docker

docker

修改正在运行的docker容器,禁用重启自动启动

Linux马化云 发表了文章 • 0 个评论 • 1842 次浏览 • 2023-03-26 11:17 • 来自相关话题

启动拖慢了速度,尤其是一些只用一两次的镜像,每次还在电脑重启时容器跟随启动,太占用资源。
 
可以使用 docker update 命令修改容器的配置,示例命令如下:docker update --restart=no <容器ID或名称>

这条命令会将容器的重启策略设置为不重启,即禁用重启自动启动。如果需要启用自动启动,只需要将 --restart 参数的值改为 always 或 on-failure 等相应的选项即可。 

需要注意的是,修改容器的配置并不会立即生效,需要重启容器才能使修改生效。可以使用 docker restart 命令重启容器,示例命令如下:
docker restart <容器ID或名称>


执行这条命令后,容器会被重启并应用新的配置。 查看全部
启动拖慢了速度,尤其是一些只用一两次的镜像,每次还在电脑重启时容器跟随启动,太占用资源。
 
可以使用 docker update 命令修改容器的配置,示例命令如下:
docker update --restart=no <容器ID或名称>


这条命令会将容器的重启策略设置为不重启,即禁用重启自动启动。如果需要启用自动启动,只需要将 --restart 参数的值改为 always 或 on-failure 等相应的选项即可。 

需要注意的是,修改容器的配置并不会立即生效,需要重启容器才能使修改生效。可以使用 docker restart 命令重启容器,示例命令如下:
docker restart <容器ID或名称>



执行这条命令后,容器会被重启并应用新的配置。

docker安装的podman报错

Linux李魔佛 发表了文章 • 0 个评论 • 2288 次浏览 • 2022-07-17 18:29 • 来自相关话题

podman 报错
ERRO[0000] 'overlay' is not supported over overlayfs
Error: error creating libpod runtime: 'overlay' is not supported over overlayfs: backing file system is unsupported for this graph driver
本来计划在docker里面安装一个docker,启动docker报错,
于是安装了一个podman,结果ps -a的时候报错。
 
唯一的办法,可能就是启动第一个docker的时候使用特权模式, privillage=True
  查看全部
podman 报错
ERRO[0000] 'overlay' is not supported over overlayfs    
Error: error creating libpod runtime: 'overlay' is not supported over overlayfs: backing file system is unsupported for this graph driver

本来计划在docker里面安装一个docker,启动docker报错,
于是安装了一个podman,结果ps -a的时候报错。
 
唯一的办法,可能就是启动第一个docker的时候使用特权模式, privillage=True
 

docker访问外部主机的ip

Linux马化云 发表了文章 • 0 个评论 • 2906 次浏览 • 2022-05-10 01:48 • 来自相关话题

假如在linux里面安装了一个docker,然后linux做了一个http接口,端口为80.
 
那么假如我部署了一个nginx容器在docker里面,那么我的nginx要如何反向代理到我的linux主机的80端口呢?
 
那么我们测试一下,加入nginx容器的名字为ng110,那么我们通过命令docker exec -it ng110 /bin/bash
进入容器内部。
 
然后我们尝试curl获取主机的80端口。
 
首先,curl http://127.0.0.1/
 
这样子是不通的,因为127.0.0.1是docker内部的回环地址。并不是外部linux的ip。
 
那么我们先在linux外部,运行命令:ifconfig

 
这里有一个docker的的字样的ip地址。 那么这个地址就是在docker看来的外部ip地址。
 
然后我们继续回到docker容器里面,curl http://172.17.0.1/
结果我们发现有返回数据了。
 
所以在外面的ifconfig的docker容器地址,就是主机相对容器的ip地址。
 
所以我的nginx配置文件应该这么写:
 

 
proxy_pass http://172.17.0.1:80 查看全部
假如在linux里面安装了一个docker,然后linux做了一个http接口,端口为80.
 
那么假如我部署了一个nginx容器在docker里面,那么我的nginx要如何反向代理到我的linux主机的80端口呢?
 
那么我们测试一下,加入nginx容器的名字为ng110,那么我们通过命令docker exec -it ng110 /bin/bash
进入容器内部。
 
然后我们尝试curl获取主机的80端口。
 
首先,curl http://127.0.0.1/
 
这样子是不通的,因为127.0.0.1是docker内部的回环地址。并不是外部linux的ip。
 
那么我们先在linux外部,运行命令:ifconfig

 
这里有一个docker的的字样的ip地址。 那么这个地址就是在docker看来的外部ip地址。
 
然后我们继续回到docker容器里面,curl http://172.17.0.1/
结果我们发现有返回数据了。
 
所以在外面的ifconfig的docker容器地址,就是主机相对容器的ip地址。
 
所以我的nginx配置文件应该这么写:
 

 
proxy_pass http://172.17.0.1:80

ubuntu安装微信PC版

Linux李魔佛 发表了文章 • 0 个评论 • 2783 次浏览 • 2022-04-10 17:13 • 来自相关话题

使用的方案是docker-wechat:





 
使用一行命令就可以安装:curl -sL https://gitee.com/mirrors/doch ... at.sh | bash
 
前提你已经安装了docker
 
上面的命令不能用sudo安装,
如果所docker需要sudo启动,可以设置一下用户:sudo usermod -aG docker $USER
 





 如果遇到错误:
mkdir: 无法创建目录 “/home/user/.wine/drive_c/users/user/Application Data/Tencent”: 权限不够
 
需要把用户目录下的DoWechat 文件夹给一个777的权限。
sudo chmod +R 777 DoWechat
 
 然后重新运行
curl -sL https://gitee.com/mirrors/doch ... at.sh | bash
 
就可以扫描登陆PC版微信了。
 
其底层用的就是Wine。 类似与ubuntu下的windows模拟框架。
 
  查看全部
使用的方案是docker-wechat:

68747470733a2f2f6875616e2e6769746875622e696f2f646f636b65722d7765636861742f696d616765732f7465726d2d646f636861742e706e67.png

 
使用一行命令就可以安装:
curl -sL https://gitee.com/mirrors/doch ... at.sh | bash

 
前提你已经安装了docker
 
上面的命令不能用sudo安装,
如果所docker需要sudo启动,可以设置一下用户:
sudo usermod -aG docker $USER

 
20220410_001.png


 如果遇到错误:
mkdir: 无法创建目录 “/home/user/.wine/drive_c/users/user/Application Data/Tencent”: 权限不够
 
需要把用户目录下的DoWechat 文件夹给一个777的权限。
sudo chmod +R 777 DoWechat
 
 然后重新运行
curl -sL https://gitee.com/mirrors/doch ... at.sh | bash
 
就可以扫描登陆PC版微信了。
 
其底层用的就是Wine。 类似与ubuntu下的windows模拟框架。
 
 

Docker sed: cannot rename /etc/sedyGSbui: Device or resource busy

Linux李魔佛 发表了文章 • 0 个评论 • 3267 次浏览 • 2022-04-10 14:19 • 来自相关话题

挂载nginx配置文件时会出现这个问题。 
 
比如挂载命令如下:
docker run -p 80:80 --name mynginx --privileged=true -v /data/nginx/html:/usr/share/nginx/html -v /data/nginx/conf/nginx.conf:/etc/nginx/nginx.conf -v /data/nginx/conf.d/default.conf:/etc/nginx/conf.d/default.conf -v /data/nginx/logs:/var/log/nginx -d nginx:1.21
如果有文件存在,可以改为挂载其父母录
比如这里:
 /data/nginx/conf.d/default.conf:/etc/nginx/conf.d/default.conf

把它改成 
/data/nginx/conf.d:/etc/nginx/conf.d
即可解决这个问题。
 
 
  查看全部
挂载nginx配置文件时会出现这个问题。 
 
比如挂载命令如下:
docker run -p 80:80 --name mynginx --privileged=true -v /data/nginx/html:/usr/share/nginx/html -v /data/nginx/conf/nginx.conf:/etc/nginx/nginx.conf -v /data/nginx/conf.d/default.conf:/etc/nginx/conf.d/default.conf -v /data/nginx/logs:/var/log/nginx -d nginx:1.21

如果有文件存在,可以改为挂载其父母录
比如这里:
 
/data/nginx/conf.d/default.conf:/etc/nginx/conf.d/default.conf

把它改成 
/data/nginx/conf.d:/etc/nginx/conf.d

即可解决这个问题。
 
 
 

查看docker运行的容器的启动命令

Linux李魔佛 发表了文章 • 0 个评论 • 1779 次浏览 • 2022-04-04 23:52 • 来自相关话题

对于经常运行docker的朋友来说, 系统里面运行着大量的docker容器,然后有时候想要查看一个正在运行的容器的启动命令, 这个也是常用操作。
 
这时可以用到一个python脚本,runlike
 
安装:
pip install runlike
 
体积很小,估计就几k不到。
 
然后运行:
runlike -p 容器名字
  查看全部
对于经常运行docker的朋友来说, 系统里面运行着大量的docker容器,然后有时候想要查看一个正在运行的容器的启动命令, 这个也是常用操作。
 
这时可以用到一个python脚本,runlike
 
安装:
pip install runlike
 
体积很小,估计就几k不到。
 
然后运行:
runlike -p 容器名字
 

docker compose 部署 Wordpress

Linux李魔佛 发表了文章 • 0 个评论 • 1618 次浏览 • 2022-04-04 20:03 • 来自相关话题

看一个B站的视频,然后顺着用官方的一个docker-compose.yml 的文件,创建的wordpress一直无法连接数据库。一直是失败的,太无语。
这个失败的wordpress的compose yaml文件如下:
 
version: '3.1'

services:

wordpress:
image: wordpress
restart: always
ports:
- 8080:80
environment:
WORDPRESS_DB_HOST: db
WORDPRESS_DB_USER: exampleuser
WORDPRESS_DB_PASSWORD: examplepass
WORDPRESS_DB_NAME: exampledb
volumes:
- wordpress:/var/www/html

db:
image: mysql:5.7
restart: always
environment:
MYSQL_DATABASE: exampledb
MYSQL_USER: exampleuser
MYSQL_PASSWORD: examplepass
MYSQL_RANDOM_ROOT_PASSWORD: '1'
volumes:
- db:/var/lib/mysql

volumes:
wordpress:
db:
 
使用logs查看,报错信息如下:
MySQL Connection Error: (1045) Access denied for user 'root'@'172.23.0.3' (using password: YES)
问题的根源在于用这个compose文件创建的数据库无法连接。 这个数据用的是要大于mysql > 5.7.
创建后默认的密码是root为空,而登录需要用到一个密码转换的插件。
 
 
后面找了另外一个wordpress 可以正常运行的:
version: "3.3"

services:
db:
image: mysql:5.7
volumes:
- db_data:/var/lib/mysql
restart: always
environment:
MYSQL_ROOT_PASSWORD: somewordpress
MYSQL_DATABASE: wordpress
MYSQL_USER: wordpress
MYSQL_PASSWORD: wordpress

wordpress:
depends_on:
- db
image: wordpress:latest
volumes:
- wordpress_data:/var/www/html
ports:
- "8000:80"
restart: always
environment:
WORDPRESS_DB_HOST: db
WORDPRESS_DB_USER: wordpress
WORDPRESS_DB_PASSWORD: wordpress
WORDPRESS_DB_NAME: wordpress
volumes:
db_data: {}
wordpress_data: {} 
  查看全部
看一个B站的视频,然后顺着用官方的一个docker-compose.yml 的文件,创建的wordpress一直无法连接数据库。一直是失败的,太无语。
这个失败的wordpress的compose yaml文件如下:
 
version: '3.1'

services:

wordpress:
image: wordpress
restart: always
ports:
- 8080:80
environment:
WORDPRESS_DB_HOST: db
WORDPRESS_DB_USER: exampleuser
WORDPRESS_DB_PASSWORD: examplepass
WORDPRESS_DB_NAME: exampledb
volumes:
- wordpress:/var/www/html

db:
image: mysql:5.7
restart: always
environment:
MYSQL_DATABASE: exampledb
MYSQL_USER: exampleuser
MYSQL_PASSWORD: examplepass
MYSQL_RANDOM_ROOT_PASSWORD: '1'
volumes:
- db:/var/lib/mysql

volumes:
wordpress:
db:

 
使用logs查看,报错信息如下:
MySQL Connection Error: (1045) Access denied for user 'root'@'172.23.0.3' (using password: YES)

问题的根源在于用这个compose文件创建的数据库无法连接。 这个数据用的是要大于mysql > 5.7.
创建后默认的密码是root为空,而登录需要用到一个密码转换的插件。
 
 
后面找了另外一个wordpress 可以正常运行的:
version: "3.3"

services:
db:
image: mysql:5.7
volumes:
- db_data:/var/lib/mysql
restart: always
environment:
MYSQL_ROOT_PASSWORD: somewordpress
MYSQL_DATABASE: wordpress
MYSQL_USER: wordpress
MYSQL_PASSWORD: wordpress

wordpress:
depends_on:
- db
image: wordpress:latest
volumes:
- wordpress_data:/var/www/html
ports:
- "8000:80"
restart: always
environment:
WORDPRESS_DB_HOST: db
WORDPRESS_DB_USER: wordpress
WORDPRESS_DB_PASSWORD: wordpress
WORDPRESS_DB_NAME: wordpress
volumes:
db_data: {}
wordpress_data: {}
 
 

docker restart always 不起作用

Linux李魔佛 发表了文章 • 0 个评论 • 1818 次浏览 • 2021-10-25 13:56 • 来自相关话题

出错了可以看看docker的日志
docker logs xxxxxxxxxx
 
xxxxxxx 为该容器的sha哈希的ID值
 
然后发现,--restart=always 被识别为非正确参数。 
大概知道问题是 --restart 的位置不对, 它不能放在最后,
吧 --restart=always 放到前面 就可以了。
  查看全部
出错了可以看看docker的日志
docker logs xxxxxxxxxx
 
xxxxxxx 为该容器的sha哈希的ID值
 
然后发现,--restart=always 被识别为非正确参数。 
大概知道问题是 --restart 的位置不对, 它不能放在最后,
吧 --restart=always 放到前面 就可以了。
 

docker run 和 create 区别

Linux李魔佛 发表了文章 • 0 个评论 • 7667 次浏览 • 2019-11-25 13:49 • 来自相关话题

Technically, docker run = docker create + docker start . 
docker create command creates a writeable container from the image and prepares it for running. 
docker run command creates the container (same as docker create ) and starts it.
 
  查看全部
Technically, docker run = docker create + docker start
docker create command creates a writeable container from the image and prepares it for running. 
docker run command creates the container (same as docker create ) and starts it.
 
 

用docker编译go代码

Linux李魔佛 发表了文章 • 0 个评论 • 4046 次浏览 • 2019-11-25 13:45 • 来自相关话题

如果偶尔需要编译go代码,但是又不想要安装一堆乱七八糟的依赖和Go编译器,可以利用docker来实现。 应该是解决起来话费时间最小的。
1. 用文本编辑你的go代码,现在以hello world为例:
 package main import "fmt" func main() {
/* 这是我的第一个简单的程序 */
fmt.Println("Hello, World!")
}
 
2. 然后直接使用docker执行编译。docker首先会自动去下载go的编译器,顺便把所有的依赖给解决掉

docker run --rm -v "$(pwd)":/usr/src/hello -w /usr/src/hello golang:1.3 go build -v
 
最后会在本地生成一个编译好的hello静态文件。
上述docker命令的具体含义就是把当前路径挂在到docker容器里头,然后切换到改到改路径下,然后进行编译。 查看全部

如果偶尔需要编译go代码,但是又不想要安装一堆乱七八糟的依赖和Go编译器,可以利用docker来实现。 应该是解决起来话费时间最小的。
1. 用文本编辑你的go代码,现在以hello world为例:
 
package main import "fmt" func main() {
/* 这是我的第一个简单的程序 */
fmt.Println("Hello, World!")
}

 
2. 然后直接使用docker执行编译。docker首先会自动去下载go的编译器,顺便把所有的依赖给解决掉

docker run --rm -v "$(pwd)":/usr/src/hello -w /usr/src/hello golang:1.3 go build -v
 
最后会在本地生成一个编译好的hello静态文件。
上述docker命令的具体含义就是把当前路径挂在到docker容器里头,然后切换到改到改路径下,然后进行编译。

docker实战 代码勘误

Linux李魔佛 发表了文章 • 0 个评论 • 2735 次浏览 • 2019-11-25 11:24 • 来自相关话题

作者在官网刊登的勘误记录:
 
看这本书的作者一定要看,不然坑挺多的。
一路采坑过来的哭着说。Last updated August 21, 2016
In an effort to offer continued support beyond publication, we have listed many updates to code due to version updates.

[code - omission] Page 18

The command to start the "mailer" is missing a line. Where the book reads:
docker run -d \
--name mailer \
the proper command should read:
docker run -d \
--name mailer \
dockerinaction/ch2_mailer

[code - regression] Page 68

Newer versions of Docker have changed the structure of the JSON returned by the docker inspect subcommand. If the following command does not work then use the replacement. Original:
docker inspect --format "{{json .Volumes}}" reader
Replacement:
docker inspect --format "{{json .Mounts}}" reader

[code - regression] Page 69

Newer versions of Docker have changed the structure of the JSON returned by the docker inspect subcommand. If the following command does not work then use the replacement. Original:
docker inspect --format "{{json .Volumes}}" student
Replacement:
docker inspect --format "{{json .Mounts}}" student

[code - regression] Page 74

The alpine image entrypoint has changed since original publication and has been unset. The last command on the page should now read:
docker run --rm \
--volumes-from tools \
--entrypoint /bin/sh \
alpine:latest \
-c 'ls /operations/*'
[code - regression] Page 75

The docker exec example on the top of page 75 was printed with the wrong tool name. The correct command is:
docker exec important_application /operations/tools/diagnostics

[code - regression] Page 86

It appears that nslookup behavior in the alpine image has changed. To run the example use the busybox:1 image.
docker run --rm \
--hostname barker \
busybox:1 \
nslookup barker

[code - regression] Page 87 (top)

It appears that nslookup behavior in the alpine image has changed. To run the example use the busybox:1 image.
docker run --rm \
--dns 8.8.8.8 \
busybox:1 \
nslookup docker.com

[code - regression] Page 87 (bottom)

It appears that nslookup behavior in the alpine image has changed. To run the example use the busybox:1 image.
docker run --rm \
--dns-search docker.com \
busybox:1 \
nslookup registry.hub

[code - regression] Page 88 (bottom)

It appears that nslookup behavior in the alpine image has changed. To run the example use the busybox:1 image.
docker run --rm \
--add-host test:10.10.10.255 \
busybox:1 \
nslookup test

[code - regression] Page 106

There are a few new problems with this example. First, the named repository (dockerfile/mariadb) no longer exists. You can use mariadb:5.5 as replacement. However, the second problem is that containers created from the mariadb image perform certain initialization at startup. That initialization work requires certain capabilities and to be started with the default user. The system should instead drop permissions after the initialization work is complete. Note that the real value of this example is in demonstrating different resource isolation mechanisms. It is not so important that you get it working. You can start the database with the following command:
docker run -d --name ch6_mariadb \
--memory 256m \
--cpu-shares 1024 \
--cap-drop net_raw \
-e MYSQL_ROOT_PASSWORD=test \
mariadb:5.5

[code - regression] Page 107

Containers created from the wordpress:4.1 image perform certain initialization at startup and expect certain environment variables. That initialization work requires certain capabilities and to be started with the default user. The system should instead drop permissions after the initialization work is complete. Note that the real value of this example is in demonstrating different resource isolation mechanisms. It is not so important that you get it working. You can start wordpress with the following command:
docker run -d -P --name ch6_wordpress \
--memory 512m \
--cpu-shares 512 \
--cap-drop net_raw \
-e WORDPRESS_DB_PASSWORD=test \
mariadb:5.5

[code - typo] Page 109

The device access example is missing the "run" subcommand. The command listed as:
docker -it --rm \
--device /dev/video0:/dev/video0 \
ubuntu:latest ls -al /dev
should have been written as:
docker run -it --rm \
--device /dev/video0:/dev/video0 \
ubuntu:latest ls -al /dev

[code - typo] Page 110 - 111

Several commands are missing the "run" subcommand. In each case the command begins with
docker -d ...
and should have been written as:
docker run -d ...

[code - regression] Page 115 (bottom)

The busybox and alpine images have been updated to fix the problem described in the paragraph below. The 'su' command does not have the SUID bit set and will not provide any automatic privilege escalation.

[command correction] Page 116

Boot2Docker has been discontinued and rolled into a newer project called Docker Machine. Because a reader is unlikely to have the boot2docker command installed, the command at the top of this page should be changed from:
boot2docker ssh
to the Docker Machine equivalent:
docker-machine ssh default
where default is the name of the machine you created.

[code - regression] Page 119

The ifconfig command has since been removed from ubuntu:latest. Instead of using the ubuntu:latest image for these examples use ubuntu:trusty. The example using ifconfig should look like:
docker run --rm \
--privileged \
ubuntu:trusty ifconfig
[Illustration Mistake] Page 136
Image layer ced2 on the left side of the illustration is listed at c3d2 on the right side. These two layers should represent the same item.

[code - typo] Page 140

Containers need not be in a running state in order to export their file system. The first command on page 140 uses the "run" subcommand but the command listed will never be able to start. Replace "run" with "create." The command should appear as follows:
docker create --name export-test \
dockerinaction/ch7_packed:latest ./echo For Export

[code - missing line] Page 146

In the example Dockerfile near the top of the page the line with the RUN directive is missing part of the instruction. That line should read:
RUN apt-get update && apt-get install -y git

[code - evolution] Page 215

The registry:2 configuration file now requires the population of additional fields under "maintenance > uploadpurging." The example should currently look like:
# Filename: s3-config.yml
version: 0.1
log:
level: debug
fields:
service: registry
environment: development
storage:
cache:
layerinfo: inmemory
s3:
accesskey:
secretkey:
region:
bucket:
encrypt: true
secure: true
v4auth: true
chunksize: 5242880
rootdirectory: /s3/object/name/prefix
maintenance:
uploadpurging:
enabled: true
age: 168h
interval: 24h
dryrun: false
readonly:
enabled: false
http:
addr: :5000
secret: asecretforlocaldevelopment
debug:
addr: localhost:5001

[code - evolution] Page 216

The registry:2 configuration file now requires the population of additional fields under "maintenance > uploadpurging." The example should currently look like:
# Filename: rados-config.yml
version: 0.1
log:
level: debug
fields:
service: registry
environment: development
storage:
cache:
layerinfo: inmemory
rados:
poolname: radospool
username: radosuser
chunksize: 4194304
maintenance:
uploadpurging:
enabled: false
age: 168h
interval: 24h
dryrun: false
readonly:
enabled: false
http:
addr: :5000
secret: asecretforlocaldevelopment
debug:
addr: localhost:5001

[code - evolution] Page 218

The registry:2 configuration file now requires the population of additional fields under "maintenance > uploadpurging." The example should currently look like:
# Filename: redis-config.yml
version: 0.1
log:
level: debug
fields:
service: registry
environment: development
http:
addr: :5000
secret: asecretforlocaldevelopment
debug:
addr: localhost:5001
storage:
cache:
blobdescriptor: redis
s3:
accesskey:
secretkey:
region:
bucket:
encrypt: true
secure: true
v4auth: true
chunksize: 5242880
rootdirectory: /s3/object/name/prefix
maintenance:
uploadpurging:
enabled: true
age: 168h
interval: 24h
dryrun: false
readonly:
enabled: false
redis:
addr: redis-host:6379
password: asecret
dialtimeout: 10ms
readtimeout: 10ms
writetimeout: 10ms
pool:
maxidle: 16
maxactive: 64
idletimeout: 300s
[code - typo] Page 220

The name of the file shown should be scalable-config.yml as in previous examples. This example also requires the addition of the newer uploadpurging attributes. The mainenance section of the file should be as follows:
maintenance:
uploadpurging:
enabled: true
age: 168h
interval: 24h
dryrun: false
readonly:
enabled: false
[text - typo] Page 240

In the second paragraph the reader is instructed to, "Open ./coffee/api/api.py" this is not the correct location of the file. The correct file location is at, "./coffee/app/api.py."
[text - typo] Page 262

The refere nce to "flock.json" in the first sentence of the third paragraph should be "flock.yml."
[code - typo] Page 270

The git clone command uses the ssh protocol instead of https. The command should read as follows:
git clone https://github.com/dockerinact ... i.git 查看全部
作者在官网刊登的勘误记录:
 
看这本书的作者一定要看,不然坑挺多的。
一路采坑过来的哭着说。
Last updated August 21, 2016
In an effort to offer continued support beyond publication, we have listed many updates to code due to version updates.

[code - omission] Page 18

The command to start the "mailer" is missing a line. Where the book reads:
docker run -d \
--name mailer \
the proper command should read:
docker run -d \
--name mailer \
dockerinaction/ch2_mailer

[code - regression] Page 68

Newer versions of Docker have changed the structure of the JSON returned by the docker inspect subcommand. If the following command does not work then use the replacement. Original:
docker inspect --format "{{json .Volumes}}" reader
Replacement:
docker inspect --format "{{json .Mounts}}" reader

[code - regression] Page 69

Newer versions of Docker have changed the structure of the JSON returned by the docker inspect subcommand. If the following command does not work then use the replacement. Original:
docker inspect --format "{{json .Volumes}}" student
Replacement:
docker inspect --format "{{json .Mounts}}" student

[code - regression] Page 74

The alpine image entrypoint has changed since original publication and has been unset. The last command on the page should now read:
docker run --rm \
--volumes-from tools \
--entrypoint /bin/sh \
alpine:latest \
-c 'ls /operations/*'
[code - regression] Page 75

The docker exec example on the top of page 75 was printed with the wrong tool name. The correct command is:
docker exec important_application /operations/tools/diagnostics

[code - regression] Page 86

It appears that nslookup behavior in the alpine image has changed. To run the example use the busybox:1 image.
docker run --rm \
--hostname barker \
busybox:1 \
nslookup barker

[code - regression] Page 87 (top)

It appears that nslookup behavior in the alpine image has changed. To run the example use the busybox:1 image.
docker run --rm \
--dns 8.8.8.8 \
busybox:1 \
nslookup docker.com

[code - regression] Page 87 (bottom)

It appears that nslookup behavior in the alpine image has changed. To run the example use the busybox:1 image.
docker run --rm \
--dns-search docker.com \
busybox:1 \
nslookup registry.hub

[code - regression] Page 88 (bottom)

It appears that nslookup behavior in the alpine image has changed. To run the example use the busybox:1 image.
docker run --rm \
--add-host test:10.10.10.255 \
busybox:1 \
nslookup test

[code - regression] Page 106

There are a few new problems with this example. First, the named repository (dockerfile/mariadb) no longer exists. You can use mariadb:5.5 as replacement. However, the second problem is that containers created from the mariadb image perform certain initialization at startup. That initialization work requires certain capabilities and to be started with the default user. The system should instead drop permissions after the initialization work is complete. Note that the real value of this example is in demonstrating different resource isolation mechanisms. It is not so important that you get it working. You can start the database with the following command:
docker run -d --name ch6_mariadb \
--memory 256m \
--cpu-shares 1024 \
--cap-drop net_raw \
-e MYSQL_ROOT_PASSWORD=test \
mariadb:5.5

[code - regression] Page 107

Containers created from the wordpress:4.1 image perform certain initialization at startup and expect certain environment variables. That initialization work requires certain capabilities and to be started with the default user. The system should instead drop permissions after the initialization work is complete. Note that the real value of this example is in demonstrating different resource isolation mechanisms. It is not so important that you get it working. You can start wordpress with the following command:
docker run -d -P --name ch6_wordpress \
--memory 512m \
--cpu-shares 512 \
--cap-drop net_raw \
-e WORDPRESS_DB_PASSWORD=test \
mariadb:5.5

[code - typo] Page 109

The device access example is missing the "run" subcommand. The command listed as:
docker -it --rm \
--device /dev/video0:/dev/video0 \
ubuntu:latest ls -al /dev
should have been written as:
docker run -it --rm \
--device /dev/video0:/dev/video0 \
ubuntu:latest ls -al /dev

[code - typo] Page 110 - 111

Several commands are missing the "run" subcommand. In each case the command begins with
docker -d ...
and should have been written as:
docker run -d ...

[code - regression] Page 115 (bottom)

The busybox and alpine images have been updated to fix the problem described in the paragraph below. The 'su' command does not have the SUID bit set and will not provide any automatic privilege escalation.

[command correction] Page 116

Boot2Docker has been discontinued and rolled into a newer project called Docker Machine. Because a reader is unlikely to have the boot2docker command installed, the command at the top of this page should be changed from:
boot2docker ssh
to the Docker Machine equivalent:
docker-machine ssh default
where default is the name of the machine you created.

[code - regression] Page 119

The ifconfig command has since been removed from ubuntu:latest. Instead of using the ubuntu:latest image for these examples use ubuntu:trusty. The example using ifconfig should look like:
docker run --rm \
--privileged \
ubuntu:trusty ifconfig
[Illustration Mistake] Page 136
Image layer ced2 on the left side of the illustration is listed at c3d2 on the right side. These two layers should represent the same item.

[code - typo] Page 140

Containers need not be in a running state in order to export their file system. The first command on page 140 uses the "run" subcommand but the command listed will never be able to start. Replace "run" with "create." The command should appear as follows:
docker create --name export-test \
dockerinaction/ch7_packed:latest ./echo For Export

[code - missing line] Page 146

In the example Dockerfile near the top of the page the line with the RUN directive is missing part of the instruction. That line should read:
RUN apt-get update && apt-get install -y git

[code - evolution] Page 215

The registry:2 configuration file now requires the population of additional fields under "maintenance > uploadpurging." The example should currently look like:
# Filename: s3-config.yml
version: 0.1
log:
level: debug
fields:
service: registry
environment: development
storage:
cache:
layerinfo: inmemory
s3:
accesskey:
secretkey:
region:
bucket:
encrypt: true
secure: true
v4auth: true
chunksize: 5242880
rootdirectory: /s3/object/name/prefix
maintenance:
uploadpurging:
enabled: true
age: 168h
interval: 24h
dryrun: false
readonly:
enabled: false
http:
addr: :5000
secret: asecretforlocaldevelopment
debug:
addr: localhost:5001

[code - evolution] Page 216

The registry:2 configuration file now requires the population of additional fields under "maintenance > uploadpurging." The example should currently look like:
# Filename: rados-config.yml
version: 0.1
log:
level: debug
fields:
service: registry
environment: development
storage:
cache:
layerinfo: inmemory
rados:
poolname: radospool
username: radosuser
chunksize: 4194304
maintenance:
uploadpurging:
enabled: false
age: 168h
interval: 24h
dryrun: false
readonly:
enabled: false
http:
addr: :5000
secret: asecretforlocaldevelopment
debug:
addr: localhost:5001

[code - evolution] Page 218

The registry:2 configuration file now requires the population of additional fields under "maintenance > uploadpurging." The example should currently look like:
# Filename: redis-config.yml
version: 0.1
log:
level: debug
fields:
service: registry
environment: development
http:
addr: :5000
secret: asecretforlocaldevelopment
debug:
addr: localhost:5001
storage:
cache:
blobdescriptor: redis
s3:
accesskey:
secretkey:
region:
bucket:
encrypt: true
secure: true
v4auth: true
chunksize: 5242880
rootdirectory: /s3/object/name/prefix
maintenance:
uploadpurging:
enabled: true
age: 168h
interval: 24h
dryrun: false
readonly:
enabled: false
redis:
addr: redis-host:6379
password: asecret
dialtimeout: 10ms
readtimeout: 10ms
writetimeout: 10ms
pool:
maxidle: 16
maxactive: 64
idletimeout: 300s
[code - typo] Page 220

The name of the file shown should be scalable-config.yml as in previous examples. This example also requires the addition of the newer uploadpurging attributes. The mainenance section of the file should be as follows:
maintenance:
uploadpurging:
enabled: true
age: 168h
interval: 24h
dryrun: false
readonly:
enabled: false
[text - typo] Page 240

In the second paragraph the reader is instructed to, "Open ./coffee/api/api.py" this is not the correct location of the file. The correct file location is at, "./coffee/app/api.py."
[text - typo] Page 262

The refere nce to "flock.json" in the first sentence of the third paragraph should be "flock.yml."
[code - typo] Page 270

The git clone command uses the ssh protocol instead of https. The command should read as follows:
git clone https://github.com/dockerinact ... i.git

修改正在运行的docker容器,禁用重启自动启动

Linux马化云 发表了文章 • 0 个评论 • 1842 次浏览 • 2023-03-26 11:17 • 来自相关话题

启动拖慢了速度,尤其是一些只用一两次的镜像,每次还在电脑重启时容器跟随启动,太占用资源。
 
可以使用 docker update 命令修改容器的配置,示例命令如下:docker update --restart=no <容器ID或名称>

这条命令会将容器的重启策略设置为不重启,即禁用重启自动启动。如果需要启用自动启动,只需要将 --restart 参数的值改为 always 或 on-failure 等相应的选项即可。 

需要注意的是,修改容器的配置并不会立即生效,需要重启容器才能使修改生效。可以使用 docker restart 命令重启容器,示例命令如下:
docker restart <容器ID或名称>


执行这条命令后,容器会被重启并应用新的配置。 查看全部
启动拖慢了速度,尤其是一些只用一两次的镜像,每次还在电脑重启时容器跟随启动,太占用资源。
 
可以使用 docker update 命令修改容器的配置,示例命令如下:
docker update --restart=no <容器ID或名称>


这条命令会将容器的重启策略设置为不重启,即禁用重启自动启动。如果需要启用自动启动,只需要将 --restart 参数的值改为 always 或 on-failure 等相应的选项即可。 

需要注意的是,修改容器的配置并不会立即生效,需要重启容器才能使修改生效。可以使用 docker restart 命令重启容器,示例命令如下:
docker restart <容器ID或名称>



执行这条命令后,容器会被重启并应用新的配置。

docker安装的podman报错

Linux李魔佛 发表了文章 • 0 个评论 • 2288 次浏览 • 2022-07-17 18:29 • 来自相关话题

podman 报错
ERRO[0000] 'overlay' is not supported over overlayfs
Error: error creating libpod runtime: 'overlay' is not supported over overlayfs: backing file system is unsupported for this graph driver
本来计划在docker里面安装一个docker,启动docker报错,
于是安装了一个podman,结果ps -a的时候报错。
 
唯一的办法,可能就是启动第一个docker的时候使用特权模式, privillage=True
  查看全部
podman 报错
ERRO[0000] 'overlay' is not supported over overlayfs    
Error: error creating libpod runtime: 'overlay' is not supported over overlayfs: backing file system is unsupported for this graph driver

本来计划在docker里面安装一个docker,启动docker报错,
于是安装了一个podman,结果ps -a的时候报错。
 
唯一的办法,可能就是启动第一个docker的时候使用特权模式, privillage=True
 

docker访问外部主机的ip

Linux马化云 发表了文章 • 0 个评论 • 2906 次浏览 • 2022-05-10 01:48 • 来自相关话题

假如在linux里面安装了一个docker,然后linux做了一个http接口,端口为80.
 
那么假如我部署了一个nginx容器在docker里面,那么我的nginx要如何反向代理到我的linux主机的80端口呢?
 
那么我们测试一下,加入nginx容器的名字为ng110,那么我们通过命令docker exec -it ng110 /bin/bash
进入容器内部。
 
然后我们尝试curl获取主机的80端口。
 
首先,curl http://127.0.0.1/
 
这样子是不通的,因为127.0.0.1是docker内部的回环地址。并不是外部linux的ip。
 
那么我们先在linux外部,运行命令:ifconfig

 
这里有一个docker的的字样的ip地址。 那么这个地址就是在docker看来的外部ip地址。
 
然后我们继续回到docker容器里面,curl http://172.17.0.1/
结果我们发现有返回数据了。
 
所以在外面的ifconfig的docker容器地址,就是主机相对容器的ip地址。
 
所以我的nginx配置文件应该这么写:
 

 
proxy_pass http://172.17.0.1:80 查看全部
假如在linux里面安装了一个docker,然后linux做了一个http接口,端口为80.
 
那么假如我部署了一个nginx容器在docker里面,那么我的nginx要如何反向代理到我的linux主机的80端口呢?
 
那么我们测试一下,加入nginx容器的名字为ng110,那么我们通过命令docker exec -it ng110 /bin/bash
进入容器内部。
 
然后我们尝试curl获取主机的80端口。
 
首先,curl http://127.0.0.1/
 
这样子是不通的,因为127.0.0.1是docker内部的回环地址。并不是外部linux的ip。
 
那么我们先在linux外部,运行命令:ifconfig

 
这里有一个docker的的字样的ip地址。 那么这个地址就是在docker看来的外部ip地址。
 
然后我们继续回到docker容器里面,curl http://172.17.0.1/
结果我们发现有返回数据了。
 
所以在外面的ifconfig的docker容器地址,就是主机相对容器的ip地址。
 
所以我的nginx配置文件应该这么写:
 

 
proxy_pass http://172.17.0.1:80

ubuntu安装微信PC版

Linux李魔佛 发表了文章 • 0 个评论 • 2783 次浏览 • 2022-04-10 17:13 • 来自相关话题

使用的方案是docker-wechat:





 
使用一行命令就可以安装:curl -sL https://gitee.com/mirrors/doch ... at.sh | bash
 
前提你已经安装了docker
 
上面的命令不能用sudo安装,
如果所docker需要sudo启动,可以设置一下用户:sudo usermod -aG docker $USER
 





 如果遇到错误:
mkdir: 无法创建目录 “/home/user/.wine/drive_c/users/user/Application Data/Tencent”: 权限不够
 
需要把用户目录下的DoWechat 文件夹给一个777的权限。
sudo chmod +R 777 DoWechat
 
 然后重新运行
curl -sL https://gitee.com/mirrors/doch ... at.sh | bash
 
就可以扫描登陆PC版微信了。
 
其底层用的就是Wine。 类似与ubuntu下的windows模拟框架。
 
  查看全部
使用的方案是docker-wechat:

68747470733a2f2f6875616e2e6769746875622e696f2f646f636b65722d7765636861742f696d616765732f7465726d2d646f636861742e706e67.png

 
使用一行命令就可以安装:
curl -sL https://gitee.com/mirrors/doch ... at.sh | bash

 
前提你已经安装了docker
 
上面的命令不能用sudo安装,
如果所docker需要sudo启动,可以设置一下用户:
sudo usermod -aG docker $USER

 
20220410_001.png


 如果遇到错误:
mkdir: 无法创建目录 “/home/user/.wine/drive_c/users/user/Application Data/Tencent”: 权限不够
 
需要把用户目录下的DoWechat 文件夹给一个777的权限。
sudo chmod +R 777 DoWechat
 
 然后重新运行
curl -sL https://gitee.com/mirrors/doch ... at.sh | bash
 
就可以扫描登陆PC版微信了。
 
其底层用的就是Wine。 类似与ubuntu下的windows模拟框架。
 
 

Docker sed: cannot rename /etc/sedyGSbui: Device or resource busy

Linux李魔佛 发表了文章 • 0 个评论 • 3267 次浏览 • 2022-04-10 14:19 • 来自相关话题

挂载nginx配置文件时会出现这个问题。 
 
比如挂载命令如下:
docker run -p 80:80 --name mynginx --privileged=true -v /data/nginx/html:/usr/share/nginx/html -v /data/nginx/conf/nginx.conf:/etc/nginx/nginx.conf -v /data/nginx/conf.d/default.conf:/etc/nginx/conf.d/default.conf -v /data/nginx/logs:/var/log/nginx -d nginx:1.21
如果有文件存在,可以改为挂载其父母录
比如这里:
 /data/nginx/conf.d/default.conf:/etc/nginx/conf.d/default.conf

把它改成 
/data/nginx/conf.d:/etc/nginx/conf.d
即可解决这个问题。
 
 
  查看全部
挂载nginx配置文件时会出现这个问题。 
 
比如挂载命令如下:
docker run -p 80:80 --name mynginx --privileged=true -v /data/nginx/html:/usr/share/nginx/html -v /data/nginx/conf/nginx.conf:/etc/nginx/nginx.conf -v /data/nginx/conf.d/default.conf:/etc/nginx/conf.d/default.conf -v /data/nginx/logs:/var/log/nginx -d nginx:1.21

如果有文件存在,可以改为挂载其父母录
比如这里:
 
/data/nginx/conf.d/default.conf:/etc/nginx/conf.d/default.conf

把它改成 
/data/nginx/conf.d:/etc/nginx/conf.d

即可解决这个问题。
 
 
 

查看docker运行的容器的启动命令

Linux李魔佛 发表了文章 • 0 个评论 • 1779 次浏览 • 2022-04-04 23:52 • 来自相关话题

对于经常运行docker的朋友来说, 系统里面运行着大量的docker容器,然后有时候想要查看一个正在运行的容器的启动命令, 这个也是常用操作。
 
这时可以用到一个python脚本,runlike
 
安装:
pip install runlike
 
体积很小,估计就几k不到。
 
然后运行:
runlike -p 容器名字
  查看全部
对于经常运行docker的朋友来说, 系统里面运行着大量的docker容器,然后有时候想要查看一个正在运行的容器的启动命令, 这个也是常用操作。
 
这时可以用到一个python脚本,runlike
 
安装:
pip install runlike
 
体积很小,估计就几k不到。
 
然后运行:
runlike -p 容器名字
 

docker compose 部署 Wordpress

Linux李魔佛 发表了文章 • 0 个评论 • 1618 次浏览 • 2022-04-04 20:03 • 来自相关话题

看一个B站的视频,然后顺着用官方的一个docker-compose.yml 的文件,创建的wordpress一直无法连接数据库。一直是失败的,太无语。
这个失败的wordpress的compose yaml文件如下:
 
version: '3.1'

services:

wordpress:
image: wordpress
restart: always
ports:
- 8080:80
environment:
WORDPRESS_DB_HOST: db
WORDPRESS_DB_USER: exampleuser
WORDPRESS_DB_PASSWORD: examplepass
WORDPRESS_DB_NAME: exampledb
volumes:
- wordpress:/var/www/html

db:
image: mysql:5.7
restart: always
environment:
MYSQL_DATABASE: exampledb
MYSQL_USER: exampleuser
MYSQL_PASSWORD: examplepass
MYSQL_RANDOM_ROOT_PASSWORD: '1'
volumes:
- db:/var/lib/mysql

volumes:
wordpress:
db:
 
使用logs查看,报错信息如下:
MySQL Connection Error: (1045) Access denied for user 'root'@'172.23.0.3' (using password: YES)
问题的根源在于用这个compose文件创建的数据库无法连接。 这个数据用的是要大于mysql > 5.7.
创建后默认的密码是root为空,而登录需要用到一个密码转换的插件。
 
 
后面找了另外一个wordpress 可以正常运行的:
version: "3.3"

services:
db:
image: mysql:5.7
volumes:
- db_data:/var/lib/mysql
restart: always
environment:
MYSQL_ROOT_PASSWORD: somewordpress
MYSQL_DATABASE: wordpress
MYSQL_USER: wordpress
MYSQL_PASSWORD: wordpress

wordpress:
depends_on:
- db
image: wordpress:latest
volumes:
- wordpress_data:/var/www/html
ports:
- "8000:80"
restart: always
environment:
WORDPRESS_DB_HOST: db
WORDPRESS_DB_USER: wordpress
WORDPRESS_DB_PASSWORD: wordpress
WORDPRESS_DB_NAME: wordpress
volumes:
db_data: {}
wordpress_data: {} 
  查看全部
看一个B站的视频,然后顺着用官方的一个docker-compose.yml 的文件,创建的wordpress一直无法连接数据库。一直是失败的,太无语。
这个失败的wordpress的compose yaml文件如下:
 
version: '3.1'

services:

wordpress:
image: wordpress
restart: always
ports:
- 8080:80
environment:
WORDPRESS_DB_HOST: db
WORDPRESS_DB_USER: exampleuser
WORDPRESS_DB_PASSWORD: examplepass
WORDPRESS_DB_NAME: exampledb
volumes:
- wordpress:/var/www/html

db:
image: mysql:5.7
restart: always
environment:
MYSQL_DATABASE: exampledb
MYSQL_USER: exampleuser
MYSQL_PASSWORD: examplepass
MYSQL_RANDOM_ROOT_PASSWORD: '1'
volumes:
- db:/var/lib/mysql

volumes:
wordpress:
db:

 
使用logs查看,报错信息如下:
MySQL Connection Error: (1045) Access denied for user 'root'@'172.23.0.3' (using password: YES)

问题的根源在于用这个compose文件创建的数据库无法连接。 这个数据用的是要大于mysql > 5.7.
创建后默认的密码是root为空,而登录需要用到一个密码转换的插件。
 
 
后面找了另外一个wordpress 可以正常运行的:
version: "3.3"

services:
db:
image: mysql:5.7
volumes:
- db_data:/var/lib/mysql
restart: always
environment:
MYSQL_ROOT_PASSWORD: somewordpress
MYSQL_DATABASE: wordpress
MYSQL_USER: wordpress
MYSQL_PASSWORD: wordpress

wordpress:
depends_on:
- db
image: wordpress:latest
volumes:
- wordpress_data:/var/www/html
ports:
- "8000:80"
restart: always
environment:
WORDPRESS_DB_HOST: db
WORDPRESS_DB_USER: wordpress
WORDPRESS_DB_PASSWORD: wordpress
WORDPRESS_DB_NAME: wordpress
volumes:
db_data: {}
wordpress_data: {}
 
 

docker restart always 不起作用

Linux李魔佛 发表了文章 • 0 个评论 • 1818 次浏览 • 2021-10-25 13:56 • 来自相关话题

出错了可以看看docker的日志
docker logs xxxxxxxxxx
 
xxxxxxx 为该容器的sha哈希的ID值
 
然后发现,--restart=always 被识别为非正确参数。 
大概知道问题是 --restart 的位置不对, 它不能放在最后,
吧 --restart=always 放到前面 就可以了。
  查看全部
出错了可以看看docker的日志
docker logs xxxxxxxxxx
 
xxxxxxx 为该容器的sha哈希的ID值
 
然后发现,--restart=always 被识别为非正确参数。 
大概知道问题是 --restart 的位置不对, 它不能放在最后,
吧 --restart=always 放到前面 就可以了。
 

docker run 和 create 区别

Linux李魔佛 发表了文章 • 0 个评论 • 7667 次浏览 • 2019-11-25 13:49 • 来自相关话题

Technically, docker run = docker create + docker start . 
docker create command creates a writeable container from the image and prepares it for running. 
docker run command creates the container (same as docker create ) and starts it.
 
  查看全部
Technically, docker run = docker create + docker start
docker create command creates a writeable container from the image and prepares it for running. 
docker run command creates the container (same as docker create ) and starts it.
 
 

用docker编译go代码

Linux李魔佛 发表了文章 • 0 个评论 • 4046 次浏览 • 2019-11-25 13:45 • 来自相关话题

如果偶尔需要编译go代码,但是又不想要安装一堆乱七八糟的依赖和Go编译器,可以利用docker来实现。 应该是解决起来话费时间最小的。
1. 用文本编辑你的go代码,现在以hello world为例:
 package main import "fmt" func main() {
/* 这是我的第一个简单的程序 */
fmt.Println("Hello, World!")
}
 
2. 然后直接使用docker执行编译。docker首先会自动去下载go的编译器,顺便把所有的依赖给解决掉

docker run --rm -v "$(pwd)":/usr/src/hello -w /usr/src/hello golang:1.3 go build -v
 
最后会在本地生成一个编译好的hello静态文件。
上述docker命令的具体含义就是把当前路径挂在到docker容器里头,然后切换到改到改路径下,然后进行编译。 查看全部

如果偶尔需要编译go代码,但是又不想要安装一堆乱七八糟的依赖和Go编译器,可以利用docker来实现。 应该是解决起来话费时间最小的。
1. 用文本编辑你的go代码,现在以hello world为例:
 
package main import "fmt" func main() {
/* 这是我的第一个简单的程序 */
fmt.Println("Hello, World!")
}

 
2. 然后直接使用docker执行编译。docker首先会自动去下载go的编译器,顺便把所有的依赖给解决掉

docker run --rm -v "$(pwd)":/usr/src/hello -w /usr/src/hello golang:1.3 go build -v
 
最后会在本地生成一个编译好的hello静态文件。
上述docker命令的具体含义就是把当前路径挂在到docker容器里头,然后切换到改到改路径下,然后进行编译。

docker实战 代码勘误

Linux李魔佛 发表了文章 • 0 个评论 • 2735 次浏览 • 2019-11-25 11:24 • 来自相关话题

作者在官网刊登的勘误记录:
 
看这本书的作者一定要看,不然坑挺多的。
一路采坑过来的哭着说。Last updated August 21, 2016
In an effort to offer continued support beyond publication, we have listed many updates to code due to version updates.

[code - omission] Page 18

The command to start the "mailer" is missing a line. Where the book reads:
docker run -d \
--name mailer \
the proper command should read:
docker run -d \
--name mailer \
dockerinaction/ch2_mailer

[code - regression] Page 68

Newer versions of Docker have changed the structure of the JSON returned by the docker inspect subcommand. If the following command does not work then use the replacement. Original:
docker inspect --format "{{json .Volumes}}" reader
Replacement:
docker inspect --format "{{json .Mounts}}" reader

[code - regression] Page 69

Newer versions of Docker have changed the structure of the JSON returned by the docker inspect subcommand. If the following command does not work then use the replacement. Original:
docker inspect --format "{{json .Volumes}}" student
Replacement:
docker inspect --format "{{json .Mounts}}" student

[code - regression] Page 74

The alpine image entrypoint has changed since original publication and has been unset. The last command on the page should now read:
docker run --rm \
--volumes-from tools \
--entrypoint /bin/sh \
alpine:latest \
-c 'ls /operations/*'
[code - regression] Page 75

The docker exec example on the top of page 75 was printed with the wrong tool name. The correct command is:
docker exec important_application /operations/tools/diagnostics

[code - regression] Page 86

It appears that nslookup behavior in the alpine image has changed. To run the example use the busybox:1 image.
docker run --rm \
--hostname barker \
busybox:1 \
nslookup barker

[code - regression] Page 87 (top)

It appears that nslookup behavior in the alpine image has changed. To run the example use the busybox:1 image.
docker run --rm \
--dns 8.8.8.8 \
busybox:1 \
nslookup docker.com

[code - regression] Page 87 (bottom)

It appears that nslookup behavior in the alpine image has changed. To run the example use the busybox:1 image.
docker run --rm \
--dns-search docker.com \
busybox:1 \
nslookup registry.hub

[code - regression] Page 88 (bottom)

It appears that nslookup behavior in the alpine image has changed. To run the example use the busybox:1 image.
docker run --rm \
--add-host test:10.10.10.255 \
busybox:1 \
nslookup test

[code - regression] Page 106

There are a few new problems with this example. First, the named repository (dockerfile/mariadb) no longer exists. You can use mariadb:5.5 as replacement. However, the second problem is that containers created from the mariadb image perform certain initialization at startup. That initialization work requires certain capabilities and to be started with the default user. The system should instead drop permissions after the initialization work is complete. Note that the real value of this example is in demonstrating different resource isolation mechanisms. It is not so important that you get it working. You can start the database with the following command:
docker run -d --name ch6_mariadb \
--memory 256m \
--cpu-shares 1024 \
--cap-drop net_raw \
-e MYSQL_ROOT_PASSWORD=test \
mariadb:5.5

[code - regression] Page 107

Containers created from the wordpress:4.1 image perform certain initialization at startup and expect certain environment variables. That initialization work requires certain capabilities and to be started with the default user. The system should instead drop permissions after the initialization work is complete. Note that the real value of this example is in demonstrating different resource isolation mechanisms. It is not so important that you get it working. You can start wordpress with the following command:
docker run -d -P --name ch6_wordpress \
--memory 512m \
--cpu-shares 512 \
--cap-drop net_raw \
-e WORDPRESS_DB_PASSWORD=test \
mariadb:5.5

[code - typo] Page 109

The device access example is missing the "run" subcommand. The command listed as:
docker -it --rm \
--device /dev/video0:/dev/video0 \
ubuntu:latest ls -al /dev
should have been written as:
docker run -it --rm \
--device /dev/video0:/dev/video0 \
ubuntu:latest ls -al /dev

[code - typo] Page 110 - 111

Several commands are missing the "run" subcommand. In each case the command begins with
docker -d ...
and should have been written as:
docker run -d ...

[code - regression] Page 115 (bottom)

The busybox and alpine images have been updated to fix the problem described in the paragraph below. The 'su' command does not have the SUID bit set and will not provide any automatic privilege escalation.

[command correction] Page 116

Boot2Docker has been discontinued and rolled into a newer project called Docker Machine. Because a reader is unlikely to have the boot2docker command installed, the command at the top of this page should be changed from:
boot2docker ssh
to the Docker Machine equivalent:
docker-machine ssh default
where default is the name of the machine you created.

[code - regression] Page 119

The ifconfig command has since been removed from ubuntu:latest. Instead of using the ubuntu:latest image for these examples use ubuntu:trusty. The example using ifconfig should look like:
docker run --rm \
--privileged \
ubuntu:trusty ifconfig
[Illustration Mistake] Page 136
Image layer ced2 on the left side of the illustration is listed at c3d2 on the right side. These two layers should represent the same item.

[code - typo] Page 140

Containers need not be in a running state in order to export their file system. The first command on page 140 uses the "run" subcommand but the command listed will never be able to start. Replace "run" with "create." The command should appear as follows:
docker create --name export-test \
dockerinaction/ch7_packed:latest ./echo For Export

[code - missing line] Page 146

In the example Dockerfile near the top of the page the line with the RUN directive is missing part of the instruction. That line should read:
RUN apt-get update && apt-get install -y git

[code - evolution] Page 215

The registry:2 configuration file now requires the population of additional fields under "maintenance > uploadpurging." The example should currently look like:
# Filename: s3-config.yml
version: 0.1
log:
level: debug
fields:
service: registry
environment: development
storage:
cache:
layerinfo: inmemory
s3:
accesskey:
secretkey:
region:
bucket:
encrypt: true
secure: true
v4auth: true
chunksize: 5242880
rootdirectory: /s3/object/name/prefix
maintenance:
uploadpurging:
enabled: true
age: 168h
interval: 24h
dryrun: false
readonly:
enabled: false
http:
addr: :5000
secret: asecretforlocaldevelopment
debug:
addr: localhost:5001

[code - evolution] Page 216

The registry:2 configuration file now requires the population of additional fields under "maintenance > uploadpurging." The example should currently look like:
# Filename: rados-config.yml
version: 0.1
log:
level: debug
fields:
service: registry
environment: development
storage:
cache:
layerinfo: inmemory
rados:
poolname: radospool
username: radosuser
chunksize: 4194304
maintenance:
uploadpurging:
enabled: false
age: 168h
interval: 24h
dryrun: false
readonly:
enabled: false
http:
addr: :5000
secret: asecretforlocaldevelopment
debug:
addr: localhost:5001

[code - evolution] Page 218

The registry:2 configuration file now requires the population of additional fields under "maintenance > uploadpurging." The example should currently look like:
# Filename: redis-config.yml
version: 0.1
log:
level: debug
fields:
service: registry
environment: development
http:
addr: :5000
secret: asecretforlocaldevelopment
debug:
addr: localhost:5001
storage:
cache:
blobdescriptor: redis
s3:
accesskey:
secretkey:
region:
bucket:
encrypt: true
secure: true
v4auth: true
chunksize: 5242880
rootdirectory: /s3/object/name/prefix
maintenance:
uploadpurging:
enabled: true
age: 168h
interval: 24h
dryrun: false
readonly:
enabled: false
redis:
addr: redis-host:6379
password: asecret
dialtimeout: 10ms
readtimeout: 10ms
writetimeout: 10ms
pool:
maxidle: 16
maxactive: 64
idletimeout: 300s
[code - typo] Page 220

The name of the file shown should be scalable-config.yml as in previous examples. This example also requires the addition of the newer uploadpurging attributes. The mainenance section of the file should be as follows:
maintenance:
uploadpurging:
enabled: true
age: 168h
interval: 24h
dryrun: false
readonly:
enabled: false
[text - typo] Page 240

In the second paragraph the reader is instructed to, "Open ./coffee/api/api.py" this is not the correct location of the file. The correct file location is at, "./coffee/app/api.py."
[text - typo] Page 262

The refere nce to "flock.json" in the first sentence of the third paragraph should be "flock.yml."
[code - typo] Page 270

The git clone command uses the ssh protocol instead of https. The command should read as follows:
git clone https://github.com/dockerinact ... i.git 查看全部
作者在官网刊登的勘误记录:
 
看这本书的作者一定要看,不然坑挺多的。
一路采坑过来的哭着说。
Last updated August 21, 2016
In an effort to offer continued support beyond publication, we have listed many updates to code due to version updates.

[code - omission] Page 18

The command to start the "mailer" is missing a line. Where the book reads:
docker run -d \
--name mailer \
the proper command should read:
docker run -d \
--name mailer \
dockerinaction/ch2_mailer

[code - regression] Page 68

Newer versions of Docker have changed the structure of the JSON returned by the docker inspect subcommand. If the following command does not work then use the replacement. Original:
docker inspect --format "{{json .Volumes}}" reader
Replacement:
docker inspect --format "{{json .Mounts}}" reader

[code - regression] Page 69

Newer versions of Docker have changed the structure of the JSON returned by the docker inspect subcommand. If the following command does not work then use the replacement. Original:
docker inspect --format "{{json .Volumes}}" student
Replacement:
docker inspect --format "{{json .Mounts}}" student

[code - regression] Page 74

The alpine image entrypoint has changed since original publication and has been unset. The last command on the page should now read:
docker run --rm \
--volumes-from tools \
--entrypoint /bin/sh \
alpine:latest \
-c 'ls /operations/*'
[code - regression] Page 75

The docker exec example on the top of page 75 was printed with the wrong tool name. The correct command is:
docker exec important_application /operations/tools/diagnostics

[code - regression] Page 86

It appears that nslookup behavior in the alpine image has changed. To run the example use the busybox:1 image.
docker run --rm \
--hostname barker \
busybox:1 \
nslookup barker

[code - regression] Page 87 (top)

It appears that nslookup behavior in the alpine image has changed. To run the example use the busybox:1 image.
docker run --rm \
--dns 8.8.8.8 \
busybox:1 \
nslookup docker.com

[code - regression] Page 87 (bottom)

It appears that nslookup behavior in the alpine image has changed. To run the example use the busybox:1 image.
docker run --rm \
--dns-search docker.com \
busybox:1 \
nslookup registry.hub

[code - regression] Page 88 (bottom)

It appears that nslookup behavior in the alpine image has changed. To run the example use the busybox:1 image.
docker run --rm \
--add-host test:10.10.10.255 \
busybox:1 \
nslookup test

[code - regression] Page 106

There are a few new problems with this example. First, the named repository (dockerfile/mariadb) no longer exists. You can use mariadb:5.5 as replacement. However, the second problem is that containers created from the mariadb image perform certain initialization at startup. That initialization work requires certain capabilities and to be started with the default user. The system should instead drop permissions after the initialization work is complete. Note that the real value of this example is in demonstrating different resource isolation mechanisms. It is not so important that you get it working. You can start the database with the following command:
docker run -d --name ch6_mariadb \
--memory 256m \
--cpu-shares 1024 \
--cap-drop net_raw \
-e MYSQL_ROOT_PASSWORD=test \
mariadb:5.5

[code - regression] Page 107

Containers created from the wordpress:4.1 image perform certain initialization at startup and expect certain environment variables. That initialization work requires certain capabilities and to be started with the default user. The system should instead drop permissions after the initialization work is complete. Note that the real value of this example is in demonstrating different resource isolation mechanisms. It is not so important that you get it working. You can start wordpress with the following command:
docker run -d -P --name ch6_wordpress \
--memory 512m \
--cpu-shares 512 \
--cap-drop net_raw \
-e WORDPRESS_DB_PASSWORD=test \
mariadb:5.5

[code - typo] Page 109

The device access example is missing the "run" subcommand. The command listed as:
docker -it --rm \
--device /dev/video0:/dev/video0 \
ubuntu:latest ls -al /dev
should have been written as:
docker run -it --rm \
--device /dev/video0:/dev/video0 \
ubuntu:latest ls -al /dev

[code - typo] Page 110 - 111

Several commands are missing the "run" subcommand. In each case the command begins with
docker -d ...
and should have been written as:
docker run -d ...

[code - regression] Page 115 (bottom)

The busybox and alpine images have been updated to fix the problem described in the paragraph below. The 'su' command does not have the SUID bit set and will not provide any automatic privilege escalation.

[command correction] Page 116

Boot2Docker has been discontinued and rolled into a newer project called Docker Machine. Because a reader is unlikely to have the boot2docker command installed, the command at the top of this page should be changed from:
boot2docker ssh
to the Docker Machine equivalent:
docker-machine ssh default
where default is the name of the machine you created.

[code - regression] Page 119

The ifconfig command has since been removed from ubuntu:latest. Instead of using the ubuntu:latest image for these examples use ubuntu:trusty. The example using ifconfig should look like:
docker run --rm \
--privileged \
ubuntu:trusty ifconfig
[Illustration Mistake] Page 136
Image layer ced2 on the left side of the illustration is listed at c3d2 on the right side. These two layers should represent the same item.

[code - typo] Page 140

Containers need not be in a running state in order to export their file system. The first command on page 140 uses the "run" subcommand but the command listed will never be able to start. Replace "run" with "create." The command should appear as follows:
docker create --name export-test \
dockerinaction/ch7_packed:latest ./echo For Export

[code - missing line] Page 146

In the example Dockerfile near the top of the page the line with the RUN directive is missing part of the instruction. That line should read:
RUN apt-get update && apt-get install -y git

[code - evolution] Page 215

The registry:2 configuration file now requires the population of additional fields under "maintenance > uploadpurging." The example should currently look like:
# Filename: s3-config.yml
version: 0.1
log:
level: debug
fields:
service: registry
environment: development
storage:
cache:
layerinfo: inmemory
s3:
accesskey:
secretkey:
region:
bucket:
encrypt: true
secure: true
v4auth: true
chunksize: 5242880
rootdirectory: /s3/object/name/prefix
maintenance:
uploadpurging:
enabled: true
age: 168h
interval: 24h
dryrun: false
readonly:
enabled: false
http:
addr: :5000
secret: asecretforlocaldevelopment
debug:
addr: localhost:5001

[code - evolution] Page 216

The registry:2 configuration file now requires the population of additional fields under "maintenance > uploadpurging." The example should currently look like:
# Filename: rados-config.yml
version: 0.1
log:
level: debug
fields:
service: registry
environment: development
storage:
cache:
layerinfo: inmemory
rados:
poolname: radospool
username: radosuser
chunksize: 4194304
maintenance:
uploadpurging:
enabled: false
age: 168h
interval: 24h
dryrun: false
readonly:
enabled: false
http:
addr: :5000
secret: asecretforlocaldevelopment
debug:
addr: localhost:5001

[code - evolution] Page 218

The registry:2 configuration file now requires the population of additional fields under "maintenance > uploadpurging." The example should currently look like:
# Filename: redis-config.yml
version: 0.1
log:
level: debug
fields:
service: registry
environment: development
http:
addr: :5000
secret: asecretforlocaldevelopment
debug:
addr: localhost:5001
storage:
cache:
blobdescriptor: redis
s3:
accesskey:
secretkey:
region:
bucket:
encrypt: true
secure: true
v4auth: true
chunksize: 5242880
rootdirectory: /s3/object/name/prefix
maintenance:
uploadpurging:
enabled: true
age: 168h
interval: 24h
dryrun: false
readonly:
enabled: false
redis:
addr: redis-host:6379
password: asecret
dialtimeout: 10ms
readtimeout: 10ms
writetimeout: 10ms
pool:
maxidle: 16
maxactive: 64
idletimeout: 300s
[code - typo] Page 220

The name of the file shown should be scalable-config.yml as in previous examples. This example also requires the addition of the newer uploadpurging attributes. The mainenance section of the file should be as follows:
maintenance:
uploadpurging:
enabled: true
age: 168h
interval: 24h
dryrun: false
readonly:
enabled: false
[text - typo] Page 240

In the second paragraph the reader is instructed to, "Open ./coffee/api/api.py" this is not the correct location of the file. The correct file location is at, "./coffee/app/api.py."
[text - typo] Page 262

The refere nce to "flock.json" in the first sentence of the third paragraph should be "flock.yml."
[code - typo] Page 270

The git clone command uses the ssh protocol instead of https. The command should read as follows:
git clone https://github.com/dockerinact ... i.git