version: '3'
services:
opensearch-node1:
image: opensearchproject/opensearch:latest
container_name: opensearch-node1
environment:
- discovery.type=single-node
ulimits:
memlock:
soft: -1
hard: -1
nofile:
soft: 65536
hard: 65536
volumes:
- /opt/opensearch:/usr/share/opensearch/data
ports:
- 9200:9200
- 9600:9600
opensearch-dashboards:
image: opensearchproject/opensearch-dashboards:latest
container_name: opensearch-dashboards
ports:
- 5601:5601
expose:
- "5601"
environment:
OPENSEARCH_HOSTS: '["https://opensearch-node1:9200"]'
Tag: docker
Enable buildkit in docker and use heredoc feature
Why buildkit?
– Better build logs
– Better build cache
Temp enable buildkit
nginx.Dockerfile
# syntax=docker/dockerfile:1.3-labs
FROM nginx
COPY <<EOF /usr/share/nginx/html/index.html
"hola Duniya"
EOF
DOCKER_BUILDKIT=1 docker build -t here-nginx -f nginx.Dockerfile .Enable buildkit permanently :
echo "{ "features": { "buildkit": true } }" > /etc/docker/daemon.json
systemctl restart dockerMore : https://github.com/moby/buildkit
Mount single file in docker
We can use –mount type=bind parameter to mount single file
docker run -d -p 9090:9090 --mount type=bind,source=/opt/prometheus/prometheus.yml,target=/etc/prometheus/prometheus.yml prom/prometheus:v2.22.0Using docker-compose file
version: "3.7"
services:
prometheus:
image: prom/prometheus:v2.22.0
volumes:
- type: bind
source: /opt/prometheus/prometheus.yml
target: /etc/prometheus/prometheus.yml
ports:
- 9090:9090 More : https://stackoverflow.com/questions/42248198/how-to-mount-a-single-file-in-a-volume
how to start learn docker and kubernetes
- Linux – installation of different distro with lvm, encrypted lvm, plain
- Shell scripting – auto restart job , sed , awk
- Docker – jenkins setup, wordpress setup with persistent volume
- kubernetes – cluster setup, deployment
trivy docker image scanner CI
docker run -v /var/run/docker.sock:/var/run/docker.sock -v /root/trivy-cache:/root/.cache/ aquasec/trivy:0.18.3 image -f json nginxhttps://aquasecurity.github.io/trivy/v0.18.3/examples/report/
Grafana docker compose
version: '3'
services:
grafana:
image: grafana/grafana
container_name: grafana
restart: unless-stopped
environment:
TZ: "Asia/Kolkata"
GF_INSTALL_PLUGINS: "grafana-clock-panel,grafana-simple-json-datasource,simpod-json-datasource,marcusolsson-json-datasource"
volumes:
- /root/grafana/data:/var/lib/grafana
ports:
- 3000:3000
ELK on docker-compose
version: '2.2'
services:
elasticsearch:
image: docker.elastic.co/elasticsearch/elasticsearch:7.12.0
container_name: elasticsearch
environment:
discovery.type: "single-node"
volumes:
- /root/elasticsearch:/usr/share/elasticsearch/data
ports:
- 9200:9200
kibana:
image: docker.elastic.co/kibana/kibana:7.12.0
container_name: kibana
environment:
elasticsearch.hosts: "elasticsearch:9200"
ports:
- 5601:5601
docker ARG and ENV
- ARG is only available during build
- ENV is available can be available during build as well as after the build
FROM httpd
ARG arg1
ENV env1=evalue1
ENV env2=${arg1}
ENV env3=evalue3
docker build --build-arg arg1=atest -t httpd-test .docker run -d --env-file=env_file httpd-testRabbitmq docker-compose
version: '3'
services:
rabbitmq:
image: rabbitmq:3-management
restart: always
container_name: rabbitmq
environment:
TZ: "Asia/Kolkata"
RABBITMQ_DEFAULT_USER: username
RABBITMQ_DEFAULT_PASS: password
volumes:
- /opt/rabbitmq/data:/var/lib/rabbitmq
ports:
- 5671:5671
- 5672:5672
- 15672:15672Docker command :
dodocker run -d -p 5671:5671 -p 5672:5672 -p 15672:15672 -v /opt/rabbitmq/data:/var/lib/rabbitmq -e RABBITMQ_DEFAULT_USER=user -e RABBITMQ_DEFAULT_PASS=password -e TZ="Asia/Kolkata" --restart unless-stopped rabbitmq:3-managementSonatype Nexus3 – Docker compose
version: '3'
services:
jenkins:
image: sonatype/nexus3:3.29.0
user: root:root
restart: always
container_name: nexus
environment:
TZ: "Asia/Kolkata"
volumes:
- /opt/nexus-data:/nexus-data
ports:
- 8081:8081Get admin passwords:
docker exec -it nexus bash
find / -iname admin.*
#OR
docker exec -it nexus cat /nexus-data/admin.password
More : https://hub.docker.com/r/sonatype/nexus3#user-content-persistent-data