce -y

start the docker service and enable it to launch every time at system boot

systemctl start docker

systemctl enable docker
we will configure docker to run as a normal user or non-root user (optional)

Create a new user named ‘sundar' and add it to the 'docker' group.

useradd -m -s /bin/bash sundar

sudo usermod -aG docker sundar
Sensitivity: Internal & Restricted
Now login to the ‘sundar' user and run the docker hello-world command as below
su - sundar
docker run hello-world

Create the Swarm Cluster

docker swarm init --advertise-addr [Link]

'join-token' has been generated by the 'manager' node.

we need to add the 'worker01' node to the cluster 'manager'. And to do that, we need a 'join-token' from the
cluster 'manager' node
Go to worker01 node and run the below command

Sensitivity: Internal & Restricted

Check it by running the following command on the 'manager' node.
docker node ls

Now you see the 'worker01‘ and ‘worker02’ nodes are joined to the swarm cluster
Deploying First Service to the Cluster

we will create and deploy our first service to the swarm cluster. We want to create new service Nginx web server
that will run on default http port 80, and then expose it to the port 8080 on the host server, and then try to
replicate the nginx service inside the swarm cluster

docker service create --name my-web --publish 8080:80 nginx:1.13-alpine

Sensitivity: Internal & Restricted

Check using docker service
docker service ls

The Nginx service has been created and deployed to the swarm cluster as a service named 'my-web', it's based on the
Nginx Alpine Linux, expose the HTTP port of the container service to the port '8080' on the host, and it has only 1
replicas
To check on which node service is running

Check on the node whether it is running or not, go to the node and run the command

Sensitivity: Internal & Restricted

 After stopping of the manager , service should be moved to other node of the cluster

Scale up the service

docker service scale my-web=10

Check the service info

Sensitivity: Internal & Restricted

Check the containers info

So 10 containers are distributed among the nodes

Bring back the manager online

docker node update --availability active ip-172-31-44-230

Sensitivity: Internal & Restricted

Shutdown one of the node, so we can observer load is distributed among manger and other node
docker node update --availability active ip-172-31-44-231 (worker01)

Check the container list on the manager node, go to manager node and run the below command

Check the container list on the node2, go to worker02 node and run the below command

Sensitivity: Internal & Restricted

Open your web browser and type the worker node IP address with port 8080

Sensitivity: Internal & Restricted

Network information

Ingress network manages all the nodes are under cluster so that one can communicate others

Check any container information which network it is using

Docker inspect containerid

Sensitivity: Internal & Restricted

If we want to maintain group of containers in one network and other group in other network ingress will not work so
we need to create our own network

Remove the service my-web

Create new network

docker network create -d overlay mynetwork

Create service and attach it to the created network

docker service create --name my-web --network mynetwork -p 8080:80 nginx

Sensitivity: Internal & Restricted

 Check the service on which node it is running

Check the container network info

docker inspect 7aa604cfdcf6

Secrets:
We can apply secrets in Docker swarm manager node.
Creating Secrets:

Creating Secrets in Service:

Sensitivity: Internal & Restricted

Inspect the Secret

Listing Secrets

Removing Secrets

Sensitivity: Internal & Restricted

Sensitivity: Internal & Restricted
 Network Drivers

Bridge: The bridge network is a private default internal network created by docker on the host. So, all
containers get an internal IP address and these containers can access each other, using this internal IP. It can not
communicate with name of the containers

Sensitivity: Internal & Restricted

Host: This driver removes the network isolation between the docker host and the docker containers to use the host’s
networking directly. So with this, you will not be able to run multiple web containers on the same host, on the same port
as the port is now common to all containers in the host network.

Sensitivity: Internal & Restricted

None: In this kind of network, containers are not attached to any network and do not have any access to the external
network or other containers. So, this network is used when you want to completely disable the networking stack on a
container and, only create a loopback device

Sensitivity: Internal & Restricted

Overlay: Creates an internal private network that spans across all the nodes participating in the swarm cluster. So,
Overlay networks facilitate communication between a swarm service and a standalone container, or between two
standalone containers on different Docker Daemons.

Sensitivity: Internal & Restricted

Macvlan: Allows you to assign a MAC address to a container, making it appear as a physical device on your network.
Then, the Docker daemon routes traffic to containers by their MAC addresses.

Sensitivity: Internal & Restricted

To check network drivers : docker network ls

To check driver details : docker inspect bridge

Sensitivity: Internal & Restricted

docker network inspect bridge

Connect to one of the container :docker attach name of the container

Sensitivity: Internal & Restricted

Ping the other container with IP Address:

By default ping is not available in ubuntu container, install ping

apt-get update
apt-get install iputils-ping

Ping the other container with name:

Come out from container :

Exit
Or
Ctrl+p and Ctrl+q

Sensitivity: Internal & Restricted

Default network driver is: Bridge
[root@ip-172-31-42-6 ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS
NAMES
19813fa5da9e ubuntu "/bin/bash" 29 minutes ago Up 29 minutes ubunut-ctr2
ee366634a931 ubuntu "/bin/bash" 29 minutes ago Up 29 minutes ubunut-ctr1

To check container details : docker inspect ubunut-ctr1

Network driver details of the container:

Sensitivity: Internal & Restricted

Create Network :
docker network create --driver=bridge custom-network

Check the Network:

Create container with custom network

docker run -dit --name=ubuntu-ctr3 --network=custom-network ubuntu

docker run -dit --name=ubuntu-ctr4 --network=custom-network ubuntu

Sensitivity: Internal & Restricted

docker inspect custom-network

Login to one container and ping other one with IP Address and name

Sensitivity: Internal & Restricted

Change the Network driver for existing containers

Step 1 : Disconnect from existing driver : docker network disconnect bridge 26febb6f4867
Step 2 : Connect to new driver : docker network connect custom-network 26febb6f4867

Note: It is possible only for bridge networks not for others (two different bridge networks)

Remove one or more networks

docker network rm Network name

Sensitivity: Internal & Restricted

Building Docker Image for Tomcat with Specified War file from Nexus

Dockerfile:
FROM tomcat
MAINTAINER sundarraj
ARG CONT_IMG_VER
WORKDIR /usr/local/tomcat
COPY [Link] /usr/local/tomcat/conf/[Link]
EXPOSE 8080
ADD [Link]
{CONT_IMG_VER}/hello-world-servlet-example-${CONT_IMG_VER}.war /usr/local/tomcat/webapps

Building Image
docker build -t new-tomcat-image2 --build-arg CONT_IMG_VER=1.0 .

[Link]
<role rolename="manager-gui"/>
<role rolename="manager-script"/>
<role rolename="manager-jmx"/>
<role rolename="manager-status"/>
<user username="admin" password="admin" roles="manager-gui,manager-script,manager-jmx,manager-status"/>
Sensitivity: Internal & Restricted