Category Archives: Server

Persistent Storage

title: “Persistent Storage”
date: 2016-03-27T15:41:45
slug: persistent-storage

Attach a Host Directory to the Container

Create a volume container:

docker create -v /dbdata --name dbstore ubuntu /bin/true

Start a container with the volume container attached

docker run -d --volumes-from dbstore --name ubuntu ubuntu

Start a second container with the same volume container (shared)

docker run -d --volumes-from dbstore --name ubuntu2 ubuntu

You can use multiple --volumes-from parameters

Make a backup from the volume

docker run --rm --volumes-from ubuntu -v $(pwd):/backup ubuntu tar cvf /backup/backup.tar /dbdata

Restore the backup into a container

  1. Create a container with /dbdata as a storage point
docker run -v /dbdata --name dbstore2 ubuntu /bin/bash
  1. Mount the /dbdata Storage point to a new container, mount the local directory to /backup into the container (this includes backup.tar.gz)  and extarct it in /dbdata
docker run --rm --volumes-from dbstore2 -v $(pwd):/backup ubuntu bash -c "cd /dbdata && tar xvf /backup/backup.tar --strip 1"

Build a new Image from Dockerfile

title: “Build a new Image from Dockerfile”
date: 2016-03-25T17:40:02
slug: build-a-new-image-from-dockerfile

vi Dockerfile

With this content

# This is a comment
FROM ubuntu:14.04
MAINTAINER Kate Smith <ksmith@example.com>
RUN apt-get update && apt-get install -y apache2
RUN touch /example

Then build the new Image:

docker build -t thomas/ubuntu:v2 .

Audit Files And Directories

title: “Audit Files And Directories”
date: 2016-03-24T15:06:19
slug: audit-files-and-directories

Audit files

auditctl -w /etc/passwd -p rwxa

With :

  • -w path ; this parameter will insert a watch for the file system object at path. On the example above, auditd will wacth /etc/passwd file

  • -p ; this parameter describes the permission access type that a file system watch will trigger on

  • rwxa ; are the attributes which bind to -p parameter above. r is read, w is write, x is execute and a is attribute

  • If ‘-p xxx’  is not specivied, all kinds of access are logged

Audit directories

To audit directories, we will use a similar command. Let’s take a look at the command below :

auditctl -w /production/

The above command will watch any access to the /production folder.

Update CoreOS

title: “Update CoreOS”
date: 2016-03-24T13:45:37
slug: update-coreos

vi /etc/coreos/update.conf

and add after the line “GROUP=”

SERVER=https://customer.update.core-os.net/v1/update/

systemctl restart update-engine

Force Update in Background

$ update\_engine\_client -check\_for\_update
[0123/220706:INFO:update\_engine\_client.cc(245)] Initiating update check and install.

Force Update in Foreground

If you want to see what’s going on behind the scenes, you can watch the ouput in the foreground:

$ update\_engine\_client -update
[0123/222449:INFO:update\_engine\_client.cc(245)] Initiating update check and install.
[0123/222449:INFO:update\_engine\_client.cc(250)] Waiting for update to complete.
LAST\_CHECKED\_TIME=0
PROGRESS=0.000000
CURRENT\_OP=UPDATE\_STATUS\_IDLE
NEW\_VERSION=0.0.0.0
NEW\_SIZE=0
[0123/222454:ERROR:update\_engine\_client.cc(189)] Update failed.

Be aware that the “failed update” means that there isn’t a newer version to install.

docker commands

title: “docker commands”
date: 2016-03-24T12:52:14
slug: docker-commands

Show running docker instances with ID

docker ps

Show running docker instances with ID (History)

docker ps -a

Show the last running container

docker ps -l

Start an Docker Instance (from ‘docker ps -a’)

docker run 4dcecf77c564

Committing a docker instance:

 docker commit a589d9df44ec coreos/apache

while a589d9df44ec is the ID listed with “docker ps” Stop docker instance

docker stop 4ecbf72df071

Alle Container löschen

docker rm `docker ps -qa`

Einen Befehl in einem Container ausführen

docker exec -it db bash

List Images

docker images

stdout eines Containers anzeigen

docker logs 9f5aafa2536b

Ports eines Containers anzeigen

docker port 1a109a55a86d

Prozesse in einem Container anzeigen

docker top

Statusinformationen eines Containers anzeigen

docker inspect 1a109a55a86d

Remove a Container from the bridge

docker network disconnect bridge <containername>

Create an own bridged network

docker network create -d bridge my-bridge-network

List Networks

docker network ls

Details/Inspect a network

docker network inspect my-bridge-network

Attach network to a container

docker network connect my-bridge-network web

Attach Data Volume to a container

docker run --name ubuntu -v /webmount -it ubuntu /bin/bash

Attach Host Directory to a container

docker run --name ubuntu -v /home/webapp:/webmount -it ubuntu /bin/bash

d

Start an ubuntu docker instance , install and configure Apache

title: “Start an ubuntu docker instance , install and configure Apache”
date: 2016-03-24T12:50:08
slug: start-an-ubuntu-docker-instance-install-and-configure-apache

Start an Ubuntu instance (simple shell)

docker run -t -i ubuntu /bin/bash

The -t and -i flags allocate a pseudo-tty and keep stdin open even if not attached.

Update Repository anstall Apache

apt-get update && apt-get install apache2

f

Network Configuration CoreOS

title: “Network Configuration CoreOS”
date: 2016-03-24T12:21:58
slug: network-configuration-coreos

Network configuration is stored in:

/etc/systemd/network

Create a bridge:

vi 5.netdev

[NetDev]
Name=docker0
Kind=bridge

Configure ens3 as bridge interface

vi 10-ens3.network

[Match]
Name=ens3

[Network]
Bridge=docker0

Configure Bridge Interface

vi 15-br.network

[Match]
Name=docker0

[Network]
Address=10.86.0.27/23
Gateway=10.86.0.250
[Route]
Gateway=10.86.0.1
Destination=10.0.0.0/8
[Route]
Gateway=10.86.0.1
Destination=172.16.0.0/12
[Route]
Gateway=10.86.0.1
Destination=192.168.0.0/16

Configure static Nameserver

vi resolved.conf

[Resolve]
DNS=8.8.8.8
#FallbackDNS=
#LLMNR=yes

Elastic Search

title: “Elastic Search”
date: 2016-03-13T14:44:42
slug: elastic-search

Step 5: For installing Sense into Kibana:

kibana plugin --install elastic/sense