I used docker and wanted to delete everything
So I tried to remove it but it didn't disappear
docker images
REPOSITORY TAG IMAGE ID CREATED
SIZE
laravel_app_sample latest b5ec6934ff5b 24 minutes ago 852MB
laravel_db_sample latest f0a16ec4f305 27 minutes ago 445MB
ubuntu latest 2ca708c1c9cc 7 days ago 64.2MB
mysql latest b8fd9553f1f0 13 days ago 445MB
centos latest 67fa590cfc1c 5 weeks ago 202MB
nginx latest 5a3221f0137b 5 weeks ago 126MB
I tryed
docker rmi $(docker images -a)
unknown shorthand flag: 'a' in -a)
docker rmi -f $(docker images -a -q)
unknown shorthand flag: 'a' in -a
docker rm -vf $(docker ps -a -q)
unknown shorthand flag: 'a' in -a
How to delete all Docker local Docker images
I saw it but it didn't work
docker image ls -aq | xargs docker image rm -f
Related
I have put a script with an endless loop inside a Containerfile.
When I go inside the container and run that script in the background I can see that the process is running by doing a ps -ef.
But when I try to start the process inside the Containerfile it is not running, even though the podman build and podman run commands are without error.
I am using rootless podman.
This is my Containerfile:
$ cat Containerfile
FROM alpine
RUN apk update
RUN apk add vim
RUN apk add bash
COPY ./useless_process.sh /home
RUN bash /home/useless_process.sh &
# how to build:
# podman build . -t "manualpihimage"
# how to run:
# podman run -it --name "manualpihcontainer" manualpihimage
I have also tried using the CMD and the ENTRYPOINT commands but the process did not start.
The expectation was that the process would run in the background.
I have tried it with Containerfile as follows. Note that I removed the useless & - makes no sense in the context of the container and used CMD because we don't want to run it while building the image but when we start the container.
FROM alpine
RUN apk update
RUN apk add vim
RUN apk add bash
COPY ./useless_process.sh /home
CMD bash /home/useless_process.sh
I created useless_process.sh with:
#!/bin/sh
while `/bin/true`; do
date
sleep 1
done
Then podman build . -t=image1 and podman run -d --name=container1 image1 to start it detached.
$ podman ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
0744f29bec7c localhost/image1:latest /bin/sh -c bash /... 22 seconds ago Up 23 seconds ago container1
And we can see our useless process is running
$ podman exec -it container1 /bin/sh
/ # ps
PID USER TIME COMMAND
1 root 0:00 bash /home/useless_process.sh
188 root 0:00 /bin/sh
197 root 0:00 sleep 1
198 root 0:00 ps
In ubuntu based docker/os
$ ps
PID USER TIME COMMAND
1 postgres 0:00 postgres
47 postgres 0:00 postgres: checkpointer process
48 postgres 0:00 postgres: writer process
49 postgres 0:00 postgres: wal writer process
50 postgres 0:00 postgres: autovacuum launcher process
51 postgres 0:00 postgres: stats collector process
52 postgres 0:00 postgres: bgworker: logical replication launcher
Now If run ps -p 1 -o user=, it will get me PID 1 process USER postgres
$ ps -p 1 -o user=
postgres
This is what I can do in ubuntu based image/os
Now
I am really seeking for a way to do the same for alpine based image. Where I can run ps command to get PID 1 process USER.
I didn't find any docs/hints around.
There is very cut version of ps in alpine image by default. It is busybox one:
/ # ps --help
BusyBox v1.27.2 (2017-12-12 10:41:50 GMT) multi-call binary.
Usage: ps [-o COL1,COL2=HEADER]
Show list of processes
-o COL1,COL2=HEADER Select columns for display
It can only show output with defined columns.
If you want use uncut ps, you need to install it first to alpine image:
/ # apk add --no-cache procps
fetch http://dl-cdn.alpinelinux.org/alpine/v3.7/main/x86_64/APKINDEX.tar.gz
fetch http://dl-cdn.alpinelinux.org/alpine/v3.7/community/x86_64/APKINDEX.tar.gz
(1/6) Installing libintl (0.19.8.1-r1)
(2/6) Installing ncurses-terminfo-base (6.0_p20171125-r0)
(3/6) Installing ncurses-terminfo (6.0_p20171125-r0)
(4/6) Installing ncurses-libs (6.0_p20171125-r0)
(5/6) Installing libproc (3.3.12-r3)
(6/6) Installing procps (3.3.12-r3)
Executing busybox-1.27.2-r7.trigger
OK: 13 MiB in 17 packages
Now, you can use it you want:
/ # ps -p 1 -o user=
root
I am experimenting with Docker and am very new to it. I am struck at a point for a long time and am not getting a way through and hence came up with this question here...
Problem Statement:
I am trying to create an image from a docker file containing Apache and lynx installation. Once done I am trying to access tomcat on 8080 of the container which is in turn forwarded to the 8082 of the host. But when running the image I never get tomcat started in the container.
The Docker file
FROM ubuntu:16.10
#Install Lynx
Run apt-get update
Run apt-get install -y lynx
#Install Curl
Run apt-get install -y curl
#Install tools: jdk
Run apt-get update
Run apt-get install -y openjdk-8-jdk wget
#Install apache tomcat
Run groupadd tomcat
Run useradd -s /bin/false -g tomcat -d /opt/tomcat tomcat
Run cd /tmp
Run curl -O http://apache.mirrors.ionfish.org/tomcat/tomcat- 8/v8.5.12/bin/apache-tomcat-8.5.12.tar.gz
Run mkdir /opt/tomcat
Run tar xzvf apache-tomcat-8*tar.gz -C /opt/tomcat --strip-components=1
Run cd /opt/tomcat
Run chgrp -R tomcat /opt/tomcat
Run chmod -R g+r /opt/tomcat/conf
Run chmod g+x /opt/tomcat/conf
Run chown -R tomcat /opt/tomcat/webapps /opt/tomcat/work /opt/tomcat/temp opt/tomcat/logs
Run cd /opt/tomcat/bin
Expose 8080
CMD /opt/tomcat/bin/catalina.sh run && tail -f /opt/tomcat/logs/catalina.out
When the image is built I tried running the container by the two below methods
docker run -d -p 8082:8080 imageid tail -f /dev/null
While using the above, container is running but tomcat is not started inside the container and hence not accessible from localhost:8082. Also I do not see anything if I perform docker logs longcontainerid
docker run -d -p 8082:8080 imageid /path/to/catalina.sh start tail -f /dev/null
I see tomcat started when I do docker logs longconatainrid
While using the above the container is started and stopped immediately and is not running as I can see from docker ps and hence again not accessible from localhost:8082.
Can anyone please tell me where I am going wrong?
P.s. I searched a lot on the internet but could not get the thing right. Might be there is some concept that i am not getting clearly.
Looking at the docker run command documentation, the doc states that any command passed to the run will override the original CMD in your Dockerfile:
As the operator (the person running a container from the image), you can override that CMD instruction just by specifying a new COMMAND
1/ Then when you run:
docker run -d -p 8082:8080 imageid tail -f /dev/null
The container is run with COMMAND tail -f /dev/null, the original command starting tomcat is overridden.
To resolve your problem, try to run:
docker run -d -p 8082:8080 imageid
and
docker log -f containerId
To see if tomcat is correctly started.
2/ You should not use the start argument with catalina.sh. Have a look at this official tomcat Dokerfile, the team uses :
CMD ["catalina.sh", "run"]
to start tomcat (when you use start, docker ends container at the end of the shell script and tomcat will start but not maintain a running process).
3/ Finally, why don't you use tomcat official image to build your container? You could just use the :
FROM tomcat:latest
directive at the beginning of your Dockerfile, and add you required elements (new files, webapps war, settings) to the docker image.
I want to start the httpd service on a CentOS 7 container. But the systemctl command doesn't work in containers. In CentOS 6 I can start httpd by simply using the /etc/init.d/apachectl -d command. But in CentOS 7 I can't find any apachectl file in /*/systemd/.
So how can I start httpd service in CentOS 7 container?
The best way is to make your own centos7 image where you install httpd
FROM centos:7
RUN yum -y install httpd; yum clean all; systemctl enable httpd.service
EXPOSE 80
Build your image with docker build -t my-centos:7 .
Systemd cannot run without SYS_ADMIN. That's why I set the following vars.
$ docker run -it -p 80:80 -e "container=docker" --privileged=true -d --security-opt seccomp:unconfined --cap-add=SYS_ADMIN -v /sys/fs/cgroup:/sys/fs/cgroup:ro my-centos:7 bash -c "/usr/sbin/init"
Verify container is running:
$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
967581bdf31a my-centos:7 "bash -c /usr/sbin/in" 1 seconds ago Up 1 seconds 0.0.0.0:80->80/tcp gigantic_stallman
Verifiy httpd is started
$ docker exec -it gigantic_stallman /bin/bash -c "systemctl status httpd"
● httpd.service - The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
Active: active (running) since Wed 2016-12-28 11:44:04 UTC; 2min 20s ago
Docs: man:httpd(8)
man:apachectl(8)
Main PID: 61 (httpd)
Status: "Total requests: 0; Current requests/sec: 0; Current traffic: 0 B/sec"
CGroup: /docker/967581bdf31a3b741a5e857720e199614d816b05a2132271f3adf910f0ed3207/system.slice/httpd.service
├─61 /usr/sbin/httpd -DFOREGROUND
├─66 /usr/sbin/httpd -DFOREGROUND
├─67 /usr/sbin/httpd -DFOREGROUND
├─68 /usr/sbin/httpd -DFOREGROUND
├─69 /usr/sbin/httpd -DFOREGROUND
└─70 /usr/sbin/httpd -DFOREGROUND
Dec 28 11:44:04 967581bdf31a systemd[1]: Starting The Apache HTTP Server...
Dec 28 11:44:04 967581bdf31a httpd[61]: AH00558: httpd: Could not reliably d...e
Dec 28 11:44:04 967581bdf31a systemd[1]: Started The Apache HTTP Server.
TL;DR: For short answer please see the other author's Answer.
My question was wrong here because it doesn't align with the containerization philosophy IMO. As these kinds of questions would be asked by new user I am going to explain a few things that's indirectly related to this question.
What is a container?
From OCI's runtime Specification, approximately,
A container contains the unit of a deliverable software.
A container will encapsulate a software component and it's dependencies.
A container should be portable and platform agnostic.
And one of the major component to achieve containerization is container runtime or in general linux container. Container runtime is a piece of software that is responsible for running containers.
Examples of a few container runtimes are, containerd, docker-engine, crio, mcr etc.
Why the question is wrong?
In general and by design, a linux container is an isolated process (these days virtual machines are also considered as containers). So in an ideal situation we should create a container just with one process which is our deliverable software.
In the question, I was thinking of using systemd to manage the process inside the container because I was neither aware about difference between a virtual machine and a container nor the principles of OCI's specification.
Also, systemd or systemV is system management daemon that is required to manage systems with hundreds or thousands of process. As the desired number of process in a container is only one so we do not need a process management daemon or any other unnecessary tools like ssh, htop, net-tools, firewalld etc.
How do we run the deliverable software?
The ideal way to run an application inside the container is to use it as the container's Entrypoint or CMD. That means, when we run the container, it will try to initiate the Entrypoint and it will start it with default command defined in the CMD. Either way, the first process (PID 1) should be our desired application/software.
So when we build the container image, we should define the entrypoint of that container. For example, I have an httpd and a redis container.
╰──➤ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
23789e2d0416 redis "docker-entrypoint.s…" 36 seconds ago Up 35 seconds 6379/tcp elegant_ganguly
9be725968ff3 httpd "httpd-foreground" 14 minutes ago Up 14 minutes 80/tcp app1
So let's check the first process of the both containers (cat /proc/1/cmdline),
╰──➤ for i in $(docker ps -q); do docker inspect $i --format 'ImageName: {{.Config.Image}}'; printf "First PID: "; docker exec -i $i sh -c "cat /proc/1/cmdline";echo; done
ImageName: redis
First PID: redis-server *:6379
ImageName: httpd
First PID: httpd-DFOREGROUND
Let's try to see the same thing with ps
╰──➤ for i in $(docker ps -q); do docker inspect $i --format 'ImageName: {{.Config.Image}}'; docker run -i --rm --pid container:$i ubuntu sh -c "ps aux | head -n2"; done
ImageName: redis
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
999 1 0.4 0.0 56024 7760 ? Ssl 14:58 0:08 redis-server *:6379
ImageName: httpd
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.0 0.0 7300 4380 ? Ss 14:44 0:00 httpd -DFOREGROUND
So if we are using these images; majority of the time we do not need to start it separately because it's probably already invoked by the entrypoint.
But if we want to create our own container image for our own software we can do that just by mentioning the entrypoint like the both of the httpd and redis image did here and here. You can also use CMD and Entrypoint from the command line when you run the container with the help of --entrypoint or provide the command after container name like the following (here I am using while true; do date; sleep 1; done as the default CMD),
╰──➤ docker run -d --rm ubuntu sh -c "while true; do date; sleep 1; done"
35c6352a55f25335e1bd0874493f2a31155ef752d008eb6718923d1f04ab2c14
Now let's check the first PID,
╰──➤ docker run -i --rm --pid container:35c6352a55f25 ubuntu sh -c "ps aux | head -n2"
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.0 0.0 2308 832 ? Ss 15:42 0:00 sh -c while true; do date; sleep 1; done
Run the docker pull command to download the Docker image, including Apache named httpd.
#docker pull httpd
Check the docker images using
#docker images
Now run the docker command to invoke the image you downloaded.
#docker run -d --name docker-apache -p 80:80 -d httpd
Mapping the local computer's port 80 to the container's port 80 (-p 80:80).
Try to verify whether the apache web server is working by accessing the server IP or hostname in the browser.
My current docker images
tutum/rabbitmq latest 2b111aa3d5e9 3 days ago 379.1 MB
stackbrew/ubuntu 12.04 74fe38d11401 2 weeks ago 209.6 MB
ubuntu trusty 99ec81b80c55 2 weeks ago 266 MB
damm/java8 latest 2fea811f78ac 7 weeks ago 759.5 MB
aglover/java8 latest 931742e1ae7d 7 weeks ago 1.186 GB
vvoyer/docker-selenium-firefox-chrome latest 61b0381789d1 5 months ago 1.087 GB
I started the selenium-firefox-chrome container by running
docker run -p 4444:4444 -p 5999:5999 -d vvoyer/docker-selenium-firefox-chrome
To this container, I wanted to link, damm/java8, and tutum/rabbitmq, I was having trouble with the command to link them.
mycont = my running selenium-firefox-chrome container
So far I have tried something along the following
docker run -d --link mycont:db damm/java8
How do I properly link damm/java8 and tutum/rabbitmq? not sure if I am using the correct commands