More examples
Usually the scripts of the containers are kept in git repositories,
not in a local directory (like /var/test/
that we have used so
far). Let’s try some of the simple scripts that are located at
https://gitlab.com/docker-scripts
1. Get the scripts
Let’s try to build an ubuntu container. We can get the scripts for the
container with the command ds pull
:
root@vps ~ # ds pull ubuntu Cloning into '/opt/docker-scripts/ubuntu'... warning: redirecting to https://gitlab.com/docker-scripts/ubuntu.git/ remote: Enumerating objects: 45, done. remote: Counting objects: 100% (25/25), done. remote: Compressing objects: 100% (24/24), done. remote: Total 45 (delta 5), reused 0 (delta 0), pack-reused 20 Unpacking objects: 100% (45/45), 17.91 KiB | 2.99 MiB/s, done.
Let’s have a look at the scripts that we just downloaded:
root@vps ~ # cd /opt/docker-scripts/ubuntu/ root@vps /opt/docker-scripts/ubuntu # tree . ├── Dockerfile ├── settings.sh ├── cmd │ ├── config.sh │ └── create.sh ├── inject │ └── setup.sh ├── README.md └── LICENSE
-
Dockerfile
:include(jammy) RUN apt install --yes openssh-server python3
Besides the basic image, we are also installing
openssh-server
andpython3
. -
settings.sh
:APP=ubuntu PORTS="2201:22"
Port
2201
is forwarded to22
, in order to allow SSH access. -
cmd/create.sh
:rename_function cmd_create orig_cmd_create cmd_create() { orig_cmd_create \ "$@" # accept additional options, e.g.: --privileged }
Although
cmd_create
is extended, it actually does not do any extra things. -
cmd/config.sh
:cmd_config() { ds inject ubuntu-fixes.sh ds inject setup.sh }
The script ubuntu-fixes.sh is defined by the framework itself, and
setup.sh
is the script below. -
inject/setup.sh
:#!/bin/bash -x ### generate a key pair [[ -f /host/sshkey ]] \ || ssh-keygen -t rsa -f /host/sshkey -q -N '' ### copy public key to authorized_keys mkdir -p /root/.ssh chmod 700 /root/.ssh cat /host/sshkey.pub > /root/.ssh/authorized_keys chmod 600 /root/.ssh/authorized_keys ### customize the configuration of sshd sed -i /etc/ssh/sshd_config \ -e '/PermitRootLogin/ c PermitRootLogin without-password' systemctl restart sshd
It generates an SSH key pair, if one is not already present, and corrects the SSH config.
2. Initialize a directory for the container
root@vps /opt/docker-scripts/ubuntu # cd root@vps ~ # ds init ubuntu @server1 Container initialized on '/var/ds/server1/'.
Note that because the directory of the container (@server1
) does not
start with ./
or ../
or /
, it is interpreted as a
subdirectory of $CONTAINERS
, which is set on
~/.ds/config.sh
and has as default value /var/ds/
.
root@vps ~ # cd /var/ds/server1/ root@vps /var/ds/server1 # ls settings.sh root@vps /var/ds/server1 # cat settings.sh APP=ubuntu IMAGE=ubuntu CONTAINER=server1 PORTS="2201:22"
So, initialization just copies settings.sh
on the directory of
the container and sets some values for IMAGE
and
CONTAINER
. The default value for IMAGE
is the name of
the scripts' directory, and the default value for CONTAINER
is
the name of the container’s directory. You may change them if you
wish, but the default values are usually OK.
3. Build and test the container
To build the image and start the container do:
root@vps /var/ds/server1 # ds make
Besides starting the container, it also runs any configuration or setup scripts.
Did you notice the file sshkey
that is created in the
directory? We can use it to login to the container, like this:
root@vps /var/ds/server1 # ssh -p 2201 -i sshkey root@localhost
The port 2201
on the localhost is forwarded to the port 22
of the
container, so we end up inside the container. With this key we can
also login to the container remotely (from outside the server).
Don’t you find it a bit strange that you did not have to open the port
|
4. Build another container
We don’t need to get the scripts with ds pull ubuntu
, because we
did it for the first container. However id doesn’t hurt to update
them.
Let’s initialize a directory for the container:
root@vps ~ # ds init ubuntu @server2 Container initialized on '/var/ds/server2/'. root@vps ~ # cd /var/ds/server2/ root@vps /var/ds/server2 # ls settings.sh root@vps /var/ds/server2 # cat settings.sh APP=ubuntu IMAGE=ubuntu CONTAINER=server2 PORTS="2201:22"
When we try to build it (with ds make
), we get errors like this:
Error response from daemon: driver failed programming external connectivity on endpoint server2 (df70bc5342142c45df6ff8ad80ebf0b73e71187f1904482d510d288ad7ee3336): Bind for 0.0.0.0:2201 failed: port is already allocated Error: failed to start containers: server2
Indeed, we can confirm with docker ps
that the port 2201
is
already being used for the container server1
:
root@vps ~ # docker ps --format '{{.Names}}: {{.Ports}}' server1: 0.0.0.0:2201->22/tcp, :::2201->22/tcp
Let’s edit settings.sh
, change the port to 2202
(or
something else), and try again:
root@vps /var/ds/server2 # vim settings.sh root@vps /var/ds/server2 # cat settings.sh APP=ubuntu IMAGE=ubuntu CONTAINER=server2 PORTS="2202:22" root@vps /var/ds/server2 # ds make
5. Build a debian container
The scripts for a simple debian container are almost identical to
those for a simple ubuntu container, except that the Dockerfile has
the line include(bullseye)
instead of include(jammy)
-
Get the scripts:
root@vps ~ # ds pull debian
-
Initialize container dir:
root@vps ~ # ds init debian @server3
-
Change the port on
settings.sh
:root@vps ~ # cd /var/ds/server3/ root@vps /var/ds/server3 # sed -i settings.sh \ -e '/PORTS=/ c PORTS="2203:22"' root@vps /var/ds/server3 # cat settings.sh APP=debian IMAGE=debian CONTAINER=server3 PORTS="2203:22"
-
Build the container:
root@vps /var/ds/server3 # ds make
-
Test it:
root@vps /var/ds/server3 # ssh -p 2203 -i sshkey root@localhost
6. Build other containers
6.1. Use a branch of the scripts
The command ds pull
can also have a branch argument:
root@vps ~ # ds pull Usage: pull <app> [<branch>] Clone or pull 'https://gitlab.com/docker-scripts/<app>' to '/opt/docker-scripts/<app>'. A certain branch can be specified as well. When a branch is given, then it is saved to '/opt/docker-scripts/<app>-<branch>'
Let’s use the branch buster
of the scripts' repo this time.
-
Get the scripts:
root@vps ~ # ds pull debian buster Cloning into '/opt/docker-scripts/debian-buster'... warning: redirecting to https://gitlab.com/docker-scripts/debian.git/
-
Initialize the container:
root@vps ~ # ds init debian-buster @server4 Container initialized on '/var/ds/server4/'.
-
Customize
settings.sh
:root@vps ~ # cd /var/ds/server4/ root@vps /var/ds/server4 # sed -i settings.sh \ -e '/PORTS=/ c PORTS="2204:22"' root@vps /var/ds/server4 # cat settings.sh APP=debian-buster IMAGE=debian-buster CONTAINER=server4 PORTS="2204:22"
-
Build the container:
root@vps /var/ds/server4 # ds make
-
Test it:
root@vps /var/ds/server4 # ssh -p 2204 -i sshkey \ root@localhost cat /etc/os-release PRETTY_NAME="Debian GNU/Linux 10 (buster)" NAME="Debian GNU/Linux" VERSION_ID="10" VERSION="10 (buster)" VERSION_CODENAME=buster ID=debian HOME_URL="https://www.debian.org/" SUPPORT_URL="https://www.debian.org/support" BUG_REPORT_URL="https://bugs.debian.org/" Connection to localhost closed.
6.2. Get the scripts with git clone
This time let’s get the scripts with git clone
instead of ds pull
.
-
Get the branch
buster
of thedebian
repo:root@vps ~ # git clone -b buster \ https://gitlab.com/docker-scripts/debian \ /opt/docker-scripts/test/buster Cloning into '/opt/docker-scripts/test/buster'...
-
Initialize the container:
root@vps ~ # ds init test/buster @server5 Container initialized on '/var/ds/server5/'.
-
Customize
settings.sh
:root@vps ~ # cd /var/ds/server5/ root@vps /var/ds/server5 # sed -i settings.sh \ -e '/PORTS=/ c PORTS="2205:22"' root@vps /var/ds/server5 # cat settings.sh APP=test/buster IMAGE=buster CONTAINER=server5 PORTS="2205:22"
-
Build the container:
root@vps /var/ds/server5 # ds make
-
Test it:
root@vps /var/ds/server5 # ssh -p 2205 -i sshkey \ root@localhost cat /etc/os-release PRETTY_NAME="Debian GNU/Linux 10 (buster)" NAME="Debian GNU/Linux" VERSION_ID="10" VERSION="10 (buster)" VERSION_CODENAME=buster ID=debian HOME_URL="https://www.debian.org/" SUPPORT_URL="https://www.debian.org/support" BUG_REPORT_URL="https://bugs.debian.org/" Connection to localhost closed.
7. Clean up
Let’s remove all the test containers:
root@vps ~ # for dir in /var/ds/server[1-5] ; do \ cd $dir ; ds remove ; done root@vps ~ # rm -rf /var/ds/server[1-5] root@vps ~ # rm -rf /opt/docker-scripts/{ubuntu,debian,debian-buster,test}