Date created: 03/03/21 12:32:27. Last modified: 03/03/21 14:27:42

Docker

 

Creating A New Image

In this example a new Docker image is created which will run GoBGP.

 

Create a Dockerfile:

$ vi ./Dockerfile# The commands in capital letters are the Docker commands.

# A Dockerfile must begin with a FROM instruction
# FROM provides the user-space environment the application will run in, the actual Kernel is provide by the host machine
# https://hub.docker.com/_/ubuntu
FROM ubuntu:20.04

RUN apt-get update && apt-get install -y wget
# iproute2: provides "ip"
# inetutils-ping: provides "ping/ping6"
# net-tools: provides "netstat"
RUN wget https://github.com/osrg/gobgp/releases/download/v2.24.0/gobgp_2.24.0_linux_amd64.tar.gz && \
tar -zxvf gobgp_2.24.0_linux_amd64.tar.gz && \
mv gobgp* /usr/bin/

RUN mkdir -p /opt/gobgp
WORKDIR /opt/gobgp/
COPY gobgp*.cfg /opt/gobgp/
# ^ COPY from the relative path on the host machine to the relative path in the Docker container.
# WORKDIR set the pwd within the container to /opt/gobgp so the config files in the host machines
# ./ folder will be copied to /opt/gobgp within the container, so we could have used COPY gobgp*.cfg ./

# Expose the following port to to the host machine, by default this is a TCP port
# The following is the same as below: EXPOSE 50051/tcp
# TCP and UDP ports are exposed separately, a 2nd EXPOSE statement would be required to expose UDP
EXPOSE 50051
# EXPOSE 50051/udp

# ENTRYPOINT ["executable", "param1", "param2"]
# or
# ENTRYPOINT command param1 param2
ENTRYPOINT ["gobgpd", "-f", "gobgp1.cfg"]

 

Build and manage images:

$ sudo docker build -t gobgp-2.24.0 .

# List docker images
$ sudo docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
gobgp-2.24.0 latest 735449809023 48 minutes ago 149MB
ubuntu 20.04 f63181f19b2f 4 weeks ago 72.9MB
hello-world latest bf756fb1ae65 13 months ago 13.3kB
p4lang/p4app rc-2.0.0 3bea7bbb9ad0 2 years ago 1.13GB

# Delete docker image
$ sudo docker rmi 3bea7bbb9ad0

 

Running containers based on the newly build image:

# Run a container in an interactive mode and automatically remove it when the container exists
$ sudo docker run -it --rm gobgp-2.24.0

# Or, run in detached (headless/non-interactive) mode
$ sudo docker run -d --rm gobgp-2.24.0

# To expose all ports defined in the Docker file to random ephemeral ports on the host machine, add -P to the docker run command.
# To expose only specific ports, or to control which port numbers on the host machine the container ports are linked to, add the -p option to the docker run command and specify the host IP, host port, and container port:

# Expose container port 6666 to host port 5555 on host IP 10.0.0.123:
$ sudo docker run -d -p 10.0.0.123:5555:6666 gobgp-2.24.0

# Expose container port 6666 to host post 5555 without specifying an IP:
$ sudo docker run -d -p 5555:6666 gobgp-2.24.0

# Expose container port 6666 to host port 6666 on IP 10.0.0.123:
$ sudo docker run -d -p 10.0.0.123::6666 gobgp-2.24.0

# Expose container TCP 6666 to host TCP port 5555 and container UDP port 6666 to host UDP port 5555
$ sudo docker run -d -p 5555:6666/tcp -p 5555:6666/udp gobgp-2.24.0

# In another window, show running containers
$ sudo docker container ls
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
d4b69d0a30c0 gobgp-2.24.0 "/bin/bash" 3 seconds ago Up 2 seconds kind_lamport

# In another window, show all containers, running and stopped
$ sudo docker container ls -a

# In another window, show live docker resource usage for all running containers
$ sudo docker container stats
CONTAINER ID NAME CPU % MEM USAGE / LIMIT MEM % NET I/O BLOCK I/O PIDS
a48bb9bdd0aa priceless_proskuriakova 0.00% 1.859MiB / 7.48GiB 0.02% 3.77kB / 0B 0B / 0B 1

 

Deleting containers and base images:

# To delete a base image, all containers that use that image must be stopped and removed
$ sudo docker container CONTAINER_ID stop
$ sudo docker rm CONTAINER_ID
$ sudo docker container ls -a
$ sudo docker rmi IMAGE_ID

 

Docker Networking

Enabling IPv6:

# Enable IPv6 globally and provide a default subnet for containers to use in the default "bridge" network.
# The default IPv4 pool 172.16.0.0/16 is also specified here, which is used in blocks of /24:
$ cat /etc/docker/daemon.json
{
"default-address-pools": [
{"base":"172.16.0.0/16","size":24}
],
"ipv6": true,
"fixed-cidr-v6": "2001:db8:1::/64"
}

# Restart docker
$ sudo systemctl restart docker

# The host machine now has an IP address assigned to it's default docker bridge:
$ ip -6 a show dev docker0
6: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 state DOWN
inet6 2001:db8:1::1/64 scope global
valid_lft forever preferred_lft forever

# After starting a container attached to the default docker network bridge called "bridge", it can be seen that the container has an IPv6 address assigned:
root@52d4e2c26987:/# ip -6 a show dev eth0
51: eth0@if52: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default link-netnsid 0
inet6 2001:db8:1::242:ac11:2/64 scope global nodad
valid_lft forever preferred_lft forever
inet6 fe80::42:acff:fe11:2/64 scope link
valid_lft forever preferred_lft forever

# The container can ping the host docker bridge network
$ ping6 2001:db8:1::1
PING 2001:db8:1::1 (2001:db8:1::1): 56 data bytes
64 bytes from 2001:db8:1::1: icmp_seq=0 ttl=64 time=0.151 ms
64 bytes from 2001:db8:1::1: icmp_seq=1 ttl=64 time=0.201 ms
^C--- 2001:db8:1::1 ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss

 

Adding a new network bridge:

# List docker networks
$ sudo docker network ls
NETWORK ID NAME DRIVER SCOPE
857a2927ed51 bridge bridge local
fe1a6081b571 host host local
12bdf2463ce4 none null local

# Create a new user-defined network
$ sudo docker network create --driver=bridge --subnet=10.0.255.0/24 --ipv6 --subnet=2001:db8:2::/64 dbr0

# Show the detailed configuration of a docket network
$ sudo docker network inspect dbr0

# Connect a running container to this user specified network
$ sudo docker network connect dbr0 52d4e2c26987

# Check from within the container, that it now has an IP address in this bridges subnet:
$ ip -6 a show dev eth1
53: eth1@if54: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default link-netnsid 0
inet6 2001:db8:2::2/64 scope global nodad
valid_lft forever preferred_lft forever
inet6 fe80::42:aff:fe00:ff02/64 scope link
valid_lft forever preferred_lft forever

# The container can now ping the IP address of the new docker network:
$ ping6 2001:db8:2::1
PING 2001:db8:2::1 (2001:db8:2::1): 56 data bytes
64 bytes from 2001:db8:2::1: icmp_seq=0 ttl=64 time=0.122 ms
64 bytes from 2001:db8:2::1: icmp_seq=1 ttl=64 time=0.163 ms
^C--- 2001:db8:2::1 ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max/stddev = 0.122/0.143/0.163/0.000 ms

 


Previous page: Raspberry Pi 2 Notes
Next page: dropwatch