http://veithen.github.io/2015/01/08/supervisord-redirecting-stdout.html


stdout_logfile=/dev/stdout
stdout_logfile_maxbytes=0


stderr_logfile=/dev/stderr
stderr_logfile_maxbytes=0


https://github.com/docker/docker/issues/11432


아래는 docker_1.5 dev 버전 기준..( commit 52f6da223839a5ac1fc003b259b74f6a02fc2858 )


아래 디렉토리의 모든 디렉토리를 지운다.

/var/lib/docker/execdriver/native


컨테이너중 running 이라면 해당 컨테이너의 ID 폴더가 있는게 정상이지만,

모든 컨테이너가 중지 되어 있다면, 모두 삭제 되어야함.






port forwading

https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/4/html/Security_Guide/s1-firewall-ipt-fwd.html

http://serverfault.com/questions/342407/linux-how-to-port-forwarding-with-iptables-between-2-hosts-on-different-network


mysql server 실행

docker run --name chozo99 --rm -e MYSQL_ROOT_PASSWORD=**** mysql:5.5


docker inspect --format '{{ .NetworkSettings.IPAddress }}' chozo99


local 에서 mysql 접속...

mysql --host=`docker inspect --format '{{ .NetworkSettings.IPAddress }}' chozo99` -uroot -p'****' mysql


외부에서 접속시 포트개방

$ echo 1 > /proc/sys/net/ipv4/ip_forward


$ iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 3306 -j DNAT \

      --to `docker inspect --format '{{ .NetworkSettings.IPAddress }}' chozo99`:3306

$ iptables -t nat  -A POSTROUTING -j MASQUERADE


reference

iptables -t nat -D PREROUTING -i eth0 -p tcp --dport 3306 -j DNAT \

      --to `docker inspect --format '{{ .NetworkSettings.IPAddress }}' chozo99`:3306

$ iptables -t nat -D POSTROUTING -j MASQUERADE


iptables -t nat -L PREROUTING  -n --line-numbers

iptables -t nat -D PREROUTING 2






http://blog.docker.com/2013/07/how-to-use-your-own-registry/

https://github.com/docker/docker-registry


0. https://github.com/docker/docker-registry  설치

$ docker run -p 5000:5000 registry 

or

$ docker run --name my_registry -p 5000:5000 -v /my_storage/registry:/tmp/registry registry



1. 해당 이미지의 IMAGE ID 확인

$ docker images 

REPOSITORY                 TAG                 IMAGE ID            CREATED             VIRTUAL SIZE

1234                       latest              40e372dbf7a1        23 hours ago        780.6 MB


2. tag

ps. 푸시 할때 REPOSITORY 를 이용하므로 자신의 repository 주소를 포함한 이름으로 수정 해야함.

이름작성시 domain 구분자(.) 또는  port 구분자(:) 가 있어야함

일반적으로 REPOSITORY 는 username/imagename

따라서 REPOSITORY 를 보고 Public 인지 판단.


$ docker tag 40e372dbf7a1 192.168.20.211:5000/1234

$ docker  images 

REPOSITORY                 TAG                 IMAGE ID            CREATED             VIRTUAL SIZE

1234                       latest              40e372dbf7a1        22 hours ago        780.6 MB

192.168.20.211:5000/1234   latest              40e372dbf7a1        22 hours ago        780.6 MB


3. push

$ docker push 192.168.20.211:5000/1234


4. Search

$ docker search 192.168.20.211:5000/123

NAME           DESCRIPTION   STARS     OFFICIAL   AUTOMATED

library/1234                 0                    

or

$ curl -X GET http://192.168.20.211:5000/v1/search

{"num_results": 1, "query": "", "results": [{"description": "", "name": "library/1234"}]}

-----

$ curl -X GET http://192.168.20.211:5000/v1/search | python -m json.tool

{

    "num_results": 1,

    "query": "",

    "results": [

        {

            "description": "",

            "name": "library/1234"

        }

    ]

}


5. Delete

namespace=library; repository=1234

$ curl -X DELETE http://192.168.20.211:5000/v1/repositories/1234/




Note. 

docker pull/push 할때 아래 에러 발생시, 해당 머신의 docker 데몬 옵션 변경 필요 ( registry server 아님 )

ps. trusted 된 인증이 아니라면( by 인증기관 ) 간단히 아래 처럼 사용 ( self cert  안됨 : ... x509: certificate signed by unknown authority ... 에러 발생)




FATA[0004] Error: v1 ping attempt failed with error: Get https://192.168.20.211:5000/v1/_ping: EOF. If this private registry supports only HTTP or HTTPS with an unknown CA certificate, please add `--insecure-registry 192.168.20.211:5000` to the daemon's arguments. In the case of HTTPS, if you have access to the registry's CA certificate, no need for the flag; simply place the CA certificate at /etc/docker/certs.d/192.168.20.211:5000/ca.crt


기본적으로 ssl을 사용하므로, 인증서가 필요함

간단히 사용하고자 한다면 


/etc/default/docker 파일에 아래 추가

DOCKER_OPTS="$DOCKER_OPTS --insecure-registry=192.168.20.211:5000"


$ service docker restart



http://askubuntu.com/questions/168280/how-do-i-grant-sudo-privileges-to-an-existing-user


sudo usermod -a -G sudo <username>


       -a, --append

           Add the user to the supplementary group(s). Use only with the -G option.


       -G, --groups GROUP1[,GROUP2,...[,GROUPN]]]

           A list of supplementary groups which the user is also a member of. Each group is separated from the next by a comma, with no

           intervening whitespace. The groups are subject to the same restrictions as the group given with the -g option.


           If the user is currently a member of a group which is not listed, the user will be removed from the group. This behaviour can be

           changed via the -a option, which appends the user to the current supplementary group list.






useradd -U -s /bin/bash -m <username>


       -U, --user-group

           Create a group with the same name as the user, and add the user to this group.


           The default behavior (if the -g, -N, and -U options are not specified) is defined by the USERGROUPS_ENAB variable in /etc/login.defs.



       -s, --shell SHELL

           The name of the user's login shell. The default is to leave this field blank, which causes the system to select the default login shell

           specified by the SHELL variable in /etc/default/useradd, or an empty string by default.



       -m, --create-home

           Create the user's home directory if it does not exist. The files and directories contained in the skeleton directory (which can be

           defined with the -k option) will be copied to the home directory.


           By default, if this option is not specified and CREATE_HOME is not enabled, no home directories are created.




set -e

bash script 실행중 에러 발생시 즉시 종료( 자세한 내용은 manpage 참조 )


man bash

...

SHELL BUILTIN COMMANDS

...


       set [--abefhkmnptuvxBCEHPT] [-o option-name] [arg ...]

       set [+abefhkmnptuvxBCEHPT] [+o option-name] [arg ...]

...

              -e      Exit  immediately if a pipeline (which may consist of a single simple command), a list, or a compound command (see SHELL GRAMMAR above),  exits with a non-zero status.  The shell does not exit if the command that fails is part of the command list immediately following a while  or  until

                      keyword, part of the test following the if or elif reserved words, part of any command executed in a && or || list except the command following

                      the final && or ||, any command in a pipeline but the last, or if the command's return value is being inverted with !.  If a  compound  command

                      other  than  a subshell returns a non-zero status because a command failed while -e was being ignored, the shell does not exit.  A trap on ERR,

                      if set, is executed before the shell exits.  This option applies to the shell environment and each subshell environment separately (see COMMAND

                      EXECUTION ENVIRONMENT above), and may cause subshells to exit before executing all the commands in the subshell.


                      If a compound command or shell function executes in a context where -e is being ignored, none of the commands executed within the compound com‐

                      mand or function body will be affected by the -e setting, even if -e is set and a command returns a failure status.  If a compound  command  or

                      shell  function  sets  -e while executing in a context where -e is ignored, that setting will not have any effect until the compound command or

                      the command containing the function call completes.



https://www.digitalocean.com/community/tutorials/how-to-install-java-on-ubuntu-with-apt-get


sudo apt-get install software-properties-common

sudo add-apt-repository ppa:webupd8team/java

sudo apt-get update

sudo apt-get install oracle-java8-installer


alternative

sudo update-alternatives --config java



ref: https://docs.docker.com/installation/ubuntulinux/#ubuntu-trusty-1404-lts-64-bit


Ubuntu-maintained Package Installation

To install the latest Ubuntu package (this is not the most recent Docker release):


$ sudo apt-get update

$ sudo apt-get install docker.io

Then, to enable tab-completion of Docker commands in BASH, either restart BASH or:


$ source /etc/bash_completion.d/docker.io





==> 예전 버전의 경우 docker exec 가 안되므로, 아래 최신 버전 사용 권장


Docker-maintained Package Installation


Add the Docker repository key to your local keychain.

$ sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 36A1D7869245C8950F966E92D8576A8BA88D21E9



Add the Docker repository to your apt sources list, update and install the lxc-docker package.

You may receive a warning that the package isn't trusted. Answer yes to continue installation.



$ sudo sh -c "echo deb https://get.docker.com/ubuntu docker main > /etc/apt/sources.list.d/docker.list"

$ sudo apt-get update

$ sudo apt-get install lxc-docker





require

sudo apt-get install vim ctags



vimconf.tar.gz


+ Recent posts

티스토리툴바