Monthly Archives: November 2015

Docker containers dependencies

composer
As a rule, you have more then one docker containers. It can be one base container (parent) and many other (children).
To connect they in docker-compose you can use the next snippets:

1. Using “links” – in common case is the most popular method. Here are network ports and volumes from parent container shares to child one.
docker-compose.yml

...
  links:
    - base
...

2. Using “volumes_from” – only volumes from parent container shares to child.
docker-compose.yml

...
  volumes_from:
    - base
...

The second way is useful when you connect your docker contaner network is applied to host network. The “links” directive cannot be used (since docker-compose v1.9).
docker-compose.yml

...
  net: "host"
...

Also, http://docs.docker.com/compose/compose-file

Generating SSL certificate

ssl
To apply SSL connection in your server you have to use SSL certificate.
Here are the steps to create Self-Signed SSL certificate:

1. Install openssl.

yum install -y openssl

2. Create shell script add_ssl.sh:

#!/bin/bash
set -e

prefix=$1

# Generate private key
openssl genrsa -out $prefix.key 2048

# Generate CSR
echo -e "[LOCALE]\n[COUNTRY]\n[CITY]\n[COMPANY]\nSSL\n$prefix\n[EMAIL]\n\n\n\n" \
	| (openssl req -new -key $prefix.key -out $prefix.csr)

# Generate Self Signed Key
openssl x509 -req -days 365 -in $prefix.csr -signkey $prefix.key -out $prefix.crt

# Copy the files to the correct locations
mv $prefix.crt /etc/ssl
mv $prefix.key /etc/ssl
mv $prefix.csr /etc/ssl

Replace [LOCALE], [COUNTRY], [CITY], [COMPANY], [EMAIL] with your values.

3. Run script example:

./add_ssl.sh gik.firetrot.com

Why Docker?

docker
Docker is the most simple and clear method to isolate your services. DevOps can in significantly convenient way deploy and control their services in server environment.
Docker is nothing new but wrapper over LXC. There are two concepts when you start working with docker:

  • Docker image is what you build
  • Docker container is what you run

Docker uses layer system very similar to Version Control System. After restart container all data will be lost if not commited!
So, to run a docker container you have to create a docker image. There are two methods to create docker image. The first, you can get base docker image of your favorite linux OS, run and login to it and manually install whatever. After that commit image to save changes. It is old and hardcore way. I prefer the second one, create docker image from so called “Dockerfile” – describes all to compose image.

Example usage:

  1. Create folder “base”.
  2. Create “Dockerfile” in it with the following contents:
    FROM centos:7
    MAINTAINER "FireTrot Studio" <admin@firetrot.com>
    
    # ENV
    ENV container=docker
    
    # IMPORT
    RUN rpm --import http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-7
    
    # INSTALL
    RUN yum -y install net-tools
    
    # RUN
    CMD ["ping", "localhost"]
    
  3. Build docker image with command:
    docker build -t base .
    
  4. Run docker container with command:
    docker run -it --name=base docker_base
    

And then you’ll see the output of container work.