Difference between revisions of "Docker"

From Univention Wiki

Jump to: navigation, search
 
Line 1: Line 1:
{{Version|UCS=4.0}}
+
{{Version|UCS=4.4}}
  
 
= Docker with UCS =
 
= Docker with UCS =
  
[https://www.docker.com/ Docker] is an open-source project that automates the deployment of applications inside software containers.
+
UCS supports running [https://opensource.com/resources/what-docker Docker] containers. The docker.io Debian package is installed by default since the App Center uses Docker containers to deploy applications on UCS systems.
 
 
== Newer version ==
 
 
 
'''Be aware''' that this article describes the very beginnings of the docker packages in UCS (UCS 4.0). The more recent images and how to use them moved to [https://hub.docker.com/u/univention Docker Hub], e.g., the overview for the [https://hub.docker.com/r/univention/ucs-master-amd64 DC Master Image].
 
 
 
== Installation ==
 
docker is part of UCS since UCS 4.0-2. It can be installed with the following command
 
<source lang=bash>
 
univention-install docker.io
 
</source>
 
 
 
After that, docker is ready to use:
 
<pre>
 
~# docker -v
 
Docker version 1.3.2, build 39fa2fa
 
</pre>
 
 
 
= Using UCS docker images =
 
 
 
Univention provides several docker images: https://registry.hub.docker.com/u/univention/.
 
 
 
== Setup a generic UCS system via docker ==
 
 
 
A generic UCS docker image can be downloaded by the following command
 
<pre>
 
docker pull univention/ucs-generic-amd64:4.0-1
 
</pre>
 
 
 
Then, a new UCS docker container can be started in the following way
 
<pre>
 
docker run -d -e rootpwd=univention --hostname=dockertest \
 
  --name=dockertest_container \
 
    -p 8011:80 univention/ucs-generic-amd64:4.0-1 /sbin/init
 
</pre>
 
 
 
A shell in the docker container can be started by
 
<pre>
 
docker exec -it dockertest_container /bin/bash
 
</pre>
 
 
 
The started docker container can easily be configured through the web based appliance setup wizard. In the example above the port 8011 of the docker host is redirected to the port 80 of the container. Thus, the HTTP port of the docker container can reached by typing http://<IP of the docker host>:8011.
 
 
 
== Setup a DC master via docker ==
 
 
 
The first UCS system must always be a domaincontroller master. Univention provides pre-defined images for this setup which can be downloaded by the following command:
 
<pre>
 
docker pull univention/ucs-master-amd64:4.0-1
 
</pre>
 
 
 
The new UCS docker container can be started in the following way
 
<pre>
 
docker run -d -e rootpwd=univention --hostname=master --name=master \
 
    -p 8011:80 univention/ucs-master-amd64:4.0-1 /sbin/init
 
</pre>
 
 
 
The started docker container is available after some seconds and can be configured through the web based appliance setup wizard. In the example above the port 8011 of the docker host is redirected to the port 80 of the container. Thus, the HTTP port of the docker container can reached by typing http://<IP of the docker host>:8011.
 
Alternatively, the container can be configured automatically configured via a  [http://docs.univention.de/installation-4.0.html#appliance:use:auto:profile profile file]
 
 
 
== Setup a DC slave via docker ==
 
 
 
Some apps need a local running OpenLDAP server. For this case, Univention provides pre-defined DC slave images which can be downloaded by the following command:
 
<pre>
 
docker pull univention/ucs-slave-amd64:4.0-1
 
</pre>
 
 
 
The new UCS docker container can be started in the following way
 
<pre>
 
docker run -d -e rootpwd=univention --hostname=slave --name=slave \
 
    -p 8012:80 univention/ucs-slave-amd64:4.0-1 /sbin/init
 
</pre>
 
 
 
The started docker container is available after some seconds and can be configured through the web based appliance setup wizard. In the example above the port 8012 of the docker host is redirected to the port 80 of the container. Thus, the HTTP port of the docker container can reached by typing http://<IP of the docker host>:8012.
 
Alternatively, the container can be configured automatically configured via a  [http://docs.univention.de/installation-4.0.html#appliance:use:auto:profile profile file]
 
 
 
== Setup a member server via docker ==
 
 
 
Most applications use the system role member server which doesn't use a local OpenLDAP server. Univention provides pre-defined images for this setup which can be downloaded by the following command:
 
<pre>
 
docker pull univention/ucs-member-amd64:4.0-1
 
</pre>
 
 
 
The new UCS docker container can be started in the following way
 
<pre>
 
docker run -d -e rootpwd=univention --hostname=member --name=member \
 
    -p 8013:80 univention/ucs-member-amd64:4.0-1 /sbin/init
 
</pre>
 
 
 
The started docker container is available after some seconds and can be configured through the web based appliance setup wizard. In the example above the port 8013 of the docker host is redirected to the port 80 of the container. Thus, the HTTP port of the docker container can reached by typing http://<IP of the docker host>:8013.
 
Alternatively, the container can be configured automatically configured via a  [http://docs.univention.de/installation-4.0.html#appliance:use:auto:profile profile file]
 
 
 
= Building Univention UCS docker images =
 
 
 
Über docker.knut.univention.de oder
 
* http://jenkins.knut.univention.de:8080/job/Mitarbeiter/job/Arvid%20Requate/
 
 
 
= Docker first steps =
 
# List images <pre>docker images</pre>
 
# List running containers <pre>docker ps</pre>
 
# Get shell <pre>docker exec -it member /bin/bash</pre>
 
# Restart a container <pre>docker restart member</pre>
 
  
 +
Additionally, [https://hub.docker.com/u/univention Docker Hub] hosts a couple of ''VM-style'' containers that allow to run a full UCS userspace as a container, which may be interesting in special scenarios. There are role specific images like the [https://hub.docker.com/r/univention/ucs-master-amd64 UCS DC Primary Image] as well as a [https://hub.docker.com/r/univention/ucs-generic-amd64 UCS Generic Image], which can be configured into any UCS server role. This was the result of early experiments with docker, which doesn't follow the general purpose of docker containers. At the time of writing Docker containers in general [https://github.com/moby/moby/issues/14856 still] have [https://github.com/moby/moby/issues/11185 challenges with the exposure of wide dynamic port ranges], so running services like Samba/AD in these ''VM-style'' is not recommended.
  
 
[[Category:Development]]
 
[[Category:Development]]
 
<!--[[Category:Docker]]-->
 
<!--[[Category:Docker]]-->

Latest revision as of 10:28, 9 July 2020

Produktlogo UCS Version 4.4

Docker with UCS

UCS supports running Docker containers. The docker.io Debian package is installed by default since the App Center uses Docker containers to deploy applications on UCS systems.

Additionally, Docker Hub hosts a couple of VM-style containers that allow to run a full UCS userspace as a container, which may be interesting in special scenarios. There are role specific images like the UCS DC Primary Image as well as a UCS Generic Image, which can be configured into any UCS server role. This was the result of early experiments with docker, which doesn't follow the general purpose of docker containers. At the time of writing Docker containers in general still have challenges with the exposure of wide dynamic port ranges, so running services like Samba/AD in these VM-style is not recommended.

Personal tools