<html>
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
Samuel, Sam!<br>
Thank you. I've recently grown interested in containers and find
them fascinating in how they force you to think differently because
of their statelessness and ease of replicability. I can think of
several interesting projects with this.<br>
<br>
Sam, your script is interesting, similar in nature to docker-compose
[1], have you seen it?<br>
<br>
Samuel your docs are clear and concise. Please do publish them as
I'd love to contribute as we share notes.<br>
I'm transitioning Ruby apps to Docker for Publiclab.Org, and loving
the learning experience.<br>
<br>
Regards<br>
S <br>
<br>
:-)<br>
<br>
[1] <a class="moz-txt-link-freetext" href="https://github.com/docker/compose">https://github.com/docker/compose</a><br>
<br>
<div class="moz-cite-prefix">El 09/03/16 a las 15:36, Sam Parkinson
escibió:<br>
</div>
<blockquote cite="mid:1457555802.1860.0@smtp.gmail.com" type="cite">Hi
Samuel,
<div><br>
</div>
<div>Thanks for compiling this information.<br>
<br>
On Thu, Mar 10, 2016 at 3:23 AM, Samuel Cantero
<a class="moz-txt-link-rfc2396E" href="mailto:scanterog@gmail.com"><scanterog@gmail.com></a> wrote:<br>
<blockquote type="cite">
<div dir="ltr">
<div>Hi all,</div>
<div><br>
</div>
<div>This email is to make some notes regarding to our
current services running in Docker containers. The main
idea is to enable anyone to fix a container problem or
deploy a new one. This will be a long email, sorry for
that. After this email thread, we should write some
documentation in our wiki.</div>
<div><br>
</div>
<div><b>How are we running Docker currently?</b></div>
<div><b><br>
</b></div>
<div>We are using a bridged network with Docker and it lets
us publish a service using a specific port in freedom.
Then we proxy-pass the service through nginx (port 80).</div>
<div>There is a bridge called docker0 and every container
has an interface inside this bridge. This is managed
automatically by Docker.</div>
<div><b><br>
</b></div>
<div><b>What are the services currently running in a Docker
container?</b></div>
<div><b><br>
</b></div>
<div>The current running containers are:</div>
<div><br>
</div>
<div>1) org.sugarlabs.bugs.</div>
<div><br>
</div>
<div>Trac instance. Listening on port 5007.</div>
<div><br>
</div>
<div>You can check this on <a moz-do-not-send="true"
href="http://18.85.44.59:5007">18.85.44.59:5007</a>.
Then we proxy this in nginx (/etc/nginx/sites-available/<a
moz-do-not-send="true" href="http://bugs.sugarlabs.org">bugs.sugarlabs.org</a>)
using:</div>
<div><br>
</div>
<div>
<div><font face="monospace, monospace">location / {</font></div>
<div><font face="monospace, monospace">
proxy_pass <a moz-do-not-send="true"
href="http://localhost:5007">http://localhost:5007</a>;</font></div>
<div><font face="monospace, monospace"> }</font></div>
</div>
<div><br>
</div>
<div>2) org.sugarlabs.hook.</div>
<div><br>
</div>
<div>Web hook for SL activities? Listening on port 5004.</div>
<div><br>
</div>
<div>3) kafka: linked with zookeeper. Listening on port
9092.</div>
<div>4) zookeeper. Listening on port 2181. Locally open
ports 2888 and 3888.</div>
<div><br>
</div>
<div>What are we using kafka and zookeeper?</div>
</div>
</blockquote>
<div><br>
</div>
<div>No longer. It was also2 stuff. I have killed those
services now, as I should have killed them before.</div>
<br>
<blockquote type="cite">
<div dir="ltr">
<div><br>
</div>
<div>5) org.sugarlabs.socialhelp_sso.</div>
<div><br>
</div>
<div>Apparently for <a moz-do-not-send="true"
href="http://socialhelp.sugarlabs.org/sso">socialhelp.sugarlabs.org/sso</a>.
is it working? Listening on port 5005.</div>
</div>
</blockquote>
<div><br>
</div>
<div>Ah, I got the name wrong. It is actually
use-socialhelp.sugarlabs.org/sso. To test that it is working,
you can go to "socialhelp.sugarlabs.org" and then press log
in. You should then be redirected to the socialhelp sso page.</div>
<br>
<blockquote type="cite">
<div dir="ltr">
<div><br>
</div>
<div>6) org.sugarlabs.bundlebin.</div>
<div><br>
</div>
<div>Like a pastebin for SL. The code is hosted on <a
moz-do-not-send="true"
href="http://github.com/samdroid-apps/bundlebin">http://github.com/samdroid-apps/bundlebin</a>.
Listening on port 5000.</div>
<div><br>
</div>
<div>7) org.sugarlabs.nagios.</div>
<div><br>
</div>
<div>Nagios instance. Currently not working the postfix
service inside the container. I should fix this or we
should create a common postfix container in order to link
this and other containers to it.</div>
<div><br>
</div>
<div>Listening on port 8081.</div>
<div><br>
</div>
<div>8) today.sam.sugarstick-creator</div>
<div><br>
</div>
<div>Listening on port 5008.</div>
<div>Can you explain a little more about this?</div>
</div>
</blockquote>
<div><br>
</div>
<div>Tracker/emailer for sugarstick-creator project. It was
basically an experiment that didn't end up shipping with the
new site.</div>
<div><br>
</div>
<div>I have removed and shut down this container. </div>
<br>
<blockquote type="cite">
<div dir="ltr">
<div>9) rethinkdb</div>
<div><br>
</div>
<div>Only listening locally on ports 8080, 28015 and 29015.
What is the purpose of this container?</div>
</div>
</blockquote>
<div><br>
</div>
<div>RethinkDB container that was linked to sugar-stick-creator.
Not a very descriptive name. I have killed it as the parent
is killed.</div>
<br>
<blockquote type="cite">
<div dir="ltr">
<div><br>
</div>
<div>10) org.sugarlabs.activities-2</div>
<div><br>
</div>
<div>Listening on port 5006.</div>
<div>Self descriptive. are we going to kill it?</div>
</div>
</blockquote>
<div><br>
</div>
<div>Yes.</div>
<br>
<blockquote type="cite">
<div dir="ltr">
<div><br>
</div>
<div>11) org.sugarlabs.use-socialhelp</div>
<div><br>
</div>
<div>Listening on port 5003.</div>
<div><br>
</div>
<div>12) org.sugarlabs.help_rebuilder</div>
<div><br>
</div>
<div>Not listening. According to main.py, this is used with
kafka.</div>
</div>
</blockquote>
<div><br>
</div>
<div>Yep, this one is the painful one that was integrated with
aslo2 through the hook service. I'm probably just going to
move all the webhooks into 1 container instead of having kafka
between them.</div>
<div><br>
</div>
<div>Thanks,</div>
<div>Sam</div>
<br>
<blockquote type="cite">
<div dir="ltr">
<div><br>
</div>
<div>13) local_discourse/app</div>
<div><br>
</div>
<div>Listening on port 8002 (web) and 2222 (ssh). Here we
host socialhelp.sl.o.</div>
<div><br>
</div>
<div>Sam, if you can give more information about each
container would be pretty useful for everyone.</div>
<div><br>
</div>
<div><b>How we build the images and containers?</b></div>
<div><b><br>
</b></div>
<div>Docker can build images automatically by reading
instructions from a Dockerfile, a text file that contains
all the commands, in order, needed to build a given image.
We host all the files needed by a every container in
/containers. Actually, we can find there a symlink for
every container. For example:</div>
<div><br>
</div>
<div><font face="monospace, monospace">org.sugarlabs.bugs
-> /srv/containers/org.sugarlabs.bugs/</font><br>
</div>
<div><br>
</div>
<div>In case we want to deploy a new service, we can write
our own Dockerfile or we can get one from DockerHub
(docker image repository).</div>
<div><br>
</div>
<div>We can check the built images in our host with: </div>
<div><font face="monospace, monospace"><br>
</font></div>
<div><font face="monospace, monospace">docker images</font></div>
<div><font face="monospace, monospace"><br>
</font></div>
<div><font face="arial, helvetica, sans-serif">We can create
a image </font><span
style="font-family:arial,helvetica,sans-serif">from a
Dockerfile </span><span
style="font-family:arial,helvetica,sans-serif">executing
the following command: </span></div>
<div><font face="monospace, monospace"><br>
</font></div>
<div><font face="monospace, monospace">docker build -t
OUR-IMAGE-NAME .</font></div>
<div><font face="arial, helvetica, sans-serif"><br>
</font></div>
<div><font face="arial, helvetica, sans-serif">In the last
example, the <i>cwd</i> is the container folder where
the dockerfile resides. Once the image is created, we
can create a container (that run as a daemon) from that
image executing:</font></div>
<div><font face="arial, helvetica, sans-serif"><br>
</font></div>
<div><font face="monospace, monospace">docker run -d --name
CONTAINER-NAME </font><span
style="font-family:monospace,monospace">IMAGE-NAME</span><br>
</div>
<div><span style="font-family:monospace,monospace"><br>
</span></div>
<div><font face="arial, helvetica, sans-serif">In the last
command, we are not publishing our service. In order to
bind a container to a specific port we should the -p
flag. For example;</font></div>
<div><br>
</div>
<div><font face="monospace, monospace">docker run -d -p
8081:80 </font><span
style="font-family:monospace,monospace">--name </span><font
face="monospace, monospace">CONTAINER-NAME </font><span
style="font-family:monospace,monospace">IMAGE-NAME</span></div>
</div>
</blockquote>
<div><br>
</div>
<div>I'm gonna chip in here an say please use container.yml or
docker compose or something to that effect. Having 30
different docker run commands that need to be run is very
messy, and it much better if the runtime information (volumes,
ports, cpu quote) is stored in some form of a file.</div>
<br>
<blockquote type="cite">
<div dir="ltr">
<div><span style="font-family:monospace,monospace"><br>
</span></div>
<div><font face="arial, helvetica, sans-serif">This would
map port 80 inside the container to port 8081 on
Freedom.</font></div>
<div><font face="monospace, monospace"><br>
</font></div>
<div><font face="arial, helvetica, sans-serif">We can
customize our container at the moment of its deploying
giving to the docker run command some options. For
example: </font></div>
<div><font face="arial, helvetica, sans-serif"><br>
</font></div>
<div><font face="monospace, monospace">--cpu-quota</font><font
face="arial, helvetica, sans-serif">: in order to limit
CPU usage. </font><span
style="font-family:arial,helvetica,sans-serif">We have
another email thread explaining its usage.</span></div>
<div><font face="monospace, monospace">--memory</font><font
face="arial, helvetica, sans-serif">: memory limit. </font><span
style="font-family:arial,helvetica,sans-serif">We have
another email thread explaining its usage.</span></div>
<div><font face="monospace, monospace">--restart: </font><font
face="arial, helvetica, sans-serif">restart policy to
apply when a container exists.</font><br>
</div>
<div><font face="monospace, monospace">--volume</font>: bind
mount a volume. Very useful to keep container files inside
our own chosen location instead of a docker default
location. For example: keeping configuration files of
nagios inside /srv/nagios3. This let us re-create the
entire container every time we need/want without losing
any data.</div>
<div><br>
</div>
<div>Example:</div>
<div><br>
</div>
<div><font face="monospace, monospace">docker run -d -p
8081:80 --cpu-quota=20000 --memory=512M
--volume=/srv/nagios3:/etc/nagios3 --name
org.sugarlabs.nagios nagios</font><br>
</div>
<div><font face="arial, helvetica, sans-serif"> </font></div>
<div><font face="arial, helvetica, sans-serif">In Sugar
Labs, we use a Sam's script called container.yml [1] in
order to make docker container configurations live in
files. So, we can store all this container configuration
inside a container.yml file :-)</font></div>
<div><font face="arial, helvetica, sans-serif"><br>
</font></div>
<div><font face="arial, helvetica, sans-serif">For example: </font><b
style="font-family:arial,helvetica,sans-serif">container.yml</b></div>
<span style="font-family:monospace,monospace">ports:</span><br>
<span style="font-family:monospace,monospace"> - 8081:80</span><br>
<font face="monospace, monospace"><br>
</font><span style="font-family:monospace,monospace">volumes:</span><br>
<span style="font-family:monospace,monospace"> -
/srv/nagios3:/etc/nagios3</span><br>
<span style="font-family:monospace,monospace"> -
/srv/nagios-plugins:/usr/lib/nagios/plugins</span><br>
<font face="monospace, monospace"><br>
</font><span style="font-family:monospace,monospace">memory:
512m</span><br>
<div>
<div><font face="monospace, monospace">cpu: 20</font></div>
</div>
<div>
<div style="font-family:arial,helvetica,sans-serif"><br>
</div>
</div>
<div style=""><span
style="font-family:arial,helvetica,sans-serif">In order
to run the container with the settings defined in the
container.yml file, we simply do</span><font
face="arial, helvetica, sans-serif">:</font></div>
<div style=""><font face="monospace, monospace"><br>
</font></div>
<div style=""><font face="monospace, monospace">container.yml
start -d</font></div>
<div style=""><font face="monospace, monospace"><br>
</font></div>
<div style=""><font face="arial, helvetica, sans-serif">We
can also build images using container.yml script. It is
a good idea to read container.yml code in order to
understand how it works.</font></div>
<div><br>
</div>
<div><b>How can we check a containers' status?</b></div>
<div><b><br>
</b></div>
<div><font face="monospace, monospace">docker ps</font></div>
<div><br>
</div>
<div><b>How can we stop/start a container?</b></div>
<div><br>
</div>
<div>Stop: <span style="font-family:monospace,monospace">docker
stop CONTAINER-NAME</span></div>
<div><font face="arial, helvetica, sans-serif"><br>
</font></div>
<div><font face="arial, helvetica, sans-serif">Start: </font><span
style="font-family:monospace,monospace">docker start
CONTAINER-NAME</span></div>
<div><span style="font-family:monospace,monospace"><br>
</span></div>
<div><font face="arial, helvetica, sans-serif">We can also
use start/stop from sam's script.</font></div>
<div><span style="font-family:monospace,monospace"><br>
</span></div>
<div><b>How can we get a console from a Container?</b></div>
<div><b><br>
</b></div>
<div><font face="monospace, monospace">docker exec -it
[CONTAINER-ID or CONTAINER-NAME] bash</font><br>
</div>
<div><b><br>
</b></div>
<div>Best regards,</div>
<div><br>
</div>
<div>Samuel C.</div>
<div><b><br>
</b></div>
<div><br>
</div>
<div>[1] <a moz-do-not-send="true"
href="https://github.com/sugarlabs-infra/container.yml">https://github.com/sugarlabs-infra/container.yml</a></div>
</div>
</blockquote>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
Systems mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Systems@lists.sugarlabs.org">Systems@lists.sugarlabs.org</a>
<a class="moz-txt-link-freetext" href="http://lists.sugarlabs.org/listinfo/systems">http://lists.sugarlabs.org/listinfo/systems</a>
</pre>
</blockquote>
<br>
</body>
</html>