Linux Academy Learn Notes

Linux Essentials Certification

Globbing

ls ?.txt --- ? stands for one character while * means one or more characters
ls [F]*.txt --- list file starting with F
ls [F]*.txt --- list file starting with F
ls f[igh] --- the first character is f, but the second letter could be each of the characters in the bracket
ls [A-Z]*.txt --- list text files that start with a capital letter

Introduction To The Linux Academy

Connecting to Your Server from OSX or Linux

user@ip, 123456
passwd to change password

Connecting to Your Server from Windows

user@ip, port 22

Mastering The Linux Command Line

A Look At Text Editors

vi -- :w! means save without closing
vi -- :wq! means save and quit

Command Line Keyboard Shortcuts

ctrl+a: quickly go to the start of the line
ctrl+e: quickly go to the end of the line
ctrl+l: clear the screen but the current command
ctrl+w: delete one word at a time towards the start of the line
ctrl+t: switch the character in front of the cursor and the character cursor is on
ctrl+f: move the cursor one character at a time towards the end
ctrl+b: move the cursor one character at a time towards the start
ctrl+d: delete one character at a time on the cursor
ctrl+h: delete the character before the current cursor towards the start
ctrl+u: delete everything in front of the cursor towards the start (excluded)
ctrl+k: delete everything after the cursor towards the end (included)
ctrl+p: take the last command executed

Aliases

echo "hello world" >> file.txt append the message to the existing file.txt
alias showlog = "tail -f /var/log/file"
alias doesn't work everytime you log out

Bash Shell Configuration File & Shell Variables

add alias to .bashrc or .bash_profile so that it will work everytime you log back in
env: show all the variables set

Setting & Unsetting Environment Variables

set: show all the environment variables set in the current bash shell
mkdir -p /directory/log: create the directory if it doesn't exist and then create log
echo "my messages" > file.txt, redirect the message to the file
echo "my messages append" >> file.txt, append the messages to the file
export CUSTOM_LOG = "/home/log", set the environment variable
unset CUSTOM_LOG , delete the environment variable
.bashrc, which is the configuration file will run every time we log in the system
cd profile.d and add a customized shell, it will be executed everytime any user logs in

Customizing The Bash Prompt

h: hostname
u: user
: time
j: show the number of jobs running in the background
By modifying PS we could customize the Bash prompt
w: show the entire current working directory
d: show date
W: the last part of the current working directory

Command Line History

whoami: show the current user
.bash_history: stores all the history of the typed command line
ctrl+r: search for the command history
history -c: clear all the history

Creating A Simple Bash Script To Automate Commands

Take the course "Introduction to bash scripting and linux automation"
#!/bin/bash: identifying the interpreter that will run the script
chmod +x myscript: give the execution permission of the file

Which and Whereis

which: show the whole path of the shell command
If the library path has been set in PATH environment variable, then we could just type the command without the full path. e.g. /bin is set in the PATH variable , then we could just type pwd, not /bin/pwd.
whereis: show the binary path and also the where is the command in the man page
So if one day you type ls and it doesn't work, then use which and whereis to find the full path of it
whereis -b iptables: find only the binary files of iptables

Finding Files With Locate

touch file1 file2 file3: This command would create three new, empty files named file1, file2 and file3
locate: this command will search for the file according to the name in a pre-populated database so it's fast. However this db needs to be updated by a cron job or by manually typing 'updatedb' command

The Powerful Find Command

find . -name 'cron*' -- search for all the files and directories start with cron inside the current directory and subdirectories
find . -type f -name 'cron*' -- search for only files, no directories
find . -type d -name 'cron*' -- search for only directories, no files
touch file: this command is used to modify the file's last access time. if the file doesn't exist, then it creates an empty new file
find /home -perm 777 -- find all the files with 777 permission
find /home -perm 777 -exec chmod 555 {} ; This command will change the permission of the files found. {} means for each of the found file and ; is a good syntax ended
find / -mtime +1 -- find all the files modified in the past one day
find / -a +1 -- find all the files accessed in the past one day
find / -group nameofgroup -- find all the files owned by a group
find . -size 1M -- find files of size 1M
find . -name 'file*' -exec rm {} ; delete all the files found. {} here means the filename

wc, split, cat, and diff commands

cat file1 file2: combines the two files to the output
cat file* | wc -l count the line number
split -l 2 file1 means split file1 to two files, each of which has two lines
diff file1 file2 differences between two files

Streams (stdin, stdout, stderr) and Redirects

A sream is what displayed on the linux screen
stdin: what you typed in the command line
stdout: what output/displayed by linux
stderr: error throw by linux
cat * > newfile redirect the stdout to the newfile
cat * >> newfile append the stdout to the newfile
ls filedoesntexist 2> newfile : redirect the stderr to the new file
ls filedoesntexist 2>> /dev/null : redirect the error to nothing which means hide the errors
cat file1 file2 nofile > mystdoutput 2> mystderr : redirect the output and error to two separate files
cat file1 file2 nofile > mystdoutput 2>&1 : also redirect the stderr to the same file
set -o noclobber : means you can't override the file using single redirect >
set +o noclobber : turn it on

Pipes

Pipes allows us to take the output from one command and put it as the input of the other command
sort -f : sort while ignore the case

grep, egrep, and fgrep

grep ^hello testfile : grep the line starting with hello
grep -c ^hello testfile : count all lines starting with hello
grep hello$ testfile : grep the line ending with hello
grep [hasksxaxs] testfile : grep all the lines containing one or more of the characters in the list
grep [a-g] testfile : grep all the lines containing characters between a and g
grep -f greppattern testfle : grep the lines in testfile mathing the pattern specified in the greppattern file
grep -lr cron /etc : grep all the files recursively that has this pattern in the filename
egrep -v 'hello|world' testfile : grep everything that is not hello or world
egrep 'hello' testfile | grep -v jeff
egrep id for extened regular expressions
grep -E means the same thing as egrep
grep -F means the same thing as fgrep
fgrep means diable all regular expressions, just mathing the keyword as it is
fgrep will be faster as it doesn't use regular expression

Cut Command

cat passwd : see the contents of the password file
cut -f1 -d : passwd --- get the first field cut by ':'
-f for field

sed Stream Editor

sed 's/parttime/fulltime/' teamfile -- s means substitution. This command means change all parttime to fulltime in the teamfile
sed 's/parttime/fulltime/w promotions.txt' teamfile -- s means substitution. This command means change all parttime to fulltime in the teamfile and write all the changes to promotions.txt
sed '/fulltime/w fulltime.txt' teamfile write all fulltime lines to fulltime.txt, this will also output the contents of teamfile without any change
sed '/fulltime/w fulltime.txt' teamfile /dev/null write all fulltime lines to fulltime.txt without any output
sed '0,/parttime/s/parttime/promotion/' teamfile -- the first occurence of parttime will be chnaged to promotion
sed 's///' teamfile --- replace all the strings like not with nothing (delete)

tee command

tee allow us to read from stdin and write to stdout and files
ls | tee mynewfile --- tee command will take the output of the first ls command and write it to mynewfile. The output of the first command will also be displayed as if it is just ls command
ls | tee mynewfile mynewfile2 --- could write to multiple files
ls | tee -a file --- append the output to the file but not overwrite it. -a for append
ls f* | wc -l | tee count.txt --- will display the output results as well. ls f* | wc -l > count.txt will not display the output result

Using Test/Tests On The Linux Command Line

test -f file1 && echo "true" --- test if file1 exist, && means if the first part is true, then the next part will be executed
test -w file1 && echo "true" --- test if file1 is writable
test 1 -gt 2 && echo "true" --- test if 1 is greater than 2
test 1 -gt 2 || echo "false" --- || means if the first part is false, then the next part will be executed
test 1 -gt 2 && echo "true" || echo "false" --- if true return 'true' if false, return 'false'
[] will evaluate the expression inside it
[5 -eq 5]; echo $? --- will return 0 if true and return 1 if false
["hello" = "hello"]; echo $? --- will return 0 if true and return 1 if false
test 5 -eq 5 && echo "yes" || "no"

Lab: Check For Text On A Web Site From The Linux Command Line Using curl & Test

curl -s google.com | egrep -ci "301 moved" > /dev/null && ehoc "file has moved" || echo "false" --- could be used to test if the web server is down
curl -s google.com | egrep -ci "Internal Server Error" > /dev/null && mail -s "internal server error" chi.zhang@gmail.com

Writing A For Loop On The Command Line

for name in `ls`; do echo $name; done; this command will echo the file name one by one from ls command. ` quote will open up a shell, execute the command inside it and put the output to for loop
for line in `cat file1`; do echo $line; done;
for line in `cat file1`; do echo $line+helloworld; done;
for line in `cat file1`; do touch $line; done;
for file in `ls /etc`; do echo $file; done;

DevOps Essentials

Continuous Integration and Continuous Deployment

Continuous Integration is that people in different modles merge their codes frequently to avoid the possiblily of conflicts or breakings.
Continuous Delivery is about how to decide that the current features are valuable enough to be released

Jenkins and Build Automation

Introduction

Continuous integration is a development practice that requires developers to integrate code into a shared repository several times per day.
Build pipeline is a process by which the software build is broken down in sections: Unit test, Aceeptance test, Packaging, Reporting, Development, Notification

Prerequisites

telnet localhost 8080 : find out whether something is running on the port
netstat -anp | grep 8080
rpm -Uvh jdk-8u25-linux-x64.rpm : Uvh means update if java already exist
alternatives --config java : list the installed java versions
/etc/rc.d/rc.local : this file will be run everytime for every user when a session is opened including service accounts

Linux Essentials Certification

Globbing

ls ?.txt --- ? stands for one character while * means one or more characters
ls [F]*.txt --- list file starting with F
ls [F]*.txt --- list file starting with F
ls f[igh] --- the first characer is f, but the second letter could be each of the characters in the bracket
ls [A-Z]*.txt --- list text fils that start with a capital letter

Docker Deep Dive

Creating Our First Image

do a system control/chkconfig on on linux to ensure the service start when system reboot
docker info - basic information of the current docker installed
docker inspect imageName - give all the info of a image in json
uname -a : info about the current os system running
docker run -i -t ubuntu /bin/bash : open a interaction shell to run commands interactively
top : check the prcess running
apt-get update downloads the package lists from the repositories and "updates" them to get information on the newest versions of packages and their dependencies. It will do this for all repositories and PPAs

Working With Multiple Images

cat /etc/issue : check the linux distribution and kernel info
docker run, t means connect to my console, -i means interactive
docker search ubuntu : search for ubuntu keywords in docker hub or docker repo

Packaging A Customized Container

docker commit -m="Added a ruby module using gem" -a="Linux Academy" a2c67c450ed6 linux academy/sinimage:v1.1 Build a new image
docker -t -i linuxacademy/sinimage:v1.1 /bin/bash Create a container from the base imgae we create so that we can interact directly with it
docker run -t -i training/sinatra /bin/bash Build from the Dockerfile.
Dockerfile : # This is our custom Dockerfile build for sharing FROM ubuntu:latest MAINTAINER Linux Academy RUN apt-get update RUN apt-get install -y ruby ruby-dev

Running Container Commands With Docker

docker run -d ubuntu:latest /bin/bash -c "while true; do echo DOCKERMAN; sleep 1; done" : -d means detached the docker to make it run in the background
docker stop image_instance_name
docker logs image_instance_name: check the log
docker logs image_instance_name | wc -l
docker pull centos:centos6 will download the centos image with tag centos6

Exposing Our Container With Port Redirects

docker run -d -p 8080:80 tutum/apache-php -p means port, redirect local port 8080 to the container port 80 (apache port)
docker create -it --name="my_container" ubuntu:latest /bin/bash ---- create a container but not run it.
docker restart the container and then use docker attach to go into the running container

Container Snapshots

lynx is a brower in linux command line.
docker commit container_id centos6:withapache

Attach to a Running Container

docker inspect container_name | grep IPAddress | cut -d ":" -f2 | cut -d """ -f2
docker attach container_name : pompt the shell of the container
containers are process oriented, by default it doesn't do anything, we should tell them to do something

Removing Images

docker rmi image_id : remove images. Can't delete the image if there is a container depending on it.
docker rm container_id : remove container

Directory Structure

cd /var/lib/docker
init: binary initialization/definition of docker
cat repositories-devicemapper
cat repositories-devicemapper | python -mjson.tool : -mjson.tool is a python tolol to format the json
cd containers, list all the containers directory, it will list the log file and configuration file
cd to containers directory and manually delete all the containers by rm -rf *, then sudo service docker restart, then docker will re-read the directory structure

Services That Run on Startup

docker run -i -t centos6:withapache /bin/bash, then which service, got /sbin/service, then vi .bashrc, then add a line /sbin/service httpd start
The reason docker is not ready to do productinon work is that the shell interaction withh containers is always root (priviliedge)
Another way to run a certain service or command is to create a script and then add it to .bashrc
!/bin/bash rm -rf /run/httpd/* exec /user/sbin/apachectl -D FOREGROUND
chmod 755 /usr/bin/runhttp.sh
add "/usr/bin/runttp.sh" to .bashrc

Dockerfile: Tying It Together

FROM centos:centos6 ---- Inherit from the base imgae that the repo has or installed locally. First find it locally, if not, find it from docker repo
MAINTAINER Chi ---- Have to have contact infor if want to public to docker pub
FROM centos:centos6 MAINTAINER Chi RUN yum -y update; yum clean all Run yum -y install httpd Run echo "This is our new Apache Test Site" >> /var/www/html/index.html EXPOSE 80 RUN echo "/sbin/service httpd start" >> /root/.bashrc
The whole contents in Dockerfile:
FROM centos:centos6 MAINTAINER Chi RUN yum -y update; yum clean all Run yum -y install httpd Run echo "This is our new Apache Test Site" >> /var/www/html/index.html EXPOSE 80 RUN echo "/sbin/service httpd start" >> /root/.bashrc
Then docker build -t chi:centos6 . --- . means you can find the Dockerfile right here
Each step of the commands in Dockerfile is executed within a new intermidiate container based on the last step

Pushing Images to Docker Hub

docker images --- show all the images
docker ps -a ---- show all the containers
docker build -t ronchy/centos6:beta1 .
docker push ronchy/centos6:beta1

Adding External Content

FROM ronchy:centos6
MAINTAINER ronchy
ADD testfile.html /var/www/html/testfile.html --- add the testfile.html to the contents of the image
docker build -t test:html .
docker run -i -t test:html /bin/bash ---- test:html is the repo/tag

Image Volume Management

docker -i -t -v /myapp test:html /bin/bash --- -v means add a volume directory
then create myvolume directory in the local server
docker run -i -t -v /root/myvolume:/var/volume test:html /bin/bash ---- it will mount the local myvolume directory to the container's /var/volume directory
Then if you add a file to local myvolume directory, it will be added to the container's iner directory as well imediately

Advanced Container Network Management

ip link add br10 type bridge ---- add bridge br10 to the bridge network interface
ip addr add 10.10.100.1/24 dev br10 --- add an address range to the adaptor,
ip link set br10 up --- link these together and bring up the network bridge
docker.io -d -b br10 & ---- ask docker to use this bridge
then if you run docker run -i -t centos:centos6 /bin/bash, docker will be bring up on the up 10.10.100.2. 10.10.100.1 is juet the range/gateway
cd /etc/rc.local; this script will be executed after reboot

Interactive Shell Control

docker run -i -t --name MYCONTAINER test:html /bin/bash
then docker ps to check the container name
docker run -i -t -d --name MYCONTAINER test:html /bin/bash
docker attach MYCONTAINER
docker exec -i -t MYCONTAINER /usr/bin/top ---- This allows to attach to the container and run the command in another prompt. If you exit this prompt, it will exit this container but doesn't kill your original container
docker exec -i -t MYCONTAINER /usr/bin/top ---- This allows to attach to the container and run the command in another prompt. If you exit this prompt, it will exit this container but doesn't kill your original container. This allows you to open up a new shell with the running container without affecting the eixting shell

Previous Container Management

docker ps -a | grep "7 days" to show the docker status about 7 days ago
docker ps -a | grep "7 days" | awk '{print $1}' | xargs docker rm ---- awk, print $1 means print the first column, xargs pass the previous commands result to 'docker rm' command

Container Routing

route add -net 172.17.0.0 netmask 255.255.255.0 gw 192.168.1.35 ----Anything goes to 172.17.0.0 will use 192.168.1.35 as gateway
then netstat -rn to check the above result
172.17.0.0 means the 172.17.0.* range

Sharing Container Resources

run -d -i -t -v /data --name DATA1 ronchy:centos6 /bin/bash
run -d -i -t --volume-from DATA1 --name DATA2 ronchy:centos6 /bin/bash === the second container mount the volume directories from the first container

Committing a Running Container (Snapshot Images)

docker run will first create a container and then run the image inside it

Container Linking and Communication

The ENV of mywebserver container will be added to myestcontainer ENV | more
link together two containers so that they can securely share information amongst themselves about their IPs, applications and ports all automatically and through environment variables.
docker run -i -t --name mytestcontainer --link mywebserver:localweb ronchy;centos6 /bin/bash === This will enable the testcontainer to get the ip and ports and so on of mywebserver container

Taking Control of Ports

docker run -i -t -P test:html /bin/bash === dynamically map the internal ports within the container to the local port ranges from 49000 to 49900
then the curl http://localhost:49154 (do docker ps to check the assigned port) will get the same result as curl http:172.17.0.23 (ip of docker)
docker run -i -t -p 127.0.0.1:5000:80 test:html /bin/bash === map 5000 in local port to 80 inside container

Five Useful Docker CLI Commands

docker cp container_name:/etc/yum.conf tmp --- copy the yum.conf file from the container to the local server within the temp directory
docker diff container_Name === Show all changes of a contaienr since the base image file. C for change, A for add and D for delete
docker events === Real time monitor to see the docker events
docker events --since '2016-07-30' show the events from a certain time
docker history centos:lates === show the history of a certain image
docker -d -i -t --name MyTestContainer1 centos:centos6 /bin/bash; then docker exec -i -t MytestContainer1 /usr/bin/yum -y update ==== This will pas the command to the running container
then docker attach MyTestContainer1 will also directly go into this container

More Useful Docker CLI Commands

docker info; docker -D info, -D means denug will give more info about docker
docker inspect container_name will give json info about this container
docker top container_name == show the top command of the container
docker stop container_name will take serveral seconds to stop it but docker kill container_name is as doing a kill -9 command
docker pause container_name === everything in the container is paused. curl http://ip wil not work.
docker unpause container_name will make the container wokr again
docker export container_name > container_name.tar === this will build the image to the tar file
docker load < container_name.tar or docker load -i container_name.tar; this will read the tar file
docker export a container and docker save an image. The exported version is slightly smaller. That is because it is flattened, which means it lost its history and meta-data.

Optimizing Our Dockerfile Builds

docker images -t will show all the intermediate containers built
instead of doing RUN yum -y upadte; RUN yum -y install httpd; we could do RUN yum -y update && yum -y install httpd && yum -y install openssh-server, all the chained commands should be in just one line not separated lines as before
then docker build -i optimized . === optimized is the image name. The chained commands won't ned to commit in between and intermediate containers

Building a Web Farm for Development and Testing (Part Four)

yum install nginxl; cd /etc/nginx; cd sites-available; vi default.conf; negix could forward the http request from a ip:host to another

Testing Version Compatibility - Using Tomcat and Java (Part One)

alternatives --install /usr/bin/java java /opt/java/bin/java 2 ==== link the /usr/binjava to java application and pass /opt/java/bin/java (the actual path) to the java application.
alternatives --config java === complete the java configuration. This gives us oppotunity to choose which java application to run
alternatives --set jar /opt/java/bin/java
alternatives --set jarc /opt/java/bin/javac
alternatives --install /usr/bin/java java /opt/java/bin/java 2 (2 is the priority means the first path will be the primary one if present)

Testing Version Compatibility - Using Tomcat and Java (Part Two)

docker commit container_name repo:tag

Testing Version Compatibility - Using Tomcat and Java (Part Three)

docker run -i -t --name=tomcatweb7 -v /root/docker/downloads:/root/Downloads -p 8180:8080 -e JAVA_HOME=/opt/java -e JRE_HOME=/opt/java centos6:jdk7tomcat7 /bin/bash
We do a -e to pass the environment variables to container as docker doesn't have a way to persist the environment variables across the containers

Dockerfile

# This is our custom Dockerfile build for sharing

FROM ubuntu:latest

MAINTAINER Linux Academy <linuxacademy@email.com>

RUN apt-get update

RUN apt-get install -y ruby ruby-dev

Docker Exercise: Exercise: Installation and Image Setup

1 Exercise
2 Solution

1. Update your system as appropriate for the distribution you are using. Once updated, for the duration of this exercise, completely disable SELinux on the system and reboot. Once logged in, verify that SELinux is disabled.

[user@linuxacademy:~] sudo yum update (or upgrade)

(Output) Repo updates and packages needing to be updated will be listed here

[user@linuxacademy:~] sudo vim /etc/selinux/config

(Output)...

Find the line: SELINUX=enforcing

Set it to: SELINUX=disabled

Save the file and exit

(Output)...

[user@linuxacademy:~] cat /etc/selinux/config | grep "SELINUX="

2. Using the appropriate package management commands, install the 'docker' package. Once installed, enable the service so that it starts upon reboot. Additionally, start the 'docker' service and verify it is running.

[user@linuxacademy:~] sudo yum -y install docker

(Output) Package downloads and installs here

CentOS 6.x SOLUTION

[user@linuxacademy:~] sudo chkconfig docker

[user@linuxacademy:~] sudo service docker start

CentOS 7.x SOLUTION

[user@linuxacademy:~] sudo systemctl enable docker

[user@linuxacademy:~] sudo systemctl start docker

[user@linuxacademy:~] ps aux | grep docker

(Output)

root 5802 0.0 0.3 346424 12936 ? Ssl 21:02 0:00 /usr/bin/docker -d --selinux-enabled

(Output)

3. Enable the non-root users to run 'docker' commands on the system. Create the appropriate group, add the users you want to have access to 'docker' commands, restart the 'docker' service and verify that non-root users can run basic 'docker' commands.

[user@linuxacademy:~] sudo groupadd docker

[user@linuxacademy:~] vim /etc/group

(Output)...

Find the line that looks like: docker:x:1001:

Add the 'user' user to the end of that line (after the :)

(Output)...

[user@linuxacademy:~] sudo service docker restart (OR sudo systemctl restart docker)

[user@linuxacademy:~] docker images

(Output)

REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE

(Output)

4. Once 'docker' is installed and non-root users can run commands, use the appropriate 'docker' commands and options to download the latest available image in the public repository for Ubuntu. Once downloaded and installed, verify the image appears in the local base image list.

[user@linuxacademy:~] docker pull ubuntu:latest

(Output) NOTE: Your output may differ if image has been updated

latest: Pulling from docker.io/ubuntu

6071b4945dcf: Pull complete

5bff21ba5409: Pull complete

e5855facec0b: Pull complete

8251da35e7a7: Pull complete

Digest: sha256:1572e29178048ad9ab72e78edd4decc91a3d8a8dea0ca39817efc7cf2d86c6d7

Status: Downloaded newer image for docker.io/ubuntu:latest

(Output)...

[user@linuxacademy:~] docker images

(Output) NOTE: Again, your output may differ slightly

REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE

docker.io/ubuntu latest 8251da35e7a7 11 days ago 188.3 MB

(Output)...

5. Start a container based upon the Ubuntu base image downloaded in Step #4. When you start the container, start it connected to the current terminal, in interactive mode, starting the bash shell for you to connect to. You may exit the container at that time.

[user@linuxacademy:~] docker run -it docker.io/ubuntu:latest /bin/bash

(Output) NOTE: Your output will differ based on the container ID assigned

root@7aaf3de3ed4f:/# exit

Support

Docker Exercise: Exercise: Creating Images from Containers

1 Exercise
2 Solution

1. Using the CentOS 6 base image download, start a container based on that image. Be sure that container starts connected to the current terminal in interactive mode and runs the bash command so you are logged in to the command prompt on the container once it boots.

[user@linuxacademy:~]$ docker run -it centos:centos6 /bin/bash

(Output)

[root@b237d65fd197 /]#

(Output)

2. Once you are sitting at a command prompt on the running container, execute the update command (installing all updates for the container OS).

[root@b237d65fd197 /]# yum -y update (or yum -y upgrade)

(Output)

List of packages needing update and being applied here

(Output)

3. Now that updates are complete, install the Apache Web Server. Once installed, make sure the web server service will start and verify that the container is listening on port 80 (install other software if needed to do so).

[root@b237d65fd197 /]# yum install httpd

(Output)

Installed:

httpd.x86_64 0:2.2.15-45.el6.centos

Dependency Installed:

apr.x86_64 0:1.3.9-5.el6_2 apr-util.x86_64 0:1.3.9-3.el6_0.1 apr-util-ldap.x86_64 0:1.3.9-3.el6_0.1

httpd-tools.x86_64 0:2.2.15-45.el6.centos mailcap.noarch 0:2.1.31-2.el6 redhat-logos.noarch 0:60.0.14-12.el6.centos

Complete!

(Output)

[root@b237d65fd197 /]# yum install telnet

(Output)

Like output above, telnet is installed

(Output)

[root@b237d65fd197 /]# service httpd start

(Output)

httpd start [OK]

(Output)

[root@b237d65fd197 /]# telnet localhost 80

(Output)

Trying 127.0.0.1...

Connected to localhost.localdomain.

Escape character is '^]'.

(Output)

4. Exit the container. Once the container is stopped, execute the appropriate command to list all stopped containers and locate the name and ID of the container you just exited. Make a note of the name and ID.

[root@b237d65fd197 /]# exit

[user@linuxacademy:~]$ docker ps -a

(Output)

CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES

b237d65fd197 centos:6 "/bin/bash" 2 minutes ago Exited (0) 2 minutes ago furious_rosalind

(Output)

5. Using the name or ID of the container, commit the changes you made within it to a new base image called "newcentos:withapache" and verify that it shows when you list the images on your system.

[user@linuxacademy:~]$ docker commit b237d65fd197 newcentos:withapache

(Output)

18bd1fc4d60fa29ff9591f46b86ea0ad7652214d81b4e26343723e81fdbffd8a

(Output)

[user@linuxacademy:~]$ docker images

(Output)

REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE

newcentos withapache 18bd1fc4d60f 4 seconds ago 480.6 MB

centos 6 a005304e4e74 9 weeks ago 203.1 MB

centos centos6 a005304e4e74 9 weeks ago 203.1 MB

(Output)

Docker Exercise: Exercise: Creating Custom Image from a Dockerfile

1 Exercise
2 Solution

1. Create a directory called 'custom' and change to it. In this directory, create an empty file called "Dockerfile".

[user@linuxacademy:~]$ mkdir custom

[user@linuxacademy:~]$ cd custom

[user@linuxacademy:custom/]$ touch Dockerfile

2. Edit the "Dockerfile" created in Step #1 above. This configuration file should be written to perform the following actions:

Use the base Centos 6 Latest version image from the public repository
Identify you and your email address as the author and maintainer of this image
Update the base OS after initial import of the image
Install the Open-SSH Server
Install Apache Web Server
Expose ports 22 and 80 to support the services installed

[user@linuxacademy:custom/]$ vi Dockerfile

(Output) NOTE: This is one example of what this file needs to contain, yours may differ slightly

# Dockerfile that modifies centos:centos6 to update, include Apache Web

# Server and OpenSSH Server, exposing the appropriate ports

FROM centos:centos6

MAINTAINER User Name <username@domain.com>

# Update the server OS

RUN yum -y upgrade

# Install Apache Web Server

RUN yum -y install httpd

# Install OpenSSH-Server

RUN yum -y install openssh-server

# Expose the SSH and Web Ports for attachment

EXPOSE 22 80

(Output)

3. Build the custom image from the 'Dockerfile' as created above. Name/tag this new image as "mycustomimg/withservices:v1". Once the image is built, verify the image appears in your list.

[user@linuxacademy:custom/]$ docker build -t mycustomimg/withservices:v1 .

Docker Exercise: Exercise: Managing Containers

1 Exercise
2 Solution

1. Create a container from the base image for the latest version of Ubuntu available (if you do not have an Ubuntu base image installed locally, pull the latest one down for your local repository). The container should be started in interactive mode attached to the current terminal and running the bash shell. Once running, shut the container down by exiting.

user@linuxacademy:~$ docker pull ubuntu:latest

Pulling repository ubuntu

91e54dfb1179: Download complete

d3a1f33e8a5a: Download complete

c22013c84729: Download complete

d74508fb6632: Download complete

Status: Downloaded newer image for ubuntu:latest

user@linuxacademy:~$ docker images

REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE

mycustomimg/withservices v1 dcfdd130c812 29 hours ago 506.9 MB

newcentos withapache 18bd1fc4d60f 2 days ago 480.6 MB

ubuntu latest 91e54dfb1179 4 days ago 188.4 MB

ubuntu trusty 91e54dfb1179 4 days ago 188.4 MB

ubuntu trusty-20150814 91e54dfb1179 4 days ago 188.4 MB

ubuntu 14.04 91e54dfb1179 4 days ago 188.4 MB

ubuntu 14.04.3 91e54dfb1179 4 days ago 188.4 MB

centos 6 a005304e4e74 9 weeks ago 203.1 MB

centos centos6 a005304e4e74 9 weeks ago 203.1 MB

user@linuxacademy:~$ docker run -it ubuntu:latest /bin/bash

root@a163412a382b:/# exit

exit

2. Run the appropriate Docker command to get the name of the previously run container. Issue the appropriate command to restart the container that you obtained the name of. Do NOT create a new container, restart the one we just used.

user@linuxacademy:~$ docker ps -a

CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES

a163412a382b ubuntu:14.04 "/bin/bash" About a minute ago Exited (0) About a minute ago agitated_bohr

b237d65fd197 centos:6 "/bin/bash" 2 days ago Exited (0) 2 days ago furious_rosalind

user@linuxacademy:~$ docker restart agitated_bohr

agitated_bohr

user@linuxacademy:~$ docker ps

CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES

a163412a382b ubuntu:14.04 "/bin/bash" 2 minutes ago Up 16 seconds agitated_bohr

3. Stop the container. Remove that container from the system completely using the appropriate command.

user@linuxacademy:~$ docker stop agitated_bohr

agitated_bohr

user@linuxacademy:~$ docker ps

CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES

user@linuxacademy:~$ docker ps -a

CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES

a163412a382b ubuntu:14.04 "/bin/bash" 3 minutes ago Exited (0) 5 seconds ago agitated_bohr

b237d65fd197 centos:6 "/bin/bash" 2 days ago Exited (0) 2 days ago furious_rosalind

user@linuxacademy:~$ docker rm agitated_bohr

agitated_bohr

user@linuxacademy:~$ docker ps -a

CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES

b237d65fd197 centos:6 "/bin/bash" 2 days ago Exited (0) 2 days ago furious_rosalind

4. Create (not run) a container called "my_container", create it with parameters that will allow it to run interactively and attached to the local console running the bash shell. Verify that the container is not running.

user@linuxacademy:~$ docker create -it --name="my_container" ubuntu:latest /bin/bash

a8eccaa97e322ff640bb9f7071f191dc9a514afb324af28269ffbb7ae754666f

user@linuxacademy:~$ docker ps -a

CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES

a8eccaa97e32 ubuntu:14.04 "/bin/bash" 4 seconds ago my_container

b237d65fd197 centos:6 "/bin/bash" 2 days ago Exited (0) 2 days ago furious_rosalind

5. Start the container and again, verify the container is running. Run the appropriate command to attach your session to the running container so you are logged into the shell.

user@linuxacademy:~$ docker start my_container

my_container

user@linuxacademy:~$ docker ps

CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES

a8eccaa97e32 ubuntu:14.04 "/bin/bash" 30 seconds ago Up 2 seconds my_container

user@linuxacademy:~$ docker attach my_container

root@a8eccaa97e32:/#

root@a8eccaa97e32:/# exit

Docker Exercise: Exercise: Base Image Maintenance and Cleanup

1 Exercise
2 Solution

1. List all currently install Docker images. If you do not have at least three Docker base images at this point, please pull down other Docker images and/or follow the other exercises in this tutorial.

user@linuxacademy:~$ docker images

REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE

mycustomimg/withservices v1 dcfdd130c812 30 hours ago 506.9 MB

newcentos withapache 18bd1fc4d60f 2 days ago 480.6 MB

ubuntu latest 91e54dfb1179 4 days ago 188.4 MB

ubuntu trusty 91e54dfb1179 4 days ago 188.4 MB

ubuntu trusty-20150814 91e54dfb1179 4 days ago 188.4 MB

ubuntu 14.04 91e54dfb1179 4 days ago 188.4 MB

ubuntu 14.04.3 91e54dfb1179 4 days ago 188.4 MB

centos 6 a005304e4e74 9 weeks ago 203.1 MB

centos centos6 a005304e4e74 9 weeks ago 203.1 MB

2. Execute the command to remove a base image that you have previously created a container from and note the resulting message.

user@linuxacademy:~$ docker rmi centos:6

Error response from daemon: Conflict, cannot delete a005304e4e74 because the container bad607059560 is using it, use -f to force

FATA[0000] Error: failed to remove one or more images

3. Run the appropriate command to remove the container that Step #2 indicated is preventing the deletion of that base image.

user@linuxacademy:~$ docker ps -a

CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES

bad607059560 centos:6 "/bin/bash" 2 minutes ago Exited (0) About a minute ago insane_tesla

a8eccaa97e32 ubuntu:14.04 "/bin/bash" 29 minutes ago Exited (0) 28 minutes ago my_container

b237d65fd197 centos:6 "/bin/bash" 2 days ago Exited (0) 2 days ago furious_rosalind

user@linuxacademy:~$ docker rm insane_tesla

insane_tesla

user@linuxacademy:~$ docker ps -a

CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES

a8eccaa97e32 ubuntu:14.04 "/bin/bash" 29 minutes ago Exited (0) 28 minutes ago my_container

b237d65fd197 centos:6 "/bin/bash" 2 days ago Exited (0) 2 days ago furious_rosalind

4. List all previously run containers and remove all of them one at a time. Verify that the command to list stopped containers shows nothing before continuing.

user@linuxacademy:~$ docker ps -a

CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES

a8eccaa97e32 ubuntu:14.04 "/bin/bash" 30 minutes ago Exited (0) 29 minutes ago my_container

b237d65fd197 centos:6 "/bin/bash" 2 days ago Exited (0) 2 days ago furious_rosalind

user@linuxacademy:~$ docker rm my_container && docker rm furious_rosalind

my_container

furious_rosalind

user@linuxacademy:~$ docker ps -a

CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES

5. Rerun the command executed in Step #2 and then list the base images on your system.

user@linuxacademy:~$ docker images

REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE

mycustomimg/withservices v1 dcfdd130c812 30 hours ago 506.9 MB

newcentos withapache 18bd1fc4d60f 2 days ago 480.6 MB

ubuntu 14.04 91e54dfb1179 4 days ago 188.4 MB

ubuntu 14.04.3 91e54dfb1179 4 days ago 188.4 MB

ubuntu latest 91e54dfb1179 4 days ago 188.4 MB

ubuntu trusty 91e54dfb1179 4 days ago 188.4 MB

ubuntu trusty-20150814 91e54dfb1179 4 days ago 188.4 MB

centos 6 a005304e4e74 9 weeks ago 203.1 MB

user@linuxacademy:~$ docker rmi centos:6

Untagged: centos:6

user@linuxacademy:~$ docker images

Docker Exercise: Exercise: Exposing Container Ports to the Host

1 Exercise
2 Solution

1. Create a container from the 'centos:6' base image on your system. This container does not need to be name but should be run in daemon mode, interactive and connected to the current terminal. Finally, it should start the bash shell on start up.

[user@linuxacademy ~]$ docker run -itd docker.io/centos:6 /bin/bash

99f87625ff34a5a25af8edd7e95ad9b6a4bc70db63c2ac6e0850dd4cfae58cef

[user@linuxacademy ~]$ docker ps

CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES

99f87625ff34 docker.io/centos:6 "/bin/bash" 3 seconds ago Up 2 seconds elegant_bohr

[user@linuxacademy ~]$ docker ps

CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES

99f87625ff34 docker.io/centos:6 "/bin/bash" 5 seconds ago Up 5 seconds elegant_bohr

2. Using the appropriate Docker inspection command, find the IP address and name for the running container. Once you have the IP, ping the IP to be sure it is running. Finally, attach to the running container so you are logged into the shell.

[user@linuxacademy ~]$ docker ps

CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES

99f87625ff34 docker.io/centos:6 "/bin/bash" 7 minutes ago Up 7 minutes elegant_bohr

[user@linuxacademy]$ docker inspect elegant_bohr | grep IP

"GlobalIPv6Address": "",

"GlobalIPv6PrefixLen": 0,

"IPAddress": "172.17.0.2",

"IPPrefixLen": 16,

"IPv6Gateway": "",

"LinkLocalIPv6Address": "",

"LinkLocalIPv6PrefixLen": 0,

"SecondaryIPAddresses": null,

"SecondaryIPv6Addresses": null

[user@linuxacademy ~]$ ping 172.17.0.2

PING 172.17.0.2 (172.17.0.2) 56(84) bytes of data.

64 bytes from 172.17.0.2: icmp_seq=1 ttl=64 time=0.069 ms

64 bytes from 172.17.0.2: icmp_seq=2 ttl=64 time=0.096 ms

--- 172.17.0.2 ping statistics ---

2 packets transmitted, 2 received, 0% packet loss, time 999ms

rtt min/avg/max/mdev = 0.069/0.082/0.096/0.016 ms

[user@linuxacademy ~]$ docker attach elegant_bohr

[root@99f87625ff34 /]#

3. From within the container, install the Open-SSH server and make sure the service is running. From another terminal, try to log into the container over SSH by IP and note the result.

[root@99f87625ff34 /]# yum install openssh-server

... Lots of Output Here

Installed:

openssh-server.x86_64 0:5.3p1-112.el6_7

Dependency Installed:

fipscheck.x86_64 0:1.2.0-7.el6 fipscheck-lib.x86_64 0:1.2.0-7.el6 openssh.x86_64 0:5.3p1-112.el6_7

tcp_wrappers-libs.x86_64 0:7.6-57.el6

Complete!

[root@99f87625ff34 /]# service sshd start

Generating SSH2 RSA host key: [ OK ]

Generating SSH1 RSA host key: [ OK ]

Generating SSH2 DSA host key: [ OK ]

Starting sshd:

(Different Terminal)

[user@linuxacademy ~]$ ssh test@172.17.0.2

ssh: connect to host 172.17.0.2 port 22: Connection refused

4. Exit and stop the container. Remove the container from the list of previously run containers once you obtain the name from the appropriate Docker command.

[user@linuxacademy ~]$ docker ps -a

CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES

99f87625ff34 docker.io/centos:6 "/bin/bash" About an hour ago Exited (0) 4 seconds ago elegant_bohr

8ef073d5c7f4 docker.io/centos:6 "/bin/bash" About an hour ago Exited (0) About an hour ago silly_poincare

[user@linuxacademy ~]$ docker rm elegant_bohr

elegant_bohr

[user@linuxacademy ~]$ docker rm silly_poincare

silly_poincare

[user@linuxacademy ~]$ docker images

REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE

docker.io/ubuntu latest 91e54dfb1179 4 days ago 188.3 MB

docker.io/centos 6 a005304e4e74 9 weeks ago 203.1 MB

[user@linuxacademy ~]$

5. Create another container, name this container 'test_ssh'. When creating the container, it should be run in interactive mode and attached to the current terminal running the bash shell. Finally, expose port 22 on the container to port 8022 on the host system. Once logged in, install the Open-SSH server and make sure the service is running. Find the IP address of the container and note it.

[user@linuxacademy ~]$ docker ps

CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES

[user@linuxacademy ~]$ docker ps -a

CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES

99f87625ff34 docker.io/centos:6 "/bin/bash" About an hour ago Exited (0) 4 seconds ago elegant_bohr

8ef073d5c7f4 docker.io/centos:6 "/bin/bash" About an hour ago Exited (0) About an hour ago silly_poincare

[user@linuxacademy ~]$ docker rm elegant_bohr

elegant_bohr

[user@linuxacademy ~]$ docker rm silly_poincare

silly_poincare

[user@linuxacademy ~]$ docker images

REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE

docker.io/ubuntu latest 91e54dfb1179 4 days ago 188.3 MB

docker.io/centos 6 a005304e4e74 9 weeks ago 203.1 MB

[user@linuxacademy ~]$ docker images

REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE

docker.io/ubuntu latest 91e54dfb1179 4 days ago 188.3 MB

docker.io/centos 6 a005304e4e74 9 weeks ago 203.1 MB

[user@linuxacademy ~]$ docker run -it --name="test_ssh" -p 8022:22 docker.io/centos:6 /bin/bash

Usage of loopback devices is strongly discouraged for production use. Either use `--storage-opt dm.thinpooldev` or use `--storage-opt dm.no_warn_on_loop_devices=true` to suppress this warning.

[root@de1119934beb /]# yum install openssh-server

Loaded plugins: fastestmirror

Setting up Install Process

base | 3.7 kB 00:00

base/primary_db | 4.6 MB 00:07

extras | 3.4 kB 00:00

extras/primary_db | 27 kB 00:00

updates | 3.4 kB 00:00

updates/primary_db | 1.3 MB 00:01

Resolving Dependencies

--> Running transaction check

---> Package openssh-server.x86_64 0:5.3p1-112.el6_7 will be installed

--> Processing Dependency: openssh = 5.3p1-112.el6_7 for package: openssh-server-5.3p1-112.el6_7.x86_64

--> Processing Dependency: libwrap.so.0()(64bit) for package: openssh-server-5.3p1-112.el6_7.x86_64

--> Processing Dependency: libfipscheck.so.1()(64bit) for package: openssh-server-5.3p1-112.el6_7.x86_64

--> Running transaction check

---> Package fipscheck-lib.x86_64 0:1.2.0-7.el6 will be installed

--> Processing Dependency: /usr/bin/fipscheck for package: fipscheck-lib-1.2.0-7.el6.x86_64

---> Package openssh.x86_64 0:5.3p1-112.el6_7 will be installed

---> Package tcp_wrappers-libs.x86_64 0:7.6-57.el6 will be installed

--> Running transaction check

---> Package fipscheck.x86_64 0:1.2.0-7.el6 will be installed

--> Finished Dependency Resolution

Dependencies Resolved

===============================================================================================================================

Package Arch Version Repository Size

===============================================================================================================================

Installing:

openssh-server x86_64 5.3p1-112.el6_7 updates 324 k

Installing for dependencies:

fipscheck x86_64 1.2.0-7.el6 base 14 k

fipscheck-lib x86_64 1.2.0-7.el6 base 8.3 k

openssh x86_64 5.3p1-112.el6_7 updates 274 k

tcp_wrappers-libs x86_64 7.6-57.el6 base 62 k

Transaction Summary

===============================================================================================================================

Install 5 Package(s)

Total download size: 682 k

Installed size: 1.6 M

Is this ok [y/N]: y

Downloading Packages:

(1/5): fipscheck-1.2.0-7.el6.x86_64.rpm | 14 kB 00:00

(2/5): fipscheck-lib-1.2.0-7.el6.x86_64.rpm | 8.3 kB 00:00

(3/5): openssh-5.3p1-112.el6_7.x86_64.rpm | 274 kB 00:00

(4/5): openssh-server-5.3p1-112.el6_7.x86_64.rpm | 324 kB 00:00

(5/5): tcp_wrappers-libs-7.6-57.el6.x86_64.rpm | 62 kB 00:00

-------------------------------------------------------------------------------------------------------------------------------

Total 306 kB/s | 682 kB 00:02

warning: rpmts_HdrFromFdno: Header V3 RSA/SHA1 Signature, key ID c105b9de: NOKEY

Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6

Importing GPG key 0xC105B9DE:

Userid : CentOS-6 Key (CentOS 6 Official Signing Key) <centos-6-key@centos.org>

Package: centos-release-6-6.el6.centos.12.2.x86_64 (@CentOS/$releasever)

From : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6

Is this ok [y/N]: y

Running rpm_check_debug

Running Transaction Test

Transaction Test Succeeded

Running Transaction

Warning: RPMDB altered outside of yum.

Installing : fipscheck-1.2.0-7.el6.x86_64 1/5

Installing : fipscheck-lib-1.2.0-7.el6.x86_64 2/5

Installing : openssh-5.3p1-112.el6_7.x86_64 3/5

Installing : tcp_wrappers-libs-7.6-57.el6.x86_64 4/5

Installing : openssh-server-5.3p1-112.el6_7.x86_64 5/5

Verifying : tcp_wrappers-libs-7.6-57.el6.x86_64 1/5

Verifying : fipscheck-lib-1.2.0-7.el6.x86_64 2/5

Verifying : fipscheck-1.2.0-7.el6.x86_64 3/5

Verifying : openssh-5.3p1-112.el6_7.x86_64 4/5

Verifying : openssh-server-5.3p1-112.el6_7.x86_64 5/5

Installed:

openssh-server.x86_64 0:5.3p1-112.el6_7

Dependency Installed:

fipscheck.x86_64 0:1.2.0-7.el6 fipscheck-lib.x86_64 0:1.2.0-7.el6 openssh.x86_64 0:5.3p1-112.el6_7

tcp_wrappers-libs.x86_64 0:7.6-57.el6

Complete!

[root@de1119934beb /]# service sshd start

Generating SSH2 RSA host key: [ OK ]

Generating SSH1 RSA host key: [ OK ]

Generating SSH2 DSA host key: [ OK ]

Starting sshd: [ OK ]

[root@de1119934beb /]# ifconfig

eth0 Link encap:Ethernet HWaddr 02:42:AC:11:00:03

inet addr:172.17.0.3 Bcast:0.0.0.0 Mask:255.255.0.0

inet6 addr: fe80::42:acff:fe11:3/64 Scope:Link

UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

RX packets:3944 errors:0 dropped:0 overruns:0 frame:0

TX packets:2104 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:0

RX bytes:7151212 (6.8 MiB) TX bytes:116622 (113.8 KiB)

lo Link encap:Local Loopback

inet addr:127.0.0.1 Mask:255.0.0.0

inet6 addr: ::1/128 Scope:Host

UP LOOPBACK RUNNING MTU:65536 Metric:1

RX packets:0 errors:0 dropped:0 overruns:0 frame:0

TX packets:0 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:0

RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)

[root@de1119934beb /]#

6. Install the 'sudo' utility. Add a user called 'test' and set a password for that user. Add the 'test' user to the 'sudoers' file. From another terminal window, attempt to log into the container via SSH on port 8022 as the 'test' user and confirm access.

[root@de1119934beb /]# yum install sudo

Loaded plugins: fastestmirror

Setting up Install Process

Determining fastest mirrors

* base: repos.dfw.quadranet.com

* extras: centos.mirror.lstn.net

* updates: mirror.steadfast.net

Resolving Dependencies

--> Running transaction check

---> Package sudo.x86_64 0:1.8.6p3-20.el6_7 will be installed

--> Finished Dependency Resolution

Dependencies Resolved

===============================================================================================================================

Package Arch Version Repository Size

===============================================================================================================================

Installing:

sudo x86_64 1.8.6p3-20.el6_7 updates 707 k

Transaction Summary

===============================================================================================================================

Install 1 Package(s)

Total download size: 707 k

Installed size: 2.4 M

Is this ok [y/N]: y

Downloading Packages:

sudo-1.8.6p3-20.el6_7.x86_64.rpm | 707 kB 00:02

Running rpm_check_debug

Running Transaction Test

Transaction Test Succeeded

Running Transaction

Installing : sudo-1.8.6p3-20.el6_7.x86_64 1/1

Verifying : sudo-1.8.6p3-20.el6_7.x86_64 1/1

Installed:

sudo.x86_64 0:1.8.6p3-20.el6_7

Complete!

[root@de1119934beb /]# adduser test

[root@de1119934beb /]# passwd test

Changing password for user test.

New password:

BAD PASSWORD: it is based on a dictionary word

Retype new password:

passwd: all authentication tokens updated successfully.

[root@de1119934beb /]#

(Other Terminal Window)

[user@linuxacademy ~]$ ssh test@172.17.0.3

The authenticity of host '172.17.0.3 (172.17.0.3)' can't be established.

RSA key fingerprint is e8:5e:28:d8:64:1f:81:3a:d9:4c:2c:0c:8e:a1:27:b7.

Are you sure you want to continue connecting (yes/no)? yes

Warning: Permanently added '172.17.0.3' (RSA) to the list of known hosts.

test@172.17.0.3's password:

[test@de1119934beb ~]$

Docker Exercise: Exercise: Advanced Container Creation at the Command Line

1 Exercise
2 Solution

1. Using the Docker base image for Ubuntu, create a container with the following characteristics:

- Interactive

- Attached to Terminal

- Using Google Public DNS

- Named 'mycontainer1'

[user@linuxacademy docker]$ docker images

REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE

docker.io/ubuntu latest 91e54dfb1179 5 days ago 188.3 MB

docker.io/centos 6 a005304e4e74 9 weeks ago 203.1 MB

[user@linuxacademy docker]$ docker run -it --dns=8.8.8.8 --name="mycontainer1" docker.io/ubuntu:latest /bin/bash

root@6330006f7289:/# cat /etc/resolv.conf

nameserver 8.8.8.8

2. Exit the container from Step #1. Using the Docker base image for Ubuntu, create a container with the following characteristics:

- Interactive

- Attached to Terminal

- Using Google Public DNS

- Using Domain Search "mydomain.local"

- Named 'mycontainer2'

[user@linuxacademy docker]$ docker run -it --dns=8.8.8.8 --dns-search="mydomain.local" --name="mycontainer2" docker.io/ubuntu:latest /bin/bash

root@2879176e6c81:/# cat /etc/resolv.conf

nameserver 8.8.8.8

search mydomain.local

3. Exit the container from Step #2. Using the Docker base image for Ubuntu, create a container with the following characteristics:

- Interactive

- Attached to Terminal

- Using Google Public DNS

- Using Domain Search "mydomain.local"

- Create a mount called '/local_vol'

- Create a mount called '/remote_vol' that mounts the file system in /home/user

- Named 'mycontainer3'

[user@linuxacademy docker]$ docker run -it --dns=8.8.8.8 --dns-search="mydomain.local" --name="mycontainer3" -v /local_vol -v /home/tcox/docker/mydata:/remote_vol docker.io/ubuntu:latest /bin/bash

root@c5e3e6599556:/# df -h

Filesystem Size Used Avail Use% Mounted on

/dev/mapper/docker-8:2-203558447-c5e3e65995567b3249f537843d4ff39644925c9265bbd48cd623b6e3564eef52 9.8G 245M 9.0G 3% /

tmpfs 2.0G 0 2.0G 0% /dev

shm 64M 0 64M 0% /dev/shm

/dev/sda2 36G 4.3G 32G 12% /local_vol

tmpfs 2.0G 0 2.0G 0% /run/secrets

tmpfs 2.0G 0 2.0G 0% /proc/kcore

tmpfs 2.0G 0 2.0G 0% /proc/timer_stats

root@c5e3e6599556:/# cat /etc/resolv.conf

nameserver 8.8.8.8

search mydomain.local

root@c5e3e6599556:/# cd /local_vol/

root@c5e3e6599556:/local_vol# cd /remote_vol/

root@c5e3e6599556:/remote_vol#

4. Exit the container from Step #3. List all the containers. List all characteristics inspected from 'mycontainer2' and then remove and verify removal of all containers.

[user@linuxacademy docker]$ docker ps -a

CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES

c5e3e6599556 docker.io/ubuntu:latest "/bin/bash" 2 minutes ago Exited (0) 3 seconds ago mycontainer3

2879176e6c81 docker.io/ubuntu:latest "/bin/bash" 4 minutes ago Exited (0) 3 minutes ago mycontainer2

6330006f7289 docker.io/ubuntu:latest "/bin/bash" 7 minutes ago Exited (0) 5 minutes ago mycontainer1

[user@linuxacademy docker]$ docker inspect mycontainer1

(NOTE: SOMETHING SIMILAR FOR EACH CONTAINER - RUN THE ABOVE COMMAND FOR EACH NAME)

[

{

"Id": "6330006f72899510254d23f845c4507d604773d2fcf2bffb77f44da1330208c1",

"Created": "2015-08-25T21:05:43.135824241Z",

"Path": "/bin/bash",

"Args": [],

"State": {

"Running": false,

"Paused": false,

"Restarting": false,

"OOMKilled": false,

"Dead": false,

"Pid": 0,

"ExitCode": 0,

"Error": "",

"StartedAt": "2015-08-25T21:05:44.409339189Z",

"FinishedAt": "2015-08-25T21:07:32.103884307Z"

"Image": "91e54dfb11794fad694460162bf0cb0a4fa710cfa3f60979c177d920813e267c",

"NetworkSettings": {

"Bridge": "",

"EndpointID": "",

"Gateway": "",

"GlobalIPv6Address": "",

"GlobalIPv6PrefixLen": 0,

"HairpinMode": false,

"IPAddress": "",

"IPPrefixLen": 0,

"IPv6Gateway": "",

"LinkLocalIPv6Address": "",

"LinkLocalIPv6PrefixLen": 0,

"MacAddress": "",

"NetworkID": "",

"PortMapping": null,

"Ports": null,

"SandboxKey": "",

"SecondaryIPAddresses": null,

"SecondaryIPv6Addresses": null

"ResolvConfPath": "/var/lib/docker/containers/6330006f72899510254d23f845c4507d604773d2fcf2bffb77f44da1330208c1/resolv.conf",

"HostnamePath": "/var/lib/docker/containers/6330006f72899510254d23f845c4507d604773d2fcf2bffb77f44da1330208c1/hostname",

"HostsPath": "/var/lib/docker/containers/6330006f72899510254d23f845c4507d604773d2fcf2bffb77f44da1330208c1/hosts",

"LogPath": "/var/lib/docker/containers/6330006f72899510254d23f845c4507d604773d2fcf2bffb77f44da1330208c1/6330006f72899510254d23f845c4507d604773d2fcf2bffb77f44da1330208c1-json.log",

"Name": "/mycontainer1",

"RestartCount": 0,

"Driver": "devicemapper",

"ExecDriver": "native-0.2",

"MountLabel": "",

"ProcessLabel": "",

"Volumes": {},

"VolumesRW": {},

"AppArmorProfile": "",

"ExecIDs": null,

"HostConfig": {

"Binds": null,

"ContainerIDFile": "",

"LxcConf": [],

"Memory": 0,

"MemorySwap": 0,

"CpuShares": 0,

"CpuPeriod": 0,

"CpusetCpus": "",

"CpusetMems": "",

"CpuQuota": 0,

"BlkioWeight": 0,

"OomKillDisable": false,

"Privileged": false,

"PortBindings": {},

"Links": null,

"PublishAllPorts": false,

"Dns": [

"8.8.8.8"

"DnsSearch": null,

"ExtraHosts": null,

"VolumesFrom": null,

"Devices": [],

"NetworkMode": "bridge",

"IpcMode": "",

"PidMode": "",

"UTSMode": "",

"CapAdd": null,

"CapDrop": null,

"RestartPolicy": {

"Name": "no",

"MaximumRetryCount": 0

"SecurityOpt": null,

"ReadonlyRootfs": false,

"Ulimits": null,

"LogConfig": {

"Type": "json-file",

"Config": {}

"CgroupParent": ""

"Config": {

"Hostname": "6330006f7289",

"Domainname": "",

"User": "",

"AttachStdin": true,

"AttachStdout": true,

"AttachStderr": true,

"PortSpecs": null,

"ExposedPorts": null,

"Tty": true,

"OpenStdin": true,

"StdinOnce": true,

"Env": null,

"Cmd": [

"/bin/bash"

"Image": "docker.io/ubuntu:latest",

"Volumes": null,

"VolumeDriver": "",

"WorkingDir": "",

"Entrypoint": null,

"NetworkDisabled": false,

"MacAddress": "",

"OnBuild": null,

"Labels": {},

"Init": ""

}

]

[user@linuxacademy docker]$ docker rm mycontainer1

mycontainer1

[user@linuxacademy docker]$ docker rm mycontainer2

mycontainer2

[user@linuxacademy docker]$ docker rm mycontainer3

mycontainer3

[user@linuxacademy docker]$ docker ps -a

CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES

Docker Exercise: Exercise: Create a Dockerized Basic Web Server

1 Exercise
2 Solution

1. List the base images on the system. Choose a base image for Ubuntu and create a container from that image. This container should be named "basic_web" and should be interactive, attached to the current console and run the bash prompt.

user@linuxacademy:~$ docker images

REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE

mycustomimg/withservices v1 dcfdd130c812 31 hours ago 506.9 MB

newcentos withapache 18bd1fc4d60f 2 days ago 480.6 MB

ubuntu trusty-20150814 91e54dfb1179 4 days ago 188.4 MB

ubuntu 14.04 91e54dfb1179 4 days ago 188.4 MB

ubuntu 14.04.3 91e54dfb1179 4 days ago 188.4 MB

ubuntu latest 91e54dfb1179 4 days ago 188.4 MB

ubuntu trusty 91e54dfb1179 4 days ago 188.4 MB

user@linuxacademy:~$ docker run -it --name="basic_web" ubuntu:latest /bin/bash

root@528b8c33ab7a:/#

2. Once you are logged into the container at the prompt, install all updates. After updates are installed, install the Apache Web Server and verify that it is listening on Port 80.

root@528b8c33ab7a:/# apt-get update && apt-get upgrade && apt-get install apache2

(OUTPUT) NOTE: sample of the end of the output

...

3Enabling module setenvif.

Enabling module filter.

Enabling module deflate.

Enabling module status.

Enabling conf charset.

Enabling conf localized-error-pages.

Enabling conf other-vhosts-access-log.

Enabling conf security.

Enabling conf serve-cgi-bin.

Enabling site 000-default.

invoke-rc.d: policy-rc.d denied execution of start.

Setting up ssl-cert (1.0.33) ...

Processing triggers for libc-bin (2.19-0ubuntu6.6) ...

Processing triggers for sgml-base (1.26+nmu4ubuntu1) ...

Processing triggers for ureadahead (0.100.0-16) ...

root@528b8c33ab7a:/#

root@528b8c33ab7a:/# apt-get install telnet

Reading package lists... Done

Building dependency tree

Reading state information... Done

The following NEW packages will be installed:

telnet

0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.

Need to get 67.1 kB of archives.

After this operation, 167 kB of additional disk space will be used.

Get:1 http://archive.ubuntu.com/ubuntu/ trusty/main telnet amd64 0.17-36build2 [67.1 kB]

Fetched 67.1 kB in 0s (89.7 kB/s)

Selecting previously unselected package telnet.

(Reading database ... 12458 files and directories currently installed.)

Preparing to unpack .../telnet_0.17-36build2_amd64.deb ...

Unpacking telnet (0.17-36build2) ...

Setting up telnet (0.17-36build2) ...

update-alternatives: using /usr/bin/telnet.netkit to provide /usr/bin/telnet (telnet) in auto mode

root@528b8c33ab7a:/# telnet localhost 80

Trying ::1...

Trying 127.0.0.1...

telnet: Unable to connect to remote host: Connection refused

root@528b8c33ab7a:/# service apache2 start

* Starting web server apache2 AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 172.17.0.13. Set the 'ServerName' directive globally to suppress this message

root@528b8c33ab7a:/# telnet localhost 80

Trying ::1...

Connected to localhost.

Escape character is '^]'.

helo

501 Not Implemented

Not Implemented

helo to /index.html not supported.

Apache/2.4.7 (Ubuntu) Server at 172.17.0.13 Port 80

Connection closed by foreign host.

root@528b8c33ab7a:/#

3. Using the root account profile file in the root home directory, add the command to start the web server whenever a bash session is started.

root@528b8c33ab7a:~# vi .bashrc

NOTE: Add the line "service apache2 start" to the /root/.bashrc file at the very END

4. Stop the container. Once stopped, commit the container as a base image called "centos:baseweb".

root@528b8c33ab7a:~# exit

tcox@ubuntuvideo:~$ docker commit basic_web centos:baseweb

e9c87aeba30b82e66edb7143b89c10b801b866002f0659d0fd78ba5b48a82e8e

tcox@ubuntuvideo:~$ docker images

REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE

centos baseweb e9c87aeba30b 3 seconds ago 224.2 MB

mycustomimg/withservices v1 dcfdd130c812 31 hours ago 506.9 MB

newcentos withapache 18bd1fc4d60f 2 days ago 480.6 MB

ubuntu trusty 91e54dfb1179 4 days ago 188.4 MB

ubuntu trusty-20150814 91e54dfb1179 4 days ago 188.4 MB

ubuntu 14.04 91e54dfb1179 4 days ago 188.4 MB

ubuntu 14.04.3 91e54dfb1179 4 days ago 188.4 MB

ubuntu latest 91e54dfb1179 4 days ago 188.4 MB

5. Create a container based on the new "centos:baseweb" image called "test_container". It should run interactively, attached to the console and starting a bash prompt. Once logged into the container, verify that the Apache service is running and port 80 is listening. Exit the container.

user@linuxacademy:~$ docker run -it --name="test_container" centos:baseweb /bin/bash

* Starting web server apache2 AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 172.17.0.14. Set the 'ServerName' directive globally to suppress this message

root@b830f2ecb2ca:/# telnet localhost 80

Trying ::1...

Connected to localhost.

Escape character is '^]'.

helo

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">

<title>501 Not Implemented</title>

</head><body>

<h1>Not Implemented</h1>

<p>helo to /index.html not supported.<br />

</p>

<hr>

<address>Apache/2.4.7 (Ubuntu) Server at 172.17.0.14 Port 80</address>

</body></html>

Connection closed by foreign host.

root@b830f2ecb2ca:/# exit