Difference between revisions of "Docker"

From MgmtWiki
Jump to: navigation, search
(File Storage)
(Support for TLS)
Line 48: Line 48:
  
 
===Support for TLS===
 
===Support for TLS===
 +
* [https://tomssl.com/how-to-run-asp-net-core-3-1-over-https-in-docker-using-linux-containers/ most help getting file mounts correct].
 
* [https://docs.microsoft.com/en-us/aspnet/core/security/docker-https?view=aspnetcore-5.0 use of HTTPS with Docker images in ASP.NET].
 
* [https://docs.microsoft.com/en-us/aspnet/core/security/docker-https?view=aspnetcore-5.0 use of HTTPS with Docker images in ASP.NET].
 
* [https://stackoverflow.com/questions/60100829/mac-verify-failure-certification-exception-while-docker-compose-up-prevents-as mac verify error = Certificate Exception]
 
* [https://stackoverflow.com/questions/60100829/mac-verify-failure-certification-exception-while-docker-compose-up-prevents-as mac verify error = Certificate Exception]

Revision as of 22:47, 24 December 2020

Full Title or Meme

Docker is a system for building, deploying and running complex images of a program with its runtime.

Context

  • With the rise of cloud computing the need arose to give users an easy way to create a run-time package that could be sent to any cloud Platform as a Service provider (PaaS) with complete interoperability.

Documentation

Docker was released in 2013 and solved many of the problems that developers had running containers end-to-end. It had all these things:

  1. A container image format
  2. A method for building container images (Dockerfile/docker build)
  3. A way to manage container images (docker images, docker rm , etc.)
  4. A way to manage instances of containers (docker ps, docker rm , etc.)
  5. A way to share container images (docker push/pull)
  6. A way to run containers (docker run)

Open Container Initiative addresses some of the features needed to deploy a complex docker container.

When you run a Docker container, these are the steps Docker actually goes through:

  1. Download the image
  2. Unpack the image into a "bundle". This flattens the layers into a single filesystem.
  3. Run the container from the bundle

Windows Subsystem for Windows

  • WSL is available on Widows 10 version 2004
  • A good guide for using WSL.
  • To migrate from WSL to WSL2 key: Enable-WindowsOptionalFeature -Online -FeatureName VirtualMachinePlatform
Path          :
Online        : True
RestartNeeded : False

Networking

Networking out ports are always enabled. If you append -P (or --publish-all=true) to docker run, Docker identifies every port the Dockerfile exposes (you can see which ones by looking at the EXPOSE lines). Docker also finds ports you expose with --expose 8080 (assuming you want to expose port 8080). Docker maps all of these ports to a host port within a given ephemeral port range. You can find the configuration for these ports (usually 32768 to 61000) in /proc/sys/net/ipv4/ip_local_port_range. This is the method that Visual Studio uses when debugging in docker.

  • To see pros key in: docker port {container #}
  • They are also displayed for all container with: docker ps
  • To list all networks key: docker network ls
  • To see details about a network key: docker network inspect {network number from above list}

Orchestration

  • Optional for single docker images. Most important for deploying multiple apps to a single server or server farm.
  • The portability and reproducibility of a containerized process provides have an opportunity to move and scale containerized applications across clouds and server farms. Containers effectively guarantee that those applications run the same way anywhere, taking advantage any server environment. There is tooling to help automate the maintenance of those applications, ability to replace failed containers automatically, and manage the rollout of updates and reconfigurations of those containers during their lifecycle. Tools to manage, scale, and maintain containerized applications are called orchestrators, and the most common examples of these are Kubernetes and Docker Swarm. Development environment deployments of both of these orchestrators are provided by Docker Desktop.

File Storage

  • How to run ASP.NET Core 3.1 over HTTPS in Docker using Linux Containers
  • Docker Docs - use volumes. Volumes are the preferred mechanism for persisting data generated by and used by Docker containers. While bind mounts are dependent on the directory structure and OS of the host machine, volumes are completely managed by Docker. Unless data needs to also be managed by the underlying o/s (as is the case for debugging on an IDE), it is recommended to use volumes over bind mounts.
  • use rsync commands to move files between dev machine and a running linux container instance.
  • Docker Bind for files on core o/s.

Support for TLS

Practices

This section is specific to Visual Studio 2019 and later.

  1. Start the project as a docker project, or go the startup project and Add->Docker support.
  2. Add orchestration in the same project by Add->Container Orchestrator Support. This will build a new folder under the VS solution folder called "docker-compose".
    1. That will enable containers that have more that one start project.
  3. If the application uses User Secrets, there might be a problem deploying it to Production.
  4. Ditto with root/.aspnet/https/---.pfs

Containers

  • Configuration of Containers Windows is reached by using the search box in the IDE (press Ctrl+Q to use it), type in container, and choose the Containers window from the list.
  • Container Tools launch settings in msft docs.
  • Visual Studio Find does not search this file so you need to know about its contents.

Nav (left) panel

  1. Solution Containers
    1. List of containers, most with weird made-up names. (BTW, the current container name will be in the page footer is a terminal is open.)
  2. Other Containers

Nav (top) bar

  1. Environment
  2. Ports - contains linkage, for example, from container port (80) to host port (32775) and type (TCP) 443 -> 32774 (see networking above}
  3. Logs
  4. Files

References