CoreOSでDocker入門
先日のVagrantのバージョンアップも無事に済んだので、CoreOSのVagrantイメージでDocker入門してみた。 主に自分用のメモ。
CoreOSのセットアップ
ドキュメント通り、Vagrantfileをclone
してup
するだけ。
[~/vm] $ git clone https://github.com/coreos/coreos-vagrant/ coreos Cloning into 'coreos'... remote: Counting objects: 21, done. remote: Compressing objects: 100% (19/19), done. remote: Total 21 (delta 3), reused 19 (delta 1) Unpacking objects: 100% (21/21), done.
boxのサイズは121MB程度なのでダウンロードもすぐ終わる。
[~/vm/coreos]->(master) $ vagrant up Bringing machine 'default' up with 'virtualbox' provider... [default] Box 'coreos' was not found. Fetching box from specified URL for the provider 'virtualbox'. Note that if the URL does not have a box for this provider, you should interrupt Vagrant now and add the box yourself. Otherwise Vagrant will attempt to download the full box prior to discovering this error. Downloading or copying the box... Extracting box...te: 3546k/s, Estimated time remaining: --:--:--) Successfully added box 'coreos' with provider 'virtualbox'! [default] Importing base box 'coreos'... [default] Matching MAC address for NAT networking... [default] Setting the name of the VM... [default] Clearing any previously set forwarded ports... [default] Fixed port collision for 22 => 2222. Now on port 2201. [default] Creating shared folders metadata... [default] Clearing any previously set network interfaces... [default] Preparing network interfaces based on configuration... [default] Forwarding ports... [default] -- 22 => 2201 (adapter 1) [default] Booting VM... [default] Waiting for VM to boot. This can take a few minutes. [default] VM booted and ready for use! [default] No guest additions were detected on the base box for this VM! Guest additions are required for forwarded ports, shared folders, host only networking, and more. If SSH fails on this machine, please install the guest additions and repackage the box to continue. This is not an error message; everything may continue to work properly, in which case you may ignore this message. [default] Mounting shared folders... [~/vm/coreos]->(master) $ [~/vm/coreos]->(master) $ vagrant ssh Last login: Fri Aug 9 01:29:19 UTC 2013 from 10.0.2.2 on ssh ______ ____ _____ / ____/___ ________ / __ \/ ___/ / / / __ \/ ___/ _ \/ / / /\__ \ / /___/ /_/ / / / __/ /_/ /___/ / \____/\____/_/ \___/\____//____/ core@localhost ~ $
カーネルはかなり新しい。そしてGentooooooベース!ただリリース32って・・・
core@localhost ~ $ uname -a Linux localhost 3.10.4+ #1 SMP Fri Aug 2 04:55:31 UTC 2013 x86_64 Intel(R) Xeon(R) CPU L3426 @ 1.87GHz GenuineIntel GNU/Linux core@localhost ~ $ cat /etc/gentoo-release CoreOS release 32.0.0
Dockerもデフォルトで起動済み。
core@localhost ~ $ ps axuww | grep docker root 287 0.0 0.7 273204 7304 ? Ssl 01:29 0:00 /usr/bin/docker -d -D core 462 0.0 0.0 4364 648 pts/0 S+ 01:35 0:00 grep --colour=auto docker
その他サービスの起動状況はこんな感じ。本当に最小限。
core@localhost ~ $ sudo netstat -lnp Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 127.0.0.1:4243 0.0.0.0:* LISTEN 287/docker tcp6 0 0 :::4001 :::* LISTEN 283/etcd tcp6 0 0 :::22 :::* LISTEN 1/init tcp6 0 0 :::7001 :::* LISTEN 283/etcd raw6 0 0 :::58 :::* 7 251/dhcpcd Active UNIX domain sockets (only servers) Proto RefCnt Flags Type State I-Node PID/Program name Path unix 2 [ ACC ] STREAM LISTENING 6679 1/init /run/systemd/private unix 2 [ ACC ] STREAM LISTENING 6697 1/init /run/systemd/journal/stdout unix 2 [ ACC ] STREAM LISTENING 8792 1/init /var/run/dbus/system_bus_socket unix 2 [ ACC ] STREAM LISTENING 8866 251/dhcpcd /var/run/dhcpcd.sock unix 2 [ ACC ] SEQPACKET LISTENING 7080 1/init /run/udev/control
コンテナの起動
まずはコンテナ用のイメージをdocker pull
で持ってくる。今回はUbuntuのbaseイメージにした。カスタムイメージはここから探すことも出来る。
core@localhost ~ $ docker images REPOSITORY TAG ID CREATED SIZE core@localhost ~ $ docker pull base Pulling repository base Pulling image b750fe79269d2ec9a3c593ef05b4332b1d1a02a62b4accb2c21d589ff2f5f2dc (ubuntu-quantl) from base Pulling b750fe79269d2ec9a3c593ef05b4332b1d1a02a62b4accb2c21d589ff2f5f2dc metadata Pulling b750fe79269d2ec9a3c593ef05b4332b1d1a02a62b4accb2c21d589ff2f5f2dc fs layer Downloading 10.24 kB/10.24 kB (100%) Pulling 27cf784147099545 metadata Pulling 27cf784147099545 fs layer Downloading 94.86 MB/94.86 MB (100%) core@localhost ~ $ docker images REPOSITORY TAG ID CREATED SIZE base latest b750fe79269d 4 months ago 24.65 kB (virtual 180.1 MB) base ubuntu-12.10 b750fe79269d 4 months ago 24.65 kB (virtual 180.1 MB) base ubuntu-quantal b750fe79269d 4 months ago 24.65 kB (virtual 180.1 MB) base ubuntu-quantl b750fe79269d 4 months ago 24.65 kB (virtual 180.1 MB)
baseイメージのコンテナでコマンドを実行。
core@localhost ~ $ docker run base /bin/echo hello world hello world
コマンドが終了したタイミングでコンテナも終了する。終了したコンテナは /var/lib/docker/containers/
に残るので、いらなければdocker rm
で削除できる。
core@localhost ~ $ docker ps -a ID IMAGE COMMAND CREATED STATUS PORTS f91787126957 base:latest /bin/echo hello worl 36 seconds ago Exit 0 core@localhost ~ $ docker rm f91787126957 f91787126957 core@localhost ~ $ docker ps -a ID IMAGE COMMAND CREATED STATUS PORTS
コンテナでRedisを動かす
-i
と-t
をつけてbashを実行することでコンテナにログインする。
core@localhost ~ $ docker run -i -t base /bin/bash 2013/08/09 01:54:22 Error: Error starting container 34499f11ad58: fork/exec /usr/sbin/lxc-start: operation not permitted ※ -i=false: Keep stdin open even if not attached ※ -t=false: Allocate a pseudo-tty
なぜか一度目は必ずoperation not permitted
で失敗する・・・
ログインしたら普通にaptでredis-serverをインストール。
core@localhost ~ $ docker run -i -t base /bin/bash root@9bd00a296565:/# root@9bd00a296565:/# apt-get update Ign http://archive.ubuntu.com quantal InRelease Hit http://archive.ubuntu.com quantal Release.gpg Hit http://archive.ubuntu.com quantal Release Hit http://archive.ubuntu.com quantal/main amd64 Packages Get:1 http://archive.ubuntu.com quantal/universe amd64 Packages [5274 kB] Get:2 http://archive.ubuntu.com quantal/multiverse amd64 Packages [131 kB] Get:3 http://archive.ubuntu.com quantal/main Translation-en [660 kB] Get:4 http://archive.ubuntu.com quantal/multiverse Translation-en [100 kB] Get:5 http://archive.ubuntu.com quantal/universe Translation-en [3648 kB] Fetched 9813 kB in 38s (257 kB/s) Reading package lists... Done root@9bd00a296565:/# root@9bd00a296565:/# apt-get install redis-server Reading package lists... Done Building dependency tree... Done The following extra packages will be installed: libjemalloc1 The following NEW packages will be installed: libjemalloc1 redis-server 0 upgraded, 2 newly installed, 0 to remove and 0 not upgraded. Need to get 319 kB of archives. After this operation, 821 kB of additional disk space will be used. Do you want to continue [Y/n]? y Get:1 http://archive.ubuntu.com/ubuntu/ quantal/universe libjemalloc1 amd64 3.0.0-3 [85.9 kB] Get:2 http://archive.ubuntu.com/ubuntu/ quantal/universe redis-server amd64 2:2.4.15-1 [233 kB] Fetched 319 kB in 6s (52.2 kB/s) Selecting previously unselected package libjemalloc1. (Reading database ... 9893 files and directories currently installed.) Unpacking libjemalloc1 (from .../libjemalloc1_3.0.0-3_amd64.deb) ... Selecting previously unselected package redis-server. Unpacking redis-server (from .../redis-server_2%3a2.4.15-1_amd64.deb) ... Processing triggers for ureadahead ... Setting up libjemalloc1 (3.0.0-3) ... Setting up redis-server (2:2.4.15-1) ... Starting redis-server: redis-server. Processing triggers for libc-bin ... ldconfig deferred processing now taking place Processing triggers for ureadahead ... root@9bd00a296565:/# root@9bd00a296565:/# redis-server -v Redis server version 2.4.15 (00000000:0) root@9bd00a296565:/# root@9bd00a296565:/# exit
Redisのインストールが終わったところでdocker commit
でコンテナのイメージを保存する。bashをexitするとコンテナも終了するので、docker ps -a
で先程実行したコンテナIDを確認する。
core@localhost ~ $ docker ps -a ID IMAGE COMMAND CREATED STATUS PORTS 9bd00a296565 base:latest /bin/bash 2 minutes ago Exit 0 34499f11ad58 base:latest /bin/bash 2 minutes ago Exit 0 core@localhost ~ $ docker commit 9bd00a296565 nkwhr/redis 65d42afa15e3
commit
すると新しいIDでイメージが作成される。https://index.docker.io/ に登録しておくとdocker push
も出来るらしい。
core@localhost ~ $ docker images REPOSITORY TAG ID CREATED SIZE base latest b750fe79269d 4 months ago 24.65 kB (virtual 180.1 MB) base ubuntu-12.10 b750fe79269d 4 months ago 24.65 kB (virtual 180.1 MB) base ubuntu-quantal b750fe79269d 4 months ago 24.65 kB (virtual 180.1 MB) base ubuntu-quantl b750fe79269d 4 months ago 24.65 kB (virtual 180.1 MB) nkwhr/redis latest 65d42afa15e3 12 seconds ago 98.46 MB (virtual 278.6 MB)
Redisがインストールされたイメージを使ってredis-server
を起動。-p
を付けないとport forwardされない。
core@localhost ~ $ docker run -d -p 6379 nkwhr/redis /usr/bin/redis-server d0f2b08a54cd ※ -d=false: Detached mode: Run container in the background, print new container id ※ -p=[]: Map a network port to the container core@localhost ~ $ docker ps ID IMAGE COMMAND CREATED STATUS PORTS d0f2b08a54cd nkwhr/redis:latest /usr/bin/redis-serve 3 seconds ago Up 3 seconds 49153->6379 core@localhost ~ $ sudo netstat -lnp | grep 49153 tcp 0 0 127.0.0.1:49153 0.0.0.0:* LISTEN 279/docker
-d
で起動した場合、docker logs
またはdocker attach
でIDを指定したコンテナの標準出力を見ることが出来る。
core@localhost ~ $ docker logs d0f2b08a54cd [1] 09 Aug 01:59:59 # Warning: no config file specified, using the default config. In order to specify a config file use 'redis-server /path/to/redis.conf' [1] 09 Aug 01:59:59 * Server started, Redis version 2.4.15 [1] 09 Aug 01:59:59 # WARNING overcommit_memory is set to 0! Background save may fail under low memory condition. To fix this issue add 'vm.overcommit_memory = 1' to /etc/sysctl.conf and then reboot or run the command 'sysctl vm.overcommit_memory=1' for this to take effect. [1] 09 Aug 01:59:59 * The server is now ready to accept connections on port 6379 [1] 09 Aug 01:59:59 - 0 clients connected (0 slaves), 790840 bytes in use [1] 09 Aug 02:00:04 - 0 clients connected (0 slaves), 790840 bytes in use [1] 09 Aug 02:00:09 - 0 clients connected (0 slaves), 790840 bytes in use [1] 09 Aug 02:00:14 - 0 clients connected (0 slaves), 790840 bytes in use [1] 09 Aug 02:00:19 - 0 clients connected (0 slaves), 790840 bytes in use [1] 09 Aug 02:00:24 - 0 clients connected (0 slaves), 790840 bytes in use [1] 09 Aug 02:00:29 - 0 clients connected (0 slaves), 790840 bytes in use
ps
でもコンテナのIPを確認出来るけど、docker inspect
だと更に詳細な情報が見れる。
core@localhost ~ $ ps axuww | grep lxc root 1254 0.0 0.1 21088 1180 pts/2 S+ 01:59 0:00 lxc-start -n d0f2b08a54cd722139bea5011c66aa05f73ef25689aa1227be7515d6ca241eaf -f /var/lib/docker/containers/d0f2b08a54cd722139bea5011c66aa05f73ef25689aa1227be7515d6ca241eaf/config.lxc -- /sbin/init -g 172.16.42.1 -e HOME=/ -e PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin -- /usr/bin/redis-server core 1499 0.0 0.0 4364 648 pts/1 S+ 02:02 0:00 grep --colour=auto lxc
core@localhost ~ $ docker inspect d0f2b08a54cd [{ "ID": "d0f2b08a54cd722139bea5011c66aa05f73ef25689aa1227be7515d6ca241eaf", "Created": "2013-08-09T01:59:59.044048009Z", "Path": "/usr/bin/redis-server", "Args": [], "Config": { "Hostname": "d0f2b08a54cd", "User": "", "Memory": 0, "MemorySwap": 0, "CpuShares": 0, "AttachStdin": false, "AttachStdout": false, "AttachStderr": false, "PortSpecs": [ "6379" ], "Tty": false, "OpenStdin": false, "StdinOnce": false, "Env": null, "Cmd": [ "/usr/bin/redis-server" ], "Dns": null, "Image": "nkwhr/redis", "Volumes": null, "VolumesFrom": "", "Entrypoint": null }, "State": { "Running": true, "Pid": 1254, "ExitCode": 0, "StartedAt": "2013-08-09T01:59:59.065574703Z", "Ghost": false }, "Image": "65d42afa15e3dc395b0506d42376044fd4b3d8a1e421b298d41c601d36b4f48d", "NetworkSettings": { "IPAddress": "172.16.42.5", "IPPrefixLen": 24, "Gateway": "172.16.42.1", "Bridge": "docker0", "PortMapping": { "Tcp": { "6379": "49153" }, "Udp": {} } }, "SysInitPath": "/usr/bin/docker", "ResolvConfPath": "/etc/resolv.conf", "Volumes": {}, "VolumesRW": {} }]
CoreOSには何もインストール出来ないので、Redisがインストールされたイメージでもう一つ別のコンテナを作って、redis-serverに接続する。
core@localhost ~ $ docker run -i -t nkwhr/redis /bin/bash root@2f8eb71cbcc7:/# root@2f8eb71cbcc7:/# redis-cli -h 172.16.42.5 -p 6379 redis 172.16.42.5:6379> set docker awesome OK redis 172.16.42.5:6379> get docker "awesome" redis 172.16.42.5:6379> exit root@2f8eb71cbcc7:/#
別のターミナルで確認すると以下のように同じイメージで2つのコンテナが起動しているのがわかる。
core@localhost ~ $ docker ps ID IMAGE COMMAND CREATED STATUS PORTS 2f8eb71cbcc7 nkwhr/redis:latest /bin/bash 31 seconds ago Up 31 seconds d0f2b08a54cd nkwhr/redis:latest /usr/bin/redis-serve 4 minutes ago Up 4 minutes 49153->6379
イメージの削除
docker stop
で起動しているコンテナを停止。
core@localhost ~ $ docker ps ID IMAGE COMMAND CREATED STATUS PORTS d0f2b08a54cd nkwhr/redis:latest /usr/bin/redis-serve 5 minutes ago Up 5 minutes 49153->6379 core@localhost ~ $ docker stop d0f2b08a54cd d0f2b08a54cd core@localhost ~ $ docker ps ID IMAGE COMMAND CREATED STATUS PORTS
docker rmi
でイメージの削除。
core@localhost ~ $ docker images REPOSITORY TAG ID CREATED SIZE base latest b750fe79269d 4 months ago 24.65 kB (virtual 180.1 MB) base ubuntu-12.10 b750fe79269d 4 months ago 24.65 kB (virtual 180.1 MB) base ubuntu-quantal b750fe79269d 4 months ago 24.65 kB (virtual 180.1 MB) base ubuntu-quantl b750fe79269d 4 months ago 24.65 kB (virtual 180.1 MB) nkwhr/redis latest 65d42afa15e3 5 minutes ago 98.46 MB (virtual 278.6 MB) core@localhost ~ $ docker rmi 65d42afa15e3 Untagged: 65d42afa15e3 Deleted: 65d42afa15e3 core@localhost ~ $ docker images REPOSITORY TAG ID CREATED SIZE base latest b750fe79269d 4 months ago 24.65 kB (virtual 180.1 MB) base ubuntu-12.10 b750fe79269d 4 months ago 24.65 kB (virtual 180.1 MB) base ubuntu-quantal b750fe79269d 4 months ago 24.65 kB (virtual 180.1 MB) base ubuntu-quantl b750fe79269d 4 months ago 24.65 kB (virtual 180.1 MB)
Dockerfileでイメージを作成する
先ほど手動で作ったイメージのDockerfileを公式ドキュメントを参考に作成してみる。ファイル名はDockerfile
固定でディレクトリの名前で分けるらしい。
core@localhost ~ $ mkdir redis core@localhost ~ $ cat << EOF > redis/Dockerfile > FROM base > > RUN apt-get update > RUN apt-get -y install redis-server > > RUN echo "1" >> /proc/sys/vm/overcommit_memory > > EXPOSE 6379 > CMD ["/usr/bin/redis-server"] > > EOF
Dockerfileからイメージをビルドする。-t
でタグを付けないと後で分からなくなるので注意。
core@localhost ~ $ docker build -t "nkwhr/redis" redis/. Uploading context 10240 bytes Step 1 : FROM base ---> b750fe79269d Step 2 : RUN apt-get update ---> Running in 172e054d6279 Ign http://archive.ubuntu.com quantal InRelease Hit http://archive.ubuntu.com quantal Release.gpg Hit http://archive.ubuntu.com quantal Release Hit http://archive.ubuntu.com quantal/main amd64 Packages Get:1 http://archive.ubuntu.com quantal/universe amd64 Packages [5274 kB] Get:2 http://archive.ubuntu.com quantal/multiverse amd64 Packages [131 kB] Get:3 http://archive.ubuntu.com quantal/main Translation-en [660 kB] Get:4 http://archive.ubuntu.com quantal/multiverse Translation-en [100 kB] Get:5 http://archive.ubuntu.com quantal/universe Translation-en [3648 kB] Fetched 9813 kB in 31s (311 kB/s) Reading package lists... ---> 8977b1864b87 Step 3 : RUN apt-get -y install redis-server ---> Running in e4271b4541b9 Reading package lists... Building dependency tree... The following extra packages will be installed: libjemalloc1 The following NEW packages will be installed: libjemalloc1 redis-server 0 upgraded, 2 newly installed, 0 to remove and 0 not upgraded. Need to get 319 kB of archives. After this operation, 821 kB of additional disk space will be used. Get:1 http://archive.ubuntu.com/ubuntu/ quantal/universe libjemalloc1 amd64 3.0.0-3 [85.9 kB] Get:2 http://archive.ubuntu.com/ubuntu/ quantal/universe redis-server amd64 2:2.4.15-1 [233 kB] debconf: unable to initialize frontend: Dialog debconf: (TERM is not set, so the dialog frontend is not usable.) debconf: falling back to frontend: Readline debconf: unable to initialize frontend: Readline debconf: (Can't locate Term/ReadLine.pm in @INC (@INC contains: /etc/perl /usr/local/lib/perl/5.14.2 /usr/local/share/perl/5.14.2 /usr/lib/perl5 /usr/share/perl5 /usr/lib/perl/5.14 /usr/share/perl/5.14 /usr/local/lib/site_perl .) at /usr/share/perl5/Debconf/FrontEnd/Readline.pm line 7, <> line 2.) debconf: falling back to frontend: Teletype Fetched 319 kB in 7s (41.9 kB/s) Selecting previously unselected package libjemalloc1. (Reading database ... 9893 files and directories currently installed.) Unpacking libjemalloc1 (from .../libjemalloc1_3.0.0-3_amd64.deb) ... Selecting previously unselected package redis-server. Unpacking redis-server (from .../redis-server_2%3a2.4.15-1_amd64.deb) ... Processing triggers for ureadahead ... Setting up libjemalloc1 (3.0.0-3) ... Setting up redis-server (2:2.4.15-1) ... Starting redis-server: redis-server. Processing triggers for libc-bin ... ldconfig deferred processing now taking place Processing triggers for ureadahead ... ---> 1ea55dcab84b Step 4 : RUN echo "1" >> /proc/sys/vm/overcommit_memory ---> Running in 7ca5749dfd82 ---> 9a52587bdfc3 Step 5 : EXPOSE 6379 ---> Running in aed23a65bbf2 ---> 28507f115d36 Step 6 : CMD ["/usr/bin/redis-server"] ---> Running in 05b97666a223 ---> 9eac24afacf1 Successfully built 9eac24afacf1
core@localhost ~ $ docker images REPOSITORY TAG ID CREATED SIZE base latest b750fe79269d 4 months ago 24.65 kB (virtual 180.1 MB) base ubuntu-12.10 b750fe79269d 4 months ago 24.65 kB (virtual 180.1 MB) base ubuntu-quantal b750fe79269d 4 months ago 24.65 kB (virtual 180.1 MB) base ubuntu-quantl b750fe79269d 4 months ago 24.65 kB (virtual 180.1 MB) nkwhr/redis latest 9eac24afacf1 31 seconds ago 12.29 kB (virtual 302.1 MB)
Dockerfileに書いたCMD
部分がrun
で実行されるので、今回はコマンドを渡さずに起動出来る。
core@localhost ~ $ docker run -d nkwhr/redis c04b5b36626a core@localhost ~ $ docker ps ID IMAGE COMMAND CREATED STATUS PORTS c04b5b36626a nkwhr/redis:latest /usr/bin/redis-serve 4 seconds ago Up 4 seconds 49175->6379 core@localhost ~ $ docker logs c04b5b36626a [1] 10 Aug 14:42:54 # Warning: no config file specified, using the default config. In order to specify a config file use 'redis-server /path/to/redis.conf' [1] 10 Aug 14:42:54 * Server started, Redis version 2.4.15 [1] 10 Aug 14:42:54 * The server is now ready to accept connections on port 6379 [1] 10 Aug 14:42:54 - 0 clients connected (0 slaves), 790840 bytes in use [1] 10 Aug 14:42:59 - 0 clients connected (0 slaves), 790840 bytes in use
せっかくCoreOSを使っているのでetcd
やsystemd
も使ってみたかったけど、上手く行かなかったので今回はここまで。
参考
- http://apatheia.info/blog/2013/06/17/docker/
- http://www.johnmcostaiii.net/2013/installing-redis-on-docker/
- http://crosbymichael.com/dockerfile-best-practices.html
追記
アプリケーションの実行環境とプログラムを入れたイメージまたはDockerfileが配布されるようになれば、インストール方法に悩むことなくカジュアルに色々試せていいなと思っていたのですが、すでにそういう記事があがってました。
http://blog.64p.org/entry/2013/08/14/185519
素敵です。