Skip to main content

7 posts tagged with "docker"

View All Tags

· 3 min read
Hreniuc Cristian-Alexandru

MariaDB container

I started the mariadb container like this:

version: "3"
name: "mariadb"
services:
mariadb:
image: mariadb:10.10.2
container_name: mariadb_prod_1
ports:
- "3306:3306"
volumes:
- ./fs/mariadb/volume:/var/lib/mysql:rw
- ./fs/mariadb/mysqld:/var/run/mysqld:rw
- ./fs/mariadb/log:/var/log/mysql:rw
- ./fs/mariadb/conf.d:/etc/mysql/conf.d:ro
environment:
MARIADB_MYSQL_LOCALHOST_USER: 1
MARIADB_MYSQL_LOCALHOST_GRANTS: "RELOAD, PROCESS, LOCK TABLES, BINLOG MONITOR"
MARIADB_ROOT_PASSWORD: password
restart: always

Those folders are empty at startup, I used them to make the server data persistent and also because some were required by mariabackup.

Afterwards I created a script which is ran by a cronjob, the script creates a full backup using mariabackup and uploads the backup to S3 or back blaze using restic(restic detects which files are already up and it won't upload them again).

· One min read
Hreniuc Cristian-Alexandru

I needed this when I switched from kubernetes to docker compose(Kubernetes was too much to maintain and I only had one small project).

To load balance I used the following config for nginx:

upstream pool-of-services {
# Resolved by docker dns, so they must exist at nginx startup, othewise this fails
server container_1:6070;
server container_2:6070;
}

server {
# Listen to port 443 on both IPv4 and IPv6.
listen 443 ssl;
listen [::]:443 ssl;

location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://pool-of-services;
}
}

Source

· One min read
Hreniuc Cristian-Alexandru

To do so, I used jonasal/nginx-certbot docker image.

My docker compose file looked like this:

version: "3"
name: "nginx"
services:
nginx:
image: jonasal/nginx-certbot:3.3.1
container_name: nginx_prod_1
ports:
- 80:80
- 443:443
volumes:
- ./fs/nginx/secrets:/etc/letsencrypt:rw
- ./fs/nginx/log:/var/log/nginx:rw
- ./fs/nginx/user_conf.d:/etc/nginx/user_conf.d:ro
environment:
DEBUG: 1
CERTBOT_EMAIL: email
#STAGING: 1
restart: always

· 2 min read
Hreniuc Cristian-Alexandru

Official docker image for postgresql.

Official docker image for pgadmin4.

Docker compose file

The docker compose file has been taken from here.

Environments

This Compose file contains the following environment variables:

  • POSTGRES_USER the default value is postgres
  • POSTGRES_PASSWORD the default value is changeme
  • PGADMIN_PORT the default value is 5050
  • PGADMIN_DEFAULT_EMAIL the default value is pgadmin4@pgadmin.org
  • PGADMIN_DEFAULT_PASSWORD the default value is admin
version: "3.5"

services:
postgres:
container_name: postgres_container
image: postgres
environment:
POSTGRES_USER: ${POSTGRES_USER:-postgres}
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-changeme}
PGDATA: /data/postgres
volumes:
- postgres:/data/postgres
ports:
- "5432:5432"
networks:
- postgres
restart: unless-stopped

pgadmin:
container_name: pgadmin_container
image: dpage/pgadmin4:6.13
environment:
PGADMIN_DEFAULT_EMAIL: ${PGADMIN_DEFAULT_EMAIL:-pgadmin4@pgadmin.org}
PGADMIN_DEFAULT_PASSWORD: ${PGADMIN_DEFAULT_PASSWORD:-admin}
PGADMIN_CONFIG_SERVER_MODE: "False"
volumes:
- pgadmin:/var/lib/pgadmin

ports:
- "${PGADMIN_PORT:-5050}:80"
networks:
- postgres
restart: unless-stopped

networks:
postgres:
driver: bridge

volumes:
postgres:
pgadmin:

Start services

docker compose up -d

Access to postgres:

  • localhost:5432
  • Username: postgres (as a default)
  • Password: changeme (as a default)

Access to PgAdmin:

  • URL: - http://localhost:5050
  • Username: pgadmin4@pgadmin.org (as a default)
  • Password: admin (as a default)

Add a new server in PgAdmin:

  • Host name/address postgres_container
  • Port 5432
  • Username as POSTGRES_USER, by default: postgres
  • Password as POSTGRES_PASSWORD, by default changeme

Logging

There are no easy way to configure pgadmin log verbosity and it can be overwhelming at times. It is possible to disable pgadmin logging on the container level.

Add the following to pgadmin service in the docker-compose.yml:

logging:
driver: "none"

reference

Access between containers

They share a bridge network, to connect pgadmin to postgresql, you should use postgres_container as a dns in the pgadmin container.

Using the psql client from ubuntu

Install

sudo apt-get install postgresql-client

Connect to the postgresql

psql -p 5432 -h localhost -U postgres -W

· One min read
Hreniuc Cristian-Alexandru
# What does --device /dev/vboxdrv:/dev/vboxdrv do?
# Does it write to the host system?

docker run --rm=true --name="container_name" \
--privileged=true --device /dev/vboxdrv:/dev/vboxdrv \
-e DISPLAY=$DISPLAY -v /tmp/.X11-unix/:/tmp/.X11-unix \
-it \
mpfmedical/virtualbo
# In container:
$ virtualbox

· 3 min read
Hreniuc Cristian-Alexandru

Debian host - ubuntu docker:

# Allow x11 forwarding
xhosts +

docker run --rm=true --name="container_name" -e DISPLAY=$DISPLAY -v /tmp/.X11-unix/:/tmp/.X11-unix -it image_name /bin/bash
# This is the most important part from the command:
# -e DISPLAY=$DISPLAY -v /tmp/.X11-unix/:/tmp/.X11-unix

Run GUI apps on docker without xserver installed on host

We have three layers: A -> My desktop PC**B -> Host server(runs docker) C -> docker container that runs on BHow to connect to C and run a GUI app from A? Without having installed xserver on B** (no -e DISPLAY=$DISPLAY -v /tmp/.X11-unix/:/tmp/.X11-unix options given to the docker run command). I did it this way:

  1. Create a docker image with ssh running on it: Here
  FROM ubuntu:16.04

RUN apt-get update && apt-get install -y openssh-server
RUN mkdir /var/run/sshd
RUN echo 'root:screencast' | chpasswd
RUN sed -i 's/PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config

# SSH login fix. Otherwise user is kicked off after login
RUN sed 's@session\s*required\s*pam_loginuid.so@session optional pam_loginuid.so@g' -i /etc/pam.d/sshd

ENV NOTVISIBLE in users profile
RUN echo export VISIBLE=now >> /etc/profile

EXPOSE 22
CMD [/usr/sbin/sshd, -D]
  1. Build the image: docker build -t ubuntu_sshd .

  2. Run the container: docker run -d -P --name test_sshd ubuntu_sshd

  3. Get port of the docker container: docker port test_sshd 22

  4. Now connect to it using ssh:

    ssh root@ip -p port
    # The password is ``screencast``.
    root@f38c87f2a42d:/#
  5. Enable X11Forwarding : Add X11Forwarding yes to /etc/ssh/sshd_config

  6. Disable X11UseLocalhost : Add X11UseLocalhost no to /etc/ssh/sshd_config

  7. Reload ssh config: /etc/init.d/ssh reload

  8. Exit from the ssh session

  9. All those commands were made from the B machine(from 5 - 8 were run on the docker container)

  10. Now go to your desktop machine A and connect via ssh on the docker machine(also enable x forwarding on your destktop PC), using the ip of B and the port you got from the command at step 4:

  # Allow xserver forward(allow clients to connect to your x server)
$ xhost +
# Connect via ssh and forward the xserver `-X`
$ ssh -X root@B_host_ip -p docker_port
# The password is ``screencast``.
root@f38c87f2a42d:/# apt-get install x11-apps -y
root@f38c87f2a42d:/# xeyes
# Magic happens!!!

Debian:

# Debian with sshd
FROM debian
RUN apt-get update

RUN apt-get install -y openssh-server

RUN echo 'root:password' | chpasswd

RUN mkdir -p /var/run/sshd && sed -i s/UsePrivilegeSeparation.*//g /etc/ssh/sshd_config \
&& sed -i 's/PermitRootLogin without-password//' /etc/ssh/sshd_config \
&& touch /root/.Xauthority \
&& true

RUN sed -i 's/PermitRootLogin .*/PermitRootLogin yes/' /etc/ssh/sshd_config

RUN echo X11UseLocalhost no >> /etc/ssh/sshd_config
RUN echo PermitRootLogin yes >> /etc/ssh/sshd_config
RUN echo UsePrivilegeSeparation no >> /etc/ssh/sshd_config

EXPOSE 22

CMD [/usr/sbin/sshd, -D]