AdminSysGNULinux

Outils pour utilisateurs

Outils du site

Piste : blog
blog

Table des matières

0 billet(s) pour février 2026

Docker Network

Voir https://github.com/lbernail/dockeroverlays/blob/master/setup_vxlan 

systemctl stop docker
ip link set down dev br-1164ecd073bd
[root@acme]# ip route get 192.168.205.11
192.168.205.11 dev br-22c8d0f47cfe src 192.168.0.1 uid 0
    cache
[root@acme]# brctl show
bridge name     bridge id               STP enabled     interfaces
br-22c8d0f47cfe         8000.0242b28bc79b       no              veth05ae059
                                                        veth3091fa8
                                                        veth88ed8e5
docker0         8000.02426cf41f39       no

[root@acme]# docker network list
NETWORK ID          NAME                DRIVER              SCOPE
d5ff36324662        bridge              bridge              local
e82ce3715151        host                host                local
8195441310fe        none                null                local
22c8d0f47cfe        plop                bridge              local

[root@acme]# docker network inspect 22c8d0f47cfe

Il est possible d'explicite la conf dans Docker-compose 

networks:
  backend:
networks:
  backend:
    ipam:
      driver: default
      config:
        - subnet: 192.168.10.0/24

network host

Il est possible de faire : 

networks:
  hostnw:
    external:
      name: host

Mais il est mieux de faire 

services:
  webapp:
    build: .
    network_mode: "host"
2025/03/24 15:06
, ,

Docker - Install DokuWiki

Ajout des dépôts “backports” 

echo "deb http://ftp.debian.org/debian jessie-backports main" > /etc/apt/sources.list.d/backports.list
 
apt-get update

Install Docker 

apt-get install docker.io supervisor

Git clone de la conf Dockerfile et construction du conteneur

Dockerfile 

#
# INSTALLATION DE DOKUWIKI
#
 
FROM alpine:latest
 
#MAINTAINER Jean nospam@me.con
LABEL org.opencontainers.image.authors="Jean nospam@me.con"
 
RUN apk update \
        && apk upgrade
RUN apk add --no-cache \
        curl nginx tmux bash vim git openssh-client unzip wget supervisor ca-certificates \
        php5-fpm php5-json php5-zlib php5-zip php5-xml php5-pdo php5-phar php5-openssl \
        php5-gd php5-iconv php5-mcrypt \
        php5-curl php5-opcache php5-ctype php5-apcu \
        php5-intl php5-bcmath php5-dom php5-xmlreader \
        && rm -rf /var/cache/apk/*
 
# FIXME: privilégier la command COPY à la place de ADD
ADD ./etc/php5/fpm/pool.d/dokuwiki.conf /etc/php5/fpm.d/dokuwiki.conf
ADD ./etc/nginx/sites-available/default /etc/nginx/conf.d/
ADD ./etc/supervisor/supervisord.conf /etc/supervisor/supervisord.conf
ADD ./install-dw.sh /root/install-dw.sh
ADD ./usr/local/bin/dw-clean.sh /usr/local/bin/
 
RUN mkdir -p /var/www/html/wiki
RUN addgroup dokuwiki \ 
        && adduser -s /usr/sbin/nologin -h /var/www/html/wiki -S -G dokuwiki dokuwiki
 
#RUN echo "daemon off;" >> /etc/nginx/nginx.conf
#RUN sed -i -e 's/# server_tokens off/server_tokens off/' /etc/nginx/nginx.conf
RUN mkdir -p /var/log/nginx/wiki
RUN bash /root/install-dw.sh
RUN chown dokuwiki -R /var/www/wiki
 
 
EXPOSE 80
CMD ["/usr/bin/supervisord", "-c", "/etc/supervisor/supervisord.conf", "-n" ]
git clone dw-docker
docker build -t jibe/dokuwiki dw-docker
mkdir /home/wiki

/home/wiki/bin/dw-start.sh 

#! /bin/bash
 
set -o nounset
 
cd /home/wiki
 
docker stop dokuwiki1 2>/dev/null || true
 
docker rm dokuwiki1 2>/dev/null || true
 
/usr/bin/docker run -a stdout --rm --name=dokuwiki1 -v /home/wiki/data/:/var/www/wiki/www/data -v /home/wiki/conf/:/var/www/wiki/www/conf -m 512m -p 8082:80 jibe/dokuwiki supervisord -c /etc/supervisor/supervisord.conf -n

/etc/supervisor/conf.d/wiki.conf 

[program:dokuwiki1]
command=/home/wiki/bin/dw-start.sh
autorestart=false
autostart=true
stopsignal=INT

Ajout des données à l'instance Docker de Dokuwiki (ici données par défaut) 

cd /tmp
git clone http://github.com/splitbrain/dokuwiki.git
cd dokuwiki                                                              
git checkout stable
cp -a data/ /home/wiki/
cp -a conf/ /home/wiki/

FIXME 

chmod -R a=rwX /home/wiki

Conf post install

http://monserveur:8082/install.php

Effacement du fichier install.php à l'intérieur du centenaire 

docker exec -it dokuwiki1 /bin/bash
 
rm /var/www/wiki/dokuwiki/install.php
exit
 
docker commit dokuwiki1 jibe/dokuwiki

Notes PRA / Réplication

Voir également https://www.dokuwiki.org/plugin:sync 

#! /bin/bash
 
rsync -axP --chown=999:999 --exclude="cache" --exclude="tmp" --exclude="attic" --delete webapp:/home/wiki/data/* /home/wiki/data/
rsync -axP --chown=999:999 --exclude="cache" --exclude="tmp" --delete  webapp:/home/wiki/conf/* /home/wiki/conf/
 
rm /home/wiki/data/tmp/* -rf
rm /home/wiki/data/cache/* -rf
touch -c /home/wiki/conf/local.php

/etc/hosts

--add-host=“git.acme.fr:10.8.17.115”

Pb

Pb Erreur 500 Composer detected issues in your platform: Your Composer dependencies require a PHP version ">= 8.1.0".
Composer detected issues in your platform: Your Composer dependencies require a PHP version ">= 8.1.0".
Solution

Supprimer le plugin en cause dans dokuwiki/lib/plugins/

2025/03/24 15:06
,

Docker image build

Voir :

Outils / Méthode / Container Image Builders :

  • Docker / Dockerfile
  • Buildah
  • openshift-imagebuilder
  • Source-To-Image (S2I)
  • Buildpacks / pack
  • Kaniko
  • S2I
  • CNB
  • Paketo
  • umoci

Bonnes pratiques

Voir :

Quand cela est possible préférer COPY à ADD. Voir https://docs.docker.com/build/building/best-practices/

Immediately before your ENTRYPOINT or CMD directive, you then add a USER

Ne pas utiliser sudo mais gosu ou su-exec

Vérif Dockerfile Conrainerfile avec Hadolint

Voir : 

podman run --rm -i docker.io/hadolint/hadolint < Dockerfile

Exemple de Dockerfile et script

https://github.com/browserless/chrome/blob/master/start.sh

start.sh 

#!/bin/bash
set -e
 
# When docker restarts, this file is still there,
# so we need to kill it just in case
[ -f /tmp/.X99-lock ] && rm -f /tmp/.X99-lock
 
_kill_procs() {
  kill -TERM $node
  kill -TERM $xvfb
}
 
# Relay quit commands to processes
trap _kill_procs SIGTERM SIGINT
 
Xvfb :99 -screen 0 1024x768x16 -nolisten tcp -nolisten unix &
xvfb=$!
 
export DISPLAY=:99
 
dumb-init -- node ./build/index.js $@ &
node=$!
 
wait $node
wait $xvfb

Dockerfile 

CMD ["./start.sh"]

Buildha

voir https://www.grottedubarbu.fr/buildah-basics/

docker build 

buildah bud -t myapp:latest .

L'option bud est en réalité une version courte de l'option build-using-dockerfile

Autres

RUN apk add --no-cache shadow

2025/03/24 15:06

Docker exemple de Dockerfile pour Debian

Voir :

Voir aussi Alpine

Dockerfile 

FROM debian:jessie
 
#ENV http_proxy  http://192.168.56.1:3128
#ENV https_proxy http://192.168.56.1:3128
ARG https_proxy
ARG http_proxy
 
ENV DEBIAN_FRONTEND noninteractive
ENV TERM linux
ENV LANG C.UTF-8
ENV LANGUAGE C.UTF-8
ENV LC_ALL C.UTF-8
 
# https://jpetazzo.github.io/2013/10/06/policy-rc-d-do-not-start-services-automatically/
RUN echo -e '#!/bin/bash\nexit 101' > /usr/sbin/policy-rc.d
RUN chmod +x /usr/sbin/policy-rc.d
 
RUN echo "deb http://ftp.debian.org/debian jessie-backports main" > /etc/apt/sources.list.d/backports.list
RUN (apt-get update && apt-get upgrade -y -q && apt-get dist-upgrade -y -q && apt-get -y -q autoclean && apt-get -y -q autoremove)
RUN apt-get install -q -y --no-install-recommends python-minimal tmux bash locales sudo vim supervisor
 
RUN (locale-gen fr_FR.UTF-8 UTF-8 && dpkg-reconfigure locales)
 
ENTRYPOINT ["/usr/bin/supervisord", "-c",  "/etc/supervisor/supervisord.conf",  "-n"]
docker build -t plop --build-arg http_proxy=http://192.168.56.1:3128 --build-arg https_proxy=http://192.168.56.1:3128 .
2025/03/24 15:06
,

Docker clean - nettoyage

Source : https://www.digitalocean.com/community/tutorials/how-to-remove-docker-images-containers-and-volumes

Purging All Unused or Dangling Images, Containers, Volumes, and Networks

Docker provides a single command that will clean up any resources - images, containers, volumes, and networks - that are dangling (not associated with a container): 

docker system prune

To additionally remove any stopped containers and all unused images (not just dangling images), add the -a flag to the command : 

docker system prune -a

Removing Containers

Remove one or more specific containers

Use the docker ps command with the -a flag to locate the name or ID of the containers you want to remove:

List: 

docker ps -a

Remove: 

docker rm ID_or_Name ID_or_Name
Remove a container upon exit

If you know when you’re creating a container that you won’t want to keep it around once you’re done, you can run docker run --rm to automatically delete it when it exits.

Run and Remove: 

docker run --rm image_name
Remove all exited containers

You can locate containers using docker ps -a and filter them by their status: created, restarting, running, paused, or exited. To review the list of exited containers, use the -f flag to filter based on status. When you’ve verified you want to remove those containers, using -q to pass the IDs to the docker rm command.

List: 

docker ps -a -f status=exited

Remove: 

docker rm $(docker ps -a -f status=exited -q)
Remove containers using more than one filter

Docker filters can be combined by repeating the filter flag with an additional value. This results in a list of containers that meet either condition. For example, if you want to delete all containers marked as either Created (a state which can result when you run a container with an invalid command) or Exited, you can use two filters:

List: 

docker ps -a -f status=exited -f status=created

Remove: 

docker rm $(docker ps -a -f status=exited -f status=created -q)
Remove containers according to a pattern

You can find all the containers that match a pattern using a combination of docker ps and grep. When you’re satisfied that you have the list you want to delete, you can use awk and xargs to supply the ID to docker rmi. Note that these utilities are not supplied by Docker and not necessarily available on all systems:

List: 

docker ps -a |grep "pattern"

Remove: 

docker ps -a |grep "pattern" |awk '{print $3}' |xargs docker rmi
Stop and remove all containers

You can review the containers on your system with docker ps. Adding the -a flag will show all containers. When you’re sure you want to delete them, you can add the -q flag to supply the IDs to the docker stop and docker rm commands:

List: 

docker ps -a

Remove: 

docker stop $(docker ps -a -q)
docker rm $(docker ps -a -q)

Removing Docker Images

Remove one or more specific images

Use the docker images command with the -a flag to locate the ID of the images you want to remove. This will show you every image, including intermediate image layers. When you’ve located the images you want to delete, you can pass their ID or tag to docker rmi:

List: 

docker images -a

Remove: 

docker rmi Image
Remove dangling images

Docker images consist of multiple layers. Dangling images are layers that have no relationship to any tagged images. They no longer serve a purpose and consume disk space. They can be located by adding the filter flag, -f with a value of dangling=true to the docker images command. When you’re sure you want to delete them, you can use the docker images purge command: Note: If you build an image without tagging it, the image will appear on the list of dangling images because it has no association with a tagged image. You can avoid this situation by providing a tag when you build, and you can retroactively tag an images with the docker tag command.

List: 

docker images -f dangling=true

Remove: 

docker images purge
Removing images according to a pattern

You can find all the images that match a pattern using a combination of docker images and grep. Once you’re satisfied, you can delete them by using awk to pass the IDs to docker rmi. Note that these utilities are not supplied by Docker and are not necessarily available on all systems:

List: 

docker images -a |grep "pattern"

Remove: 

docker images -a |grep "pattern" |awk '{print $3}' |xargs docker rmi
Remove all images

All the Docker images on a system can be listed by adding -a to the docker images command. Once you’re sure you want to delete them all, you can add the -q flag to pass the Image ID to docker rmi:

List: 

docker images -a

Remove: 

docker rmi $(docker images -a -q)

Removing Volumes

Remove one or more specific volumes - Docker 1.9 and later

Use the docker volume ls command to locate the volume name or names you wish to delete. Then you can remove one or more volumes with the docker volume rm command:

List: 

docker volume ls

Remove: 

docker volume rm volume_name volume_name
Remove dangling volumes - Docker 1.9 and later

Since the point of volumes is to exist independent from containers, when a container is removed, a volume is not automatically removed at the same time. When a volume exists and is no longer connected to any containers, it’s called a dangling volume. To locate them to confirm you want to remove them, you can use the docker volume ls command with a filter to limit the results to dangling volumes. When you’re satisfied with the list, you can remove them all with docker volume prune:

List: 

docker volume ls -f dangling=true

Remove: 

docker volume prune
Remove a container and its volume

If you created an unnamed volume, it can be deleted at the same time as the container with the -v flag. Note that this only works with unnamed volumes. When the container is successfully removed, its ID is displayed. Note that no reference is made to the removal of the volume. If it is unnamed, it is silently removed from the system. If it is named, it silently stays present.

Remove: 

docker rm -v container_name
2025/03/24 15:06

<< Billets récents | Anciens billets >>

blog.txt · Dernière modification : de 127.0.0.1
Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki