Configuring Docker containers in the OwnCloud cloud

Docker Talk

Article from Issue 168/2014
Author(s): , Author(s): , Author(s):

Run your application smoothly and portably in the cloud with the Docker container system. This workshop takes a practical look deploying Docker with the OwnCloud cloud environment.

If you focus on virtualization today, you've surely encountered the new world of Linux container technology. Docker provides a powerful, enterprise-level tool that makes it easy for admins to roll out new and lightweight instances of their applications.

This workshop shows how to configure Docker [1] with the OwnCloud cloud service and demonstrates Docker at work with complex applications that require a web server, a database, and persistent storage.

Getting Started

It does not matter whether you use the Docker as your container manager: The basis for any container is always an image that consists of the distribution filesystem. You can either use pre-built images or build an image yourself. The do-it-yourself approach has advantages, and once you build an image, you can modify it later to adapt it to new situations.

Docker requires an instruction file, known as the Dockerfile, that describes the operation for creating the image. It is important to be familiar with some naming conventions: The filename of each Dockerfile must start with an uppercase letter. A Dockerfile consists of several consecutive instructions, where each line contains a command followed by a parameter. Commands, for example, RUN , must be written out in full and entirely in uppercase letters. Parameters can consist of several words, as is typically the case with Linux command lines that use their own parameters, such as, chmod +x ./My_Script.sh.

Listing 1 shows the Dockerfile for the image of a MySQL database. The base image is selected in the FROM line. The name centos:latest refers to the centos image with the latest tag as another, subordinate, specification: latest always means the latest revision of the image. Releases are identified as in this example: ubuntu:12.04.

Listing 1

Dockerfile for MySQL

01 FROM centos:latest
02 MAINTAINER Tux <info@b1-systems.de>
03 RUN yum install -y mysql mysql-server
04 ADD start.sh /start
05 RUN chmod +x /start
06 EXPOSE 3306
07 CMD ["/start"]

To find the image, Docker connects with the central registry or the hub (formerly known as the index). Users exchange images via this publicly accessible platform, so admins usually do not have to build an image from scratch.

Pre-built images are available for many applications. You can find an image using the search function on the Docker website  [2] or the docker search pattern_desc command. If the specified image is not available locally, Docker will automatically download it. Alternatively, you can retrieve an image with the docker pull image_name command.

If a line starts with RUN, Docker executes the command that follows when it creates the image, but not when running the container. The specified command must not require interaction on the part of the administrator. Commands that require interactive input must be appropriately encapsulated – for example with expect – or configured with a matching parameter, so that Docker can continue to run without any input (e.g., yum install -y). RUN commands can occur any number of times in Dockerfiles.

The lines in the Dockerfile are processed sequentially when creating an image with docker build. Each command in the Dockerfile automatically creates a new image, which Docker only stores as a diff to the previously stored image. Rerunning docker build does not lead to the commands being re-executed; instead, Docker reads the results from the cache to save time.

If one intermediate step defined in Dockerfile changes, Docker must also repeat all the subsequent steps. The relationship between different images is revealed in a chart created by running docker images -viz | dot -T png -o docker-images.png (Figure 1).

Figure 1: Parent/child and other relationships between different Docker images are revealed in the graphical output of the docker images tool.

The ADD command adds files and directories to the image. In the MySQL Dockerfile, ADD commands are included through the start.sh script, which is stored as the /start file in the image. If you want to add many files to an image, you can also bundle them in a tarball, which you pass in directly as an argument to ADD. You can also stipulate URLs, such as http://server_name.fqdn/myfile.sh.

ENTRYPOINT vs. CMD

The CMD or ENTRY POINT keyword determines which command will run by default when executing a container. In most cases, this is either the binary of a service, a startup script, or an init replacement, such as supervisor or runit.

Note the subtle difference: CMD /start tells Docker to use /bin/sh -c, or to be more precise /bin/sh -c '/start', to run the command. If you want to run the command directly, you need to pass it in as a list; for example:

CMD [ 'Program', '--Argument1', '--Argument2' ]

The main difference between CMD and ENTRYPOINT becomes apparent at run time; Listing 2 shows an example in the interactive Docker shell. Both images run the /bin/echo program. If you specify CMD, you can override the command specified in the Dockerfile, but not with ENTRYPOINT (see the example in Listing 2).

Listing 2

Difference between ENTRYPOINT and CMD

01 docker run cmd:latest hostname
02 3246bb700a21
03 docker run entrypoint:latest hostname
04 hostname
05 docker run --entrypoint hostname entrypoint:latest
06 57334f13ef76

The instruction set for Dockerfiles is very extensive [2]. Michael Crosby's website [3] provides more useful information about the many options in Dockerfile. Listing 3 shows a complete Dockerfile for the OwnCloud scenario [4].

Listing 3

Dockerfile for OwnCloud

01 FROM hachque/opensuse
02 MAINTAINER Tux <info@b1-systems.de>
03 RUN zypper mr -ae
04 RUN zypper --non-interactive ar
05 'http://download.opensuse.org/repositories/isv:/Owncloud:/community:/6.0/openSuse_13.1/' owncloud
06 RUN zypper --non-interactive --gpg-auto-import-keys ref -f
07 RUN zypper --non-interactive update --auto-agree-with-licenses
08 RUN zypper --non-interactive install --auto-agree-with-licenses apache2 owncloud php5-mysql php5-fileinfo glibc-locale
09 ADD sysconfig /etc/sysconfig/
10 CMD /usr/sbin/start_apache2 -f /etc/apache2/httpd.conf -DFOREGROUND

Building Images

After you have completed your Dockerfile, you need to build the actual image. The docker build command needs the path to the directory containing the Dockerfile as a mandatory parameter. A path can also be a URL – or even the standard input. Additionally, it makes sense to name the resulting image directly and add a tag so that you can easily reference it later:

$ cd /path/to/Dockerfile
$ docker build -t myimage:test .

After building an image by reference to a Dockerfile, you can create and run containers based on the image. Listing 4 shows the output of the docker images command, which lists the locally available images.

Listing 4

Listing the Locally Available Images

01 docker images
02 REPOSITORY            TAG            IMAGE ID        CREATED           VIRTUAL SIZE
03 owncloud_httpd        latest         a08339e14faf    3 days ago        869.1 MB
04 owncloud_database     latest         0f12f4bfd2bd    3 days ago        254.5 MB
05 centos                latest         0c752394b855    3 weeks ago       124.1 MB
06 fedora                20             3f2fed40e4b0    4 weeks ago       372.7 MB
07 hachque/opensuse      13.1           042c8bfd4d0e    11 weeks ago      151.5 MB
08 hachque/opensuse      latest         042c8bfd4d0e    11 weeks ago      151.5 MB

To start a container, just type docker run owncloud_httpd:latest, which executes the container in the foreground. The -d parameter starts the container in the background. After running, Docker returns the checksum of the started container.

docker run -d centos:latest sleep 30
a6c462a7999ab01db374ffe502b02d5aac1cd6

This option proves especially useful when used in scripts. To start an interactive session in a container, you need the -i and -t parameters. -i stands for interactive and binds the container to the standard input; -t allocates a pseudo-terminal, and --rm lets you automatically delete the stopped container:

docker run -i -t --rm fedora:latest /bin/bash
bash-4.2# cat /etc/fedora-release
Fedora release 20 (Heisenbug)

The --rm option is useful for tests with containers that you do not want to continue after stopping them.

This procedure also makes it possible to start an interactive session and transfer the results (e.g., package installations or configuration changes) to a new image (Listing 5). The --name parameter in this example directly assigns a name, which the user can use later to access this container. If you do not specify --name, Docker generates a random name.

Listing 5

Building an Image Interactively

01 docker run -t -i --name httpd-build fedora:20 /bin/bash
02 bash-4.2# yum install -y httpd htop
03 <I>[...]<I>
04 Installed:
05   htop.x86_64 0:1.0.3-3.fc20  httpd.x86_64 0:2.4.9-2.fc20
06 bash-4.2# vi /etc/httpd/conf/httpd.conf
07 bash-4.2# exit
08 docker commit -a 'Tux <info@b1-systems.de>' -m 'Erster Versuch' \
  httpd-build myhttpd:latest
09 aeaee2e5070e60e1d8676d1fdc7340f4eff98f8de692d6eaadf2f84913b1d8e9

After a successful docker commit, you can now start a new container:

docker run -d myhttpd:latestapachectl -DFOREGROUND

The docker ps command displays only containers that are currently running. If Docker has stopped a container because the executed command was completed, the administrator must use docker ps -a to see all the containers.

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

SINGLE ISSUES
 
SUBSCRIPTIONS
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Docker

    Docker is an economical alternative to conventional virtualization. Because each Docker container shares the underlying operating system, it enjoys the resource isolation and allocation benefits of VMs but is much more portable and efficient.

  • Ansible Container Auto Deploy

    Streamline software deployment with Ansible and Docker containers.

  • Perl: Testing Modules with Docker

    If you want to distribute your programs across multiple platforms, you need to prepare them to run in foreign environments from the start. Linux container technology and the resource-conserving Docker project let you test your own Perl modules on several Linux distributions in one fell swoop.

  • Container Security

    A recent flurry of activity in the container space raises several interesting questions about security among a number of operational aspects in the enterprise environment.

  • Docker Announces Linux Kit and Moby Project

    Both projects help organizations build their own containerized systems.

comments powered by Disqus

Direct Download

Read full article as PDF:

Price $2.95

News

njobs Europe
What:
Where:
Country:
Njobs Netherlands Njobs Deutschland Njobs United Kingdom Njobs Italia Njobs France Njobs Espana Njobs Poland
Njobs Austria Njobs Denmark Njobs Belgium Njobs Czech Republic Njobs Mexico Njobs India Njobs Colombia