tag:blogger.com,1999:blog-2432026042671922032024-02-07T23:40:20.928-08:00Wicked Awesome TechWickedAwesomeTechhttp://www.blogger.com/profile/02573410603388538214noreply@blogger.comBlogger23125tag:blogger.com,1999:blog-243202604267192203.post-22662442852571218582018-05-11T13:49:00.000-07:002018-05-11T13:49:49.448-07:00Moving to the Medium<div dir="ltr" style="text-align: left;" trbidi="on">
<span style="font-family: Arial, Helvetica, sans-serif;">I am a very fortunate person. I have a great wife, great family, great friends and a job doing things that I love. Unfortunately I have a very small window of free time so blogging about the stuff I get to work on has taken a backseat. I feel that because I am so fortunate to do such cool work that I have an obligation to share the problems I am solving to the world. So much of the problems that I solve come from reading others work. I would like to do a better job contributing back to the community that makes it possible to solve many of the problems that I get to work on. I have decided to move my work from Blogger to the Medium since I am finding so much of my time being spent there anyways and the built-in features allow me to write much faster with the small amount of time I have. I would also like to spend some time writing about things other than tech and The Medium seems like a better place for a diverse blogging. </span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Arial, Helvetica, sans-serif;">You can catch my Medium stories here: <a href="https://medium.com/@wbassler23">https://medium.com/@wbassler23</a></span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Arial, Helvetica, sans-serif;">I plan to keep this domain as well as my older posts on Blogger but anything new going to The Medium. </span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Arial, Helvetica, sans-serif;">I hope that I am able to better keep up and share with the community the problems that I get to solve. Hopefully I will be able to help someone out as I have been helped out by so many others. We are better together. </span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Arial, Helvetica, sans-serif;">Cheers. </span></div>
Anonymoushttp://www.blogger.com/profile/08401515398537055010noreply@blogger.com0tag:blogger.com,1999:blog-243202604267192203.post-2394576462489754902017-04-19T12:57:00.000-07:002017-04-19T12:57:33.883-07:00Installing OpenCV on MacOS Sierra 10.12.4<div dir="ltr" style="text-align: left;" trbidi="on">
<div style="text-align: left;">
<span style="font-family: Arial, Helvetica, sans-serif;">Had some issues today getting OpenCV library rolling on my MacOS (Using Python 3). I was getting an error after the initial install: </span></div>
<div style="font-family: "Helvetica Neue", Arial, sans; font-size: 16px;">
<br /></div>
<div style="-en-codeblock: true; background-color: #fbfaf8; background-position: initial initial; background-repeat: initial initial; border-bottom-left-radius: 4px; border-bottom-right-radius: 4px; border-top-left-radius: 4px; border-top-right-radius: 4px; border: 1px solid rgba(0, 0, 0, 0.14902); box-sizing: border-box; color: #333333; font-family: Monaco, Menlo, Consolas, "Courier New", monospace; font-size: 12px; padding: 8px;">
pip install python-opencv</div>
<div style="font-family: "Helvetica Neue", Arial, sans; font-size: 16px;">
<br /></div>
<div style="text-align: left;">
<span style="font-family: Arial, Helvetica, sans-serif;">This code:</span></div>
<div style="font-family: "Helvetica Neue", Arial, sans; font-size: 16px;">
<br /></div>
<div style="-en-codeblock: true; background-color: #fbfaf8; background-position: initial initial; background-repeat: initial initial; border-bottom-left-radius: 4px; border-bottom-right-radius: 4px; border-top-left-radius: 4px; border-top-right-radius: 4px; border: 1px solid rgba(0, 0, 0, 0.14902); box-sizing: border-box; color: #333333; font-family: Monaco, Menlo, Consolas, "Courier New", monospace; font-size: 12px; padding: 8px;">
<div>
import cv2</div>
<div>
<br /></div>
<div>
img = cv2.imread('test.jpg',cv2.IMREAD_GRAYSCALE)</div>
<div>
cv2.imshow('image',img)</div>
<div>
cv2.waitKey(0)</div>
<div>
cv2.destroyAllWindows()</div>
</div>
<div style="font-family: "Helvetica Neue", Arial, sans; font-size: 16px;">
<br /></div>
<div style="font-family: "Helvetica Neue", Arial, sans; font-size: 16px;">
<br /></div>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;">failed with this error:</span></div>
<div style="font-family: "Helvetica Neue", Arial, sans; font-size: 16px;">
<br /></div>
<div style="-en-codeblock: true; background-color: #fbfaf8; background-position: initial initial; background-repeat: initial initial; border-bottom-left-radius: 4px; border-bottom-right-radius: 4px; border-top-left-radius: 4px; border-top-right-radius: 4px; border: 1px solid rgba(0, 0, 0, 0.14902); box-sizing: border-box; color: #333333; font-family: Monaco, Menlo, Consolas, "Courier New", monospace; font-size: 12px; padding: 8px;">
<div>
The function is not implemented. Rebuild the library with Windows, GTK+ 2.x or</div>
<div>
Carbon support. If you are on Ubuntu or Debian, install libgtk2.0-dev and</div>
<div>
pkg-config, then re-run cmake or configure script.</div>
</div>
<div style="font-family: "Helvetica Neue", Arial, sans; font-size: 16px;">
<br /></div>
<div style="font-family: "Helvetica Neue", Arial, sans; font-size: 16px;">
<br /></div>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;">I was fortunate enough to find the following article: <a href="https://solarianprogrammer.com/2016/11/29/install-opencv-3-with-python-3-on-macos/">https://solarianprogrammer.com/2016/11/29/install-opencv-3-with-python-3-on-macos/</a></span></div>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;">I use Anaconda to manage my Python environments. Here is what I did to resolve the issue. NOTE: I could not get it to work on Python version newer than 3.5.2. I also use PyCharm as my interpreter, I had to refresh my interpreter for the project for the changes to take affect. </span></div>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;">Switch to your desired Python Environment. </span></div>
<div style="font-family: "Helvetica Neue", Arial, sans; font-size: 16px;">
<br /></div>
<br />
<div style="font-family: gotham, helvetica, arial, sans-serif; font-size: 14px;">
</div>
<br />
<div style="-en-codeblock: true; background-color: #fbfaf8; background-position: initial initial; background-repeat: initial initial; border-bottom-left-radius: 4px; border-bottom-right-radius: 4px; border-top-left-radius: 4px; border-top-right-radius: 4px; border: 1px solid rgba(0, 0, 0, 0.14902); box-sizing: border-box; color: #333333; font-family: Monaco, Menlo, Consolas, "Courier New", monospace; font-size: 12px; padding: 8px;">
<div>
[Wed Apr 19 15:29:14] ~</div>
<div>
wb@Westons-MBP > source activate py3</div>
<div>
<br /></div>
<div>
(py3)</div>
<div>
[Wed Apr 19 15:29:59] ~</div>
<div>
wb@Westons-MBP > conda install --channel https://conda.anaconda.org/menpo opencv3</div>
<div>
Fetching package metadata ...........</div>
<div>
Solving package specifications: .</div>
<div>
<br /></div>
<div>
Package plan for installation in environment /Users/wb/anaconda/envs/py3:</div>
<div>
<br /></div>
<div>
The following NEW packages will be INSTALLED:</div>
<div>
<br /></div>
<div>
hdf5: 1.8.17-1</div>
<div>
mkl: 2017.0.1-0</div>
<div>
numpy: 1.12.1-py35_0</div>
<div>
opencv3: 3.1.0-py35_0 menpo</div>
<div>
tbb: 4.3_20141023-0 menpo</div>
<div>
<br /></div>
<div>
Proceed ([y]/n)? y</div>
<div>
<br /></div>
<div>
hdf5-1.8.17-1. 100% |#####################################| Time: 0:00:00 5.67 MB/s</div>
<div>
numpy-1.12.1-p 100% |#####################################| Time: 0:00:00 13.01 MB/s</div>
<div>
opencv3-3.1.0- 100% |#####################################| Time: 0:00:03 11.73 MB/s</div>
<div>
<br /></div>
<div>
(py3)</div>
<div>
[Wed Apr 19 15:30:35] ~</div>
<div>
wb@Westons-MBP > python --version</div>
<div>
Python 3.5.2 :: Continuum Analytics, Inc.</div>
<div>
<br /></div>
</div>
</div>
Anonymoushttp://www.blogger.com/profile/08401515398537055010noreply@blogger.com2tag:blogger.com,1999:blog-243202604267192203.post-71746652085319099572016-09-30T11:21:00.000-07:002016-09-30T11:21:18.142-07:00Mesos-DNS as your upstream DNS or alonside your Enterprise DNS<div dir="ltr" style="text-align: left;" trbidi="on">
<div dir="ltr" style="text-align: left;" trbidi="on">
<span style="font-family: "arial" , "helvetica" , sans-serif;">In this post I will show you how you can get going with your own external Mesos-DNS that you can either A) use as an upstream DNS server or B) incorporate/forward Mesos Tasks to your upstream DNS server. The reason for using either one of these methods is so that you are able to have machines outside of the Mesos cluster discover DNS of Mesos tasks running internal the Mesos cluster and vice versa. Using either one of these methods will provide a way for all DNS entries on your network to query one another. We are currently using Method B in our enterprise so that our Mesos tasks are able to communicate with other services running outside of the cluster such as our Gitlab server.</span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;">We will be using docker to run our Mesos-DNS in both methods running on our Bootstrap server.<br /><table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEihz_-dzFQtZc1yrq7revoE1gWaJBtv1B-LX7QIiZQdbWhbgn-k7yH6elk3t7LamppLfikSHmeesEy6MW24-U73BJYu9PQH7Ay2jQdBin-x150javN5mUuKq4JDeydwYbwIONWM2EPQDfKw/s1600/mesos-dns.png" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" height="208" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEihz_-dzFQtZc1yrq7revoE1gWaJBtv1B-LX7QIiZQdbWhbgn-k7yH6elk3t7LamppLfikSHmeesEy6MW24-U73BJYu9PQH7Ay2jQdBin-x150javN5mUuKq4JDeydwYbwIONWM2EPQDfKw/s400/mesos-dns.png" width="400" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">https://mesosphere.github.io/mesos-dns/</td></tr>
</tbody></table>
</span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif;"><b>NOTE:</b> This is currently being used with version DCOS Open & Enterprise 1.7.x and Mesos-DNS version 0.5.2. It has not been tested or used with the latest releases of DCOS or Mesos-DNS. Read the release notes of latest DCOS in terms of VIPs to DNS. Will be testing this functionality in the near future. This setup also means that you have exposed your private agents to routing from outside the Mesos Network and not just through the use of the public agent which we are hoping to change in the future as well.</span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;">I would like to send a shout out to Mesosphere for continuing to make an incredible product and opening up DCOS to the community. What a powerful and fun community to work with! I have been fortunate enough to have been involved in Apache Mesos for the past year and a half and have watched this project grow rapidly. Mesosphere is doing some amazing things that are changing the way that we treat Data Centers and Development. Looking forward to continuing the journey with them!</span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;">References: </span><br />
<br />
<ul style="text-align: left;">
<li><span style="font-family: "arial" , "helvetica" , sans-serif;"><a href="https://dcos.io/">DCOS Open</a> // <a href="https://mesosphere.com/product/">DCOS Enterprise</a></span></li>
<li><span style="font-family: "arial" , "helvetica" , sans-serif;"><a href="https://dcos.io/docs/1.8/usage/service-discovery/mesos-dns/">Mesos DNS & DCOS</a></span></li>
<li><span style="font-family: "arial" , "helvetica" , sans-serif;"><a href="https://mesosphere.github.io/mesos-dns/">Mesos DNS </a></span></li>
<li><span style="font-family: "arial" , "helvetica" , sans-serif;"><a href="https://github.com/mesosphere/mesos-dns">Mesos DNS Github</a></span></li>
</ul>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<br />
<h2 style="text-align: left;">
<span style="font-family: "arial" , "helvetica" , sans-serif;">Method A: Using Mesos-DNS as an Upstream DNS Server for ALL your DNS</span></h2>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;">In this method you are able to use your Mesos-DNS as a DNS server for all DNS on your network. You can plug in the IP of your Mesos-DNS server in your resolv.conf file or you can run a dig against it. This will give you the IP address of the Mesos Agent where the service is running. You can also get the port address by obtaining the SRV records. </span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;">1) Create and edit the json.config for Mesos-DNS. See <a href="https://mesosphere.github.io/mesos-dns/docs/configuration-parameters.html">parameters </a>for explanation: "resolvers" is very important here. Also, you can make the domain what you please. Default is "mesos".</span></div>
<div>
<br />
<script src="https://gist.github.com/geekbass/b2f539f63097e7fa34275bed417b2999.js"></script>
</div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;">2) Run it in docker:</span></div>
<div>
<br />
<script src="https://gist.github.com/geekbass/b66c120ddd217323ab144b9fa073beb8.js"></script>
</div>
<div style="text-align: left;">
<span style="font-family: Arial, Helvetica, sans-serif;">3) You can now use this Mesos-DNS as your DNS server. Place the IP of Mesos-DNS in your resolv.conf or dig against its IP.</span></div>
<div style="text-align: left;">
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
<div style="text-align: left;">
<span style="font-family: Arial, Helvetica, sans-serif;">From the example config.json, your services will run under </span><span style="font-family: Courier New, Courier, monospace;"><service>.pick.your.domain.com</span><span style="font-family: Arial, Helvetica, sans-serif;">. some examples would be:</span></div>
<div style="text-align: left;">
<span style="font-family: Arial, Helvetica, sans-serif;">"</span><span style="font-family: Courier New, Courier, monospace;">leader.pick.your.domain.com</span><span style="font-family: Arial, Helvetica, sans-serif;">" for the leader, </span></div>
<div style="text-align: left;">
<span style="font-family: Arial, Helvetica, sans-serif;">"</span><span style="font-family: Courier New, Courier, monospace;">master.pick.your.domain.com</span><span style="font-family: Arial, Helvetica, sans-serif;">" for a list of your mesos master nodes,</span></div>
<div style="text-align: left;">
<span style="font-family: Arial, Helvetica, sans-serif;">"</span><span style="font-family: Courier New, Courier, monospace;">agent.pick.your.domain.com</span><span style="font-family: Arial, Helvetica, sans-serif;">" for a list of your mesos agents,</span></div>
<div style="text-align: left;">
<span style="font-family: Arial, Helvetica, sans-serif;">"</span><span style="font-family: Courier New, Courier, monospace;">marathon.pick.your.domain.com</span><span style="font-family: Arial, Helvetica, sans-serif;">" for marathon and</span></div>
<div style="text-align: left;">
<span style="font-family: Arial, Helvetica, sans-serif;">"</span><span style="font-family: Courier New, Courier, monospace;">nginx.marathon.pick.your.domain.com</span><span style="font-family: Arial, Helvetica, sans-serif;">" for a service named "nginx" running on marathon root.</span></div>
<div style="text-align: left;">
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;">Be sure to check out Mesos <a href="https://mesosphere.github.io/mesos-dns/docs/naming.html">DNS documentation on the naming</a>. </span></div>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
<div>
<span style="font-family: arial, helvetica, sans-serif;">You will also be able to query all DNS from all DNS servers defined in "resolvers". This is what provides you the ability to query both internal Mesos and external DNS.</span></div>
<div>
<span style="font-family: arial, helvetica, sans-serif;"><br /></span></div>
<div>
<span style="font-family: arial, helvetica, sans-serif;"><br /></span></div>
<h2 style="text-align: left;">
<span style="font-family: "arial" , "helvetica" , sans-serif;">Method B: Incorporating Mesos-DNS with your Enterprise upstream DNS Server</span></h2>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;">This method provides you with the same capabilities only this method uses sub zones or sub domains on your upstream DNS server. Best benefit from this method is that this doesn't require any changes to your DNS configuration on your servers. Nobody has to know there is an external Mesos-DNS server out there that is forward Mesos Tasks DNS to it.</span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;">I haven't personally setup a sub domain on a DNS server before, but there are several good references out there on how to do it for your specific DNS. From the example, you would create "pick.your.domain.com" as the sub domain on your DNS server.</span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;">1) Create the sub domain on your specific DNS provider. This is the only additional step needed from Method A.</span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;">2) Follow steps 1-3 above from Method A.</span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;">Done.</span></div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif;"></span><br />
<a name='more'></a><br />
<br />
<span style="font-family: arial, helvetica, sans-serif;">Hopefully this can relieve some of the pain for Service Discovery and DNS if you run any form of Mesos. This is one of the most difficult problems I have had to deal with when it comes to running external services alongside internal Mesos Tasks. Mostly because it requires making newbies happy but remember there are still several ways to accomplish this. In previous project I used a combination of Mesos, Consul and Consul DNS to accomplish the same thing.</span><br />
<span style="font-family: arial, helvetica, sans-serif;"><br /></span>
<span style="font-family: arial, helvetica, sans-serif;">The only downside of the solution above is that this is not the preferred method when it comes to DCOS Architecture since all routing from the outside goes through an LB on the public agent. Hoping that eventually we can get away from this with a mix of Minute Man LB in the future and DNS for VIPS and or IP per task. Personally, I am not again routing traffic directly to private agents because of speed and HA but it all depends on your preferred method. Always need to conside HA and port clashing etc when running in an environment like Mesos.</span></div>
</div>
Anonymoushttp://www.blogger.com/profile/08401515398537055010noreply@blogger.com1tag:blogger.com,1999:blog-243202604267192203.post-36514609694456548632016-05-13T10:41:00.000-07:002016-05-13T10:41:26.567-07:00Orchestrating Communications to Docker as you Scale Like a Boss<div dir="ltr" style="text-align: left;" trbidi="on">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg4Uu8vVsz_VDe3VKDLt2LZ8MTTnpeOl5os7T3k4e59TF5eOo5PHbXI1-fR9swinPhfnN3-K9zNPW4kXUbozJSrLiake8dslOAgCNK2LtT7NzvVIng-UUAuVjqv-6uqLHG5gq4s3wgAmtL1/s1600/container-scale.jpg" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" height="277" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg4Uu8vVsz_VDe3VKDLt2LZ8MTTnpeOl5os7T3k4e59TF5eOo5PHbXI1-fR9swinPhfnN3-K9zNPW4kXUbozJSrLiake8dslOAgCNK2LtT7NzvVIng-UUAuVjqv-6uqLHG5gq4s3wgAmtL1/s400/container-scale.jpg" width="400" /></a><span style="font-family: "arial" , "helvetica" , sans-serif;">One of the more difficult things to manage as you begin to scale and deploy containers at mass is trying to manage communications and access to your services. Not only is managing communications to your services difficult, but also doing it in a way that makes sense, is static and feels normal for your users. With an orchestration tool such as Mesos, your containers will most likely move from host to host quite often. This is exactly how it should be for environments running large amounts of containers. It shouldn't matter where your container lives and you should also not have to search for it as it moves around. Nor should you have to manage ports as your Infrastructure grows and your apps scale. I believe this to be one of the major pieces to consider when planning your container based environment. Think about the reason that you are considering using containers and then think about how you plan to orchestrate access to them and assume that your services will not be running in the same place tomorrow as they were today. We achieve this solution through a simple mechanism of Service Discovery and Load Balancing.</span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;">In this post, Ill describe the tools that I have chosen to use in my docker based PaaS solution backed by Apache Mesos. I went with a solution that not only would suit the needs of our Mesos based services but would work along side any docker container that was deployed in the environment. Simply setup a node with load balancing and access to your service discovery and have the users route through this node to access their service.</span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;">Demonstrations will be done using Marathon, Consul, consul-template + HaProxy, but as I said there are a ton of projects out there that can be used to help solve this issue. </span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;">Components used:</span><br />
<br />
<ul style="text-align: left;">
<li><span style="font-family: "arial" , "helvetica" , sans-serif;">HAProxy</span></li>
<li><span style="font-family: "arial" , "helvetica" , sans-serif;">consul</span></li>
<li><span style="font-family: "arial" , "helvetica" , sans-serif;"><a href="https://github.com/hashicorp/consul-template">consul-template</a></span></li>
<li><span style="font-family: "arial" , "helvetica" , sans-serif;"><a href="http://gliderlabs.com/registrator/latest/">Registrator</a></span></li>
</ul>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;">Workflow:</span></div>
<div>
<ol style="text-align: left;">
<li><span style="font-family: "arial" , "helvetica" , sans-serif;">Docker service deployed with Marathon to Mesos</span></li>
<li><span style="font-family: "arial" , "helvetica" , sans-serif;">Registrator running on Mesos Agents registers the service to Consul</span></li>
<li><span style="font-family: "arial" , "helvetica" , sans-serif;">consul-template updates HAProxy with port mappings of service(s) and reloads config</span></li>
<li><span style="font-family: "arial" , "helvetica" , sans-serif;">ACCESS TO SERVICE(S)!!!!</span></li>
</ol>
<div>
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgiFWxspYBq_liOVJhxbJIquvaUXr_1g0EOqhrqjX40fEMQEsLn819bGj2zYcrMpwox14jGKrXQ5OX9q8LCK0lM0vQLVzSAE8zpPEOibUzidp_0CAKkcwzCNaw9OQcJfapL9VpCAgnOwo17/s1600/consul-template_ha-proxy.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="544" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgiFWxspYBq_liOVJhxbJIquvaUXr_1g0EOqhrqjX40fEMQEsLn819bGj2zYcrMpwox14jGKrXQ5OX9q8LCK0lM0vQLVzSAE8zpPEOibUzidp_0CAKkcwzCNaw9OQcJfapL9VpCAgnOwo17/s640/consul-template_ha-proxy.png" width="640" /></a></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
</div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;">Getting Started. Note: You will need a running Mesos Cluster with Marathon and also a running Consul cluster. See my post for getting a Consul cluster up in <a href="http://www.wickedawesometech.us/2016/04/setting-up-consul-service-discovery-in.html">10 minutes here</a>:</span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;">1) On a server that you would like to use to proxy traffic, install HAProxy and consul-template</span></div>
<div>
</div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;"># yum install -y haproxy unzip && cd /usr/local/bin/ && wget -O consul-template.zip wget https://releases.hashicorp.com/consul-template/0.14.0/consul-template_0.14.0_linux_amd64.zip</span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"> </span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"># unzip consul-template.zip </span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;">2) Configure consul-template for HAProxy. It will reload the config each time there is a change with the service such as a scale up, down or a failure. </span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;"># mkdir -pv /etc/consul-template/ && cd /etc/consul-template</span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;">Create new file <span style="font-family: "courier new" , "courier" , monospace;">/etc/consul-template/consul-haproxy.json</span> which will be the configuration file to manage reloading haproxy anytime there is a change is service discovery. </span><br />
<br />
<span style="font-family: "courier new" , "courier" , monospace;"># cat /etc/consul-template/consul-haproxy.json</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">consul = "$CONSUL:$PORT"</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">template {</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> source = "/etc/haproxy/haproxy.template"</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> destination = "/etc/haproxy/haproxy.cfg"</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> command = "systemctl reload haproxy"</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;"></span><br />
<span style="font-family: "courier new" , "courier" , monospace;">}</span><br />
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<span style="font-family: "arial" , "helvetica" , sans-serif;">Create the source and destination files for haproxy based on the config above.</span><br />
<br />
<span style="font-family: "courier new" , "courier" , monospace;"># cat /etc/haproxy/haproxy.template</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">global</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> daemon</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> log 127.0.0.1 local0</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> log 127.0.0.1 local1 notice</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> maxconn 4096</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">defaults</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> log global</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> retries 3</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> maxconn 2000</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> timeout connect 5000</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> timeout client 50000</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> timeout server 50000</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">listen http-in</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> bind *:80</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> mode tcp</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> option tcplog</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> balance leastconn{{range service "$SERVICE"}}</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> server {{.Node}} {{.Address}}:{{.Port}} check {{end}}</span></div>
<div>
<br /></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;">$SERVICE in the template file above is the service name that you will put as part of a ENV parameter in your Marathon json when you launch. It will register itself in Consul as that service name and anytime there is a change if will reflect the change to haproxy.</span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"># cat /etc/haproxy/haproxy.cfg</span></div>
<div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;">global</span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"> daemon</span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"> log 127.0.0.1 local0</span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"> log 127.0.0.1 local1 notice</span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"> maxconn 4096</span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;">defaults</span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"> log global</span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"> retries 3</span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"> maxconn 2000</span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"> timeout connect 5000</span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"> timeout client 50000</span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"> timeout server 50000</span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;">listen http-in</span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"> bind *:80</span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"> mode tcp</span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"> option tcplog</span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"> balance leastconn </span></div>
</div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;">3) We can go ahead and start consul-template at this point. Run from command line or from systemd unit to make it permanent.</span><br />
<br />
<span style="font-family: "courier new" , "courier" , monospace;"># consul-template -config /etc/consul-template/consul-haproxy.json</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;">OR</span><br />
<br />
<span style="font-family: "courier new" , "courier" , monospace;"># cat /etc/systemd/system/consul-template.service</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">[Unit]</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">Description=Consul Template HA Proxy</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">After=network.target</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">[Service]</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">User=root</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">Group=root</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">Environment="GOMAXPROCS=2"</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">ExecStart=/usr/local/bin/consul-template -config /etc/consul-template/consul-haproxy.json</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">ExecReload=/bin/kill -9 $MAINPID</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">KillSignal=SIGINT</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">Restart=on-failure</span><br />
<br />
<span style="font-family: "courier new" , "courier" , monospace;">[Install]</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">WantedBy=multi-user.target</span><br />
<div>
<br /></div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;"># systemctl enable consul-template && systemctl start consul-template</span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;">4) <a href="http://gliderlabs.com/registrator/latest/">Registrator </a>must be running on any host in the cluster that will need to have docker containers registered to consul and any host that is running as a consul agent. This watches the host on the docker socket and anytime there is a change, registers or deregisters from Consul. </span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;">On each agent:</span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;"># docker run -d --name=registrator --net=host --volume=/var/run/docker.sock:/tmp/docker.sock gliderlabs/registrator:latest consul://$IP:$PORT</span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;">Make it persistent after reboot with unit file (if using systemd):</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;"># cat /etc/systemd/system/registrator.service</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">[Unit]</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">Description=Registrator Container</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">After=docker.service</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">Requires=docker.service</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">[Service]</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">TimeoutStartSec=0</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">Restart=on-failure</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">ExecStart=/usr/bin/docker start registrator</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">[Install]</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">WantedBy=multi-user.target</span><br />
<div>
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span></div>
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;"># systemctl enable registrator</span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;">5) Now this is where the magic begins. Let's create a json for our Marathon service that will be launched. You are required to the service name defined in the env object. Launching an nginx app with alpine base below:</span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">Name: alpine-nginx.json</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">{</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> "container": {</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> "type": "DOCKER",</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> "docker": {</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> "image": "docker-registry:5000/alpine-nginx",</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> "network": "BRIDGE",</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> "portMappings": [</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> { "containerPort": 8050, "hostPort": 0, "servicePort": 8050, "protocol": "tcp" }</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> ]</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> }</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> },</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> "id": "alpine-nginx",</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> "instances": 1,</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> <b>"env":</b></span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><b> { "SERVICE_NAME": "alpine", "SERVICE_TAGS": "alpine" },</b></span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> "cpus": 0.5,</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> "mem": 100,</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> "uris": []</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"></span><br />
<span style="font-family: "courier new" , "courier" , monospace;">}</span><br />
<div>
<br /></div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;">6) After you launch the app and it starts on Marathon, check Consul to see if service is registered.</span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgZ4PWCXCyE5wDPZhWdrhuxOCTTiCn_DNWkq-VrdlDXnO7qDvlgyjD8Zg3nlLy_wCJIq0FG0_HZVtEyhtTYIyHNRc-mr-4SE94k3XVLJb7Jah1uaUaeYkPplDPjst41T6ilExdLyuAqBYbl/s1600/consul-temaple-alpine.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="153" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgZ4PWCXCyE5wDPZhWdrhuxOCTTiCn_DNWkq-VrdlDXnO7qDvlgyjD8Zg3nlLy_wCJIq0FG0_HZVtEyhtTYIyHNRc-mr-4SE94k3XVLJb7Jah1uaUaeYkPplDPjst41T6ilExdLyuAqBYbl/s400/consul-temaple-alpine.png" width="400" /></a></div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;">7) Now go back to consul-template server and check out the ha-proxy.cfg file. You service along with its port mappings on Mesos will be there as well.</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;"># cat /etc/haproxy/haproxy.cfg</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">global</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> daemon</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> log 127.0.0.1 local0</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> log 127.0.0.1 local1 notice</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> maxconn 4096</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">defaults</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> log global</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> retries 3</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> maxconn 2000</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> timeout connect 5000</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> timeout client 50000</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> timeout server 50000</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">listen http-in</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> bind *:80</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> mode tcp</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> option tcplog</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> balance leastconn</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"></span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> <span style="background-color: yellow;">server mesos-agent01 10.x.x.x:31239 check</span></span><br />
<div>
<br /></div>
<div>
<br /></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;">Hit the consul-template server at port 80 and you will be routed to your nginx app.</span></div>
<div>
<br /></div>
<div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"># curl localhost:80</span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"><!DOCTYPE html></span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"><html></span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"><body></span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"><h3>This container is actually running at: </h3></span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"><p id="demo"> </p></span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"><script></span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;">var x = location.host;</span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;">document.getElementById("demo").innerHTML= x;</span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"></script></span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"></body></span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"></html></span></div>
</div>
<div>
<br /></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;">8) Scale the app in Marathon to 3 and watch consul-template automatically update your HAProxy config. Yellow is old, green is new.</span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span></div>
<div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"># cat /etc/haproxy/haproxy.cfg</span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;">global</span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"> daemon</span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"> log 127.0.0.1 local0</span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"> log 127.0.0.1 local1 notice</span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"> maxconn 4096</span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;">defaults</span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"> log global</span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"> retries 3</span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"> maxconn 2000</span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"> timeout connect 5000</span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"> timeout client 50000</span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"> timeout server 50000</span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;">listen http-in</span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"> bind *:80</span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"> mode tcp</span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"> option tcplog</span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"> balance leastconn</span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"> <span style="background-color: lime;">server mesos-agent01 10.x.x.x:31743 check</span></span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"> <span style="background-color: yellow;">server mesos-agent01 10.x.x.x:31239 check</span></span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"> <span style="background-color: lime;">server mesos-agent01 10.x.x.x:31577 check</span></span></div>
</div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;">9) Now kill one of the instances from Marathon, this simulates a failure scenario. Consul-template will update the change for the failed instance to the new! Yellow and green are the ones that have existed, blue is the new.</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;"># cat /etc/haproxy/haproxy.cfg</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">global</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> daemon</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> log 127.0.0.1 local0</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> log 127.0.0.1 local1 notice</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> maxconn 4096</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">defaults</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> log global</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> retries 3</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> maxconn 2000</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> timeout connect 5000</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> timeout client 50000</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> timeout server 50000</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">listen http-in</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> bind *:80</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> mode tcp</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> option tcplog</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> balance leastconn</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> <span style="background-color: cyan;">server </span><span style="background-color: cyan;">mesos-agent01 10.x.x.x:31835 check</span></span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> <span style="background-color: yellow;">server </span><span style="background-color: yellow;">mesos-agent01 10.x.x.x:31239 check</span></span><br />
<span style="font-family: "courier new" , "courier" , monospace;"></span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> <span style="background-color: lime;">server </span><span style="background-color: lime;">mesos-agent01 10.x.x.x:31577 check</span></span></div>
<div>
<br /></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;">Feel free to use your consul-template server for as many other services as you need. All you need to do is add additional service parameters in your template file as before with a different port.</span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;">We are calling our consul-template servers "Edge Nodes" as they are actually outside of our Infrastructure and routing to the inside. These can live anywhere on your network as the only thing they need is access to read your Service Discovery. You should be able to dedicate very little resources to these machines as possible 1GB Mem 1 CPU. With the correct setup, you can also run these Edge Nodes in docker containers. You will just need to statically assigned IPs (Flannel, Weave, Calico, etc..) and port mappings for that container. </span></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<br /></div>
</div>
Anonymoushttp://www.blogger.com/profile/08401515398537055010noreply@blogger.com6tag:blogger.com,1999:blog-243202604267192203.post-24155100792023528482016-05-06T10:22:00.000-07:002016-05-06T10:22:24.745-07:00Consul Server and Consul Agent Systemd Units<div dir="ltr" style="text-align: left;" trbidi="on">
<h2 style="text-align: left;">
Consul Server and Consul Agent Systemd Units for RHEL/CentOS 7</h2>
<br />
<span style="font-family: "arial" , "helvetica" , sans-serif;">Consul Server -></span><span style="font-family: "courier new" , "courier" , monospace;"><b>/etc/systemd/system/consul-server.service</b></span><br />
<div style="font-family: Calibri; font-size: 11.0pt; margin: 0in;">
<br /></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;">[Unit]</span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;">Description=Consul
Server</span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;">After=network.target</span></div>
<div style="font-size: 11pt; margin: 0in;">
<br /></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;">[Service]</span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;">User=root</span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;">Group=root</span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;">Environment="GOMAXPROCS=2"</span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;">ExecStart=/usr/local/bin/consul
agent -config-dir /etc/consul.d/server </span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;">ExecReload=/bin/kill
-9 $MAINPID</span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;">KillSignal=SIGINT</span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;">Restart=on-failure</span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;">RestartSec=1</span></div>
<div style="font-size: 11pt; margin: 0in;">
<br /></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;">[Install]</span></div>
<br />
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;">WantedBy=default.target</span></div>
<div style="font-family: Calibri; font-size: 11.0pt; margin: 0in;">
<br /></div>
<div style="font-family: Calibri; font-size: 11.0pt; margin: 0in;">
<br /></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;">Consul Agent -> </span><b><span style="font-family: "courier new" , "courier" , monospace;">/etc/systemd/system/consul-client.service</span></b></div>
<div style="margin: 0in;">
<span style="font-size: 14.6667px;"><span style="font-family: "courier new" , "courier" , monospace;"><br /></span></span></div>
<div style="margin: 0in;">
<span style="font-size: 14.6667px;"><span style="font-family: "courier new" , "courier" , monospace;">[Unit]</span></span></div>
<div style="margin: 0in;">
<span style="font-size: 14.6667px;"><span style="font-family: "courier new" , "courier" , monospace;">Description=Consul Server</span></span></div>
<div style="margin: 0in;">
<span style="font-size: 14.6667px;"><span style="font-family: "courier new" , "courier" , monospace;">After=network.target</span></span></div>
<div style="margin: 0in;">
<span style="font-size: 14.6667px;"><span style="font-family: "courier new" , "courier" , monospace;"><br /></span></span></div>
<div style="margin: 0in;">
<span style="font-size: 14.6667px;"><span style="font-family: "courier new" , "courier" , monospace;">[Service]</span></span></div>
<div style="margin: 0in;">
<span style="font-size: 14.6667px;"><span style="font-family: "courier new" , "courier" , monospace;">User=root</span></span></div>
<div style="margin: 0in;">
<span style="font-size: 14.6667px;"><span style="font-family: "courier new" , "courier" , monospace;">Group=root</span></span></div>
<div style="margin: 0in;">
<span style="font-size: 14.6667px;"><span style="font-family: "courier new" , "courier" , monospace;">Environment="GOMAXPROCS=2"</span></span></div>
<div style="margin: 0in;">
<span style="font-size: 14.6667px;"><span style="font-family: "courier new" , "courier" , monospace;">ExecStart=/usr/local/bin/consul agent -config-dir /etc/consul.d/client</span></span></div>
<div style="margin: 0in;">
<span style="font-size: 14.6667px;"><span style="font-family: "courier new" , "courier" , monospace;">ExecReload=/bin/kill -9 $MAINPID</span></span></div>
<div style="margin: 0in;">
<span style="font-size: 14.6667px;"><span style="font-family: "courier new" , "courier" , monospace;">KillSignal=SIGINT</span></span></div>
<div style="margin: 0in;">
<span style="font-size: 14.6667px;"><span style="font-family: "courier new" , "courier" , monospace;">Restart=on-failure</span></span></div>
<div style="margin: 0in;">
<span style="font-size: 14.6667px;"><span style="font-family: "courier new" , "courier" , monospace;"><br /></span></span></div>
<div style="margin: 0in;">
<span style="font-size: 14.6667px;"><span style="font-family: "courier new" , "courier" , monospace;"><br /></span></span></div>
<div style="margin: 0in;">
<span style="font-size: 14.6667px;"><span style="font-family: "courier new" , "courier" , monospace;">[Install]</span></span></div>
<div style="margin: 0in;">
<span style="font-size: 14.6667px;"><span style="font-family: "courier new" , "courier" , monospace;">WantedBy=multi-user.target</span></span></div>
<div style="font-family: Calibri; font-size: 11.0pt; margin: 0in;">
<br /></div>
</div>
Anonymoushttp://www.blogger.com/profile/08401515398537055010noreply@blogger.com5tag:blogger.com,1999:blog-243202604267192203.post-2285038215332921802016-05-06T10:10:00.000-07:002016-05-06T10:10:26.613-07:00Ultimate Container Sandbox | Isolating Containers in Containers<div dir="ltr" style="text-align: left;" trbidi="on">
<span style="font-family: "arial" , "helvetica" , sans-serif;">This was something fun I worked on for while to display how to give users a safe development box to do things like learn, play or test with docker. Its an extremely ephemeral environment and can be rebuilt in secs. It has been sitting in my drafts for a bit but wanted to write about it...... </span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;">Anyone that has been involved in the docker ecosystem over the past several years has more than likely seen the following image below:</span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEivEyN5-EIh_Pv5gyG7xLh2OsUe1vTMfMzTmgoZhdvDLayl9EN8y_TrdSRdWClS64ma0nxNAtQWnJx3sN9IIf8GVxL-fT5jgL5rK9fdc2BTG93JlUuDZbFIlNs1b86Rp9xfKmeNYZy5EsaM/s1600/docker-meme.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="258" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEivEyN5-EIh_Pv5gyG7xLh2OsUe1vTMfMzTmgoZhdvDLayl9EN8y_TrdSRdWClS64ma0nxNAtQWnJx3sN9IIf8GVxL-fT5jgL5rK9fdc2BTG93JlUuDZbFIlNs1b86Rp9xfKmeNYZy5EsaM/s400/docker-meme.jpg" width="400" /></a></div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<br />
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;">Running docker inside of docker. This is nothing new and in fact if you are using Docker universally to run virtually everything such as monitoring or service discovery, chances are you are most likely mounting the docker socket inside your container. I personally use docker in docker to build and push doing the same thing. </span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;">This is where it gets hairy and you get into the inception aspect of this whole mess.<br /><br />The cool thing with running docker in docker is the fact that you are able to give yourself a nice little test bed with no worries of destroying ready containers and also utilize docker command line at the same time. Building and push new images etc. The only issue with this is the fact that you are mounting the docker socket within the container itself. You are exposing the hosts images and containers to the docker in docker. If you run a '</span><span style="font-family: "courier new" , "courier" , monospace;">docker images</span><span style="font-family: "arial" , "helvetica" , sans-serif;">' inside the docker container, you are seeing the hosts images. If you run a '</span><span style="font-family: "courier new" , "courier" , monospace;">docker rm|rmi</span><span style="font-family: "arial" , "helvetica" , sans-serif;">' you will wipe the host you are running on. There is NO isolation in this. Not only would you wipe the host but anyone else that is running docker in docker on the host would be doing the same thing. </span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span><span style="font-family: "arial" , "helvetica" , sans-serif;">One way I have figured out how to isolate docker running on the same host is to utilize docker's father project, LXC. By running docker inside of LXC, each LXC instance is completely isolated from the other and you are safely able to utilize docker without affecting anyone else. As with docker, LXC can also be spun up in a matter of seconds so in the event that you do something in LXC that you dont like, blow it away and spin up a new. Good read and another instance of this being used: <a href="http://thenewstack.io/rackspace-carina-bare-metal-caas-based-openstack/">Openstack Carina Project</a></span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;">Docker on LXC on Linux</span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjTKUc6Ftk_B8-w4exc_rIw9N-uvJE649RpvCrVKD12XdgY7fF-ikDLtA4BKVH6AbKqymIy0lJLsYTrmKLpkEKAx5o6B-YHfTiCq10NBWP1lQs_2W5vxrCXUDK0GetmSGYbW0AiP0gyJiVo/s1600/dockerinlxc.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjTKUc6Ftk_B8-w4exc_rIw9N-uvJE649RpvCrVKD12XdgY7fF-ikDLtA4BKVH6AbKqymIy0lJLsYTrmKLpkEKAx5o6B-YHfTiCq10NBWP1lQs_2W5vxrCXUDK0GetmSGYbW0AiP0gyJiVo/s400/dockerinlxc.png" width="328" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
Image provide by yours truly... You're Welcome!</div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<span style="font-family: "arial" , "helvetica" , sans-serif;">Let us get this going. Ubuntu as the underlying host OS as I am starting to go back to my original Linux roots.</span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;">1) Install LXC:</span><br />
<div style="text-align: left;">
<span style="font-family: "courier new" , "courier" , monospace;"># </span><span style="background-color: white; line-height: 18.85px; white-space: pre;"><span style="font-family: "courier new" , "courier" , monospace;">apt-get update && apt-get install lxc</span></span></div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;">2) Create the LXC container and add the following lines to each containers configs /var/lib/lxc/$LXC_NAME/config:</span><br />
<span style="background-color: white; font-family: "courier new" , "courier" , monospace;"># </span><span style="font-family: "courier new" , "courier" , monospace; line-height: 18.85px; white-space: pre;">lxc-create -t download -n meh-01 -- -d ubuntu -r trusty -a amd64</span><span style="background-color: white; font-family: "courier new" , "courier" , monospace;"> </span><br />
<span style="background-color: white; font-family: "courier new" , "courier" , monospace;"> </span><br />
<div style="text-align: left;">
<span style="background-color: white; font-family: Arial, Helvetica, sans-serif;">Add below lines to</span><span style="background-color: white; font-family: "courier new" , "courier" , monospace;"> </span><span style="background-color: white; font-family: "courier new" , "courier" , monospace;">/var/lib/lxc/meh-01/config </span></div>
<div style="text-align: left;">
<span style="font-family: "courier new" , "courier" , monospace;">lxc.aa_profile = unconfined</span></div>
<span style="font-family: "courier new" , "courier" , monospace;">lxc.cgroup.devices.allow = a</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">lxc.cap.drop =</span><br />
<div>
<br /></div>
<span style="background-color: white; font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;">3) Start the LXC container, attach and install the needful to get docker installed in LXC:</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"># lxc-start -n meh-01 -d </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"># lxc-attach -n meh-01</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;">Inside LXC:</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"># apt-get update && apt-get install wget apparmor docker.io -y</span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;">4) Check it out!!! </span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;">FROM LXC:</span><br />
<span style="font-family: courier new, courier, monospace;">root@meh-01:~# docker version</span><br />
<span style="font-family: courier new, courier, monospace;">Client version: 1.6.2</span><br />
<span style="font-family: courier new, courier, monospace;">Client API version: 1.18</span><br />
<span style="font-family: courier new, courier, monospace;">Go version (client): go1.2.1</span><br />
<span style="font-family: courier new, courier, monospace;">Git commit (client): 7c8fca2</span><br />
<span style="font-family: courier new, courier, monospace;">OS/Arch (client): linux/amd64</span><br />
<span style="font-family: courier new, courier, monospace;">Server version: 1.6.2</span><br />
<span style="font-family: courier new, courier, monospace;">Server API version: 1.18</span><br />
<span style="font-family: courier new, courier, monospace;">Go version (server): go1.2.1</span><br />
<span style="font-family: courier new, courier, monospace;">Git commit (server): 7c8fca2</span><br />
<span style="font-family: courier new, courier, monospace;">OS/Arch (server): linux/amd64</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: 'courier new', courier, monospace;">root@meh-01:~#</span><span style="font-family: courier new, courier, monospace;"> docker images</span><br />
<span style="font-family: courier new, courier, monospace;">REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE</span><br />
<span style="font-family: courier new, courier, monospace;">golang latest 471e087e791d 2 weeks ago 744 MB</span><br />
<div>
<br /></div>
<span style="font-family: courier new, courier, monospace;"><br /></span>
<span style="font-family: 'courier new', courier, monospace;">root@meh-01:~#</span><span style="font-family: courier new, courier, monospace;"> docker run -it golang echo hello world</span><br />
<span style="font-family: 'courier new', courier, monospace;">hello world</span><br />
<div>
<br /></div>
<div>
<br /></div>
<span style="font-family: Arial, Helvetica, sans-serif;">FROM HOST:</span><br />
<span style="font-family: Courier New, Courier, monospace;">root@docker-builder:~# docker images</span><br />
<span style="font-family: Courier New, Courier, monospace;">The program 'docker' is currently not installed. You can install it by typing:</span><br />
<span style="font-family: Courier New, Courier, monospace;">apt-get install docker</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;">Docker isn't even installed on the host so the host is not being affected... </span><span style="font-family: arial, helvetica, sans-serif;">***Modify changes to your docker options within LXC if you would like to add things like private registry etc...</span></div>
<div>
<br /></div>
<span style="font-family: "arial" , "helvetica" , sans-serif;">Next: Create another LXC container and repeat the above steps and notice you get complete isolation and separate development environments with LXC. Add things into the LXC containers such as ssh and port forwarding on the host so you can SSH to it. </span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;">LXC is the original container runtime that got me interested in containers (<a href="http://www.wickedawesometech.us/2014/07/the-container-world-part-1-overview.html">my blog from a couple years ago</a>). I will continue to use alongside docker for different things because I think that LXC has some functionality the docker doesn't do as well. For example, running OS containers, LXC is much better. Docker still holds the belt for application containers in my opinion. Be sure to check out <a href="http://thenewstack.io/rackspace-carina-bare-metal-caas-based-openstack/">Rackspace's CaaS</a> mentioned above. Awesome project and read. I will be following not only what they are doing but Openstack as well. </span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: arial, helvetica, sans-serif;">CONTAINERIZE ALL THE THINGS</span><br />
<span style="font-family: arial, helvetica, sans-serif;"><br /></span>
<span style="font-family: arial, helvetica, sans-serif;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
Anonymoushttp://www.blogger.com/profile/08401515398537055010noreply@blogger.com12tag:blogger.com,1999:blog-243202604267192203.post-73210746074974763162016-04-08T14:20:00.000-07:002016-05-06T11:51:27.340-07:00Setting up Consul Service Discovery for Mesos in 10 Minutes<div dir="ltr" style="text-align: left;" trbidi="on">
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgm_EiLP3wSMVe24i9yzjIXsJSIKTjGRXmXkDi84ZmbBB8qLOD7znSimChJGXJQNx1ijuzW066ltM3VHHDiSGHKxYw_hHqyWTgUXk7qLSi6QhwqRssnfIE0_ubJcPLpCzqmnmOfKKRC2ZI-/s1600/consul.png" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" height="115" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgm_EiLP3wSMVe24i9yzjIXsJSIKTjGRXmXkDi84ZmbBB8qLOD7znSimChJGXJQNx1ijuzW066ltM3VHHDiSGHKxYw_hHqyWTgUXk7qLSi6QhwqRssnfIE0_ubJcPLpCzqmnmOfKKRC2ZI-/s400/consul.png" width="400" /></a></div>
<span style="font-family: "arial" , "helvetica" , sans-serif;">This will be a short series on using Consul in your Microservices environment. Consul provides Service Discovery and many other nice features for Mircoservices which you can read more <a href="https://www.consul.io/intro/vs/index.html">here</a>. After you read it you will understand why it is such a popular choice for many people using any form of Microservice and anything else that requires Service Discovery for that matter. I have chosen to use Consul for my PaaS offering service backed with Apache Mesos with integration for a tool called consul-template and also for DNS for containers. Ill kick off a small series about different ways to utilize Consul for your Microservices architecture and how I have been utilizing it for Service Discovery and multiple other things for Docker. I wont talk much about it or try to explain how it works because it is best to read as much as possible on your own so for more information please see Consul Documentation:</span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif;"><span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;">More info on</span><span style="font-family: "arial" , "helvetica" , sans-serif;"> Consul: <a href="https://www.consul.io/">https://www.consul.io/</a></span></span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif;">Documentation: <a href="https://www.consul.io/docs/index.html">https://www.consul.io/docs/index.html</a></span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif;">Free Online Demo!! : <a href="http://demo.consul.io/ui/">http://demo.consul.io/ui/</a></span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif;"><b>MUST UNDERSTAND:</b> <a href="https://www.consul.io/docs/guides/outage.html">https://www.consul.io/docs/guides/outage.html</a></span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;">We will start off by installing a cluster of 3 server nodes and 1 client with the UI and then end with creating systemd units for the entire cluster.</span><br />
<br />
<br />
<span style="font-family: "arial" , "helvetica" , sans-serif;">1) Pull down the Hashicorp Consul zip file to ALL nodes and unzip. The same package is used for server and client.</span><br />
<br />
<span style="font-family: "courier new" , "courier" , monospace;"> <span style="font-family: "courier new" , "courier" , monospace;"> cd
/usr/local/bin/ && wget https://releases.hashicorp.com/consul/0.6.4/consul_0.6.4_linux_amd64.zip</span></span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><span style="font-family: "courier new" , "courier" , monospace;"> unzip consul*</span></span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;">2) Pull down the UI Package for the node that will act serve the Web UI for the cluster. Can be any but I chose the client. Unzip in desired directory</span><span style="font-family: "courier new" , "courier" , monospace;">.</span><br />
<br />
<span style="font-family: "courier new" , "courier" , monospace;"><span style="font-family: "arial" , "helvetica" , sans-serif;"> wget -O /opt/consul/web-ui.zip https://releases.hashicorp.com/consul/0.6.4/consul_0.6.4_web_ui.zip && cd </span>/opt/consul/ && unzip web-ui.zip</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;">3) Focusing on the server config first, create the initial files/directories on all servers. One of them will act as the bootstrap server initially until we get the cluster in quorum. </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;"> /etc/consul.d/bootstrap/config.json <b>### This only gets created on 1 of the servers</b></span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> {</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> "bootstrap": true,</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> "server": true,</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> "datacenter": "your-dc",</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> "data_dir": "/var/lib/consul",</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> "log_level": "INFO",</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> </span><span style="font-family: "courier new" , "courier" , monospace;">"advertise_addr": "$BSTRAP_LOCAL_IP",</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> "enable_syslog": true</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> }</span><br />
<div>
<br /></div>
<span style="font-family: "courier new" , "courier" , monospace;"> </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> /etc/consul.d/server/config.json</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> {</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> "bootstrap": false,</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> "advertise_addr": "$LOCAL_IP",</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> "server": true,</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> "datacenter": "your-dc",</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> "data_dir": "/var/lib/consul",</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> "log_level": "INFO",</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> "enable_syslog": true,</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> "start_join": ["server1", "server2","server3"]</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> }</span><br />
<div>
<br /></div>
<span style="font-family: "courier new" , "courier" , monospace;"> mkdir -pv /var/lib/consul ### Used as our data directory</span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<br />
<span style="font-family: "arial" , "helvetica" , sans-serif;">Also we can go ahead and create out systemd unit files on each server and enable on boot.</span><br />
<br />
<span style="font-family: "courier new" , "courier" , monospace;"> /etc/systemd/system/consul-server.service</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> [Unit]</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> Description=Consul Server</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> After=network.target</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> [Service]</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> User=root</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> Group=root</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> Environment="GOMAXPROCS=2"</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> ExecStart=/usr/local/bin/consul agent -config-dir /etc/consul.d/server</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> ExecReload=/bin/kill -9 $MAINPID</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> KillSignal=SIGINT</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> Restart=on-failure</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> [Install]</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> WantedBy=multi-user.target</span><br />
<div>
<br /></div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"> </span><span style="font-family: "courier new" , "courier" , monospace;"> </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;"> # systemctl enable consul-server</span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;">4) Run the following commands in order on each of the servers to get quorum. You will need a bootstrap server to start with (server1). You will need lots of terminals here.</span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;">On Server1:</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> # consul agent -config-dir /etc/consul.d/bootstrap -advertise </span><span style="font-family: "courier new" , "courier" , monospace;">$BSTRAP_LOCAL_IP</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;">On Server2 (-bootstrap-expect defines the number of servers to connect):</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> # consul agent -config-dir /etc/consul.d/server -advertise $LOCAL_IP -bootstrap-expect 3</span><br />
<br />
<span style="font-family: "arial" , "helvetica" , sans-serif;">On Server3:</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> # </span><span style="font-family: "courier new" , "courier" , monospace;">consul agent -config-dir /etc/consul.d/server -advertise $LOCAL_IP -bootstrap-expect 3</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;">Back on Server1, do a CTRL+C to kill the consul process and then start as server.</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> CTRL+C </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> # </span><span style="font-family: "courier new" , "courier" , monospace;">consul agent -config-dir /etc/consul.d/server -advertise $LOCAL_IP -bootstrap-expect 3</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;">The servers should select a leader and sync to quorum. Each time you lose quorum, this is how you will have to restart it. A few other methods will have to be used along with it, see Outage documentation above for more reference.</span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;">5) Lets go ahead and get our client with the Web UI up and running before we do step 6 so we can watch from the UI what Consul looks like during service failures.</span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;"> /etc/consul.d/client/config.json</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> {</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> "server": false,</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> "datacenter": "your-dc",</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> "advertise_addr": "$LOCAL_IP",</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> "client_addr": "$LOCAL_IP",</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> "data_dir": "/var/lib/consul",</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> "ui_dir": "/opt/consul/",</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> "log_level": "INFO",</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> "enable_syslog": true,</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> "start_join": ["server1", "server2", "server3"]</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> }</span><br />
<div>
<br /></div>
<div>
<br /></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;">Create the systemd unit file.</span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"> /etc/systemd/system/consul-client.service</span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"> [Unit]</span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"> Description=Consul Server</span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"> After=network.target</span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"> [Service]</span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"> User=root</span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"> Group=root</span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"> Environment="GOMAXPROCS=2"</span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"> ExecStart=/usr/local/bin/consul agent -config-dir /etc/consul.d/client</span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"> ExecReload=/bin/kill -9 $MAINPID</span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"> KillSignal=SIGINT</span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"> Restart=on-failure</span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"> [Install]</span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"> WantedBy=multi-user.target</span></div>
<div>
<br /></div>
<span style="font-family: "arial" , "helvetica" , sans-serif;">Start the service:</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> # systemctl start consul-client && systemctl status consul-client -l</span><br />
<div>
<br /></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;">You should see "agent: synced nod info" in the output of status. Go to the UI:</span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"> http://client:8500/ui/</span></div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<br />
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="float: left; margin-right: 1em; text-align: left;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgxBhyphenhyphenmunDRu3RTuVOKcin9MebRirrgkaMvQlaLl6WEB57sM3NA483J2zFaOSseCRJJYcF0MsU73eAXvAzXdarr66Ybd8pc5UwYPA3ON0OgyH9on0S5IscTFY2ttVPDWVsHFGZQRfJlgCUn/s1600/consul-ui.png" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" height="112" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgxBhyphenhyphenmunDRu3RTuVOKcin9MebRirrgkaMvQlaLl6WEB57sM3NA483J2zFaOSseCRJJYcF0MsU73eAXvAzXdarr66Ybd8pc5UwYPA3ON0OgyH9on0S5IscTFY2ttVPDWVsHFGZQRfJlgCUn/s640/consul-ui.png" width="640" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;"><br /></td></tr>
</tbody></table>
<span style="font-family: "arial" , "helvetica" , sans-serif;">You should see the above image if it was successful. You will see 3 passing. vimWatch the UI during the next step to see how it interacts for health checks. </span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;">6) In order to get consul to use a backgound process instead of the current window you are in, we will need to kill the current process and reboot each of the servers 1 at a time and let them rejoin 1 at a time so not to lose quorum. DO NOT CTRL+C the current process but KILL the process! See OUTAGE doc above about graceful leaves. Yes, you will need yet another terminal for this. Run the following one server at a time:</span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;"> # ps -ef |grep consul | grep -v grep ## to get pid of current consul process</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> # kill -9 $consul_pid</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;">Go to your Consul UI and take a look at the nodes and consul service. You will see the consul service has 1 failure. Pretty cool?! No worries it will come back after you restart it.</span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhTYx1130zwhdY77HMeYSJM0YpnMLz5leHXNn9vFw2FkQ5WoeI04eQoiXWyRWw54jqmM4SVxWoXXMpzgt5eM2qBecfxWvlk1kFk04njED5i8I7faA9y_Zmw8sLReAtwa92YtyYyj_fOk56a/s1600/consul-failed.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="110" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhTYx1130zwhdY77HMeYSJM0YpnMLz5leHXNn9vFw2FkQ5WoeI04eQoiXWyRWw54jqmM4SVxWoXXMpzgt5eM2qBecfxWvlk1kFk04njED5i8I7faA9y_Zmw8sLReAtwa92YtyYyj_fOk56a/s640/consul-failed.png" width="640" /></a></div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<br />
<span style="font-family: "courier new" , "courier" , monospace;"> # reboot </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> OR</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> # systemctl start consul-server && </span><span style="font-family: "courier new" , "courier" , monospace;">systemctl status consul-server -l</span><br />
<br />
<span style="font-family: "arial" , "helvetica" , sans-serif;">You should see that your consul server has rejoined and you didn't lose quorum because the other 2 stayed online. </span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;">Rinse and Repeat Step 6 for all servers and you have a working Consul cluster. Next we will discuss how to register services there and show some of the things I have been doing with integration with Apache Mesos. </span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
Anonymoushttp://www.blogger.com/profile/08401515398537055010noreply@blogger.com1tag:blogger.com,1999:blog-243202604267192203.post-66668931761232656622016-04-01T11:18:00.000-07:002016-04-15T11:07:00.050-07:00Multihost Docker Networking <div dir="ltr" style="text-align: left;" trbidi="on">
<div style="font-size: 11pt; margin: 0in;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhy7oBJUsIPIkQar8ICxOYODZQkXs2oijwnMh-bQluNP07jhnyDMcgnVMSG-ApdPYW_bpcpat_oJFKp7d_gRdmchp_ctGZhe79OYueHrGgjuidlAbqebmO2m8GWxqDueauSdl3c2tixmyAW/s1600/flannel-horizontal-color.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="97" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhy7oBJUsIPIkQar8ICxOYODZQkXs2oijwnMh-bQluNP07jhnyDMcgnVMSG-ApdPYW_bpcpat_oJFKp7d_gRdmchp_ctGZhe79OYueHrGgjuidlAbqebmO2m8GWxqDueauSdl3c2tixmyAW/s320/flannel-horizontal-color.png" width="320" /></a><span style="font-family: "arial" , "helvetica" , sans-serif;">One of the major
issues that people have with running docker is the fact that docker and
containers natively only support localhost networking capabilities. So this
means that by default, only the localhost and its services know about the
containers. Host A will not be able to communicate with Host B by default. Here
is a quick demo of how to use <a href="https://coreos.com/">CoreOS</a>'s
networking project Flannel, so that you can have a multi-host docker
environment where all the hosts and their containers can commuincate.</span></div>
<div style="font-size: 11pt; margin: 0in;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjzdPhIn1wrVYR8M1NxUjnDQ_cF4O6FXd0ypLABrhFEVBeGpni2ZnCm2eKs51pby9PJcqUnoqCRfJE7SkmYJ7VzpZ7N7dHekvUUMg6Xwo76BGdJLS-hvpCsVD0nr8i3CylAEeM0LCeOpcyc/s1600/docker-networking.png" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" height="157" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjzdPhIn1wrVYR8M1NxUjnDQ_cF4O6FXd0ypLABrhFEVBeGpni2ZnCm2eKs51pby9PJcqUnoqCRfJE7SkmYJ7VzpZ7N7dHekvUUMg6Xwo76BGdJLS-hvpCsVD0nr8i3CylAEeM0LCeOpcyc/s200/docker-networking.png" width="200" /></a></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;">More info on
Flannel: <a href="https://github.com/coreos/flannel">https://github.com/coreos/flannel</a></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;">More info on ETCD: <a href="https://github.com/coreos/etcd">https://github.com/coreos/etcd</a></span><br />
<br /></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;">You will need to have 1 or more etcd server(s). We will be using a single node for this demo.</span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;">On etcd Server(s)</span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-size: 11pt;"><span style="font-family: "arial" , "helvetica" , sans-serif;">1. Install</span></span><span style="font-family: "consolas"; font-size: 11pt;"> etcd</span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-size: 11pt;"><span style="font-family: "arial" , "helvetica" , sans-serif;">2. Configure etcd -
</span></span><span style="font-family: "consolas"; font-size: 11pt;"> /etc/etcd/etcd.conf</span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "consolas"; font-size: 11pt;"> </span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "consolas"; font-size: 11pt;"> </span><span style="font-size: 11pt;"><span style="font-family: "courier new" , "courier" , monospace;">#
cat /etc/etcd/etcd.conf | grep -v '^#'</span></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-size: 11pt;"><span style="font-family: "courier new" , "courier" , monospace;"> ETCD_NAME=default</span></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-size: 11pt;"><span style="font-family: "courier new" , "courier" , monospace;"> ETCD_DATA_DIR="/var/lib/etcd/default.etcd"</span></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-size: 11pt;"><span style="font-family: "courier new" , "courier" , monospace;"> ETCD_LISTEN_PEER_URLS="http://0.0.0.0:7001,http://localhost:2380"</span></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-size: 11pt;"><span style="font-family: "courier new" , "courier" , monospace;"> ETCD_LISTEN_CLIENT_URLS="http://0.0.0.0:2379"</span></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-size: 11pt;"><span style="font-family: "courier new" , "courier" , monospace;"> ETCD_ADVERTISE_CLIENT_URLS="http://localhost:2379"</span></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "consolas"; font-size: 11pt;"><br /></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-size: 11pt;"><span style="font-family: "arial" , "helvetica" , sans-serif;">3. Enable and start etcd </span></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "consolas"; font-size: 11pt;"> </span><span style="font-size: 11pt;"><span style="font-family: "courier new" , "courier" , monospace;"># systemctl
enable etcd && systemctl start etcd</span></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "consolas"; font-size: 11pt;"><br /></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-size: 11pt;"><span style="font-family: "arial" , "helvetica" , sans-serif;">4. Define etcd
network:</span></span></div>
<div style="font-size: 11pt; margin: 0in 0in 0in 0.375in;">
<span style="font-family: "courier new" , "courier" , monospace;">etcdctl
mk /blah.com/network/config '{"Network":"172.17.0.0/16"}'</span></div>
<div style="font-family: Consolas; font-size: 11.0pt; margin-left: .375in; margin: 0in;">
<br /></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;">You should be able
to get the json for that key.</span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "consolas";"> </span><span style="font-family: "courier new" , "courier" , monospace;"><span style="font-size: 11pt;">#
curl -s -L </span>http://ETCD_SERVER:2379/v2/keys/blah.com/network/config<span style="font-size: 11pt;">
| python -m json.tool</span></span></div>
<div style="font-family: Consolas; font-size: 11.0pt; margin: 0in;">
<br /></div>
<div style="font-family: Consolas; font-size: 11.0pt; margin: 0in;">
<br /></div>
<div style="font-family: Consolas; font-size: 11.0pt; margin: 0in;">
<br /></div>
<div style="font-size: 11pt; margin: 0in; text-align: left;">
<span style="font-family: "arial" , "helvetica" , sans-serif;">On
worker/slave/client(s)… any machine that is going to have flannel running</span></div>
<div style="font-size: 11pt; margin: 0in; text-align: left;">
<span style="font-size: 11pt;"><span style="font-family: "arial" , "helvetica" , sans-serif;">1. </span></span><span style="font-size: 11pt;"><span style="font-family: "arial" , "helvetica" , sans-serif;">Install flannel</span></span></div>
<div style="font-size: 11pt; margin: 0in; text-align: left;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><span style="font-size: 11pt;">2. </span><span style="font-size: 11pt;">Configure flannel -
</span><span style="font-size: 11pt;"> /etc/sysconfig/flanneld</span></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "consolas"; font-size: 11pt;"> </span><span style="font-size: 11pt;"><span style="font-family: "courier new" , "courier" , monospace;"> #
cat /etc/sysconfig/flanneld | grep -v '^#'</span></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-size: 11pt;"><span style="font-family: "courier new" , "courier" , monospace;"> FLANNEL_ETCD="http://ETCD_SERVER:2379"</span></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-size: 11pt;"><span style="font-family: "courier new" , "courier" , monospace;"> FLANNEL_ETCD_KEY="/blah.com/network"</span></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "consolas"; font-size: 11pt;"><br /></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-size: 11pt;"><span style="font-family: "arial" , "helvetica" , sans-serif;">3. If Docker is
already installed, stop and remove docker interface.</span></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-size: 11pt;"><span style="font-family: "arial" , "helvetica" , sans-serif;"> </span><span style="font-family: "courier new" , "courier" , monospace;"># </span></span><span style="font-size: 11pt;"><span style="font-family: "courier new" , "courier" , monospace;">systemctl
stop docker</span></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace; font-size: 11pt;"> ip
link delete docker0</span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace; font-size: 11pt;"> systemctl
start flanneld && systemctl enable flanneld</span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace; font-size: 11pt;"> systemctl
start docker</span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "consolas"; font-size: 11pt;"><br /></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-size: 11pt;"><span style="font-family: "arial" , "helvetica" , sans-serif;">Rinse
and repeat for all other desired docker hosts: </span></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-size: 11pt;"><span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-size: 11pt;"><span style="font-family: "arial" , "helvetica" , sans-serif;">You
should be able to see the networking configs and subnets being created.</span></span></div>
<div style="font-size: 11pt; margin: 0in 0in 0in 0.375in;">
<br /></div>
<div style="font-size: 11pt; margin: 0in 0in 0in 0.375in;">
<span style="font-family: "courier new" , "courier" , monospace;">#
curl -s -L http://master:2379/v2/keys/blah.com/network/config
| python -m json.tool</span></div>
<div style="font-size: 11pt; margin: 0in 0in 0in 0.375in;">
<br /></div>
<div style="font-size: 11pt; margin: 0in 0in 0in 0.375in;">
<span style="font-family: "courier new" , "courier" , monospace;">#
curl -s -L http://master:2379/v2/keys/blah.com/network/subnets
| python -m json.tool</span></div>
<div style="font-size: 11pt; margin: 0in 0in 0in 0.375in;">
<br /></div>
<div style="font-family: Consolas; font-size: 11.0pt; margin: 0in;">
<br /></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;">You should now be
able to ping containers between different hosts!</span></div>
<div style="font-family: Consolas; font-size: 11.0pt; margin: 0in;">
<br /></div>
<div style="font-family: Consolas; font-size: 11.0pt; margin: 0in;">
<br /></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;">After starting a few containers on different hosts, try it out. Each host gets its own subnet if you notice below.</span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;">Host A: </span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;"># docker inspect
f41cd57b4ef5 | grep -i ipaddress</span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;"> "IPAddress":
"172.17.24.3",</span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;"> "SecondaryIPAddresses": null,</span></div>
<div style="font-family: Consolas; font-size: 11.0pt; margin: 0in;">
<br /></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;">Host B:</span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;"># docker inspect
1b5b48c6be47 | grep -i ipaddress</span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;"> "IPAddress":
"172.17.80.16",</span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;"> "SecondaryIPAddresses": null,</span></div>
<div style="font-family: Consolas; font-size: 11.0pt; margin: 0in;">
<br /></div>
<div style="font-family: Consolas; font-size: 11.0pt; margin: 0in;">
<br /></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;">From Host A container, ping container </span><span style="font-family: "courier new" , "courier" , monospace; font-size: 14.6667px;">1b5b48c6be47</span><span style="font-family: "courier new" , "courier" , monospace; font-size: 14.6667px;"> </span><span style="font-size: 14.6667px;"><span style="font-family: "arial" , "helvetica" , sans-serif;">on Host B</span></span><span style="font-family: "arial" , "helvetica" , sans-serif; font-size: 11pt;">:</span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;"># docker exec -it f41cd57b4ef5 ping 172.17.80.16</span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;">PING 172.17.80.16
(172.17.80.16): 56 data bytes</span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;">64 bytes from
172.17.80.16: seq=0 ttl=62 time=2.336 ms</span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;">64 bytes from
172.17.80.16: seq=1 ttl=62 time=0.438 ms</span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;">64 bytes from
172.17.80.16: seq=2 ttl=62 time=0.506 ms</span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;">^C</span></div>
<div style="font-family: Consolas; font-size: 11.0pt; margin: 0in;">
<br /></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;">Host A is even able to ping container on Host B:</span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;"># ping 172.17.80.16</span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;">PING 172.17.80.16
(172.17.80.16) 56(84) bytes of data.</span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;">64 bytes from
172.17.80.16: icmp_seq=1 ttl=63 time=0.386 ms</span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;">64 bytes from
172.17.80.16: icmp_seq=2 ttl=63 time=0.438 ms</span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;">^C</span></div>
<div style="font-size: 11pt; margin: 0in;">
<br /></div>
<div style="font-family: Consolas; font-size: 11.0pt; margin: 0in;">
<br /></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;">Host B is running a
nginx container at port 80. Lets curl port 80 on that container from a container on Host A. </span><span style="font-family: "arial" , "helvetica" , sans-serif; font-size: 11pt;">(will only work if curl installed on container):</span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;"># docker exec -it f41cd57b4ef5 curl 172.17.80.16:80</span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;"> % Total
% Received % Xferd Average
Speed Time Time
Time Current</span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;"> Dload Upload
Total Spent Left
Speed</span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;"> 0
0 0 0
0 0 0
0 --:--:-- --:--:-- --:--:--
0<!DOCTYPE html></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;"><html></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;"><head></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;"><title><b>Welcome
to nginx!</b></title></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;"><style></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;"> body {</span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;"> width: 35em;</span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;"> margin: 0 auto;</span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;"> font-family: Tahoma, Verdana, Arial,
sans-serif;</span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;"> }</span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;"></style></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;"></head></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;"><body></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;"><h1>Welcome
to nginx!</h1></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;"><p>If you see
this page, the nginx web server is successfully installed and</span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;">working. Further
configuration is required.</p></span></div>
<div style="font-size: 11pt; margin: 0in;">
<br /></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;"><p>For online
documentation and support please refer to</span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;"><a
href="http://nginx.org/">nginx.org</a>.<br/></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;">Commercial support
is available at</span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;"><a
href="http://nginx.com/">nginx.com</a>.</p></span></div>
<div style="font-size: 11pt; margin: 0in;">
<br /></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;"><p><em>Thank
you for using nginx.</em></p></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;"></body></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;"></html></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;">100 612
100 612 0
0 321k 0 --:--:-- --:--:-- --:--:-- 597k</span></div>
<div style="font-family: Consolas; font-size: 11.0pt; margin: 0in;">
<br /></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "arial" , "helvetica" , sans-serif;">And from Host A:</span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;"># curl
172.17.80.16:80</span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;"><!DOCTYPE
html></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;"><html></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;"><head></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;"><title><b>Welcome
to nginx!</b></title></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;"><style></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;"> body {</span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;"> width: 35em;</span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;"> margin: 0 auto;</span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;"> font-family: Tahoma, Verdana, Arial,
sans-serif;</span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;"> }</span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;"></style></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;"></head></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;"><body></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;"><h1>Welcome
to nginx!</h1></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;"><p>If you see
this page, the nginx web server is successfully installed and</span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;">working. Further
configuration is required.</p></span></div>
<div style="font-size: 11pt; margin: 0in;">
<br /></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;"><p>For online
documentation and support please refer to</span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;"><a
href="http://nginx.org/">nginx.org</a>.<br/></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;">Commercial support
is available at</span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;"><a
href="http://nginx.com/">nginx.com</a>.</p></span></div>
<div style="font-size: 11pt; margin: 0in;">
<br /></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;"><p><em>Thank
you for using nginx.</em></p></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;"></body></span></div>
<div style="font-size: 11pt; margin: 0in;">
</div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new" , "courier" , monospace;"></html></span></div>
</div>
Anonymoushttp://www.blogger.com/profile/08401515398537055010noreply@blogger.com0tag:blogger.com,1999:blog-243202604267192203.post-50281275758567052342015-03-31T14:01:00.000-07:002015-03-31T14:06:54.740-07:00The Container World | Part 7 Building your own Docker Images<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiTZedxT8fVAWbYhJ6Zje9hXyyQFwOvNMWnYTfOo7HY3bY4AWiCgDVinw0cyjf1TPMpfnBafHr9etz68o_gXGybod-27zbrFmsT2432E99yNE9koNY9tGeNSVvyM237j0MpfPkfbKLiIx8I/s1600/docker-filesystems-multilayer.png" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiTZedxT8fVAWbYhJ6Zje9hXyyQFwOvNMWnYTfOo7HY3bY4AWiCgDVinw0cyjf1TPMpfnBafHr9etz68o_gXGybod-27zbrFmsT2432E99yNE9koNY9tGeNSVvyM237j0MpfPkfbKLiIx8I/s1600/docker-filesystems-multilayer.png" height="240" width="320" /></a><br />
<div style="margin: 0in;">
<span style="font-family: Arial, Helvetica, sans-serif;">In the
previous post I gave an overview of Docker and explained what it takes to run a
simple container. In this post I will be demonstrating Docker images which
provides the basis for running containers. I will go into a bit more detail
about what exactly a Docker image is, how to manage your images and also
demonstrate how to build an image from scratch and have it store locally on
your host.</span></div>
<div style="margin: 0in;">
<br /></div>
<div style="font-family: Arial; font-size: 11pt; margin: 0in;">
<br /></div>
<h3 style="margin: 0in;">
<span style="font-family: Arial, Helvetica, sans-serif; font-size: small;">What is a Docker image?</span></h3>
<div style="font-family: Arial; font-size: 11pt; margin: 0in;">
<br /></div>
<div style="margin: 0in;">
<span style="font-family: Arial, Helvetica, sans-serif;">For those
of us with familiarity in the virtualization space this might come a bit easier
of a concept. A Docker image can be thought of as a template or as source code
for all your containers. Docker images provide the building blocks of
containers and allow us to define characteristics of
containers such as the OS, application and processes running inside the
container. Images are what you use to build and launch your containers and
is what makes Docker so lightweight and portable. Docker images are what
we store in registries that provide us with a git-like functionality of
sharing, updating, deploying and storing. There are a few ways of creating
images such as by pulling already created images from a repo, creating them
from a container or from Dockerfiles.</span></div>
<div style="font-family: Arial; font-size: 11.0pt; margin: 0in;">
<br /></div>
<div style="font-family: Arial; font-size: 11.0pt; margin: 0in;">
<br /></div>
<h3 style="font-family: Arial; margin: 0in;">
<span style="font-size: small;">Managing your Docker images</span></h3>
<div style="font-family: Arial; font-size: 11pt; margin: 0in;">
<br /></div>
<div style="margin: 0in;">
<span style="font-family: Arial, Helvetica, sans-serif;">After
learning a bit more about images its easy to see how important it is to manage
your images. Docker uses public and private registries to help us easily manage
our images. We will just be using the local repo on our host for simplicity
reasons of this post.</span></div>
<div style="margin: 0in;">
<br /></div>
<div style="font-family: Arial; font-size: 11pt; margin: 0in;">
Search for
an image:</div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new";"> </span><span style="font-family: "Courier New";">#
sudo docker search <image_name></span></div>
<div style="font-family: 'Courier New'; font-size: 11pt; margin: 0in;">
# sudo docker search centos</div>
<div style="font-family: Calibri; font-size: 11.0pt; margin: 0in;">
<br /></div>
<div style="font-family: Arial; font-size: 11pt; margin: 0in;">
Pull down
an image locally from repo:</div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new";"> </span><span style="font-family: "Courier New";"> #
sudo docker pull <image_name></span></div>
<div style="font-family: 'Courier New'; font-size: 11pt; margin: 0in;">
# sudo docker pull centos</div>
<div style="font-family: Calibri; font-size: 11.0pt; margin: 0in;">
<br /></div>
<div style="font-family: Arial; font-size: 11pt; margin: 0in;">
Push an
image to the repo:</div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-family: "courier new";"> </span><span style="font-family: "Courier New";">#
sudo docker push <image_name></span></div>
<div style="font-family: 'Courier New'; font-size: 11pt; margin: 0in;">
# sudo docker push centos</div>
<div style="font-family: Calibri; font-size: 11.0pt; margin: 0in;">
<br /></div>
<div style="font-family: Calibri; font-size: 11.0pt; margin: 0in;">
<span style="font-family: Arial; font-size: 11pt;">Remove an image:</span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-size: 11pt;"><span style="font-family: Courier New, Courier, monospace;"> # sudo docker rmi <image_name></span></span></div>
<div style="font-size: 11pt; margin: 0in;">
<span style="font-size: 11pt;"><span style="font-family: Courier New, Courier, monospace;"> # sudo docker rmi centos</span></span></div>
<div style="font-family: Calibri; font-size: 11.0pt; margin: 0in;">
<br /></div>
<div style="font-family: arial; font-size: 11pt; margin: 0in;">
<br /></div>
<div style="font-family: Arial; margin: 0in;">
<b>Building a Docker image</b></div>
<div style="font-family: Arial; font-size: 11.0pt; margin: 0in;">
<br /></div>
<div style="margin: 0in;">
<span style="font-family: Arial, Helvetica, sans-serif;">This
post will demonstrate how to create a custom base image for nginx that you can
use to create and run new containers from. This is a way of ensuring that your
containers are being created the same and customized to fit your environment
and liking. There are a couple of ways doing this. My preferred method is to
use Dockerfiles (which will cover in the next tutorial) but for this demo I
will be using a custom script written from the Docker Github page (Thanks all
you lovely people at Docker!) to build a base image. Another way of course would be to use the
"docker pull" command above. Ill demonstrate how to pull down
a Centos image, customize it, and then use it to deploy my containers from. Ill
be demonstrating using a Centos 6 host and creating a Centos 6 image for
running nginx.</span></div>
<div style="margin: 0in;">
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
<div style="margin: 0in;">
<span style="font-family: Arial, Helvetica, sans-serif;">1. Go to the <a href="https://github.com/docker/docker/tree/master/contrib">Docker Github</a>
page and grab the mkimage-yum.sh file . Please be sure to check out the other
scripts Docker has provided for other Host OS and other image distributions.</span></div>
<div style="margin: 0in;">
<br /></div>
<div style="margin: 0in 0in 0in 0.375in;">
<span style="font-family: Courier New, Courier, monospace;"># wget -O ~/mkimage-yum.sh https://raw.githubusercontent.com/docker/docker/master/contrib/mkimage-yum.sh</span></div>
<div style="margin: 0in 0in 0in 0.375in;">
<span style="font-family: Courier New, Courier, monospace;">--2015-03-31 14:30:03-- https://raw.githubusercontent.com/docker/docker/master/contrib/mkimage-yum.sh</span></div>
<div style="margin: 0in 0in 0in 0.375in;">
<span style="font-family: Courier New, Courier, monospace;">Resolving raw.githubusercontent.com... 199.27.78.133</span></div>
<div style="margin: 0in 0in 0in 0.375in;">
<span style="font-family: Courier New, Courier, monospace;">Connecting to raw.githubusercontent.com|199.27.78.133|:443... connected.</span></div>
<div style="margin: 0in 0in 0in 0.375in;">
<span style="font-family: Courier New, Courier, monospace;">HTTP request sent, awaiting response... 200 OK</span></div>
<div style="margin: 0in 0in 0in 0.375in;">
<span style="font-family: Courier New, Courier, monospace;">Length: 2708 (2.6K) [text/plain]</span></div>
<div style="margin: 0in 0in 0in 0.375in;">
<span style="font-family: Courier New, Courier, monospace;">Saving to: “/root/mkimage-yum.sh”</span></div>
<div style="margin: 0in 0in 0in 0.375in;">
<br /></div>
<div style="margin: 0in 0in 0in 0.375in;">
<span style="font-family: Courier New, Courier, monospace;">100%[===================================================================>]
2,708 --.-K/s in 0s</span></div>
<div style="margin: 0in 0in 0in 0.375in;">
<br /></div>
<div style="margin: 0in 0in 0in 0.375in;">
<span style="font-family: Courier New, Courier, monospace;">2015-03-31 14:30:03 (229 MB/s) - “/root/mkimage-yum.sh” saved
[2708/2708]</span></div>
<div style="font-family: Consolas; font-size: 9.0pt; margin-left: .375in; margin: 0in;">
<br /></div>
<div style="font-family: Calibri; font-size: 11.0pt; margin-left: .375in; margin: 0in;">
<br /></div>
<div style="font-family: Arial; font-size: 11.0pt; margin: 0in;">
Please note that the
mkimage-yum.sh script will actually automatically run a container from the
image as well. If you don’t want this just comment out line 106 in the script
above:</div>
<div style="font-family: Calibri; font-size: 11.0pt; margin: 0in;">
<br /></div>
<div style="font-family: "Courier New"; font-size: 10.0pt; margin-left: .375in; margin: 0in;">
<span style="font-family: Courier New, Courier, monospace;">#docker run -i -t $name:$version echo success</span></div>
<div style="font-family: "Courier New"; font-size: 10.0pt; margin-left: .375in; margin: 0in;">
<br /></div>
<div style="font-family: "Courier New"; font-size: 10.0pt; margin-left: .375in; margin: 0in;">
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
<div style="margin: 0in;">
<span style="font-family: Arial, Helvetica, sans-serif;"> 2. Run the script like below. It
will take a minute or two to complete.</span></div>
<div style="margin: 0in 0in 0in 0.375in;">
<span style="font-family: Courier New, Courier, monospace;"># ./mkimage-yum.sh <desire_name_of_image></span></div>
<div style="margin: 0in 0in 0in 0.375in;">
<span style="font-family: Courier New, Courier, monospace;"># ./mkimage-yum.sh centos6-new</span></div>
<div style="margin: 0in 0in 0in 0.375in;">
<br /></div>
<div style="margin: 0in 0in 0in 0.375in;">
<span style="font-family: Courier New, Courier, monospace;"># validate new image is created and imported</span></div>
<div style="margin: 0in 0in 0in 0.375in;">
<span style="font-family: Courier New, Courier, monospace;"># docker images</span></div>
<div style="margin: 0in 0in 0in 0.375in;">
<span style="font-family: Courier New, Courier, monospace;">REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE</span></div>
<div style="margin: 0in 0in 0in 0.375in;">
<span style="font-family: Courier New, Courier, monospace;">centos6-new 6.6 61faa3d658e3 22 seconds ago 237.5 MB</span></div>
<div style="margin: 0in 0in 0in 0.375in;">
<br /></div>
<div style="font-family: Consolas; font-size: 10.0pt; margin-left: .375in; margin: 0in;">
<br /></div>
<div style="font-family: Consolas; font-size: 10.0pt; margin-left: .375in; margin: 0in;">
<br /></div>
<div style="margin: 0in;">
<span style="font-family: Arial, Helvetica, sans-serif;">3. Once it completes we can create
a container from that newly created image. We will be attaching to the
container, running the customization stuff and then committing the
container into an image that we can use later.</span></div>
<div style="font-family: "Courier New"; font-size: 9.0pt; margin-left: .375in; margin: 0in;">
<span style="font-family: Courier New, Courier, monospace;"> # docker run -it --name centos6-nginx centos6-new:6.6 /bin/bash</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<br />
<div style="margin: 0in;">
<span style="font-family: Arial, Helvetica, sans-serif;">4. The above command will attach you to the running container. So just treat this as you would to install and configure nginx on a normal linux server. I used the following steps to complete customizing my nginx environment. NOTE: This is where you would be customizing to fit your environment. GO NUTZ!</span></div>
<div style="margin: 0in 0in 0in 0.375in;">
<span style="font-family: Courier New, Courier, monospace;">[root@dba3856e6c99 ~]# ###created the following directories</span></div>
<div style="margin: 0in 0in 0in 0.375in;">
<span style="font-family: Courier New, Courier, monospace;">[root@dba3856e6c99 ~]# mkdir -p /var/www/website/public_html /var/www/website/log /etc/nginx/sites-available</span></div>
<div style="margin: 0in 0in 0in 0.375in;">
<span style="font-family: Courier New, Courier, monospace;">[root@dba3856e6c99 ~]# ###install nginx</span></div>
<div style="margin: 0in 0in 0in 0.375in;">
<span style="font-family: Courier New, Courier, monospace;">[root@dba3856e6c99 ~]# yum install -y nginx</span></div>
<div style="margin: 0in 0in 0in 0.375in;">
<span style="font-family: Courier New, Courier, monospace;">[root@dba3856e6c99 ~]# ###add the following line to nginx.cong file</span></div>
<div style="margin: 0in 0in 0in 0.375in;">
<span style="font-family: Courier New, Courier, monospace;">[root@dba3856e6c99 ~]# vi /etc/nginx/nginx.conf</span></div>
<div style="margin: 0in 0in 0in 0.375in;">
<span style="font-family: Courier New, Courier, monospace;">[root@dba3856e6c99 ~]# tail -2 /etc/nginx/nginx.conf</span></div>
<div style="margin: 0in 0in 0in 0.375in;">
<span style="font-family: Courier New, Courier, monospace;"> include /etc/nginx/sites-available/*;</span></div>
<div style="margin: 0in 0in 0in 0.375in;">
<span style="font-family: Courier New, Courier, monospace;">}</span></div>
<div style="margin: 0in 0in 0in 0.375in;">
<span style="font-family: Courier New, Courier, monospace;">[root@dba3856e6c99 ~]# ###create the virtual host for the website and paste the following text</span></div>
<div style="margin: 0in 0in 0in 0.375in;">
<span style="font-family: Courier New, Courier, monospace;">[root@dba3856e6c99 ~]# vi /etc/nginx/sites-available/website</span></div>
<div style="margin: 0in 0in 0in 0.375in;">
<span style="font-family: Courier New, Courier, monospace;">[root@dba3856e6c99 ~]# cat /etc/nginx/sites-available/website</span></div>
<div style="margin: 0in 0in 0in 0.375in;">
<span style="font-family: Courier New, Courier, monospace;">server {</span></div>
<div style="margin: 0in 0in 0in 0.375in;">
<span style="font-family: Courier New, Courier, monospace;"> server_name website;</span></div>
<div style="margin: 0in 0in 0in 0.375in;">
<span style="font-family: Courier New, Courier, monospace;"> access_log /var/www/website/log/access.log;</span></div>
<div style="margin: 0in 0in 0in 0.375in;">
<span style="font-family: Courier New, Courier, monospace;"> error_log /var/www/website/log/error.log;</span></div>
<div style="margin: 0in 0in 0in 0.375in;">
<span style="font-family: Courier New, Courier, monospace;"> root /var/www/website/public_html;</span></div>
<div style="margin: 0in 0in 0in 0.375in;">
<span style="font-family: Courier New, Courier, monospace;"><br /></span></div>
<div style="margin: 0in 0in 0in 0.375in;">
<span style="font-family: Courier New, Courier, monospace;"> location / {</span></div>
<div style="margin: 0in 0in 0in 0.375in;">
<span style="font-family: Courier New, Courier, monospace;"> index index.php;</span></div>
<div style="margin: 0in 0in 0in 0.375in;">
<span style="font-family: Courier New, Courier, monospace;"> }</span></div>
<div style="margin: 0in 0in 0in 0.375in;">
<span style="font-family: Courier New, Courier, monospace;"><br /></span></div>
<div style="margin: 0in 0in 0in 0.375in;">
<span style="font-family: Courier New, Courier, monospace;"> # Disable favicon.ico logging</span></div>
<div style="margin: 0in 0in 0in 0.375in;">
<span style="font-family: Courier New, Courier, monospace;"> location = /favicon.ico {</span></div>
<div style="margin: 0in 0in 0in 0.375in;">
<span style="font-family: Courier New, Courier, monospace;"> log_not_found off;</span></div>
<div style="margin: 0in 0in 0in 0.375in;">
<span style="font-family: Courier New, Courier, monospace;"> access_log off;</span></div>
<div style="margin: 0in 0in 0in 0.375in;">
<span style="font-family: Courier New, Courier, monospace;"> }</span></div>
<div style="margin: 0in 0in 0in 0.375in;">
<span style="font-family: Courier New, Courier, monospace;"><br /></span></div>
<div style="margin: 0in 0in 0in 0.375in;">
<span style="font-family: Courier New, Courier, monospace;"> # Allow robots and disable logging</span></div>
<div style="margin: 0in 0in 0in 0.375in;">
<span style="font-family: Courier New, Courier, monospace;"> location = /robots.txt {</span></div>
<div style="margin: 0in 0in 0in 0.375in;">
<span style="font-family: Courier New, Courier, monospace;"> allow all;</span></div>
<div style="margin: 0in 0in 0in 0.375in;">
<span style="font-family: Courier New, Courier, monospace;"> log_not_found off;</span></div>
<div style="margin: 0in 0in 0in 0.375in;">
<span style="font-family: Courier New, Courier, monospace;"> access_log off;</span></div>
<div style="margin: 0in 0in 0in 0.375in;">
<span style="font-family: Courier New, Courier, monospace;"> }</span></div>
<div style="margin: 0in 0in 0in 0.375in;">
<span style="font-family: Courier New, Courier, monospace;">}</span></div>
<div style="margin: 0in 0in 0in 0.375in;">
<span style="font-family: Courier New, Courier, monospace;">[root@dba3856e6c99 ~]# ###start and chkconfig the nginx service</span></div>
<div style="margin: 0in 0in 0in 0.375in;">
<span style="font-family: Courier New, Courier, monospace;">[root@dba3856e6c99 ~]# service nginx status</span></div>
<div style="margin: 0in 0in 0in 0.375in;">
<span style="font-family: Courier New, Courier, monospace;">nginx is stopped</span></div>
<div style="margin: 0in 0in 0in 0.375in;">
<span style="font-family: Courier New, Courier, monospace;">[root@dba3856e6c99 /]# echo "service nginx start" >> ~/.bashrc</span></div>
<span style="font-family: Arial; font-size: 11pt;"><br /></span>
<span style="font-family: Arial; font-size: 11pt;"><br /></span>
<br />
<div style="font-family: "Courier New"; font-size: 9.0pt; margin-left: .375in; margin: 0in;">
<span style="font-family: Arial, Helvetica, sans-serif;">5. Logout of the container and check to make sure its exited and no longer running.</span></div>
<div style="margin: 0in;">
<div style="margin: 0in 0in 0in 0.375in;">
<span style="font-family: Courier New, Courier, monospace;"># docker ps -a</span></div>
<div style="margin: 0in 0in 0in 0.375in;">
<span style="font-family: Courier New, Courier, monospace;">CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES</span></div>
<div style="margin: 0in 0in 0in 0.375in;">
<span style="font-family: Courier New, Courier, monospace;">dba3856e6c99 centos6-new:6.6 "/bin/bash" 21 minutes ago Exited (0) 2 seconds ago centos6-nginx</span></div>
<div>
<br /></div>
</div>
<span style="font-family: Arial; font-size: 11pt;"><br /></span>
<span style="font-family: Arial; font-size: 11pt;"><br /></span>
<span style="font-family: Arial, Helvetica, sans-serif;">6. Now we can "commit" that container into an image. We will then be able to use that image to create all of our "new nginx" servers.</span><br />
<div style="margin: 0in 0in 0in 0.375in;">
<span style="font-family: Courier New, Courier, monospace;"># docker commit <container_id> <repo>/<image_name>:<tag> ###NOTE: you can also use -m to document the image and -a to document the author</span></div>
<div style="margin: 0in 0in 0in 0.375in;">
<span style="font-family: Courier New, Courier, monospace;"># docker commit dba3856e6c99 centos6/nginx:6.6</span></div>
<div style="margin: 0in 0in 0in 0.375in;">
<span style="font-family: Courier New, Courier, monospace;">d88af477ead3fd48196fd6e4b65c85990965d30df4732e4c8cd7f07d54de8be6</span></div>
<div style="margin: 0in 0in 0in 0.375in;">
<span style="font-family: Courier New, Courier, monospace;"># docker images</span></div>
<div style="margin: 0in 0in 0in 0.375in;">
<span style="font-family: Courier New, Courier, monospace;">REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE</span></div>
<div style="margin: 0in 0in 0in 0.375in;">
<span style="font-weight: bold;"><span style="font-family: Courier New, Courier, monospace;">centos6/nginx 6.6 d88af477ead3 8 seconds ago 407.3 MB</span></span></div>
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<br />
<div style="margin: 0in 0in 0in 0.375in;">
<span style="font-family: Courier New, Courier, monospace;">centos6-new 6.6 61faa3d658e3 About an hour ago 237.5 MB</span></div>
<div style="font-family: 'Courier New'; font-size: 9pt; margin: 0in 0in 0in 0.375in;">
<br /></div>
<div style="font-family: 'Courier New'; font-size: 9pt; margin: 0in 0in 0in 0.375in;">
<br /></div>
<div style="font-family: 'Courier New'; font-size: 9pt; margin: 0in 0in 0in 0.375in;">
<br /></div>
<span style="font-family: Arial, Helvetica, sans-serif;">7. To test out the new image, lets
run a new container from the image on port 8080 of the host and see if we
get a valid website.</span><br />
<div style="margin: 0in 0in 0in 0.375in;">
<span style="font-family: Courier New, Courier, monospace;"># docker run -it -d --name <new-container-name> -p 8080:80
<repo>/<image_name>:<tag> <some_command> ### -d runs in
daemon mode (non attached)</span></div>
<div style="margin: 0in 0in 0in 0.375in;">
<span style="font-family: Courier New, Courier, monospace;"># docker run -it -d --name new-nginx -p 8080:80 centos6/nginx:6.6
/bin/bash</span></div>
<div style="font-family: Calibri; font-size: 11.0pt; margin-left: .375in; margin: 0in;">
<br /></div>
<div style="margin: 0in 0in 0in 0.375in;">
<span style="font-family: Arial, Helvetica, sans-serif;">Go
the host IP address on port 8080 in our web browser to validate you get a
screen that looks like the one below.</span></div>
<div style="margin: 0in 0in 0in 0.375in;">
<span style="font-family: Arial, Helvetica, sans-serif;">http://your-ip-address:8080</span></div>
<div style="margin: 0in 0in 0in 0.375in;">
<br /></div>
<div style="margin-left: .375in; margin: 0in;">
</div>
<div style="margin: 0in 0in 0in 0.375in;">
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjeZykTNWlqKG02wlRpC6YNU1dYAfCfGVUpFvIqrRiI-mJEcViD1H_lF7I3FjgvtuDBc6BY1NRQWgRBDdbMw_9uuNW3xxJkHTKWPEDL1T_5s-IfZcYvPUfP2q6rGKro0ofgc25fF-ep8oTa/s1600/nginx.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjeZykTNWlqKG02wlRpC6YNU1dYAfCfGVUpFvIqrRiI-mJEcViD1H_lF7I3FjgvtuDBc6BY1NRQWgRBDdbMw_9uuNW3xxJkHTKWPEDL1T_5s-IfZcYvPUfP2q6rGKro0ofgc25fF-ep8oTa/s1600/nginx.png" height="135" width="400" /></a></div>
<br /></div>
<div style="margin: 0in 0in 0in 0.375in;">
<span style="font-family: Arial, Helvetica, sans-serif;">If
you can see it then you have made it!</span></div>
<div style="margin: 0in 0in 0in 0.375in;">
<br /></div>
<div style="margin: 0in 0in 0in 0.375in;">
<br /></div>
<div style="margin: 0in;">
<span style="font-family: Arial, Helvetica, sans-serif;">Hopefully this has
given a good overview of Docker images as it is one of the most important
aspects of Docker. In the next tutorial Ill demonstrate how to create an image
but using a Dockerfile which is my preferred method.</span></div>
</div>
<div style="margin: 0in 0in 0in 0.375in;">
<br /></div>
Anonymoushttp://www.blogger.com/profile/08401515398537055010noreply@blogger.com0tag:blogger.com,1999:blog-243202604267192203.post-53228830434422666402015-03-26T12:06:00.000-07:002015-03-26T12:08:23.717-07:00Host Collections and Bulk Actions within Katello<div style="margin: 0in;">
<span style="font-family: Arial, Helvetica, sans-serif;">This is a continuation of the previous post (</span><span style="background-color: white; font-family: Arial, Helvetica, sans-serif;"><a href="http://www.wickedawesometech.us/2015/03/creating-products-and-repositories_11.html">Creating Products and Repositories within Katello</a>). This post will show some of the power that Katello provides.</span><span style="font-family: Arial, Helvetica, sans-serif;">The following steps
will demonstrate how to create a Host Collection. Host
Collections provide the ability to group multiple Content Hosts together based
on needs or criteria such as function or environment. Once a Host Collection is
created and Content Hosts are pulled in you are able to run bulk actions
against the entire host collection or a selected few. The actions include:
Package install, remove and update ; Errata install ; changing Lifecycle or
content view (don’t see a whole lot of advantage of the 3</span><span style="font-family: Arial, Helvetica, sans-serif; vertical-align: super;">rd</span><span style="font-family: Arial, Helvetica, sans-serif;"> one, yet).</span><br />
<div class="separator" style="clear: both; text-align: center;">
<span style="font-family: Arial, Helvetica, sans-serif;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgulOP2kcodu7AO4lynQMcTHtfisbGnug7BYMqu6g4P2T3yUnEA-yTZsT1WUntOSJc7TbxQ5lNEYWkY_lfsBF6TlX7in7_H6s473l1boiJqfMFvaZPD81mTHZWnL1fGGZRiS_EH078Khsbt/s1600/katello.png" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgulOP2kcodu7AO4lynQMcTHtfisbGnug7BYMqu6g4P2T3yUnEA-yTZsT1WUntOSJc7TbxQ5lNEYWkY_lfsBF6TlX7in7_H6s473l1boiJqfMFvaZPD81mTHZWnL1fGGZRiS_EH078Khsbt/s1600/katello.png" /></a></span></div>
</div>
<div style="margin: 0in;">
<br /></div>
<div style="margin: 0in;">
<span style="font-family: Arial, Helvetica, sans-serif;">**Before
you can take advantage of the Bulk actions, you must install the </span><span style="font-weight: bold;"><span style="font-family: Courier New, Courier, monospace;">katello-agent</span></span> <span style="font-family: Arial, Helvetica, sans-serif;">on each content host. The agent will run as </span><span style="font-family: Courier New, Courier, monospace;"><span style="font-weight: bold;">goferd</span> </span><span style="font-family: Arial, Helvetica, sans-serif;">service. You will actually need
both the pulp and the katello repositories to install it successfully and
possibly software collections. I added the Katello and Pulp repos into my
product to make life easier and in the event I need to update the agent. </span></div>
<div style="margin: 0in;">
<br /></div>
<div style="margin: 0in;">
<span style="font-family: Arial, Helvetica, sans-serif;">See the following
links for more information on installing the repos based on your OS. </span></div>
<div style="margin: 0in;">
<br /></div>
<div style="margin: 0in;">
<span style="font-family: Arial, Helvetica, sans-serif;">Katello - <a href="http://www.katello.org/docs/installation/index.html">http://www.katello.org/docs/installation/index.html</a></span></div>
<div style="margin: 0in;">
<span style="font-family: Arial, Helvetica, sans-serif;">Pulp - <a href="https://pulp-user-guide.readthedocs.org/en/2.5-release/installation.html">https://pulp-user-guide.readthedocs.org/en/2.5-release/installation.html</a></span></div>
<div style="margin: 0in;">
<br /></div>
<div style="margin: 0in;">
<span style="font-family: Arial, Helvetica, sans-serif;">Then
do a yum install: </span><span style="font-weight: bold;"><span style="font-family: Courier New, Courier, monospace;">yum install –y katello-agent</span></span></div>
<div style="margin: 0in;">
<br /></div>
<div style="margin: 0in;">
<span style="font-family: Arial, Helvetica, sans-serif;">You
will see agent install and <span style="font-weight: bold;">goferd</span> start.
You will then be able to utilize Bulk Actions with Host Collections!</span></div>
<div style="margin: 0in;">
<br /></div>
<div style="margin: 0in;">
<br /></div>
<div style="margin: 0in;">
<span style="font-weight: bold;"><span style="font-family: Arial, Helvetica, sans-serif;">Creating Host Collection</span></span></div>
<div style="margin: 0in;">
<br /></div>
<div style="margin: 0in;">
<span style="font-family: Arial, Helvetica, sans-serif;">1. Within your desired
Organization and Location, create a new Host Collection.</span><br />
<span style="font-family: Arial, Helvetica, sans-serif; font-style: italic;">Hosts > Host Collections > + New Host
Collection</span></div>
<div style="margin-left: .375in; margin: 0in;">
</div>
<div style="margin: 0in 0in 0in 0.375in;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="font-family: Arial, Helvetica, sans-serif; margin-left: 1em; margin-right: 1em;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjx6bpGmeSYZO64SRPyi5_ARV6ofq3qugYJhzuSlUxf_fA7fWH3DChMuRZ59M4Habeysw0FoSI0REEtwsZUZOp1FFmSV2bv0T-HJxOEGwcJH8GQVoSk6nBAhubuAtWs25UWFM3VjRA_Vi5w/s1600/1.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjx6bpGmeSYZO64SRPyi5_ARV6ofq3qugYJhzuSlUxf_fA7fWH3DChMuRZ59M4Habeysw0FoSI0REEtwsZUZOp1FFmSV2bv0T-HJxOEGwcJH8GQVoSk6nBAhubuAtWs25UWFM3VjRA_Vi5w/s1600/1.png" height="185" width="400" /></a></span></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: Arial, Helvetica, sans-serif;">2. Add Content Hosts to the New
Host Collection. You should see your Content Host you registered in the
previous Demo here.</span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: Arial, Helvetica, sans-serif; font-style: italic;">Hosts > Host Collections >Select your Host
Collection > Content Hosts > Add > check desired hosts > Add
Selected</span></div>
<div style="margin: 0in;">
<span style="font-family: Arial, Helvetica, sans-serif;">
</span></div>
<div style="margin: 0in;">
</div>
<div style="margin: 0in;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjLYgDXtJH6TfV_rAEbj6fphMCLEZo3FELWxFXyjovRLwBcs1pSoBJwLXbcPz7T8Ux_7Dlywq7r10Zy1Abi3cU0CyIJgxa_u1gaamJaFk2GVWpqTpo2VaTgJWhy9A4AVyOhhD2oOfkN7JWY/s1600/2.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: Arial, Helvetica, sans-serif;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjLYgDXtJH6TfV_rAEbj6fphMCLEZo3FELWxFXyjovRLwBcs1pSoBJwLXbcPz7T8Ux_7Dlywq7r10Zy1Abi3cU0CyIJgxa_u1gaamJaFk2GVWpqTpo2VaTgJWhy9A4AVyOhhD2oOfkN7JWY/s1600/2.png" height="142" width="400" /></span></a></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: Arial, Helvetica, sans-serif;">3. Once you have added your
desired Content Hosts to the Host Collection you can now run Collection
Actions against the Host Collection. Will demo a package install.</span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: Arial, Helvetica, sans-serif; font-style: italic;">Hosts > Host Collections >Select your Host
Collection >Collection Actions >Package Installation, Removal, and Update</span></div>
<div style="margin: 0in 0in 0in 0.375in;">
<br /></div>
<div style="margin: 0in;">
<span style="font-family: Arial, Helvetica, sans-serif;"> </span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi7R4ULn73fbMcuHhRkUuu0bMdAhYUvp0fpNS_9Gg-zpKHvKmVpcALtwZj40LrsFFxztGeCDggoYA14Zl4HoMW5ULDlLaOIJRSZSdJ58UWA1_RBrXJaW6FvxRfI-6hW4Qc9Nf6EJcBTfqAN/s1600/3.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: Arial, Helvetica, sans-serif;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi7R4ULn73fbMcuHhRkUuu0bMdAhYUvp0fpNS_9Gg-zpKHvKmVpcALtwZj40LrsFFxztGeCDggoYA14Zl4HoMW5ULDlLaOIJRSZSdJ58UWA1_RBrXJaW6FvxRfI-6hW4Qc9Nf6EJcBTfqAN/s1600/3.png" height="125" width="400" /></span></a></div>
<div style="margin: 0in;">
</div>
<div style="margin: 0in;">
<br /></div>
<div style="margin: 0in;">
<span style="font-family: Arial, Helvetica, sans-serif;">
NOTE: you can select certain content hosts within the host collection if
needed. </span></div>
<div style="margin: 0in;">
<br /></div>
<div style="margin: 0in;">
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
<div style="margin: 0in;">
<span style="font-family: Arial, Helvetica, sans-serif;">4. Uncheck content hosts that
you want to bypass if any, type the name of the package and then click
Install, Update or Remove. You will be notified when completes.</span></div>
<div style="margin: 0in 0in 0in 0.375in;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh9UybrIawE1y7eBWPU6ernErV6KobntCAN_1wlbBAKCGWdamWHuIFhF5sJmMozCwSe12o5MwaXo6Xp2fqKeCRqWXJ71SIwm9nfggS01Y52rkjOl_ZbeUQjDV4o3ine2d4HePP4_kxtnJVJ/s1600/4.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: Arial, Helvetica, sans-serif;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh9UybrIawE1y7eBWPU6ernErV6KobntCAN_1wlbBAKCGWdamWHuIFhF5sJmMozCwSe12o5MwaXo6Xp2fqKeCRqWXJ71SIwm9nfggS01Y52rkjOl_ZbeUQjDV4o3ine2d4HePP4_kxtnJVJ/s1600/4.png" height="193" width="400" /></span></a></div>
<div style="margin-left: .375in; margin: 0in;">
</div>
<div style="margin: 0in;">
<br /></div>
<div style="margin: 0in;">
<br /></div>
<div style="margin: 0in;">
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
<div style="margin: 0in;">
<span style="font-family: Arial, Helvetica, sans-serif;">Its that easy! I think this is an extremely powerful and quick way to handle package management across your infrastructure. Although we have things like Puppet or Ansible that also has the abilities to do this in bulk as well, I think that this is still a nice feature to take advantage of. Please note that once you create a new host collection you can now automate the process of adding content hosts to host collections. Go back into your Activation Key you used from the previous tutorial and add the Host Collection to that Activation Key. We will start to dive into automating and provisioning in the upcoming tutorials and piece all of this together so you can have complete automated control over your infrastructure with Foreman, Puppet and Katello.</span></div>
Anonymoushttp://www.blogger.com/profile/08401515398537055010noreply@blogger.com0tag:blogger.com,1999:blog-243202604267192203.post-19968261020672096002015-03-11T20:52:00.000-07:002015-03-26T11:20:01.079-07:00Creating Products and Repositories within Katello<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjUOokuifD3NZ-wCBnOZZ_xjryYjMHT9S7Um2KyYYQ8YRD_eYi5oawZ6wvTXXhjK9wdhqfWJD_z6V9E17qGl95rA3BQ8EQ6PyY4rhwDnJPNtHuD5YaLNaJmGS4wJoblPoupuxN6KW0x49GC/s1600/katello-logo.png" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjUOokuifD3NZ-wCBnOZZ_xjryYjMHT9S7Um2KyYYQ8YRD_eYi5oawZ6wvTXXhjK9wdhqfWJD_z6V9E17qGl95rA3BQ8EQ6PyY4rhwDnJPNtHuD5YaLNaJmGS4wJoblPoupuxN6KW0x49GC/s1600/katello-logo.png" height="158" width="320" /></a><span style="background-color: white; color: #222222; font-family: Arial, Helvetica, sans-serif;">The following article will cover how to create Products and Repositories within the Katello project. There are several components that must be performed ahead of time in order to make repo management simple. Steps below are for creating custom products and does not cover Red Hat repositories. A couple definitions before we begin.</span><br />
<div class="MsoNormal" style="background-color: white; color: #222222; margin: 0in 0in 0.0001pt;">
<span style="font-family: Arial, Helvetica, sans-serif;"><br />
Products - Products are a collection of repositories and content within Katello. This is what you will subscribe your content hosts to in order to access these repositories.</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br />
Content Hosts - Content Hosts is a fancy way of saying clients. These are the client machines that you are registering to products (using subscription manager) and what consumes the repositories. Katello has the ability to store information about each Content Host and initiate package tasks using the katello-agent which will be covered later.</span><br />
<br />
<h3>
<span style="font-family: Arial, Helvetica, sans-serif;">
Creating a Product</span></h3>
<div>
<br /></div>
</div>
<div style="background-color: white; color: #222222;">
<div class="separator" style="clear: both; text-align: center;">
</div>
<span style="font-family: Arial, Helvetica, sans-serif;"><u></u>1) Within your desired Organization and Location, create a new product. As mentioned, a product is a collection of repositories. so you will register your hosts to a Product and that will enable you to access repositories within that Product.<u></u><u></u></span></div>
<div style="background-color: white; color: #222222;">
<i><span style="font-family: Arial, Helvetica, sans-serif;">Content > Products > +New Product<span style="font-size: 12.8000001907349px;"><u></u><u></u></span></span></i></div>
<div class="MsoNormal" style="background-color: white; color: #222222; font-size: 11pt; margin: 0in 0in 0.0001pt;">
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
<div style="background-color: white; color: #222222;">
<span style="font-family: Arial, Helvetica, sans-serif;"><u></u>2)<span style="font-stretch: normal;"> </span>Fill in the Name and Label and Save it.</span><span style="font-family: arial, sans-serif; font-size: 12.8000001907349px;"><u></u><u></u></span></div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="a6S" dir="ltr" style="font-family: arial, sans-serif; left: 299px; opacity: 0.01; position: absolute; top: 386.984375px;">
<div aria-label="Download attachment image002.jpg" class="T-I J-J5-Ji aQv T-I-ax7 L3 a5q" data-tooltip-class="a1V" data-tooltip="Download" id=":27j" role="button" style="-webkit-box-shadow: none; background: rgba(0, 0, 0, 0.6); border-radius: 3px; border: 1px solid rgb(115, 115, 115); box-shadow: none; color: #444444; cursor: pointer; display: inline-block; font-size: 11px; font-weight: bold; height: 24px; line-height: 23px; margin-left: 8px; margin-right: 0px; min-width: 0px; outline: 0px; padding: 0px; position: relative; text-align: center; white-space: nowrap; width: 30px;" tabindex="0">
<div class="aSK J-J5-Ji aYr" style="background-attachment: initial; background-clip: initial; background-image: url(https://ssl.gstatic.com/mail/sprites/newattachmentcards-d55fda9fb0fa088d70b60006ae47efb3.png); background-origin: initial; background-position: -219px -129px; background-repeat: no-repeat; background-size: initial; cursor: pointer; display: inline-block; height: 21px; position: relative; vertical-align: middle; width: 21px;">
</div>
</div>
<div aria-label="Save attachment to Drive image002.jpg" class="T-I J-J5-Ji aQv T-I-ax7 L3 a5q" data-tooltip-class="a1V" data-tooltip="Save to Drive" id=":27k" role="button" style="-webkit-box-shadow: none; background: rgba(0, 0, 0, 0.6); border-radius: 3px; border: 1px solid rgb(115, 115, 115); box-shadow: none; color: #444444; cursor: pointer; display: inline-block; font-size: 11px; font-weight: bold; height: 24px; line-height: 23px; margin-left: 8px; margin-right: 0px; min-width: 0px; outline: 0px; padding: 0px; position: relative; text-align: center; white-space: nowrap; width: 30px;" tabindex="0">
<div class="wtScjd J-J5-Ji aYr aQu" style="background-attachment: initial; background-clip: initial; background-image: url(https://ssl.gstatic.com/mail/sprites/newattachmentcards-d55fda9fb0fa088d70b60006ae47efb3.png); background-origin: initial; background-position: -41px -47px; background-repeat: no-repeat; background-size: initial; cursor: pointer; display: inline-block; height: 21px; position: relative; vertical-align: middle; width: 21px;">
</div>
</div>
</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgt-rzKFFG3t2zuxHDmB_4NhNxkNKT6EQViShkvK9hdkQGrvuY_bA1Rd2bIu-n6qDYepfMUjyEuuSKcwuLiuenhYzgMawUIwDx9fs_O8-Q27CaH5HFM-HIQ4hHJBTXU09ujP0EaR7zVYGz7/s1600/1.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgt-rzKFFG3t2zuxHDmB_4NhNxkNKT6EQViShkvK9hdkQGrvuY_bA1Rd2bIu-n6qDYepfMUjyEuuSKcwuLiuenhYzgMawUIwDx9fs_O8-Q27CaH5HFM-HIQ4hHJBTXU09ujP0EaR7zVYGz7/s1600/1.png" height="208" width="320" /></a></div>
<br />
<div class="MsoNormal" style="background-color: white; color: #222222; font-family: Calibri, sans-serif; font-size: 11pt; margin: 0in 0in 0.0001pt;">
<br /></div>
<div style="background-color: white; color: #222222;">
<span style="font-family: Arial, Helvetica, sans-serif;"><u></u>3) Once the new product is created, create a new repository.<u></u><u></u></span></div>
<div class="MsoNormal" style="background-color: white; color: #222222; margin: 0in 0in 0.0001pt 0.5in;">
<i><span style="font-family: Arial, Helvetica, sans-serif;">Click Create Repository</span></i><span style="font-family: Calibri, sans-serif; font-size: 11pt;"><u></u><u></u></span></div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div style="margin-left: 1em; margin-right: 1em;">
</div>
<div style="margin-left: 1em; margin-right: 1em;">
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhXBTHfL3hk8nx9vANkI1FinH2C1qCM_Ds0MP-wzTfmKNe52vh1HiqEWr4HI5aolQSZGqK7fuN3V-aKja9RlrCg15cmOYmC7CBaWrX544XOR2hYWP0S64xvRP4UeSxr4jA2P-2Vz6Y2oXl-/s1600/2.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhXBTHfL3hk8nx9vANkI1FinH2C1qCM_Ds0MP-wzTfmKNe52vh1HiqEWr4HI5aolQSZGqK7fuN3V-aKja9RlrCg15cmOYmC7CBaWrX544XOR2hYWP0S64xvRP4UeSxr4jA2P-2Vz6Y2oXl-/s1600/2.png" height="77" width="400" /></a></div>
<br /></div>
<div style="margin-left: 1em; margin-right: 1em;">
<span style="font-family: arial, sans-serif; font-size: 12.8000001907349px;"><br /></span></div>
<span style="font-family: Arial, Helvetica, sans-serif;">4) </span><span style="font-family: Arial, Helvetica, sans-serif;">Fill out the form to create a new repository. We will create a Yum repo for this example. Using the Puppet repo since it contains a small number of packages to save disk space. Please note that you can create several different types of Repos within products but I am only demonstrating yum. Save when done. </span><span style="font-family: Arial, Helvetica, sans-serif;"> </span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<div style="background-color: white; color: #222222;">
</div>
<div class="a6S" dir="ltr" style="font-family: arial, sans-serif; left: 286px; opacity: 0.01; position: absolute; top: 1023.171875px;">
<div aria-label="Download attachment image009.jpg" class="T-I J-J5-Ji aQv T-I-ax7 L3 a5q" data-tooltip-class="a1V" id=":27g" role="button" style="-webkit-box-shadow: none; background: rgba(0, 0, 0, 0.6); border-radius: 3px; border: 1px solid rgb(115, 115, 115); box-shadow: none; color: #444444; cursor: pointer; display: inline-block; font-size: 11px; font-weight: bold; height: 24px; line-height: 23px; margin-left: 8px; margin-right: 0px; min-width: 0px; outline: 0px; padding: 0px; position: relative; text-align: center; white-space: nowrap; width: 30px;" tabindex="0" title="Download">
<div class="aSK J-J5-Ji aYr" style="background-attachment: initial; background-clip: initial; background-image: url(https://ssl.gstatic.com/mail/sprites/newattachmentcards-d55fda9fb0fa088d70b60006ae47efb3.png); background-origin: initial; background-position: -219px -129px; background-repeat: no-repeat; background-size: initial; cursor: pointer; display: inline-block; height: 21px; position: relative; vertical-align: middle; width: 21px;">
</div>
</div>
<div aria-label="Save attachment to Drive image009.jpg" class="T-I J-J5-Ji aQv T-I-ax7 L3 a5q" data-tooltip-class="a1V" id=":27h" role="button" style="-webkit-box-shadow: none; background: rgba(0, 0, 0, 0.6); border-radius: 3px; border: 1px solid rgb(115, 115, 115); box-shadow: none; color: #444444; cursor: pointer; display: inline-block; font-size: 11px; font-weight: bold; height: 24px; line-height: 23px; margin-left: 8px; margin-right: 0px; min-width: 0px; outline: 0px; padding: 0px; position: relative; text-align: center; white-space: nowrap; width: 30px;" tabindex="0" title="Save to Drive">
<div class="wtScjd aQu J-J5-Ji aYr" style="background-attachment: initial; background-clip: initial; background-image: url(https://ssl.gstatic.com/mail/sprites/newattachmentcards-d55fda9fb0fa088d70b60006ae47efb3.png); background-origin: initial; background-position: -41px -47px; background-repeat: no-repeat; background-size: initial; cursor: pointer; display: inline-block; height: 21px; position: relative; vertical-align: middle; width: 21px;">
<div class="T-aT4" style="direction: ltr; display: inline-block; height: 19px; position: relative; width: 19px;">
<div>
</div>
<div class="T-aT4-JX" style="-webkit-transition: opacity 0.218s linear 0.44s; background: url(https://ssl.gstatic.com/ui/v1/activityindicator/offline.png) 50% 50% no-repeat; height: 19px; left: 0px; opacity: 0; position: absolute; top: 0px; transition: opacity 0.218s linear 0.44s; width: 19px;">
</div>
</div>
</div>
</div>
</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjYN_P5ZufSm6vIa6cdLFtS0bI6wxT3DQtzebng832ENO_AOdoyDEG6d95kAPzMzq-EqtQfIM_Q1PKfK6P4tM6NxO4SFQ-72gW6FkuJ6xFz4aB9qxSBqs8zPdFiGneCOIfgIOw0R1P05Q8w/s1600/3.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjYN_P5ZufSm6vIa6cdLFtS0bI6wxT3DQtzebng832ENO_AOdoyDEG6d95kAPzMzq-EqtQfIM_Q1PKfK6P4tM6NxO4SFQ-72gW6FkuJ6xFz4aB9qxSBqs8zPdFiGneCOIfgIOw0R1P05Q8w/s1600/3.png" height="292" width="320" /></a></div>
<br />
<div class="MsoNormal" style="background-color: white; color: #222222; font-size: 11pt; margin: 0in 0in 0.0001pt;">
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
<div style="background-color: white; color: #222222;">
<span style="font-family: Arial, Helvetica, sans-serif;"><u></u>5)<span style="font-stretch: normal;"> </span>Now sync the packages to the Product. Note that you can setup a scheduled sync plan for the repos.<u></u><u></u></span></div>
<div class="MsoNormal" style="background-color: white; color: #222222; margin: 0in 0in 0.0001pt 0.5in;">
<i><span style="font-family: Arial, Helvetica, sans-serif;">Click on the Repository > Sync Now</span><span style="font-family: Calibri, sans-serif; font-size: 11pt;"><u></u><u></u></span></i></div>
<div class="MsoNormal" style="background-color: white; color: #222222; font-family: Calibri, sans-serif; font-size: 11pt; margin: 0in 0in 0.0001pt;">
</div>
<div class="a6S" dir="ltr" style="font-family: arial, sans-serif; left: 568px; opacity: 0.01; position: absolute; top: 1290.5625px;">
<div aria-label="Download attachment image011.jpg" class="T-I J-J5-Ji aQv T-I-ax7 L3 a5q" data-tooltip-class="a1V" id=":27d" role="button" style="-webkit-box-shadow: none; background: rgba(0, 0, 0, 0.6); border-radius: 3px; border: 1px solid rgb(115, 115, 115); box-shadow: none; color: #444444; cursor: pointer; display: inline-block; font-size: 11px; font-weight: bold; height: 24px; line-height: 23px; margin-left: 8px; margin-right: 0px; min-width: 0px; outline: 0px; padding: 0px; position: relative; text-align: center; white-space: nowrap; width: 30px;" tabindex="0" title="Scanning for viruses...">
<div class="aSK J-J5-Ji aYr" style="background-attachment: initial; background-clip: initial; background-image: url(https://ssl.gstatic.com/mail/sprites/newattachmentcards-d55fda9fb0fa088d70b60006ae47efb3.png); background-origin: initial; background-position: -219px -129px; background-repeat: no-repeat; background-size: initial; cursor: pointer; display: inline-block; height: 21px; position: relative; vertical-align: middle; width: 21px;">
</div>
</div>
<div aria-label="Save attachment to Drive image011.jpg" class="T-I J-J5-Ji aQv T-I-ax7 L3 a5q" data-tooltip-class="a1V" id=":27e" role="button" style="-webkit-box-shadow: none; background: rgba(0, 0, 0, 0.6); border-radius: 3px; border: 1px solid rgb(115, 115, 115); box-shadow: none; color: #444444; cursor: pointer; display: inline-block; font-size: 11px; font-weight: bold; height: 24px; line-height: 23px; margin-left: 8px; margin-right: 0px; min-width: 0px; outline: 0px; padding: 0px; position: relative; text-align: center; white-space: nowrap; width: 30px;" tabindex="0" title="Save to Drive">
<div class="wtScjd aQu J-J5-Ji aYr" style="background-attachment: initial; background-clip: initial; background-image: url(https://ssl.gstatic.com/mail/sprites/newattachmentcards-d55fda9fb0fa088d70b60006ae47efb3.png); background-origin: initial; background-position: -41px -47px; background-repeat: no-repeat; background-size: initial; cursor: pointer; display: inline-block; height: 21px; position: relative; vertical-align: middle; width: 21px;">
<div class="T-aT4" style="direction: ltr; display: inline-block; height: 19px; position: relative; width: 19px;">
<div>
</div>
<div class="T-aT4-JX" style="-webkit-transition: opacity 0.218s linear 0.44s; background: url(https://ssl.gstatic.com/ui/v1/activityindicator/offline.png) 50% 50% no-repeat; height: 19px; left: 0px; opacity: 0; position: absolute; top: 0px; transition: opacity 0.218s linear 0.44s; width: 19px;">
</div>
</div>
</div>
</div>
</div>
<span style="background-color: white; color: #222222; font-family: Calibri, sans-serif; font-size: 11pt;"> </span><br />
<div class="separator" style="clear: both; text-align: center;">
<span style="background-color: white; color: #222222; font-family: Calibri, sans-serif; font-size: 11pt;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiT7AobIlmBZ-EoiU1SxGjuvqJkx3xyPcvEbrd49KLmg0irZQ7mi68_s8ZyxXixQ2rKetgc7tLsnkX5m0k6N-4XgXVkD98q96Gl3obXAAeD-aWu1a4sbpHfgZ9tq8VSXtb6YiApNk8WevuX/s1600/4.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiT7AobIlmBZ-EoiU1SxGjuvqJkx3xyPcvEbrd49KLmg0irZQ7mi68_s8ZyxXixQ2rKetgc7tLsnkX5m0k6N-4XgXVkD98q96Gl3obXAAeD-aWu1a4sbpHfgZ9tq8VSXtb6YiApNk8WevuX/s1600/4.png" height="120" width="400" /></a></span></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="background-color: white; color: #222222; font-family: Calibri, sans-serif; font-size: 11pt;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="background-color: white; color: #222222; font-family: Calibri, sans-serif; font-size: 11pt;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjbnqtj3OnH2ktfh1639x6_0fMSoCh1EmZDsA7lfu4P_Lmc5-5RF2GMfzZnmuHYDyxnhLoIKl8bvOlVWZmX_ltUxjSL1kc5jgjlkgWa205haDFoG8ALMnNHfPnFXIlgl7SCQxDGi5bkQLnW/s1600/5.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjbnqtj3OnH2ktfh1639x6_0fMSoCh1EmZDsA7lfu4P_Lmc5-5RF2GMfzZnmuHYDyxnhLoIKl8bvOlVWZmX_ltUxjSL1kc5jgjlkgWa205haDFoG8ALMnNHfPnFXIlgl7SCQxDGi5bkQLnW/s1600/5.png" height="320" width="268" /></a></span></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="background-color: white; color: #222222; font-family: Calibri, sans-serif; font-size: 11pt;"><br /></span></div>
<span style="background-color: white; color: #222222; font-family: Calibri, sans-serif; font-size: 11pt;"> <div class="separator" style="clear: both; text-align: center;">
</div>
</span><br />
<div class="a6S" dir="ltr" style="font-family: arial, sans-serif; left: 302px; opacity: 0.01; position: absolute; top: 1689.5625px;">
<div aria-label="Download attachment image015.jpg" class="T-I J-J5-Ji aQv T-I-ax7 L3 a5q" data-tooltip-class="a1V" id=":27p" role="button" style="-webkit-box-shadow: none; background: rgba(0, 0, 0, 0.6); border-radius: 3px; border: 1px solid rgb(115, 115, 115); box-shadow: none; color: #444444; cursor: pointer; display: inline-block; font-size: 11px; font-weight: bold; height: 24px; line-height: 23px; margin-left: 8px; margin-right: 0px; min-width: 0px; outline: 0px; padding: 0px; position: relative; text-align: center; white-space: nowrap; width: 30px;" tabindex="0" title="Download">
<div class="aSK J-J5-Ji aYr" style="background-attachment: initial; background-clip: initial; background-image: url(https://ssl.gstatic.com/mail/sprites/newattachmentcards-d55fda9fb0fa088d70b60006ae47efb3.png); background-origin: initial; background-position: -219px -129px; background-repeat: no-repeat; background-size: initial; cursor: pointer; display: inline-block; height: 21px; position: relative; vertical-align: middle; width: 21px;">
</div>
</div>
</div>
<div class="MsoNormal" style="background-color: white; color: #222222; font-family: Calibri, sans-serif; font-size: 11pt; margin: 0in 0in 0.0001pt;">
<br /></div>
<div style="background-color: white; color: #222222;">
<span style="font-family: Arial, Helvetica, sans-serif;"><u></u>6)<span style="font-stretch: normal;"> </span>Create a new activation key for the newly created product so you can register content hosts without a password. <u></u></span></div>
<div class="MsoNormal" style="background-color: white; color: #222222; margin: 0in 0in 0.0001pt 0.5in;">
<i><span style="font-family: Arial, Helvetica, sans-serif;">Content > Activation Keys > +New Activation Key</span><span style="font-family: Calibri, sans-serif; font-size: 11pt;"><u></u><u></u></span></i></div>
<div class="MsoNormal" style="background-color: white; color: #222222; font-family: Calibri, sans-serif; font-size: 11pt; margin: 0in 0in 0.0001pt 0.5in;">
</div>
<div class="a6S" dir="ltr" style="font-family: arial, sans-serif; left: 324px; opacity: 0.01; position: absolute; top: 2050.15625px;">
<div aria-label="Download attachment image018.jpg" class="T-I J-J5-Ji aQv T-I-ax7 L3 a5q" data-tooltip-class="a1V" id=":27s" role="button" style="-webkit-box-shadow: none; background: rgba(0, 0, 0, 0.6); border-radius: 3px; border: 1px solid rgb(115, 115, 115); box-shadow: none; color: #444444; cursor: pointer; display: inline-block; font-size: 11px; font-weight: bold; height: 24px; line-height: 23px; margin-left: 8px; margin-right: 0px; min-width: 0px; outline: 0px; padding: 0px; position: relative; text-align: center; white-space: nowrap; width: 30px;" tabindex="0" title="Download">
<div class="aSK J-J5-Ji aYr" style="background-attachment: initial; background-clip: initial; background-image: url(https://ssl.gstatic.com/mail/sprites/newattachmentcards-d55fda9fb0fa088d70b60006ae47efb3.png); background-origin: initial; background-position: -219px -129px; background-repeat: no-repeat; background-size: initial; cursor: pointer; display: inline-block; height: 21px; position: relative; vertical-align: middle; width: 21px;">
</div>
</div>
<div aria-label="Save attachment to Drive image018.jpg" class="T-I J-J5-Ji aQv T-I-ax7 L3 a5q" data-tooltip-class="a1V" id=":27t" role="button" style="-webkit-box-shadow: none; background: rgba(0, 0, 0, 0.6); border-radius: 3px; border: 1px solid rgb(115, 115, 115); box-shadow: none; color: #444444; cursor: pointer; display: inline-block; font-size: 11px; font-weight: bold; height: 24px; line-height: 23px; margin-left: 8px; margin-right: 0px; min-width: 0px; outline: 0px; padding: 0px; position: relative; text-align: center; white-space: nowrap; width: 30px;" tabindex="0" title="Save to Drive">
<div class="wtScjd aQu J-J5-Ji aYr" style="background-attachment: initial; background-clip: initial; background-image: url(https://ssl.gstatic.com/mail/sprites/newattachmentcards-d55fda9fb0fa088d70b60006ae47efb3.png); background-origin: initial; background-position: -41px -47px; background-repeat: no-repeat; background-size: initial; cursor: pointer; display: inline-block; height: 21px; position: relative; vertical-align: middle; width: 21px;">
<div class="T-aT4" style="direction: ltr; display: inline-block; height: 19px; position: relative; width: 19px;">
<div>
</div>
<div class="T-aT4-JX" style="-webkit-transition: opacity 0.218s linear 0.44s; background: url(https://ssl.gstatic.com/ui/v1/activityindicator/offline.png) 50% 50% no-repeat; height: 19px; left: 0px; opacity: 0; position: absolute; top: 0px; transition: opacity 0.218s linear 0.44s; width: 19px;">
</div>
</div>
</div>
</div>
</div>
<br />
<div class="MsoNormal" style="background-color: white; color: #222222; font-family: Calibri, sans-serif; font-size: 11pt; margin: 0in 0in 0.0001pt 0.5in;">
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh1VIMt7J34mvJdBrATt5Z9LNH8nnlEqBjTXiA8xN6J4lA7R6Q2Tm2upgFcVkmSMlTTBVjXtRc6e8_3s01xfBZ3gc67g3FREQYmdl0LXCn3N4zCF5r6FZkoxzwPvZWpuoKMsQNalIJ1hPQ2/s1600/6.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh1VIMt7J34mvJdBrATt5Z9LNH8nnlEqBjTXiA8xN6J4lA7R6Q2Tm2upgFcVkmSMlTTBVjXtRc6e8_3s01xfBZ3gc67g3FREQYmdl0LXCn3N4zCF5r6FZkoxzwPvZWpuoKMsQNalIJ1hPQ2/s1600/6.png" height="226" width="320" /></a></div>
<br /></div>
<div class="MsoNormal" style="background-color: white; color: #222222; margin: 0in 0in 0.0001pt;">
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
<div style="background-color: white; color: #222222;">
<span style="font-family: Arial, Helvetica, sans-serif;"><u></u>7) Subscribe the New Product Product to the newly created Activation Key.<u></u><u></u></span></div>
<div class="MsoNormal" style="background-color: white; color: #222222; margin: 0in 0in 0.0001pt 0.5in;">
<i><span style="font-family: Arial, Helvetica, sans-serif;">Content > Activation Keys > RecentlyCreatedKey > Subscriptions > Add > Select New Product Product from list > Add Selected</span><span style="font-family: Calibri, sans-serif; font-size: 11pt;"><u></u><u></u></span></i><br />
<i><span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></i></div>
<div class="MsoNormal" style="background-color: white; color: #222222; font-family: Calibri, sans-serif; font-size: 11pt; margin: 0in 0in 0.0001pt 0.5in;">
</div>
<div class="a6S" dir="ltr" style="font-family: arial, sans-serif; left: 575px; opacity: 0.01; position: absolute; top: 2489.75px;">
<div aria-label="Download attachment image020.jpg" class="T-I J-J5-Ji aQv T-I-ax7 L3 a5q" data-tooltip-class="a1V" id=":27m" role="button" style="-webkit-box-shadow: none; background: rgba(0, 0, 0, 0.6); border-radius: 3px; border: 1px solid rgb(115, 115, 115); box-shadow: none; color: #444444; cursor: pointer; display: inline-block; font-size: 11px; font-weight: bold; height: 24px; line-height: 23px; margin-left: 8px; margin-right: 0px; min-width: 0px; outline: 0px; padding: 0px; position: relative; text-align: center; white-space: nowrap; width: 30px;" tabindex="0" title="Download">
<div class="aSK J-J5-Ji aYr" style="background-attachment: initial; background-clip: initial; background-image: url(https://ssl.gstatic.com/mail/sprites/newattachmentcards-d55fda9fb0fa088d70b60006ae47efb3.png); background-origin: initial; background-position: -219px -129px; background-repeat: no-repeat; background-size: initial; cursor: pointer; display: inline-block; height: 21px; position: relative; vertical-align: middle; width: 21px;">
</div>
</div>
<div aria-label="Save attachment to Drive image020.jpg" class="T-I J-J5-Ji aQv T-I-ax7 L3 a5q" data-tooltip-class="a1V" id=":27n" role="button" style="-webkit-box-shadow: none; background: rgba(0, 0, 0, 0.6); border-radius: 3px; border: 1px solid rgb(115, 115, 115); box-shadow: none; color: #444444; cursor: pointer; display: inline-block; font-size: 11px; font-weight: bold; height: 24px; line-height: 23px; margin-left: 8px; margin-right: 0px; min-width: 0px; outline: 0px; padding: 0px; position: relative; text-align: center; white-space: nowrap; width: 30px;" tabindex="0" title="Save to Drive">
<div class="wtScjd aQu J-J5-Ji aYr" style="background-attachment: initial; background-clip: initial; background-image: url(https://ssl.gstatic.com/mail/sprites/newattachmentcards-d55fda9fb0fa088d70b60006ae47efb3.png); background-origin: initial; background-position: -41px -47px; background-repeat: no-repeat; background-size: initial; cursor: pointer; display: inline-block; height: 21px; position: relative; vertical-align: middle; width: 21px;">
<div class="T-aT4" style="direction: ltr; display: inline-block; height: 19px; position: relative; width: 19px;">
<div>
</div>
<div class="T-aT4-JX" style="-webkit-transition: opacity 0.218s linear 0.44s; background: url(https://ssl.gstatic.com/ui/v1/activityindicator/offline.png) 50% 50% no-repeat; height: 19px; left: 0px; opacity: 0; position: absolute; top: 0px; transition: opacity 0.218s linear 0.44s; width: 19px;">
</div>
</div>
</div>
</div>
</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiBjj35L8AWfVRJGL4CN4iEiU_92Ls4GM59ji0Do8aLEA9mk_FWwsUIdDaZDbRnYWhCRkhDYg71MLHoqSyXhFx6kLVAZ6jq19ysxoFIIOq2HEiqB_BoZk_tbVFUesl1TgdISp87nxNq0JHn/s1600/7.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiBjj35L8AWfVRJGL4CN4iEiU_92Ls4GM59ji0Do8aLEA9mk_FWwsUIdDaZDbRnYWhCRkhDYg71MLHoqSyXhFx6kLVAZ6jq19ysxoFIIOq2HEiqB_BoZk_tbVFUesl1TgdISp87nxNq0JHn/s1600/7.png" height="205" width="400" /></a></div>
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<br />
<div class="MsoNormal" style="background-color: white; color: #222222; font-size: 11pt; margin: 0in 0in 0.0001pt;">
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
<div style="background-color: white; color: #222222;">
<span style="font-family: Arial, Helvetica, sans-serif;"><u></u>8)<span style="font-stretch: normal;"> </span>You can now register content hosts (clients) to the newly created product. Use the following steps to register content hosts to products. The steps are done from the <b>content host</b> itself.</span><br />
<br />
<span style="font-family: Arial, Helvetica, sans-serif;"> A) Install subscription manager on the content host if not already installed:</span><span style="font-family: arial, sans-serif; font-size: 12.8000001907349px;"><u></u><u></u></span></div>
<div class="MsoNormal" style="background-color: white; color: #222222; margin: 0in 0in 0.0001pt 0.5in;">
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;"><b># wget -O /etc/yum.repos.d/subscription-<wbr></wbr>manager.repo ; yum install -y subscription-manager</b></span><span style="font-family: Consolas; font-size: 10pt;"><u></u><u></u></span></div>
<div class="MsoNormal" style="background-color: white; color: #222222; font-family: Calibri, sans-serif; font-size: 11pt; margin: 0in 0in 0.0001pt 0.5in;">
<br /></div>
<div class="MsoNormal" style="background-color: white; color: #222222; margin: 0in 0in 0.0001pt 0.5in;">
<span style="font-family: Arial, Helvetica, sans-serif;">B) Install the Katello server CA.</span><span style="font-family: Calibri, sans-serif; font-size: 11pt;"><u></u><u></u></span></div>
<div class="MsoNormal" style="background-color: white; color: #222222; margin: 0in 0in 0.0001pt 0.5in;">
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;"><b># rpm -Uvh http://your.foremanlink.com/<wbr></wbr>pub/katello-ca-consumer-<wbr></wbr>latest.noarch.rpm</b></span><span style="font-family: Consolas; font-size: 10pt;"><u></u><u></u></span></div>
<div class="MsoNormal" style="background-color: white; color: #222222; font-family: Calibri, sans-serif; font-size: 11pt; margin: 0in 0in 0.0001pt 0.5in;">
<br /></div>
<div class="MsoNormal" style="background-color: white; color: #222222; margin: 0in 0in 0.0001pt 0.5in;">
<span style="font-family: Arial, Helvetica, sans-serif;">C) Register to the Product using the activation Key.</span><span style="font-family: Calibri, sans-serif; font-size: 11pt;"><u></u><u></u></span></div>
<div class="MsoNormal" style="background-color: white; color: #222222; margin: 0in 0in 0.0001pt 0.5in;">
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;"><b># subscription-manager register --org="YOUR-ORG" --activationkey="<wbr></wbr>activationkey" #example above key is “NewProductActivationKey”</b></span><span style="font-family: Consolas; font-size: 10pt;"><u></u><u></u></span></div>
<div class="MsoNormal" style="background-color: white; color: #222222; font-family: Calibri, sans-serif; font-size: 11pt; margin: 0in 0in 0.0001pt;">
<br /></div>
<div class="MsoNormal" style="background-color: white; color: #222222; font-family: Calibri, sans-serif; font-size: 11pt; margin: 0in 0in 0.0001pt;">
<br /></div>
<div style="background-color: white; color: #222222;">
<span style="font-family: Arial, Helvetica, sans-serif;"><u></u>9) You should now see the repository or repositories from the content host. Run “yum repolist” to validate. You will also see the content host populate from the Foreman web UI. You will be able to install anything from the repo using yum on the content host.<u></u><u></u></span></div>
<div class="MsoNormal" style="background-color: white; color: #222222; margin: 0in 0in 0.0001pt;">
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
<div class="MsoNormal" style="background-color: white; color: #222222; margin: 0in 0in 0.0001pt;">
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
<span style="font-family: Arial, Helvetica, sans-serif;"><u></u><u></u><u></u><u></u><u></u><u></u><u></u><u></u><u></u><u></u><u></u><u></u><br /></span>
<br />
<div class="MsoNormal" style="background-color: white; color: #222222; margin: 0in 0in 0.0001pt;">
<span style="font-family: Arial, Helvetica, sans-serif;">This documentation only covers the basis for creating products, repositories and registering content hosts to Products. In the next doc I will demonstrate how to manage packages from the Web UI and how to create host collections to run bulk package actions against several hosts at a time. This is where you start to see the power of Katello and package management for your infrastructure. </span></div>
Anonymoushttp://www.blogger.com/profile/08401515398537055010noreply@blogger.com0tag:blogger.com,1999:blog-243202604267192203.post-31350519513266432602015-03-11T14:00:00.001-07:002015-03-11T20:59:17.001-07:00Installing the Foreman/Katello Project on CentOS 6.6<span style="font-family: Arial, Helvetica, sans-serif;">This article will cover the basic/default installation of Foreman project with the Katello plugin. We will be installing the most stable releases of Foreman (1.7), Katello (2.1), and Puppet to date of this article. </span><span style="font-family: Arial, Helvetica, sans-serif;">We will not be using the nightly releases as I have found them to be buggy and inconsistent.</span><span style="font-family: Arial, Helvetica, sans-serif;"> </span><span style="font-family: Arial, Helvetica, sans-serif;">Foreman provides the main interface for all the projects and handles the provisioning, monitoring and dashboard capabilities of your environment and the Katello project manages customized repositories and package management to all registered content hosts (will cover more of that in the next articles). Let's Begin!</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<br />
<h3 style="background-color: white; color: #222222; margin: 0in 0in 0.0001pt;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEglYif5yxwQbnVxoq1pX3TI7HfzFAWu8OpmWfX6XoqN71yHoCr5E1YJxbRUpY4O_mA9d6jMqkIXrf0lmwq_sfcAScwzkFe3POQwJhXqaoQg2G6sY84uO5Ye5Ks-_Nlq63Zf7zTlxzIzW10d/s1600/katello.png" imageanchor="1" style="clear: right; float: right; font-family: 'Times New Roman', serif; margin-bottom: 1em; margin-left: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEglYif5yxwQbnVxoq1pX3TI7HfzFAWu8OpmWfX6XoqN71yHoCr5E1YJxbRUpY4O_mA9d6jMqkIXrf0lmwq_sfcAScwzkFe3POQwJhXqaoQg2G6sY84uO5Ye5Ks-_Nlq63Zf7zTlxzIzW10d/s1600/katello.png" height="200" width="200" /></a><span style="font-family: Arial, Helvetica, sans-serif;">Installing Foreman with Katello on Centos 6.6</span></h3>
<div class="MsoNormal" style="background-color: white; color: #222222; font-family: 'Times New Roman', serif; font-size: 12pt; margin: 0in 0in 0.0001pt;">
<br /></div>
<div style="background-color: white; margin-left: 0in; margin-right: 0in;">
<span style="color: #222222;"><span style="font-family: Arial, Helvetica, sans-serif;"><u></u>1) Ensure that your hostname resolves correctly in DNS. Had a problem with the hostname that I had to resolve by correcting entries in the </span><span style="font-family: Courier New, Courier, monospace;">/etc/hosts</span><span style="font-family: Arial, Helvetica, sans-serif;"> file and also in the </span></span><span style="color: #222222; font-family: Courier New, Courier, monospace;">/etc/sysconfig/network<span style="font-size: x-small;"> </span></span><span style="color: #222222; font-family: Arial, Helvetica, sans-serif;">file. Check ‘</span><span style="color: #222222; font-family: Courier New, Courier, monospace;">hostname -f</span><span style="color: #222222; font-family: Arial, Helvetica, sans-serif;">’ against </span><span style="color: #222222; font-family: Courier New, Courier, monospace;">nslookup/host</span><span style="font-family: Arial, Helvetica, sans-serif;"><span style="color: #222222;"> on other machines. Just be sure that you have consistency between your host and other devices on your network as puppet will not be happy if you don't!</span></span></div>
<div style="background-color: white; color: #222222; font-family: 'Times New Roman', serif; font-size: 12pt; margin-left: 0in; margin-right: 0in;">
<br /></div>
<div style="background-color: white; color: #222222; margin-left: 0in; margin-right: 0in;">
<span style="font-family: Arial, Helvetica, sans-serif;"><u></u>2) Turn off iptables and ip6tables. Atleast during the installation process. It will make your life easier! Consult the <a href="http://theforeman.org/manuals/1.7/index.html">Foreman</a> documentation if you can't and need information on specific ports etc.</span><span style="font-family: Calibri, sans-serif; font-size: 11pt;"><u></u></span></div>
<div class="MsoNormal" style="background-color: white; color: #222222; margin: 0in 0in 0.0001pt;">
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;"> </span></div>
<div class="MsoNormal" style="color: #222222; margin: 0in 0in 0.0001pt;">
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;"><span style="background-color: white;"><b> # service iptables stop ; chkconfig iptables off<u></u><u></u></b></span></span></div>
<div class="MsoNormal" style="color: #222222; margin: 0in 0in 0.0001pt;">
<span style="background-color: white; font-family: Courier New, Courier, monospace; font-size: x-small;"><b> # service ip6tables stop; chkconfig ip6tables off</b></span></div>
<div class="MsoNormal" style="background-color: white; color: #222222; font-family: 'Times New Roman', serif; font-size: 12pt; margin: 0in 0in 0.0001pt;">
<br /></div>
<div style="background-color: white; color: #222222; margin-left: 0in; margin-right: 0in;">
<span style="font-family: Arial, Helvetica, sans-serif;"><u></u>3) Disable selinux. Pulp (service that runs inside Katello) and selinux aren’t currently playing nice. Open /etc/sysconfig/selinux in a text editor and set to disabled.</span></div>
<div style="background-color: white; color: #222222; margin-left: 0in; margin-right: 0in;">
<br /></div>
<div style="background-color: white; color: #222222; margin-left: 0in; margin-right: 0in;">
<span style="font-family: Arial, Helvetica, sans-serif;"><u></u>4)<span style="font-stretch: normal;"> </span></span><span style="font-family: Arial, Helvetica, sans-serif;">Install the following repos/versions. I didn't have luck with the nightly's so I did not use them.</span><span style="font-family: Calibri, sans-serif; font-size: 11pt;"><u></u></span></div>
<div style="background-color: white; color: #222222; margin-left: 0in; margin-right: 0in;">
<br /></div>
<div style="background-color: white; color: #222222; margin: 0in 0in 0.0001pt;">
<span style="font-family: Courier New, Courier, monospace;"> <b><span style="font-size: x-small;"># rpm -ivh http://yum.puppetlabs.com/<wbr></wbr>puppetlabs-release-el-6.<wbr></wbr>noarch.rpm</span></b></span></div>
<div style="background-color: white; color: #222222; margin: 0in 0in 0.0001pt;">
<span style="font-size: x-small;"><span style="font-family: Courier New, Courier, monospace;"><b> # rpm -ivh </b></span><b style="font-family: 'Courier New', Courier, monospace;">http://dl.fedoraproject.org/<wbr></wbr>pub/epel/6/x86_64/epel-<wbr></wbr>release-6-8.noarch.rpm</b></span></div>
<div style="background-color: white; color: #222222; margin: 0in 0in 0.0001pt;">
<span style="font-size: x-small;"><span style="font-family: Courier New, Courier, monospace;"><b> # yum install -y </b></span><b style="font-family: 'Courier New', Courier, monospace;">http://yum.theforeman.org/<wbr></wbr>releases/1.7/el6/x86_64/<wbr></wbr>foreman-release.rpm</b></span></div>
<div style="background-color: white; color: #222222; margin: 0in 0in 0.0001pt;">
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;"><b> # wget http://dev.centos.org/centos/<wbr></wbr>6/SCL/scl.repo -O /etc/yum.repos.d/scl.repo</b></span></div>
<div style="background-color: white; color: #222222; margin: 0in 0in 0.0001pt;">
<span style="font-family: Courier New, Courier, monospace;"><b><span style="font-size: x-small;"> # yum install -y https://fedorapeople.org/<wbr></wbr>groups/katello/releases/yum/2.1/katello/RHEL/6Server/x86_64/<wbr></wbr>katello-repos-latest.rpm</span></b><u></u><u></u></span></div>
<div class="MsoNormal" style="background-color: white; color: #222222; margin: 0in 0in 0.0001pt;">
<br /></div>
<div style="background-color: white; color: #222222; margin-left: 0in; margin-right: 0in;">
<span style="font-family: Arial, Helvetica, sans-serif;"><u></u>5)<span style="font-stretch: normal;"> </span><u></u>Install Katello packs and grab a cold one. ~400 packages</span><span style="font-family: Calibri, sans-serif; font-size: 11pt;"><u></u><u></u></span></div>
<div class="MsoNormal" style="background-color: white; color: #222222; margin: 0in 0in 0.0001pt;">
<span style="font-family: Courier New, Courier, monospace;"><b> <span style="font-size: x-small;"># yum install -y katello</span></b></span><span style="font-family: Consolas; font-size: 10pt;"><u></u><u></u></span></div>
<div class="MsoNormal" style="background-color: white; color: #222222; font-family: 'Times New Roman', serif; font-size: 12pt; margin: 0in 0in 0.0001pt;">
<br /></div>
<div style="background-color: white; color: #222222; margin-left: 0in; margin-right: 0in;">
<span style="font-family: Arial, Helvetica, sans-serif;"><u></u>6)<span style="font-stretch: normal;"> </span>Deploy Katello. This is install the defaults. See "katello-installer --help" for additional parameters and custom settings.</span></div>
<div class="MsoNormal" style="background-color: white; color: #222222; margin: 0in 0in 0.0001pt;">
<span style="font-family: Courier New, Courier, monospace;"><b> <span style="font-size: x-small;"># katello-installer</span></b></span><span style="font-family: Consolas; font-size: 10pt;"><u></u><u></u></span></div>
<div class="MsoNormal" style="background-color: white; color: #222222; font-family: 'Times New Roman', serif; font-size: 12pt; margin: 0in 0in 0.0001pt;">
<br /></div>
<div class="MsoNormal" style="background-color: white; color: #222222; margin: 0in 0in 0.0001pt;">
<span style="font-family: Arial, Helvetica, sans-serif;">This will take several minutes to complete (so grab another cold one!). At this point though it will either fail or succeed. It will give you progress along the way and tell you why it failed in the event it does. On successful completion you should see something like below:</span></div>
<div class="MsoNormal" style="background-color: white; color: #222222; margin: 0in 0in 0.0001pt;">
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
<div style="background-color: white; color: #222222; margin: 0in 0in 0.0001pt;">
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;"><b>[root@hostname ~]# katello-installer<u></u><u></u></b></span></div>
<div style="background-color: white; color: #222222; margin: 0in 0in 0.0001pt;">
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;"><b>Installing Done <wbr></wbr> [100%] [.]<u></u><u></u></b></span></div>
<div style="background-color: white; color: #222222; margin: 0in 0in 0.0001pt;">
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;"><b> Success!<u></u><u></u></b></span></div>
<div style="background-color: white; color: #222222; margin: 0in 0in 0.0001pt;">
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;"><b> * Katello is running at https://hostname.example.<wbr></wbr>com<u></u><u></u></b></span></div>
<div style="background-color: white; color: #222222; margin: 0in 0in 0.0001pt;">
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;"><b> Initial credentials are admin / mfmVBo6M7yFenvAp<u></u><u></u></b></span></div>
<div style="background-color: white; color: #222222; margin: 0in 0in 0.0001pt;">
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;"><b> * Capsule is running at https://hostname.example.<wbr></wbr>com:9090<u></u><u></u></b></span></div>
<div style="background-color: white; color: #222222; margin: 0in 0in 0.0001pt;">
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;"><b> * To install additional capsule on separate machine continue by running:"<u></u><u></u></b></span></div>
<div style="background-color: white; color: #222222; margin: 0in 0in 0.0001pt;">
<br /></div>
<div style="background-color: white; color: #222222; margin: 0in 0in 0.0001pt;">
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;"><b> capsule-certs-generate --capsule-fqdn "$CAPSULE" --certs-tar "~/$CAPSULE-certs.tar"<u></u><u></u></b></span></div>
<div style="background-color: white; color: #222222; margin: 0in 0in 0.0001pt;">
<br /></div>
<div style="background-color: white; color: #222222; margin: 0in 0in 0.0001pt;">
<span style="font-family: Courier New, Courier, monospace; font-size: x-small;"><b> The full log is at /var/log/katello-installer/<wbr></wbr>katello-installer.log</b></span><span style="font-family: Consolas; font-size: 10pt;"><u></u><u></u></span></div>
<div>
<span style="font-family: Consolas; font-size: 10pt;"><br /></span></div>
<div>
<span style="font-family: Consolas; font-size: 10pt;"><br /></span></div>
<div>
<span style="font-family: Consolas; font-size: 10pt;"><br /></span></div>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;">This concludes the default installation process of Foreman with the Katello plugin. This is enough to get you going with the WEB UI and start poking around. There will be follow up blog posts that examine and explain the aspects of the project that make it so powerful.</span></div>
<div class="MsoNormal" style="background-color: white; color: #222222; margin: 0in 0in 0.0001pt;">
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
Anonymoushttp://www.blogger.com/profile/08401515398537055010noreply@blogger.com2tag:blogger.com,1999:blog-243202604267192203.post-26130204925209799042014-12-21T17:49:00.001-08:002014-12-21T17:49:50.223-08:00The Container World | Part 6 Introduction to Docker<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiXWyc9dXTySZLrqogAEOURGAeBZ9oDDz2bQoUtHjOtRP_pDdcxdKnejFmLsdrlBS0Z2WUbldFlfKlvGT7R1sfH0M1yFJFEJt2jp0dnDknaNO-W23P7a70xeRBa0VJBb386kNKKMfdXvspc/s1600/docker.jpg" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiXWyc9dXTySZLrqogAEOURGAeBZ9oDDz2bQoUtHjOtRP_pDdcxdKnejFmLsdrlBS0Z2WUbldFlfKlvGT7R1sfH0M1yFJFEJt2jp0dnDknaNO-W23P7a70xeRBa0VJBb386kNKKMfdXvspc/s1600/docker.jpg" height="161" width="320" /></a><br />
<div style="background-color: white; color: #222222; margin: 0in 0in 0.0001pt;">
<span style="font-family: Arial, Helvetica, sans-serif;"><span style="color: black;">Docker. Docker. Docker. Docker is one of my favorite things to talk about. For those of you working in the Cloud space or working with any form of Cloud technologies, you probably encounter Docker talk and/or articles about Docker on a daily basis. Docker is an extremely interesting new cloud and container technology that I believe will change the way that people develop, deploy and scale. At the time of this article it is one of the most popular cloud and open source project on the market</span> and it is still very early in its lifetime<span style="color: black;">. In this post Ill talk about what the Docker technology is, how Docker containers are different that LXC containers. Ill also talk about the advantages of Docker over other container technologies. NOTE: All demonstrations will be done on a CentOS 7 server. If you are interested in Learning Docker </span>or even looking to continue your knowledge, <span style="color: black;">I highly recommend reading "<a href="http://www.dockerbook.com/" style="color: #1155cc;" target="_blank">The Docker Book</a>" by James Turnbull (<b><i>extremely</i></b><i> </i>intelligent open source author). I would also recommend following his <a href="http://kartar.net/" style="color: #1155cc;" target="_blank">blog</a>. </span></span><span style="color: black; font-family: 'Times New Roman', serif; font-size: 13.5pt;"><u></u><u></u></span></div>
<div style="background-color: white; color: #222222; font-family: 'Times New Roman', serif; font-size: 12pt; margin: 0in 0in 0.0001pt;">
<br /></div>
<div style="background-color: white; color: #222222; font-family: 'Times New Roman', serif; font-size: 12pt; margin: 0in 0in 0.0001pt;">
<span style="color: black; font-size: 13.5pt;"><br /></span></div>
<h4 style="background-color: white; color: #222222; font-size: 12pt; margin: 0in 0in 0.0001pt;">
<span style="font-family: Arial, Helvetica, sans-serif;">What is Docker?</span></h4>
<div>
<span style="color: black; font-family: Arial, sans-serif;"><br /></span></div>
<div style="background-color: white; color: #222222; margin: 0in 0in 0.0001pt;">
<span style="font-family: Arial, Helvetica, sans-serif;"><span style="color: black;">Docker is an open source Linux container technology (originally based on the LXC project) that is used to build, ship and deploy distributed applications. Docker was built on the basis of providing developers with a simple way to build and quickly deploy lightweight applications from anywhere and run exactly the same in any environment in the development life cycle. As with LXC, the only thing you need in order to run these containers is a Linux kernel allowing Docker to be extremely portable. I would also argue that another important factor of Docker is that is it built to allow for developers to quickly scale their environments when needed. </span><span style="color: black;"><u></u><u></u></span></span></div>
<div style="background-color: white; color: #222222; margin: 0in 0in 0.0001pt;">
<span style="font-family: Arial, Helvetica, sans-serif;"><span style="color: black;"><br />Docker consists of the following 4 main components in order to operate. Each explained short below:</span><span style="color: black;"><u></u><u></u></span></span></div>
<div style="background-color: white; color: #222222; margin: 0in 0in 0.0001pt;">
<br /></div>
<ul style="background-color: white; color: #222222; margin-bottom: 0in;" type="disc">
<li class="MsoNormal" style="color: black; margin: 0in 0in 0.0001pt;"><span style="font-family: Arial, Helvetica, sans-serif;">Docker Daemon - The Docker daemon runs on a host server and does all the work of running, shipping and building containers. The Docker daemon runs as a service on the Linux host.<u></u><u></u></span></li>
<li class="MsoNormal" style="color: black; margin: 0in 0in 0.0001pt;"><span style="font-family: Arial, Helvetica, sans-serif;">Docker Images - The underlying source code for the containers and tells the containers how to be built.<u></u><u></u></span></li>
<li class="MsoNormal" style="color: black; margin: 0in 0in 0.0001pt;"><span style="font-family: Arial, Helvetica, sans-serif;">Registry - There are 2 types of registries in the Docker world, Public and Private. A registry is basically a storage repo of your Docker images that you build. You pull down images from here.<u></u><u></u></span></li>
<li class="MsoNormal" style="color: black; margin: 0in 0in 0.0001pt;"><span style="font-family: Arial, Helvetica, sans-serif;">Docker Container - The final product from all other components from above. The image, the operations and the environment. </span></li>
</ul>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;"><u><br /></u></span></div>
<div style="background-color: white; color: #222222;">
<div style="margin: 0in 0in 0.0001pt;">
<i><span style="color: black;"><span style="font-family: Arial, Helvetica, sans-serif;">Docker is built with the idea of making SysAdmin's and developer's lives easier!</span></span></i><i style="font-family: 'Times New Roman', serif; font-size: 12pt;"><span style="color: black; font-size: 13.5pt;"><u></u><u></u></span></i></div>
</div>
<div style="background-color: white; color: #222222; font-family: 'Times New Roman', serif; font-size: 12pt; margin: 0in 0in 0.0001pt;">
<br /></div>
<div style="background-color: white; color: #222222; font-family: 'Times New Roman', serif; font-size: 12pt; margin: 0in 0in 0.0001pt;">
<span style="color: black; font-size: 13.5pt;"><br /></span></div>
<h4 style="background-color: white; color: #222222; font-size: 12pt; margin: 0in 0in 0.0001pt;">
<span style="font-family: Arial, Helvetica, sans-serif;">How is it different from LXC?</span></h4>
<div>
<span style="color: black; font-family: Arial, sans-serif;"><br /></span></div>
<div style="background-color: white; color: #222222; margin: 0in 0in 0.0001pt;">
<span style="color: black;"><span style="font-family: Arial, Helvetica, sans-serif;">The LXC project is not a new technology and has been around for several years whereas Docker has only been in the wild for about 1.5 years or so from the time of this post. I describe each technology as so: LXC is Linux container technology that essentially gives you a lightweight container in the form of a full blown Linux Operating System whereas Docker is a Linux container technology that containerizes simply single application processes.<wbr></wbr>In short I think of LXC as being a containerized Linux OS and Docker as a containerized application. Both are awesome and lightweight. One should not be thought of as being better than the other. The technologies seem to be the same but there are situations where you would chose one of the other. </span></span><span style="color: black; font-family: 'Times New Roman', serif; font-size: 13.5pt;"><u></u><u></u></span></div>
<div style="background-color: white; color: #222222; margin: 0in 0in 0.0001pt;">
<span style="color: black;"><span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></span></div>
<div style="background-color: white; color: #222222; font-family: 'Times New Roman', serif; font-size: 12pt; margin: 0in 0in 0.0001pt;">
<br /></div>
<h4 style="background-color: white; color: #222222; font-size: 12pt; margin: 0in 0in 0.0001pt;">
<span style="font-family: Arial, Helvetica, sans-serif;">Advantages/Features of Docker</span></h4>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
<div style="background-color: white; color: #222222; margin: 0in 0in 0.0001pt;">
<span style="font-family: Arial, Helvetica, sans-serif;"><span style="color: black;">As part of the introduction I would like talk about what I believe to be key features and advan</span>tages<span style="color: black;"> of using Docker. </span>All of the advantages/features play nicely together which makes Docker such a monster.</span></div>
<ul style="background-color: white; margin-bottom: 0in;" type="disc">
<li class="MsoNormal" style="margin: 0in 0in 0.0001pt;"><span style="font-family: Arial, Helvetica, sans-serif;">Scalability - because containers are lightweight and minimal, Linux containers can be deployed in a matter of seconds. Due to the rapid deployment capabilities you are able to quickly scale your app <span style="color: windowtext;">during </span>high load or heavy traffic occurrences.<u></u></span></li>
<li class="MsoNormal" style="color: black; margin: 0in 0in 0.0001pt;"><span style="font-family: Arial, Helvetica, sans-serif;">Portability - since the container and its dependencies are not reliant on the host, the container can be "shipped" and run across any Linux host that operates Docker daemon.<u></u><u></u></span></li>
<li class="MsoNormal" style="margin: 0in 0in 0.0001pt;"><span style="font-family: Arial, Helvetica, sans-serif;">Reproducible <span style="color: windowtext;">–</span> <span style="color: windowtext;">I think this is important aspect of Docker and plays off of the portability factor as well. Docker allows for users to deploy an app on their laptop or in dev and move it to production and expect to have the same results. Since containers don’t rely on dependencies etc they will run the same <i>anywhere</i>.</span><u></u><u></u></span></li>
<li class="MsoNormal" style="color: black; margin: 0in 0in 0.0001pt;"><span style="font-family: Arial, Helvetica, sans-serif;">Isolation <span style="color: windowtext;">– the use a cgroups and namespacing from the Linux kernel allows 100’s to 1000’s of Docker containers run on the same host or across a cluster of hosts without bumping into one another or affect the performance of other containers.</span><u></u><u></u></span></li>
<li class="MsoNormal" style="color: black; margin: 0in 0in 0.0001pt;"><span style="font-family: Arial, Helvetica, sans-serif;">Sharing <span style="color: windowtext;">–</span> <span style="color: windowtext;">whether deciding to use public or private registries for your images, you can share you development with virtually anyone on the planet and collaborate on projects.</span><u></u><u></u></span></li>
<li class="MsoNormal" style="color: black; margin: 0in 0in 0.0001pt;"><span style="font-family: Arial, Helvetica, sans-serif;">Lightweight <span style="color: windowtext;">–</span> <span style="color: windowtext;">one of the purposes of Docker is to be minimal and no overhead which in turn allows for extremely fast deployment and scaling abilities.</span><u></u><u></u></span></li>
<li class="MsoNormal" style="color: black; margin: 0in 0in 0.0001pt;"><span style="font-family: Arial, Helvetica, sans-serif;">Version control <span style="color: windowtext;">–</span> <span style="color: windowtext;">Docker is extremely “Git”-like. Docker registries keeps track of versions, differences, and allows for simple rollback.</span><u></u><u></u></span></li>
<li class="MsoNormal" style="margin: 0in 0in 0.0001pt;"><span style="font-family: Arial, Helvetica, sans-serif;">Open Source and Community <span style="color: windowtext;">–</span> <span style="color: windowtext;">Threw this one in last. </span>Honestly, what is better than open source? Docker has a major backed open source community that is absolutely taking this technology to a revolutionary state that will in my opinion change the way we develop and run applications. <span style="color: windowtext;">Its incredible in my opinion how much attention this technology has gotten in its early stages and I am extremely excited for the future.</span></span></li>
</ul>
<div>
<span style="font-family: Times New Roman, serif;"><span style="font-size: 18px;"><u><br /></u></span></span></div>
<div>
<span style="font-family: Times New Roman, serif;"><span style="font-size: 18px;"><u><br /></u></span></span></div>
<div>
<h4 style="background-color: white; color: #222222; font-size: 12pt; margin: 0in 0in 0.0001pt;">
<span style="font-family: Arial, Helvetica, sans-serif;">Common Commands</span></h4>
</div>
<div style="background-color: white; color: #222222; font-family: 'Times New Roman', serif; font-size: 12pt; margin: 0in 0in 0.0001pt;">
<br /></div>
<div style="background-color: white; color: #222222; margin: 0in 0in 0.0001pt;">
<span style="color: black;"><span style="font-family: Arial, Helvetica, sans-serif;">Here is a cheatsheet of common Docker commands that will frequently be used when first starting out.</span></span></div>
<div style="color: #222222; margin: 0in 0in 0.0001pt;">
<br /></div>
<div style="background-color: white; color: #222222; margin: 0in 0in 0.0001pt;">
<span style="color: black;"><span style="font-family: Arial, Helvetica, sans-serif;">Display system-wide information about your Docker environment.</span></span></div>
<div style="color: #222222; margin: 0in 0in 0.0001pt;">
<span style="color: black;"><span style="background-color: white; font-family: Arial, Helvetica, sans-serif;"> </span><span style="background-color: #f3f3f3; font-family: Courier New, Courier, monospace;">docker info</span></span></div>
<div style="background-color: white; color: #222222; margin: 0in 0in 0.0001pt;">
<span style="color: black;"><span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></span></div>
<div style="background-color: white; margin: 0in 0in 0.0001pt;">
<span style="font-family: Arial, Helvetica, sans-serif;">Pull an image from your repo to the host.</span></div>
<div style="margin: 0in 0in 0.0001pt;">
<span style="background-color: white; font-family: Arial, Helvetica, sans-serif;"> </span><span style="background-color: #f3f3f3; font-family: Courier New, Courier, monospace;">docker pull <i>IMAGE_NAME</i></span></div>
<div style="background-color: white; margin: 0in 0in 0.0001pt;">
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
<div style="margin: 0in 0in 0.0001pt;">
<div style="background-color: white;">
<span style="font-family: Arial, Helvetica, sans-serif;">List the images installed on your system.</span></div>
<span style="background-color: white; font-family: Arial, Helvetica, sans-serif;"> </span><span style="background-color: #f3f3f3; font-family: Courier New, Courier, monospace;">docker images</span></div>
<div style="background-color: white; margin: 0in 0in 0.0001pt;">
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
<div style="margin: 0in 0in 0.0001pt;">
<div style="background-color: white;">
<span style="font-family: Arial, Helvetica, sans-serif;">Remove an image.</span></div>
<span style="background-color: white; font-family: Arial, Helvetica, sans-serif;"> </span><span style="background-color: #f3f3f3; font-family: Courier New, Courier, monospace;">docker rmi <i>IMAGE_ID</i></span></div>
<div style="background-color: white; margin: 0in 0in 0.0001pt;">
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
<div style="margin: 0in 0in 0.0001pt;">
<div style="background-color: white;">
<span style="font-family: Arial, Helvetica, sans-serif;">List all the containers.</span></div>
<span style="background-color: white; font-family: Arial, Helvetica, sans-serif;"> </span><span style="background-color: #f3f3f3; font-family: Courier New, Courier, monospace;">docker ps -a</span><br />
<div style="background-color: white;">
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
<div style="background-color: white;">
<span style="font-family: Arial, Helvetica, sans-serif;">Remove a container.</span></div>
<span style="background-color: white; font-family: Arial, Helvetica, sans-serif;"> </span><span style="background-color: #f3f3f3; font-family: Courier New, Courier, monospace;">docker rm <i>CONTAINER_ID</i></span></div>
<div style="background-color: white; margin: 0in 0in 0.0001pt;">
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
<div style="margin: 0in 0in 0.0001pt;">
<div style="background-color: white;">
<span style="font-family: Arial, Helvetica, sans-serif;">Start/Stop a container. Tons and Tons of options that wont be mentioned. Also you can restart an already running container with "</span><span style="font-family: Courier New, Courier, monospace;">restart</span><span style="font-family: Arial, Helvetica, sans-serif;">".</span></div>
<span style="background-color: white; font-family: Arial, Helvetica, sans-serif;"> </span><span style="background-color: #f3f3f3; font-family: Courier New, Courier, monospace;">docker start|stop|restart <i>CONTAINER_ID</i></span></div>
<div style="background-color: white; margin: 0in 0in 0.0001pt;">
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
<div style="margin: 0in 0in 0.0001pt;">
<div style="background-color: white;">
<span style="font-family: Arial, Helvetica, sans-serif;">Run a container. Note that the following command will create a new container each time. If you just want to run a stopped container then use "</span><span style="font-family: Courier New, Courier, monospace;">docker start container</span><span style="font-family: Arial, Helvetica, sans-serif;">". Also without the "</span><span style="font-family: Courier New, Courier, monospace;">-d</span><span style="font-family: Arial, Helvetica, sans-serif;">" option at the end of the command you will be attached automatically.</span></div>
<span style="background-color: white;"> </span><span style="font-family: Courier New, Courier, monospace;"><span style="background-color: #f3f3f3;">docker run -i -t<i> BASE_IMAGE COMMAND </i>-d</span></span></div>
<div style="background-color: white; margin: 0in 0in 0.0001pt;">
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
<div style="margin: 0in 0in 0.0001pt;">
<div style="background-color: white;">
<span style="font-family: Arial, Helvetica, sans-serif;">See additional information about a container or image. Tons more info that be presented such as IP addresses etc.</span></div>
<span style="background-color: white;"> </span><span style="font-family: Courier New, Courier, monospace;"><span style="background-color: #f3f3f3;">docker inspect <i>CONTAINER_ID|IMAGE_ID</i></span></span></div>
<div style="background-color: white; margin: 0in 0in 0.0001pt;">
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
<div style="margin: 0in 0in 0.0001pt;">
<div style="background-color: white;">
<span style="font-family: Arial, Helvetica, sans-serif;">List and see information on running containers. </span></div>
<span style="background-color: white; font-family: Arial, Helvetica, sans-serif;"> </span><span style="background-color: #f3f3f3; font-family: Courier New, Courier, monospace;">docker ps</span></div>
<div style="background-color: white; margin: 0in 0in 0.0001pt;">
<br /></div>
<div style="background-color: white; margin: 0in 0in 0.0001pt;">
<br />
<br /></div>
<h4 style="background-color: white; color: #222222; font-size: 12pt; margin: 0in 0in 0.0001pt;">
<span style="font-family: Arial, Helvetica, sans-serif;">Installing Docker on CentOS 7 and "Hello World"</span></h4>
<h4 style="background-color: white; color: #222222; font-size: 12pt; margin: 0in 0in 0.0001pt;">
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></h4>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;">For CentOS 7, Docker comes as default. If it does not for some reason you can get it from the epel repository. Once you have the repo run the following:</span></div>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;"> </span><span style="font-family: Courier New, Courier, monospace;"><span style="background-color: #f3f3f3;"># yum install -y docker docker-registry</span></span></div>
<div>
<br /></div>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;"><span style="background-color: white;">Since Docker is reliant on a Docker daemon to run, pull, ship etc., lets go ahead and start the Docker daemon and enable it to start at boot so its running default.</span></span></div>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;"><span style="background-color: white;"><br /></span></span></div>
<div>
<span style="background-color: white; font-family: Arial, Helvetica, sans-serif;"> </span><span style="font-family: Courier New, Courier, monospace;"><span style="background-color: #f3f3f3;"># systemctl start docker</span></span></div>
<div>
<span style="background-color: white; font-family: Arial, Helvetica, sans-serif;"> </span><span style="font-family: Courier New, Courier, monospace;"><span style="background-color: #f3f3f3;"># systemctl enable docker</span></span></div>
<h4 style="background-color: white; color: #222222; font-size: 12pt; margin: 0in 0in 0.0001pt;">
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></h4>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;">Lets go ahead and pull down the centos images from the docker hub and verify its there.</span></div>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;"> </span><span style="font-family: Courier New, Courier, monospace;"><span style="background-color: #f3f3f3;"># docker pull centos</span></span></div>
<div>
<span style="background-color: white; font-family: Arial, Helvetica, sans-serif;"> </span><span style="font-family: Courier New, Courier, monospace;"><span style="background-color: #f3f3f3;"># docker images</span></span></div>
<div>
<span style="font-family: Courier New, Courier, monospace;"><span style="background-color: #f3f3f3;"><br /></span></span></div>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;"><span style="background-color: white;">Let's create our very first container from the centos image. We will create that very first, everyone's favorite, "Hello World!" app.</span></span></div>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;"><span style="background-color: white;"><br /></span></span></div>
<div>
<span style="background-color: white; font-family: Arial, Helvetica, sans-serif;"> </span><span style="font-family: Courier New, Courier, monospace;"><span style="background-color: #f3f3f3;"># docker run -i -t centos /bin/echo 'Hello World!'</span></span><span style="background-color: #f3f3f3; font-family: 'Courier New', Courier, monospace;"> </span></div>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;"> OUTPUT:</span></div>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;"> </span><span style="background-color: #f3f3f3; font-family: Courier New, Courier, monospace;">Hello World!</span></div>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
<h4 style="background-color: white; color: #222222; font-size: 12pt; margin: 0in 0in 0.0001pt;">
<span style="font-family: Arial, Helvetica, sans-serif;">Ending Notes</span></h4>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;">This was an extremely short intro to Docker and probably a little boring if you have worked with Docker before. The upcoming blog posts will go much further in depth with things such as building your own images, private repositories, orchestration and so on. Cheers.</span></div>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;"><span style="background-color: white; color: #444444; line-height: 18.2000007629395px;">Blog Series on <a href="http://www.wickedawesometech.us/2014/07/the-container-world-part-1-overview.html">Linux Containers</a><span id="goog_375172368"></span><span id="goog_375172369"></span><a href="https://www.blogger.com/"></a>:</span><br style="background-color: white; color: #444444; line-height: 18.2000007629395px;" /><span style="background-color: white; color: #444444; line-height: 18.2000007629395px;">Previous Post: <a href="http://www.wickedawesometech.us/2014/11/the-container-world-part-5-advanced.html">LXC Advanced Configuration</a></span><br style="background-color: white; color: #444444; line-height: 18.2000007629395px;" /><span style="background-color: white; color: #444444; line-height: 18.2000007629395px;">Next Post: Building Docker Images</span></span></div>
Anonymoushttp://www.blogger.com/profile/08401515398537055010noreply@blogger.com0tag:blogger.com,1999:blog-243202604267192203.post-43476868394169686122014-11-11T21:27:00.002-08:002014-11-11T21:27:41.672-08:00The Container World | Part 5 Advanced Configuration<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjV2V3f3RqkDNi5kqdKzilmL315ZAN6me21rL66RGIPG0rAmVlz1PqFVOvebSLJju2TjvhOS1lrMX-GgvAksIH8Q8hlAXNT9luSYCb4SM6znTpizFnjKh_TcFVr7zfzGXsH34ETljUHAplR/s1600/containers_5.jpg" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjV2V3f3RqkDNi5kqdKzilmL315ZAN6me21rL66RGIPG0rAmVlz1PqFVOvebSLJju2TjvhOS1lrMX-GgvAksIH8Q8hlAXNT9luSYCb4SM6znTpizFnjKh_TcFVr7zfzGXsH34ETljUHAplR/s1600/containers_5.jpg" height="240" width="320" /></a><br />
<span style="font-family: Arial, Helvetica, sans-serif;">For this post I will be focusing on showing a few advanced configurations and cool things you can do with LXC. Ill show you how to add IPs to your containers so that you can get to them outside of the host, show you a couple different ways on how to deploy new containers and show you the safest way to incorporate LXC into production use by demonstrating unprivileged containers.</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<br />
<h3>
<span style="font-family: Arial, Helvetica, sans-serif;">Adding IPs</span></h3>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;">Ensure that you have properly configured your hosts by bridging the interfaces (see <a href="http://www.wickedawesometech.us/2014/07/the-container-world-part-2-networking.html">Networking</a> post) if you have not already done so. Remember that all of you containers operate from their own configuration file, </span><span style="background-color: white; color: #444444; font-family: 'Courier New', Courier, monospace; line-height: 18.200000762939453px;"><b>/var/lib/lxc/container-name/config</b></span><b style="background-color: white; color: #444444; font-family: 'Courier New', Courier, monospace; line-height: 18.200000762939453px;">.</b><b style="background-color: white; color: #444444; font-family: 'Courier New', Courier, monospace; font-size: 13px; line-height: 18.200000762939453px;"> </b><span style="background-color: white; color: #444444; line-height: 18.200000762939453px;"><span style="font-family: Arial, Helvetica, sans-serif;">This</span></span><span style="background-color: white; color: #444444; line-height: 18.200000762939453px;"><span style="font-family: Arial, Helvetica, sans-serif;"> configuration file is where you will place all of the IP information.</span></span><span style="font-family: Arial, Helvetica, sans-serif;"> Open the file with your desired eidtor and add/fill in these parameters:</span></div>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
<div>
<span style="font-family: Courier New, Courier, monospace;"><br /></span></div>
<div>
<span style="font-family: Courier New, Courier, monospace;"> lxc.network.type = veth</span><br />
<span style="font-family: Courier New, Courier, monospace;"> lxc.network.flags = up</span><br />
<span style="font-family: Courier New, Courier, monospace;"> lxc.network.link = br0</span><br />
<span style="font-family: Courier New, Courier, monospace;"> lxc.network.hwaddr = Y0:UR:MA:CA:DR:ES</span><br />
<span style="font-family: 'Courier New', Courier, monospace;"> lxc.network.name = eth0</span><br />
<span style="font-family: Courier New, Courier, monospace;"> lxc.network.flags = up</span><br />
<span style="font-family: Courier New, Courier, monospace;"> lxc.network.mtu = 1500</span><br />
<span style="font-family: Courier New, Courier, monospace;"> lxc.network.ipv4 = 192.168.0.150/23</span><br />
<span style="font-family: Courier New, Courier, monospace;"> lxc.network.ipv4.gateway = 192.168.0.1</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span></div>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Arial, Helvetica, sans-serif;">Correct networking parameters will allow for you to have multiple containers that are able to communicate with one another and also allow for you to ssh to them from anywhere on the same network. I would also advise to set these same configs on the containers interfaces using </span><span style="font-family: Courier New, Courier, monospace;">ifconfig </span><span style="font-family: Arial, Helvetica, sans-serif;">or modifying the interface config files themselves. <b>Please note</b> that setting an IP in the config file doesn't set the IP on the containers interface. So for example if the containers interface is using dhcp but the config file contains a static IP, you will have 2 IP addresses that will actually respond to ping and ssh. You can set the static IP on one or the other or both to keep from having more than 1 IP.</span></div>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;">It is also possible to extend networking capabilities of the container to enable it to reach outside of the network that it sits on (outside of the bridge). One example of this would be to enable your container to also reach the internet. You can use iptables from the host to route requests outside of the bridge to other adapters that are available on the host based on specific IP addresses or based on whole subnets. Below, eth1 is assumed to be the adapter that is capable of talking to other networks like the internet etc. Also be sure to add IPv4 forwarding to /etc/sysctl.conf.</span></div>
<div>
<br />
<br />
<span style="font-family: 'Courier New', Courier, monospace;"> # iptables -t nat -A POSTROUTING -s </span><span style="font-family: 'Courier New', Courier, monospace;">192.168.0.150</span><span style="font-family: 'Courier New', Courier, monospace;"> -o eth1 -j MASQUERADE</span><br />
<span style="font-family: 'Courier New', Courier, monospace;"><br /></span>
<span style="font-family: 'Courier New', Courier, monospace;"><br /></span>
<span style="font-family: Arial, Helvetica, sans-serif;">Or based on subnet.</span><br />
<span style="font-family: 'Courier New', Courier, monospace;"><br /></span>
<span style="font-family: 'Courier New', Courier, monospace;"><br /></span>
<span style="font-family: 'Courier New', Courier, monospace;"> # </span><span style="font-family: 'Courier New', Courier, monospace;">iptables -t nat -A POSTROUTING -s </span><span style="font-family: 'Courier New', Courier, monospace;">192.168.0.0/24</span><span style="font-family: 'Courier New', Courier, monospace;"> -o eth1 -j MASQUERADE</span><br />
<span style="font-family: 'Courier New', Courier, monospace;"><br /></span>
<br />
<span style="font-family: Arial, Helvetica, sans-serif;">Add following line in /etc/systctl.conf to add IPv4 forwarding followed by issuing "systctl -p" to take effect without reboot.</span><br />
<span style="background-color: white;"><span style="font-family: Courier New, Courier, monospace;"><br /></span></span>
<span style="background-color: white;"><span style="font-family: Courier New, Courier, monospace;"> <span style="color: #222222; line-height: 1.1em;">net.ipv4.ip_forward = 1</span></span></span><br />
<span style="background-color: white;"><span style="font-family: Courier New, Courier, monospace;"><span style="color: #222222; line-height: 1.1em;"><br /></span></span></span>
<span style="font-family: Courier New, Courier, monospace;"><span style="background-color: white;"><span style="color: #222222; line-height: 1.1em;"> # </span></span>systctl -p</span><br />
<span style="background-color: white; color: #222222; line-height: 1.1em;"><span style="font-family: Courier New, Courier, monospace;"><br /></span></span>
<br />
<span style="font-family: Arial, Helvetica, sans-serif;">NOTE: If using Red Hat 7/CentOS 7 you will need to check firewalld settings. I completely disabled firewalld and continued using iptables instead since I am more familiar with iptables.</span><br />
<span style="font-family: 'Courier New', Courier, monospace;"> </span></div>
<div>
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;"> </span><br />
<h3>
<span style="font-family: Arial, Helvetica, sans-serif;">Cloning Containers</span></h3>
<span style="font-family: Arial, Helvetica, sans-serif;">Another cool feature of LXC is the ability to clone individual containers as you would a virtual machine. Cloning provides the capability of faster deployments for custom configurations and I would also think it would provide a way for developers to auto scale if needed. There are 2 types of clones: Copy and Snapshots. </span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Arial, Helvetica, sans-serif;">From lxc-clone manpage:</span><span style="font-family: Courier New, Courier, monospace;"> "A copy clone copies the root filessytem from the original container to the new. A </span><span style="font-family: 'Courier New', Courier, monospace;">snapshot filesystem uses the backing store's snapshot functionality to create a very small copy-on-write </span><span style="font-family: 'Courier New', Courier, monospace;">snapshot of the original container. Snapshot clones require the new container backing store to support</span><span style="font-family: 'Courier New', Courier, monospace;"> snapshotting. Currently this includes only aufs, btrfs, lvm, overlayfs and zfs. LVM devices do not sup</span><span style="font-family: 'Courier New', Courier, monospace;">port snapshots of snapshots." </span><br />
<br />
<br />
<span style="font-family: Arial, Helvetica, sans-serif;">For purposes of this post we will keep it simple and create a simple copy type clone. The "-o" flag defines original container name that will be cloned and the "-n" flag defines new container name. From my experience the rootfs, hostname and the mac will not duplicate but I haven't found a way to keep the IP from duplicating. So just remember <i>if you are using a static IP</i> that you will need to update the IP info on the new container to keep from conflicting. There is probably a way to script it but by default there is no way around it that I have found yet.</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;"> # lxc-clone -o CONTAINER_TOBE_CLONED -n NEW_CONTAINER</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Arial, Helvetica, sans-serif;">Should get an output like "</span><span style="font-family: Courier New, Courier, monospace;">Created container NEW_CONTAINER as copy of fedora-master</span><span style="font-family: Arial, Helvetica, sans-serif;">" when clone is completed.</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<br />
<h3>
<span style="font-family: Arial, Helvetica, sans-serif;">Autostart</span></h3>
</div>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;">This is one of the coolest features of LXC in my opinion. Since each container is run as a process, each process (container) has the ability of being started at bootup. The LXC program can be started/run as a service (</span><span style="font-family: Courier New, Courier, monospace;">service lxc start | systemctl start lxc</span><span style="font-family: Arial, Helvetica, sans-serif;">) and when this service is brought to life it can tell specfific containers to startup with the LXC service. This is done through passing the autostart parameter(s) to the containers config file. </span><span style="font-family: Arial, Helvetica, sans-serif;">The autostart options support marking which containers should be auto-started and in what order and can be based on either a number or a group</span><span style="font-family: Arial, Helvetica, sans-serif;">. </span><span style="font-family: Arial, Helvetica, sans-serif;">See man page for lxc.container.conf for extended details.</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Arial, Helvetica, sans-serif;">For the most basic autostart option, pass the following parameter to the contianers config file:</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;"> lxc.start.auto = 1 # 0 value means off. 1 value means on.</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;"><br /></span><span style="font-family: Arial, Helvetica, sans-serif;">Other parameters worth mentioning for autostart are the start order parameter and start delay. The start order along with the start delay can help bring up containers in a certain order and set a wait time before starting the next one. Can be helpful for multi container environments such as a database.</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;"> lxc.start.order = N # where N is a number</span><br />
<span style="font-family: Courier New, Courier, monospace;"> lxc.start.delay = N # where N is a number in seconds</span><br />
<span style="font-family: Courier New, Courier, monospace;"></span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<br />
<h3>
<span style="font-family: Arial, Helvetica, sans-serif;">Unprivileged Containers</span></h3>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;">Unprivileged containers are perhaps the safest way to deploy LXC especially in a production environment. LXC gets a bad rap for being unsecure at times and has actually allowed users to gain access to the root account on the host. This is possible because although containers all run in a separate namespace, uid 0 in your container is still equal to uid 0 outside of the container. Unprivileged containers run as a non root process on the host even though they can have root inside of the container itself. So at a high level we need to remap these namespaces and ensure that these processes are not running under root's uid. A little confusing but hopefully after you see a demo it will make sense. Stephane Graber who is one of the lead developers behind LXC sums this up really well in his blog on unprivileged containers.</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<i><span style="font-family: Arial, Helvetica, sans-serif;">"<span style="background-color: white; color: #333333; line-height: 24px;">So how do those user namespaces work? Well, simply put, each user that’s allowed to use them on the system gets assigned a range of unused uids and gids, ideally a whole 65536 of them. You can then use those uids and gids with two standard tools called newuidmap and newgidmap which will let you map any of those uids and gids to virtual uids and gids in a user namespace." - Stephane Graber <a href="https://www.stgraber.org/2014/01/17/lxc-1-0-unprivileged-containers/">"LXC 1.0: Unprivileged Containers"</a></span></span></i><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span><span style="font-family: Arial, Helvetica, sans-serif;">With the development of unprivileged containers we are able to allow users other than root to start an container although with unprivileged containers there are still limits on some things a user can do in namespace. I will demonstrate this on a Ubuntuxc 14.04 since my CentOS 7 box doesnt meet the prereq kernel features needed for this. The tools that we will need to configure this (newuidmap and newgidmap) require kernel verison 3.12 or higher. Let's Begin!</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Arial, Helvetica, sans-serif;">Ensure that you have uidmap package installed:</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;"> # sudo apt-get install uidmap</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Arial, Helvetica, sans-serif;">Then assign your user subuids and subgids and give execution privileges to user home. </span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;"> # sudo usermod --add-subuids 100000-165536 USER</span><br />
<span style="font-family: Courier New, Courier, monospace;"> # sudo usermod --add-subgids 100000-165536 USER</span><br />
<span style="font-family: Courier New, Courier, monospace;"> # sudo chmod +x /home/USER</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Arial, Helvetica, sans-serif;">Add the mappings as part of the container parameters in </span><span style="font-family: Courier New, Courier, monospace;">~/.config/lxc/default</span><span style="font-family: Arial, Helvetica, sans-serif;">.</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;"> lxc.id_map = u 0 100000 65536</span><br />
<br />
<span style="font-family: Courier New, Courier, monospace;"> lxc.id_map = g 0 100000 65536</span><br />
<div>
<br /></div>
<span style="font-family: Arial, Helvetica, sans-serif;">Create and start the unprivileged container. Note this will take some time to complete.</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;"> # lxc-create -t download -n ubuntu-unprived -- -d ubuntu -r trusty -a amd64</span><br />
<span style="font-family: Courier New, Courier, monospace;"> # lxc-start -n ubuntu-unprived -d</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Arial, Helvetica, sans-serif;">So now lets compare what the processes look like from the host and from the container for this namespace.</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Arial, Helvetica, sans-serif;">From the container:</span><br />
<span style="font-family: Courier New, Courier, monospace;"># lxc-attach -n ubuntu-unprived</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">root@ubuntu-unprived:/# ps -ef</span><br />
<span style="font-family: Courier New, Courier, monospace;">UID PID PPID C STIME TTY TIME CMD</span><br />
<span style="font-family: Courier New, Courier, monospace;">root 1 0 0 04:48 ? 00:00:00 /sbin/init</span><br />
<span style="font-family: Courier New, Courier, monospace;">root 157 1 0 04:48 ? 00:00:00 upstart-udev-bridge --daemon</span><br />
<span style="font-family: Courier New, Courier, monospace;">root 189 1 0 04:48 ? 00:00:00 /lib/systemd/systemd-udevd --daemon</span><br />
<span style="font-family: Courier New, Courier, monospace;">root 244 1 0 04:48 ? 00:00:00 dhclient -1 -v -pf /run/dhclient.eth0.pid</span><br />
<span style="font-family: Courier New, Courier, monospace;">syslog 290 1 0 04:48 ? 00:00:00 rsyslogd</span><br />
<span style="font-family: Courier New, Courier, monospace;">root 343 1 0 04:48 tty4 00:00:00 /sbin/getty -8 38400 tty4</span><br />
<span style="font-family: Courier New, Courier, monospace;">root 345 1 0 04:48 tty2 00:00:00 /sbin/getty -8 38400 tty2</span><br />
<span style="font-family: Courier New, Courier, monospace;">root 346 1 0 04:48 tty3 00:00:00 /sbin/getty -8 38400 tty3</span><br />
<span style="font-family: Courier New, Courier, monospace;">root 359 1 0 04:48 ? 00:00:00 cron</span><br />
<span style="font-family: Courier New, Courier, monospace;">root 386 1 0 04:48 console 00:00:00 /sbin/getty -8 38400 console</span><br />
<span style="font-family: Courier New, Courier, monospace;">root 389 1 0 04:48 tty1 00:00:00 /sbin/getty -8 38400 tty1</span><br />
<span style="font-family: Courier New, Courier, monospace;">root 408 1 0 04:48 ? 00:00:00 upstart-socket-bridge --daemon</span><br />
<span style="font-family: Courier New, Courier, monospace;">root 409 1 0 04:48 ? 00:00:00 upstart-file-bridge --daemon</span><br />
<span style="font-family: Courier New, Courier, monospace;">root 431 0 0 05:06 ? 00:00:00 /bin/bash</span><br />
<br />
<span style="font-family: Courier New, Courier, monospace;">root 434 431 0 05:06 ? 00:00:00 ps -ef</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Arial, Helvetica, sans-serif;">From the host:</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;"># lxc-info -Ssip --name ubuntu-unprived</span><br />
<span style="font-family: Courier New, Courier, monospace;">State: RUNNING</span><br />
<span style="font-family: Courier New, Courier, monospace;">PID: 3104</span><br />
<span style="font-family: Courier New, Courier, monospace;">IP: 10.1.0.107</span><br />
<span style="font-family: Courier New, Courier, monospace;">CPU use: 2.27 seconds</span><br />
<span style="font-family: Courier New, Courier, monospace;">BlkIO use: 680.00 KiB</span><br />
<span style="font-family: Courier New, Courier, monospace;">Memory use: 7.24 MiB</span><br />
<span style="font-family: Courier New, Courier, monospace;">Link: vethJ1Y7TG</span><br />
<span style="font-family: Courier New, Courier, monospace;"> TX bytes: 7.30 KiB</span><br />
<span style="font-family: Courier New, Courier, monospace;"> RX bytes: 46.21 KiB</span><br />
<span style="font-family: 'Courier New', Courier, monospace;"> Total bytes: 53.51 KiB</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;"># ps -ef | grep 3104</span><br />
<span style="font-family: Courier New, Courier, monospace;">100000 3104 3067 0 Nov11 ? 00:00:00 /sbin/init</span><br />
<span style="font-family: Courier New, Courier, monospace;">100000 3330 3104 0 Nov11 ? 00:00:00 upstart-udev-bridge --daemon</span><br />
<span style="font-family: Courier New, Courier, monospace;">100000 3362 3104 0 Nov11 ? 00:00:00 /lib/systemd/systemd-udevd --daemon</span><br />
<span style="font-family: Courier New, Courier, monospace;">100000 3417 3104 0 Nov11 ? 00:00:00 dhclient -1 -v -pf /run/dhclient.eth0.pid -lf /var/lib/dhcp/dhclient.eth0.leases eth0</span><br />
<span style="font-family: Courier New, Courier, monospace;">100102 3463 3104 0 Nov11 ? 00:00:00 rsyslogd</span><br />
<span style="font-family: Courier New, Courier, monospace;">100000 3516 3104 0 Nov11 pts/8 00:00:00 /sbin/getty -8 38400 tty4</span><br />
<span style="font-family: Courier New, Courier, monospace;">100000 3518 3104 0 Nov11 pts/6 00:00:00 /sbin/getty -8 38400 tty2</span><br />
<span style="font-family: Courier New, Courier, monospace;">100000 3519 3104 0 Nov11 pts/7 00:00:00 /sbin/getty -8 38400 tty3</span><br />
<span style="font-family: Courier New, Courier, monospace;">100000 3532 3104 0 Nov11 ? 00:00:00 cron</span><br />
<span style="font-family: Courier New, Courier, monospace;">100000 3559 3104 0 Nov11 pts/9 00:00:00 /sbin/getty -8 38400 console</span><br />
<span style="font-family: Courier New, Courier, monospace;">100000 3562 3104 0 Nov11 pts/5 00:00:00 /sbin/getty -8 38400 tty1</span><br />
<span style="font-family: Courier New, Courier, monospace;">100000 3581 3104 0 Nov11 ? 00:00:00 upstart-socket-bridge --daemon</span><br />
<span style="font-family: Courier New, Courier, monospace;">100000 3582 3104 0 Nov11 ? 00:00:00 upstart-file-bridge --daemon</span><br />
<span style="font-family: 'Courier New', Courier, monospace;">lxc 3780 1518 0 00:10 pts/4 00:00:00 grep --color=auto 3104</span><br />
<div>
<br /></div>
<span style="font-family: Arial, Helvetica, sans-serif;">As you can see processes are running inside the container as root but are not appearing as root but as 100000 from the host.</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Arial, Helvetica, sans-serif;">Hope you enjoyed this blog post. Next in the series will begin talking about the ever popular Docker and ease your into some really cool projects going on around it.</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Arial, Helvetica, sans-serif;"><span style="background-color: white; color: #444444; line-height: 18.2000007629395px;">Blog Series on <a href="http://www.wickedawesometech.us/2014/07/the-container-world-part-1-overview.html" style="color: #4d469c; text-decoration: none;">Linux Containers</a>:</span><br style="background-color: white; color: #444444; line-height: 18.2000007629395px;" /><span style="background-color: white; color: #444444; line-height: 18.2000007629395px;">Previous Post: <a href="http://www.wickedawesometech.us/2014/07/the-container-world-part-4-first.html">First Container</a></span><br style="background-color: white; color: #444444; line-height: 18.2000007629395px;" /><span style="background-color: white; color: #444444; line-height: 18.2000007629395px;">Next Post: Introduction to Docker</span></span></div>
</div>
Anonymoushttp://www.blogger.com/profile/08401515398537055010noreply@blogger.com1tag:blogger.com,1999:blog-243202604267192203.post-86716041024021130752014-08-18T18:13:00.004-07:002014-08-18T18:13:53.064-07:00Vagrant Cheatsheet<span style="font-family: Arial, Helvetica, sans-serif;">Here is a good Vagrant command cheatsheet that some might find helpful if using Vagrant for various tasks. </span><span style="font-family: Arial, Helvetica, sans-serif;">Recently started using Vagrant to help manage my virtualbox instances and it</span><span style="font-family: Arial, Helvetica, sans-serif;"> has quickly become one of my favorite tools in my Lab. Many companies like CoreOS are beginning to put their releases into Vagrant files to easily allow users to begin testing or playing with pre-configured environments in a matter of minutes. You can even create your own environment and put it out there for others to use. The cheatsheet is command plus a short description. Be sure to </span><a href="http://www.vagrantup.com/" style="font-family: Arial, Helvetica, sans-serif;">Check it out</a><span style="font-family: Arial, Helvetica, sans-serif;">. Also check out the </span><a href="http://docs.vagrantup.com/v2/cli/index.html" style="font-family: Arial, Helvetica, sans-serif;">Command-Line documentation</a><span style="font-family: Arial, Helvetica, sans-serif;"> on Vagrant's site for additional options.</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<br />
<h3>
<span style="font-family: Arial, Helvetica, sans-serif;">Vagrant Commands: vagrant <i>command options</i></span></h3>
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhGk2ZxWSUwi2jTrkDAVQeyti9ROe6dQE110b2qujLn86s0kWMjbTV7pTFpELlhrVjNmrGJl4tjZr3ZXGbe_nCt9Q6Ks5WRuGCTGo_9TNCeL6_5OS4cOY1RvSLbEGV57kxCeDeXjtRj0UyE/s1600/Vagrant.png" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhGk2ZxWSUwi2jTrkDAVQeyti9ROe6dQE110b2qujLn86s0kWMjbTV7pTFpELlhrVjNmrGJl4tjZr3ZXGbe_nCt9Q6Ks5WRuGCTGo_9TNCeL6_5OS4cOY1RvSLbEGV57kxCeDeXjtRj0UyE/s1600/Vagrant.png" height="200" width="162" /></a><span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;"><span style="background-color: #f3f3f3;"> vagrant up </span> - </span><span style="font-family: Arial, Helvetica, sans-serif;">This command is used to create and configure your guest environment/machines based on your</span><span style="font-family: Courier New, Courier, monospace;"> Vagrantfile. </span><span style="font-family: Arial, Helvetica, sans-serif;">Also multiple other options can be used.</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="background-color: #f3f3f3; font-family: 'Courier New', Courier, monospace;"> vagrant status </span><span style="font-family: 'Courier New', Courier, monospace;"> - </span><span style="font-family: Arial, Helvetica, sans-serif;">This command is used to check the status of the Vagrant managed machines. </span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="background-color: #f3f3f3; font-family: 'Courier New', Courier, monospace;"> vagrant reload </span><span style="font-family: 'Courier New', Courier, monospace;"> - </span><span style="font-family: Arial, Helvetica, sans-serif;">This command is used to do a complete reload on the </span><span style="font-family: Courier New, Courier, monospace;">Vagrantfile</span><span style="font-family: Arial, Helvetica, sans-serif;">. Use this command anytime you make a change to the </span><span style="font-family: Courier New, Courier, monospace;">Vagrantfile</span><span style="font-family: Arial, Helvetica, sans-serif;">. This command will do the same thing as running a </span><span style="font-family: Courier New, Courier, monospace;">halt </span><span style="font-family: Arial, Helvetica, sans-serif;">command and then running an </span><span style="font-family: Courier New, Courier, monospace;">up </span><span style="font-family: Arial, Helvetica, sans-serif;">command directly after.</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="background-color: #f3f3f3; font-family: 'Courier New', Courier, monospace;"> vagrant halt </span><span style="font-family: 'Courier New', Courier, monospace;"> - </span><span style="font-family: Arial, Helvetica, sans-serif;">Executing this is self-explanatory, bring down the environment Vagrant is managing.</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="background-color: #f3f3f3; font-family: 'Courier New', Courier, monospace;"> vagrant suspend </span><span style="font-family: 'Courier New', Courier, monospace;"> - </span><span style="font-family: Arial, Helvetica, sans-serif;">This command suspends the environment instead of shutting it down. Enables a quicker startup of the environment when brought back up later.</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="background-color: #f3f3f3; font-family: 'Courier New', Courier, monospace;"> vagrant resume </span><span style="font-family: 'Courier New', Courier, monospace;"> - </span><span style="font-family: Arial, Helvetica, sans-serif;">Command is used after putting environment in a suspended state.</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="background-color: #f3f3f3; font-family: 'Courier New', Courier, monospace;"> vagrant destroy </span><span style="font-family: 'Courier New', Courier, monospace;"> - </span><span style="font-family: Arial, Helvetica, sans-serif;">Beware. This command will bring down the environment if running and then destroys all of the resources that were created along with the initial creation.</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="background-color: #f3f3f3; font-family: 'Courier New', Courier, monospace;"> vagrant package </span><span style="font-family: 'Courier New', Courier, monospace;"> - </span><span style="font-family: Arial, Helvetica, sans-serif;">This command is used to package a running virtualbox environment in a re-usable box. </span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="background-color: #f3f3f3; font-family: 'Courier New', Courier, monospace;"> vagrant ssh </span><span style="font-family: 'Courier New', Courier, monospace;"> - </span><span style="font-family: Arial, Helvetica, sans-serif;">SSH into you vagrant running machines.</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Arial, Helvetica, sans-serif;">There are several other commands of course to explore. </span>Anonymoushttp://www.blogger.com/profile/08401515398537055010noreply@blogger.com0tag:blogger.com,1999:blog-243202604267192203.post-2796529672978941962014-07-31T22:34:00.001-07:002014-11-11T21:30:52.024-08:00The Container World | Part 4 First Container<span style="font-family: Arial, Helvetica, sans-serif;">Before we create our first container I would like to go over the architecture of LXC and also list some key commands used to manage your containers. I think its important to understand what the inside of a container looks like before diving right in. WIll allso provide a command line cheat sheet. Let's have a look.</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<br />
<h3>
<span style="font-family: Arial, Helvetica, sans-serif;">
Important Components of a Container</span></h3>
<table cellpadding="0" cellspacing="0" class="tr-caption-container" style="float: right; text-align: left;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiq_BNUd_gad-m55Yaj3UgY8sxxZU0pL4VgzWhI_Y4nGpeF0iaAqjWX5O0G3Cvz9ntxkBVnYCUnTDSzEXLTXQgEh926e10U6_w35Z6-SWSk9Ino2YkoemF1XdYxVQDFogsMg7jY3XLQDSfc/s1600/lxc.png" imageanchor="1" style="clear: left; margin-bottom: 1em; margin-left: auto; margin-right: auto;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiq_BNUd_gad-m55Yaj3UgY8sxxZU0pL4VgzWhI_Y4nGpeF0iaAqjWX5O0G3Cvz9ntxkBVnYCUnTDSzEXLTXQgEh926e10U6_w35Z6-SWSk9Ino2YkoemF1XdYxVQDFogsMg7jY3XLQDSfc/s1600/lxc.png" height="166" width="200" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">image: linuxadvocates.com</td></tr>
</tbody></table>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;">To save time let's just list out some important points:</span></div>
<br />
<ul>
<li><span style="font-family: Arial, Helvetica, sans-serif;">All of your containers and their configuration files are created under the</span><span style="font-family: Courier New, Courier, monospace;"><b> </b><b>/var/lib/lxc/container-name</b></span><span style="font-family: Arial, Helvetica, sans-serif;"> directory by default. You are able to modify this directory if you would like but Ill just be sticking with this because it can get messy as templates and other configuration files use this as default. One thing I will do though is mount that directory on its own BTRFS filesystem. </span></li>
<li><span style="font-family: Arial, Helvetica, sans-serif;">Each container is assigned its own root filesystem (</span><span style="font-family: Courier New, Courier, monospace;"><b>rootfs</b></span><span style="font-family: Arial, Helvetica, sans-serif;">) and is maintained in a </span><span style="font-family: Courier New, Courier, monospace;"><b>fstab </b></span><span style="font-family: Arial, Helvetica, sans-serif;">file. This is one of the coolest things about LXC in my opinion. When you log into a container it basically feels like you are actually inside of a full Linux operating system with the normal filesystem structure. This makes the user feel right at home!</span></li>
<li><span style="font-family: Arial, Helvetica, sans-serif;">Containers run-time configurations are maintained in its </span><span style="font-family: Courier New, Courier, monospace;"><b>config</b></span><span style="font-family: Arial, Helvetica, sans-serif;"><b> </b>file. This can be modified as needed. This file maintains networking, cgroups, hostname, filesystems, etc.</span></li>
<li><span style="font-family: Arial, Helvetica, sans-serif;">The first linux container can take some time to create but each time a container is created from a template it is stored in</span><span style="font-family: Courier New, Courier, monospace;"> <b>/var/cache/lxc/</b></span><span style="font-family: Arial, Helvetica, sans-serif;">. The next time you create from the same template, cache will allow it to create quickly. </span></li>
<li><span style="font-family: Arial, Helvetica, sans-serif;">Containers are created from templates that are located </span><span style="font-family: Courier New, Courier, monospace;"><b>/usr/share/lxc/templates/lxc-[name]</b>.</span><span style="font-family: Arial, Helvetica, sans-serif;"> If you want to modify how the container is built you can modify the templates. These are just shell scripts. Templates contain things like root password, cache base, default path for container files, default container configs, etc. When you install LXC you are given default templates so check the directory to see what you can build.</span></li>
<li><span style="font-family: Arial, Helvetica, sans-serif;">Each container has its own log file under </span><b><i><span style="font-family: Courier New, Courier, monospace;">/var/log/lxc/container-name.log</span></i></b><span style="font-family: Arial, Helvetica, sans-serif;"> which may come in handy for troubleshooting. </span></li>
</ul>
<span style="font-family: Arial, Helvetica, sans-serif;"></span><br />
<h3>
<span style="font-family: Arial, Helvetica, sans-serif;">
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></span></h3>
<span style="font-family: Arial, Helvetica, sans-serif;">
</span>
<br />
<h3>
<span style="font-family: Arial, Helvetica, sans-serif;">
<span style="font-family: Arial, Helvetica, sans-serif;">Common Commands</span></span></h3>
<span style="font-family: Arial, Helvetica, sans-serif;">
</span>
<br />
<div>
<span style="font-family: Arial, Helvetica, sans-serif;"><span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></span></div>
<span style="font-family: Arial, Helvetica, sans-serif;">
Here is a is a cheat sheet of common commands that we will be using to manage containers. Be sure to also check out each commands man page for extended options as these are very generic options.</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="background-color: white; font-family: Arial, Helvetica, sans-serif;">List containers on the host. </span><br />
<span style="background-color: white; font-family: Courier New, Courier, monospace;"> lxc-ls</span><br />
<span style="background-color: white;"><span style="font-family: Courier New, Courier, monospace;"> lxc-ls --fancy ***</span><span style="font-family: Arial, Helvetica, sans-serif;">shows state and IP address.</span></span><br />
<span style="background-color: white;"><b style="font-family: Arial, Helvetica, sans-serif;"><br /></b>
<span style="font-family: Arial, Helvetica, sans-serif;">Create a new container. </span></span><br />
<span style="background-color: white; font-family: Courier New, Courier, monospace;"> lxc-create -t <i>TEMPLATE</i> -n <i>CONTAINER_NAME</i></span><br />
<span style="background-color: white;"><span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Arial, Helvetica, sans-serif;">Start a container. The "-d" option starts container without attaching.</span></span><br />
<span style="background-color: white; font-family: Courier New, Courier, monospace;"> lxc-start -n <i>CONTAINER_NAME</i></span><br />
<span style="background-color: white;"><span style="font-family: Courier New, Courier, monospace;"> </span><span style="font-family: 'Courier New', Courier, monospace;">lxc-start -n <i>CONTAINER_NAME</i> -d</span></span><br />
<span style="background-color: white;"><br /></span>
<span style="background-color: white; font-family: Arial, Helvetica, sans-serif;">Start a process inside a container. This is like sending a remote command to the container. If no command is given however the current default shell of the user will be looked up inside the container and executed. This will make it appear that you are inside the container when in fact you will not be.</span><br />
<span style="background-color: white; font-family: Courier New, Courier, monospace;"> lxc-attach -n <i>CONTAINER_NAME </i>command</span><br />
<span style="background-color: white;"><span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Arial, Helvetica, sans-serif;">Launch a console for the container. To exit the container use the keystrokes ctrl+a and then hit q at any time. </span></span><br />
<span style="background-color: white; font-family: Courier New, Courier, monospace;"> lxc-console -n <i>CONTAINER_NAME</i> </span><br />
<span style="background-color: white;"><span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Arial, Helvetica, sans-serif;">See specific processes running inside a container.</span></span><br />
<span style="background-color: white; font-family: Courier New, Courier, monospace;"> lxc-ps -n <i>CONTAINER_NAME</i></span><br />
<span style="background-color: white;"><span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Arial, Helvetica, sans-serif;">Stop a container.</span></span><br />
<span style="background-color: white; font-family: Courier New, Courier, monospace;"> lxc-stop -n <i>CONTAINER_NAME</i></span><br />
<span style="background-color: white;"><span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Arial, Helvetica, sans-serif;">Delete a container.</span></span><br />
<span style="background-color: white; font-family: Courier New, Courier, monospace;"> lxc-destroy -n <i>CONTAINER_NAME</i></span><br />
<span style="background-color: white;"><span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Arial, Helvetica, sans-serif;">Clone a container.</span></span><br />
<span style="background-color: white; font-family: Courier New, Courier, monospace;"> lxc-clone <i>CONTAINER_NAME NEW_CONTAINER_NAME</i></span><br />
<span style="background-color: white;"><span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
</span><br />
<h3>
<span style="background-color: white; font-family: Arial, Helvetica, sans-serif;">Let's Create our First Container!</span></h3>
<div>
<span style="background-color: white; font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
<span style="background-color: white;"><span style="font-family: Arial, Helvetica, sans-serif;">1. The first thing I would suggest is check that the kernel is ready for LXC with the</span><span style="font-family: Courier New, Courier, monospace;"> lxc-checkconfig</span><span style="font-family: Arial, Helvetica, sans-serif;"> command. As long as everything comes back enabled, we are ready to rock.</span></span><br />
<span style="background-color: white;"><span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: 'Courier New', Courier, monospace;"> </span><span style="color: #222222; font-family: 'Courier New', Courier, monospace;"># lxc-checkconfig </span></span><br />
<span style="background-color: white; font-family: Courier New, Courier, monospace;"><span style="color: #222222;"> Kernel configuration not found at /proc/config.gz; searching...</span><br style="color: #222222;" /><span style="color: #222222;"> Kernel configuration found at /boot/config-3.15.6-200.fc20.</span><wbr style="color: #222222;"></wbr><span style="color: #222222;">x86_64</span><br style="color: #222222;" /><span style="color: #222222;"> --- Namespaces ---</span><br style="color: #222222;" /><span style="color: #222222;"> Namespaces: enabled</span><br style="color: #222222;" /><span style="color: #222222;"> Utsname namespace: enabled</span><br style="color: #222222;" /><span style="color: #222222;"> Ipc namespace: enabled</span><br style="color: #222222;" /><span style="color: #222222;"> Pid namespace: enabled</span><br style="color: #222222;" /><span style="color: #222222;"> User namespace: enabled</span><br style="color: #222222;" /><span style="color: #222222;"> Network namespace: enabled</span><br style="color: #222222;" /><span style="color: #222222;"> Multiple /dev/pts instances: enabled</span><br style="color: #222222;" /><br style="color: #222222;" /><span style="color: #222222;"> --- Control groups ---</span><br style="color: #222222;" /><span style="color: #222222;"> Cgroup: enabled</span><br style="color: #222222;" /><span style="color: #222222;"> Cgroup clone_children flag: enabled</span><br style="color: #222222;" /><span style="color: #222222;"> Cgroup device: enabled</span><br style="color: #222222;" /><span style="color: #222222;"> Cgroup sched: enabled</span><br style="color: #222222;" /><span style="color: #222222;"> Cgroup cpu account: enabled</span><br style="color: #222222;" /><span style="color: #222222;"> Cgroup memory controller: enabled</span><br style="color: #222222;" /><span style="color: #222222;"> Cgroup cpuset: enabled</span><br style="color: #222222;" /><br style="color: #222222;" /><span style="color: #222222;"> --- Misc ---</span><br style="color: #222222;" /><span style="color: #222222;"> Veth pair device: enabled</span><br style="color: #222222;" /><span style="color: #222222;"> Macvlan: enabled</span><br style="color: #222222;" /><span style="color: #222222;"> Vlan: enabled</span><br style="color: #222222;" /><span style="color: #222222;"> File capabilities: enabled</span><br style="color: #222222;" /><br style="color: #222222;" /><span style="color: #222222;"> Note : Before booting a new kernel, you can check its configuration</span><br style="color: #222222;" /><span style="color: #222222;"> usage : CONFIG=/path/to/config /bin/lxc-checkconfig</span></span><br />
<span style="background-color: white;"><br /></span>
<span style="background-color: white;"><br /></span>
<span style="background-color: white;"><span style="font-family: Arial, Helvetica, sans-serif;">2. Create the container. We will be creating from a default container template. I can show ways to create custom containers in an advanced LXC demo. Remember also to check out</span><span style="font-family: Courier New, Courier, monospace;"> lxc-create</span><span style="font-family: Arial, Helvetica, sans-serif;"> man page.</span></span><br />
<span style="background-color: white;"><span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;"> # lxc-create -t <i>TEMPLATE</i> -n <i>CONTAINER_NAME</i></span></span><br />
<span style="background-color: white;"><span style="font-family: Courier New, Courier, monospace;"><i><br /></i></span>
<span style="font-family: Arial, Helvetica, sans-serif;">Replace </span><span style="font-family: Courier New, Courier, monospace;"><i>TEMPLATE </i></span><span style="font-family: Arial, Helvetica, sans-serif;">with one container templates supplied in </span><b style="font-family: 'Courier New', Courier, monospace;">/usr/share/lxc/templates/lxc-[name] </b><span style="font-family: Arial, Helvetica, sans-serif;">and also replace</span><span style="font-family: 'Courier New', Courier, monospace;"> <i>CONTAINER_NAME</i> </span><span style="font-family: Arial, Helvetica, sans-serif;">with your desired name. Example: replace </span><i><span style="font-family: Courier New, Courier, monospace;">TEMPLATE </span></i><span style="font-family: Arial, Helvetica, sans-serif;">with </span><i><span style="font-family: Courier New, Courier, monospace;">fedora </span></i><span style="font-family: Arial, Helvetica, sans-serif;">and </span><span style="font-family: Courier New, Courier, monospace;"><i>CONTAINER_NAME</i></span><span style="font-family: Arial, Helvetica, sans-serif;"> with</span><span style="font-family: Courier New, Courier, monospace;"><i> fedora-container </i></span><span style="font-family: Arial, Helvetica, sans-serif;">to create a Fedora container named "fedora-container". </span></span><br />
<span style="background-color: white;"><span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Arial, Helvetica, sans-serif;">NOTE: This will most likely take some time to complete.</span></span><br />
<span style="background-color: white;"><span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Arial, Helvetica, sans-serif;">3. Once this completes you can verify its complete and then start up the container. Remember the "-d" flag with the</span><span style="font-family: Courier New, Courier, monospace;"> lxc-start </span><span style="font-family: Arial, Helvetica, sans-serif;">command to not attach to container while starting it.</span></span><br />
<span style="background-color: white;"><span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;"> # lxc-ls --fancy</span></span><br />
<span style="background-color: white; font-family: Courier New, Courier, monospace;"> # lxc-start -n <i>CONTAINER_NAME -d</i></span><br />
<span style="background-color: white;"><span style="font-family: Courier New, Courier, monospace;"><i><br /></i></span>
</span><br />
<span style="background-color: white; font-family: Arial, Helvetica, sans-serif;">If you check the status of your containers once again you should be able to see that your container is now running.</span><br />
<span style="background-color: white;"><br /></span>
<span style="background-color: white;"><br /></span>
<span style="background-color: white; font-family: Arial, Helvetica, sans-serif;">4. Start playing around with your container. You should start getting familiar with your container. Try sending some commands to it with lxc-attach and get a console session going with lxc-console. </span><br />
<span style="background-color: white;"><span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;"> Examples:</span></span><br />
<span style="background-color: white; font-family: Courier New, Courier, monospace;"> # lxc-attach -n <i>CONTAINER_NAME</i> top</span><br />
<span style="background-color: white; font-family: Courier New, Courier, monospace;"> # lxc-console -n <i>CONTAINER_NAME</i></span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Arial, Helvetica, sans-serif;">When you console into your container try running some normal Linux commands and read/create some files like you would on a normal Linux machine. This will help you get familiar and help you see some of the differences between a container and a full blown OS.</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<br />
<span style="font-family: Arial, Helvetica, sans-serif;">That covers creating your first container! After I created my first couple containers and started playing with the different commands, I was able to become familiar and comfortable very quickly. Once I started playing with LXC the whole Linux container technology started to "click" and make sense and that's why I started this blog series with plain ole LXC. Please check back soon for some advanced container configurations in the next blog post and some Docker tutorials in the near future. Will also be following up with a video on this soon that covers what I have gone over in the past couple of posts. I will add to this page. </span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Arial, Helvetica, sans-serif;">Blog Series on <a href="http://www.wickedawesometech.us/2014/07/the-container-world-part-1-overview.html">Linux Containers</a>:</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;">Previous Post: <a href="http://www.wickedawesometech.us/2014/07/the-container-world-part-3-control.html">Control Groups</a></span><br />
<span style="font-family: Arial, Helvetica, sans-serif;">Next Post: <a href="http://www.wickedawesometech.us/2014/11/the-container-world-part-5-advanced.html">Advanced Configuration</a></span>Anonymoushttp://www.blogger.com/profile/08401515398537055010noreply@blogger.com0tag:blogger.com,1999:blog-243202604267192203.post-87671152143475202612014-07-31T22:34:00.000-07:002014-07-31T22:44:21.306-07:00The Container World | Part 3 Control Groups<span style="font-family: Arial, Helvetica, sans-serif;">In part 3 of my Linux container series, I want to briefly talk about an important aspect of the LXC technology, cgroups. In this post I will explain the cgroup technology as it pertains to LXC and systemd. I will not actually implement cgroups in the tutorial but will show an example of how we will set it up when we do advanced container configuration. Let's get started.</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"></span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"></span>
<br />
<h3>
<span style="font-family: Arial, Helvetica, sans-serif;">Control Groups (cgroups)</span></h3>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;"></span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"></span></div>
<div style="text-align: right;">
</div>
<table cellpadding="0" cellspacing="0" class="tr-caption-container" style="float: left; margin-right: 1em; text-align: left;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhsTe_KrKz50JyNfZqUb2xbSdY9VXRVWqkZ4F10WFtzHVpzjVco7YC1lioC6nww8eBbKOo7h-ethvF-6u8c6IfHfU2YuH95fciboPQmWiE_LfI6sCuBhkG3A2txQ8I81OrGCS4DdIxuHb4x/s1600/cgroup.jpg" imageanchor="1" style="clear: left; margin-bottom: 1em; margin-left: auto; margin-right: auto;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhsTe_KrKz50JyNfZqUb2xbSdY9VXRVWqkZ4F10WFtzHVpzjVco7YC1lioC6nww8eBbKOo7h-ethvF-6u8c6IfHfU2YuH95fciboPQmWiE_LfI6sCuBhkG3A2txQ8I81OrGCS4DdIxuHb4x/s1600/cgroup.jpg" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">image: access.redhat.com</td></tr>
</tbody></table>
<span style="font-family: Arial, Helvetica, sans-serif;">As mentioned in my <a href="http://www.wickedawesometech.us/2014/07/the-container-world-part-1-overview.html" target="_blank">first post</a>, control groups (cgroups) play an
important role in the container game. Although implementing cgroups into container configs is not mandatory,
I would highly recommend implementing the use especially
if you are planning to deploy several containers. This will help keep
your system stable when you start flooding yourself with containers.
Cgroups are a feature of the Linux kernel that allows administrators
to allocate and/or restrict resources to containers or processes such
as CPU, memory, network bandwidth, and many more. The main purpose
for cgroups is to be able to have more complete control over managing
and monitoring the host’s system resources and enabling admins to
divide up resources among applications and users thus allowing the
system to operate more efficiently. Remember that containers are lightweight but we still want to get as much out of our system as we can.</span><br />
<br />
<span style="font-family: Arial, Helvetica, sans-serif;">Before the use of systemd style kernel, custom cgroups hierarchies
were built using the </span><span style="font-family: Courier New, Courier, monospace;">libcgroup </span><span style="font-family: Arial, Helvetica, sans-serif;">package with the </span><span style="font-family: Courier New, Courier, monospace;">cgconfig </span><span style="font-family: Arial, Helvetica, sans-serif;">command. As
systemd becomes the adopted standard Linux kernel, </span><span style="font-family: Courier New, Courier, monospace;">libcgroup </span><span style="font-family: Arial, Helvetica, sans-serif;">is no
longer applicable (most of the time although there are certain
instances where it can be used). With systemd, cgroups are now managed
and created using </span><span style="font-family: Courier New, Courier, monospace;">systemctl. Systemctl </span><span style="font-family: Arial, Helvetica, sans-serif;">gives us the ability to set or modify parameters for a unit or application during runtime from the command line as well as allowing us to modify the unit files in </span><span style="background-color: white; color: #1a1a1a; line-height: 25.200000762939453px; orphans: 4; white-space: pre-wrap; widows: 4;"><span style="font-family: Courier New, Courier, monospace;">/usr/lib/systemd/system/ </span><span style="font-family: Arial, Helvetica, sans-serif;">and set cgroup parameters there which we wont get into in the post but is good to know</span><b style="font-family: 'Courier New', Courier, monospace;">. </b></span><br />
<br />
<span style="font-family: Arial, Helvetica, sans-serif;">Systemd by default creates default hierarchical controllers in the</span><span style="font-family: Courier New, Courier, monospace;">
/sys/fs/cgroups</span><span style="font-family: Arial, Helvetica, sans-serif;"> directory from the automatically created hierarchy of
slices, scopes and services. Here is a list of available controllers of
interest for containers:</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span><span style="font-family: Courier New, Courier, monospace;"> blkio </span><span style="font-family: Arial, Helvetica, sans-serif;">- Limits I/O access to block devices.</span><br />
<span style="font-family: Courier New, Courier, monospace;"> cpu </span><span style="font-family: Arial, Helvetica, sans-serif;">- Uses a scheduler for tasks.</span><br />
<span style="font-family: Courier New, Courier, monospace;"> cpuacct </span><span style="font-family: Arial, Helvetica, sans-serif;">- Reports on cpu resources used by tasks.</span><br />
<span style="font-family: Courier New, Courier, monospace;"> cpuset </span><span style="font-family: Arial, Helvetica, sans-serif;">- Assigns individual cpus for multicore systems.</span><br />
<span style="font-family: Courier New, Courier, monospace;"> devices </span><span style="font-family: Arial, Helvetica, sans-serif;">- Allows or denies access to devices.</span><br />
<span style="font-family: Courier New, Courier, monospace;"> freezer </span><span style="font-family: Arial, Helvetica, sans-serif;">- Freezes or resumes tasks.</span><br />
<span style="font-family: Courier New, Courier, monospace;"> memory </span><span style="font-family: Arial, Helvetica, sans-serif;">- Limits memory use and generates reports.</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Arial, Helvetica, sans-serif;">For LXC, we will implement these controllers and restrictions within the each container's configuration file. LXC integrates directly with systemd cgroups and is called from the container config file located in </span><span style="font-family: Courier New, Courier, monospace;">/var/lib/lxc/container/config. </span><span style="font-family: Arial, Helvetica, sans-serif;">In order to specify a control group value you will add a line with with the following syntax: </span><span style="font-family: Courier New, Courier, monospace;">lxc.cgroup.[subsystem name]</span><span style="font-family: Arial, Helvetica, sans-serif;">. </span><br />
<br />
<span style="font-family: Arial, Helvetica, sans-serif;">Let's go ahead and take a quick look at an example container config file with cgroup controllers implemented just to get an idea. This is from a default fedora container I created several months ago. </span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;"><span style="background-color: white; color: #222222;"><span style="font-size: x-small;"> </span>[root@centos7-lxchost1]# grep -i cgroup /var/lib/lxc/fedoraContainer1/</span><wbr style="color: #222222;"></wbr><span style="background-color: white; color: #222222;">config </span><br style="color: #222222;" /><span style="background-color: white; color: #222222;"> #cgroups</span><br style="color: #222222;" /><span style="background-color: white; color: #222222;"> lxc.cgroup.devices.deny = a</span><br style="color: #222222;" /><span style="background-color: white; color: #222222;"> lxc.cgroup.devices.allow = c 1:3 rwm</span><br style="color: #222222;" /><span style="background-color: white; color: #222222; font-size: x-small;"> </span><span style="background-color: white; color: #222222;">lxc.cgroup.devices.allow = c 1:5 rwm</span><br style="color: #222222;" /><span style="background-color: white; color: #222222;"> lxc.cgroup.devices.allow = c 5:1 rwm</span><br style="color: #222222;" /><span style="background-color: white; color: #222222;"> lxc.cgroup.devices.allow = c 5:0 rwm</span><br style="color: #222222;" /><span style="background-color: white; color: #222222;"> lxc.cgroup.devices.allow = c 4:0 rwm</span><br style="color: #222222;" /><span style="background-color: white; color: #222222;"> lxc.cgroup.devices.allow = c 4:1 rwm</span><br style="color: #222222;" /><span style="background-color: white; color: #222222;"> lxc.cgroup.devices.allow = c 1:9 rwm</span><br style="color: #222222;" /><span style="background-color: white; color: #222222;"> lxc.cgroup.devices.allow = c 1:8 rwm</span><br style="color: #222222;" /><span style="background-color: white; color: #222222;"> lxc.cgroup.devices.allow = c 136:* rwm</span><br style="color: #222222;" /><span style="background-color: white; color: #222222;"> lxc.cgroup.devices.allow = c 5:2 rwm</span><br style="color: #222222;" /><span style="background-color: white; color: #222222;"> lxc.cgroup.devices.allow = c 254:0 rm</span></span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span><span style="font-family: Arial, Helvetica, sans-serif;">The example above should give a good overview of how to implement cgroup restrictions into Linux containers. Check out the man page for </span><span style="font-family: Courier New, Courier, monospace;">lxc.conf</span><span style="font-family: Arial, Helvetica, sans-serif;"> to get more examples. Check out the next post to start creating our first containers.</span>
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Arial, Helvetica, sans-serif;">Blog Series on<a href="http://www.wickedawesometech.us/2014/07/the-container-world-part-1-overview.html"> Linux Containers</a>:</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;">Previous Post: <a href="http://www.wickedawesometech.us/2014/07/the-container-world-part-2-networking.html">Host Network</a></span><br />
<span style="font-family: Arial, Helvetica, sans-serif;">Next Post: <a href="http://www.wickedawesometech.us/2014/07/the-container-world-part-4-first.html">First Container</a></span>Anonymoushttp://www.blogger.com/profile/08401515398537055010noreply@blogger.com0tag:blogger.com,1999:blog-243202604267192203.post-25428713681710712862014-07-31T22:33:00.001-07:002014-07-31T22:42:57.427-07:00The Container World | Part 2 Networking<span style="font-family: Arial, Helvetica, sans-serif;">This is part 2 of a blog post series that I have started on Linux container and container-based technology. In <a href="http://www.wickedawesometech.us/2014/07/the-container-world-part-1-overview.html" target="_blank">part 1</a>, I gave an overview of LXC technology and finished up with a short tutorial on installing the necessary packages. In this post I will give a short discussion on the host networking and how it works and then sum up with a quick tutorial (I know. Just get to creating the containers already!). Will once again be demoing on a CentOS 7 machine. Hope you enjoy!</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<br />
<h3>
<span style="font-family: Arial, Helvetica, sans-serif;">Networking </span></h3>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;">It is important to understand how networking works for LXC and understand your options. This is important because without correct network configuration on the host, you will not be able to do things such as ssh into your containers. Containers support several different virtual networking types in which the majority of these types require a configured a <i>bridge</i> device on the host for any network communication. So for the sake of majority and the sake of this tutorial we will be setting up a bridge on our host.</span></div>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;">When it comes to networking, containers are just like regular operating systems or any other device on a network and are assigned their own IP addresses for communication. By setting up a bridge interface on the host, the host's interface will act similar to a switch and allow traffic to flow to and from the containers from other devices on the network . Here is a good illustration of a network bridge interface from Oracle if you are like me and need visuals.</span></div>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjBNJkuiVkV2F3fLEpsnDqhIph88XlyjOSU_EmGbsxwXtc0GCQdzkvyaEdzTn1CA6M4rSLoQ8hq4MTFOAaVf0wrVueQMVTgDMSJ0sFfV2vnA-WdNuTqqAuXVB_eGAN3204sV3lKDuMOiKZe/s1600/vethbridge.png" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjBNJkuiVkV2F3fLEpsnDqhIph88XlyjOSU_EmGbsxwXtc0GCQdzkvyaEdzTn1CA6M4rSLoQ8hq4MTFOAaVf0wrVueQMVTgDMSJ0sFfV2vnA-WdNuTqqAuXVB_eGAN3204sV3lKDuMOiKZe/s1600/vethbridge.png" height="193" width="320" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">Image: docs.oracle.com</td></tr>
</tbody></table>
<br />
<div>
</div>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;">This particular bridging method shown above is called a veth bridge (which we will be using when we create our containers in later tutorials). The networking aspect of LXC is not that difficult to grasp but I believe it is important to understand what is right for your environment. You should know what options you have for things like high availability and being able to access your container across the network. With that being said, lets begin our short demo on setting up a bridged adapter. </span></div>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;">NOTE: W</span><span style="font-family: Arial, Helvetica, sans-serif;">e will be setting up a single host with a single bridge on the subnet of </span><b style="font-family: Arial, Helvetica, sans-serif;">10.1.0.1/24. </b><span style="font-family: Arial, Helvetica, sans-serif;">If using virtualbox make sure to create a host-only adapter (File > Preferences > Network > Host-Only Networks) if you plan to be able to access the containers from outside the host.</span><span style="font-family: Arial, Helvetica, sans-serif;"> Here are my virtualbox network configuration for Host-Only adapter as an example:</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiovOhGlqANBEUJPlLFwkZyGxf0VLfV3SVJnmN-iMqRQgTeDJkrxK0k7sW9L005iy1vxP2Tmh4l7N6UBuMMkrenemJ63oYH5cxm5YUE5encNhTDXYgFfigxX5-hLAukRl_HHMlm-aMsodwm/s1600/host-only1.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiovOhGlqANBEUJPlLFwkZyGxf0VLfV3SVJnmN-iMqRQgTeDJkrxK0k7sW9L005iy1vxP2Tmh4l7N6UBuMMkrenemJ63oYH5cxm5YUE5encNhTDXYgFfigxX5-hLAukRl_HHMlm-aMsodwm/s1600/host-only1.png" height="188" width="320" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgFs52PGL_wMZkibhfqtgFTL4ShybnSPairAPwxKYsyfovn8Q4I2NwC-3g9y3xX3JI2Kaj3gq5_1cc2Vz_QALgKCFQdbQwD1PFn9CCyqL0VKDnM-XBy2PFuKzSSZBZxb3_oK77KnKQ5Nhf6/s1600/host-only2.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgFs52PGL_wMZkibhfqtgFTL4ShybnSPairAPwxKYsyfovn8Q4I2NwC-3g9y3xX3JI2Kaj3gq5_1cc2Vz_QALgKCFQdbQwD1PFn9CCyqL0VKDnM-XBy2PFuKzSSZBZxb3_oK77KnKQ5Nhf6/s1600/host-only2.png" height="188" width="320" /></a></div>
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;">1. If you have not already done so please make sure that you have the network service enabled and started.</span></div>
<div>
<span style="font-family: 'Courier New', Courier, monospace;"><br /></span></div>
<div>
<span style="font-family: 'Courier New', Courier, monospace;"> # </span><span style="font-family: 'Courier New', Courier, monospace;">service network start</span></div>
<div>
<span style="font-family: Courier New, Courier, monospace;"> # chkconfig network on</span></div>
<div>
<span style="font-family: Courier New, Courier, monospace;"><br /></span></div>
<div>
<span style="font-family: Courier New, Courier, monospace;"> OR for systemd </span></div>
<div>
<span style="font-family: Courier New, Courier, monospace;"><br /></span></div>
<div>
<span style="font-family: Courier New, Courier, monospace;"> # systemctl start network.service</span></div>
<div>
<span style="font-family: Courier New, Courier, monospace;"> # systemctl enable network.service</span></div>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;">2. We will bridge eth0 to br0 so let's configure eth0 interface. Don't use </span><span style="font-family: Courier New, Courier, monospace;">HWADDR</span><span style="font-family: Arial, Helvetica, sans-serif;"> from below. Keep your original one for the device. </span></div>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
<div>
<span style="font-family: Courier New, Courier, monospace;"> # vim /etc/sysconfig/network-scripts/ifcfg-eth0</span><br />
<span style="background-color: white; font-family: 'Courier New', Courier, monospace;"> </span><br />
<span style="background-color: white; color: #222222; font-family: 'Courier New', Courier, monospace;"> DEVICE=eth0</span><br />
<span style="background-color: white; color: #222222; font-family: 'Courier New', Courier, monospace;"> TYPE=Ethernet</span><br />
<span style="background-color: white; color: #222222; font-family: 'Courier New', Courier, monospace;"> HWADDR=YOUR_MAC_ADDRESS</span><br />
<span style="background-color: white; color: #222222; font-family: 'Courier New', Courier, monospace;"> BOOTPROTO=none</span><br />
<span style="background-color: white; color: #222222; font-family: 'Courier New', Courier, monospace;"> ONBOOT=yes</span><br />
<span style="background-color: white; color: #222222; font-family: 'Courier New', Courier, monospace;"> NM_CONTROLLED=no</span><br />
<span style="background-color: white; color: #222222; font-family: 'Courier New', Courier, monospace;"> BRIDGE=br0</span></div>
<div>
<br /></div>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;">3. Create the bridge device br0. Setup as static IP.</span></div>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
<div>
<span style="font-family: Courier New, Courier, monospace;"> # vim /etc/sysconfig/network-scripts/ifcfg-br0</span><br />
<span style="background-color: white; color: #222222; font-family: 'Courier New', Courier, monospace;"><br /></span>
<span style="background-color: white; font-family: 'Courier New', Courier, monospace;"> </span><span style="background-color: white; color: #222222;"><span style="font-family: Courier New, Courier, monospace;">DEVICE=br0</span></span><br />
<span style="background-color: white; color: #222222;"><span style="font-family: Courier New, Courier, monospace;"> TYPE=Bridge</span></span><br />
<span style="background-color: white; color: #222222;"><span style="font-family: Courier New, Courier, monospace;"> IPADDR=10.1.0.103</span></span><br />
<span style="background-color: white; color: #222222;"><span style="font-family: Courier New, Courier, monospace;"> NETMASK=255.255.255.0</span></span><br />
<span style="background-color: white; color: #222222;"><span style="font-family: Courier New, Courier, monospace;"> ONBOOT=yes</span></span><br />
<span style="background-color: white; color: #222222;"><span style="font-family: Courier New, Courier, monospace;"> BOOTPROTO=static</span></span><br />
<span style="background-color: white; color: #222222;"><span style="font-family: Courier New, Courier, monospace;"> NM_CONTROLLED=no</span></span><br />
<span style="background-color: white; color: #222222;"><span style="font-family: Courier New, Courier, monospace;"> DELAY=0</span></span><br />
<span style="background-color: white; color: #222222;"><span style="font-family: Courier New, Courier, monospace;"><br /></span></span>
<span style="background-color: white; color: #222222;"><span style="font-family: Courier New, Courier, monospace;"><br /></span></span>
<span style="background-color: white; color: #222222;"><span style="font-family: Arial, Helvetica, sans-serif;">4. Add the following if statement at the end of the </span><span style="font-family: Courier New, Courier, monospace;">ifup-post</span><span style="font-family: Arial, Helvetica, sans-serif;"> file right above </span><span style="font-family: Courier New, Courier, monospace;">exit 0.</span></span><br />
<span style="background-color: white; color: #222222;"><span style="font-family: Courier New, Courier, monospace;"><br /></span></span>
<span style="background-color: white; color: #222222;"><span style="font-family: Courier New, Courier, monospace;"> # </span></span><span style="font-family: 'Courier New', Courier, monospace;">vim /etc/sysconfig/network-scripts/ifup-post</span><br />
<span style="background-color: white; color: #222222; font-family: 'Courier New', Courier, monospace;"><br /></span>
<span style="background-color: white; font-family: 'Courier New', Courier, monospace;"> </span><span style="background-color: white; color: #222222; font-family: 'Courier New', Courier, monospace;">if [ $DEVNAME = "br0" ]; then</span><br />
<span style="background-color: white; color: #222222; font-family: 'Courier New', Courier, monospace;"> /usr/sbin/brctl setfd br0 0</span><br />
<span style="background-color: white; color: #222222; font-family: 'Courier New', Courier, monospace;"> fi</span><br />
<span style="background-color: white; color: #222222; font-family: 'Courier New', Courier, monospace;"><br /></span>
<span style="background-color: white; color: #222222;"><span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></span>
<span style="font-family: Arial, Helvetica, sans-serif;"><span style="background-color: white; color: #222222;">The if statement above executes a command to set the br0 device to a forwarding delay of 0 each time the interface is brought up. "</span><span style="background-color: white; color: #4d4d4d; line-height: 19.828800201416016px;">Forwarding delay time is the time spent in each of the Listening and Learning states before the Forwarding state is entered. This delay is so that when a new bridge comes onto a busy network it looks at some traffic before participating <a href="http://www.linuxfoundation.org/collaborate/workgroups/networking/bridge#Forwarding_delay" target="_blank">(Linux Foundation)</a>". Also note that anytime that you make a change to any network configurations that you must restart the network to take affect. </span></span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><span style="background-color: white; color: #4d4d4d; line-height: 19.828800201416016px;"><br /></span></span>
<span style="font-family: Arial, Helvetica, sans-serif;"><span style="background-color: white; color: #4d4d4d; line-height: 19.828800201416016px;">This concludes Host networking setup. Please check out next post in the series cgroups. </span></span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><span style="background-color: white; color: #4d4d4d; line-height: 19.828800201416016px;"><br /></span></span>
<span style="font-family: Arial, Helvetica, sans-serif;">Blog Series on<a href="http://www.wickedawesometech.us/2014/07/the-container-world-part-1-overview.html"> Linux Containers</a>:</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;">Previous Post: <a href="http://www.wickedawesometech.us/2014/07/the-container-world-part-1-overview.html">Overview</a></span><br />
<span style="font-family: Arial, Helvetica, sans-serif;">Next Post: <a href="http://www.wickedawesometech.us/2014/07/the-container-world-part-3-control.html">Control Groups</a></span></div>
<div>
</div>
Anonymoushttp://www.blogger.com/profile/08401515398537055010noreply@blogger.com0tag:blogger.com,1999:blog-243202604267192203.post-82373791339880705422014-07-14T20:40:00.001-07:002014-07-31T22:41:57.364-07:00The Container World | Part 1 Overview<span style="font-family: Arial, Helvetica, sans-serif;">Due to the popularity of Linux containers and container-based technology, I'll be starting a series of blog posts on containers and popular container-based technologies that have been gaining attention over the past year or so. I think it's important to have a basic understanding of containers in order for the other technologies to make sense so Ill start off the series by giving an overview of LXC and explain some of its features and advantages. Once there is a basic understanding of containers then move into tutorials on how to build, deploy and manage before reviewing other container-based technologies like CoreOS, Project Atomic, Docker, OpenShift and many more. Hope you enjoy.</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<br />
<h3>
<span style="font-family: Arial, Helvetica, sans-serif;">Linux Containers (LXC) Explained</span></h3>
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Arial, Helvetica, sans-serif;">Before jumping into the world of containers and container-based technology, I believe that it is important to have atleast a basic understanding of Linux Containers (LXC) since it is the "backbone" for the majority of the projects. Once you understand the basics of LXC, it will make a container-based technology like Docker much easier to grasp from the start. </span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Arial, Helvetica, sans-serif;">A Linux Container, in its most basic definition, is an operating system level virtualization method for running one or multiple isolated Linux systems on a single host. These isolated Linux systems are called "containers" and utilize control groups (cgroups) for resource isolation. Cgroups became part of kernel functionality with release version 2.6.24 and allow for namespace isolation to provide complete isolation of applications view of the OS which allows it be given its own PID space, file system structure and network interfaces. Although each container is provided its own space and can be constrained to specified resource allocation, all containers share the host's kernel. You can imagine containers as processes in a box in that containers run as Linux processes on top of the Linux kernel. See below image for a visual representation of the layers. </span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<br />
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh7J68TOBZlgtWxVMNSeS-QUoOODJxSx5WvwzP_0RyCQAQW4Evt4pDSMeM-egW6ME0EuWTLbhBjwxSDMzsAs_GJy7PhFQK5IyWrhdfoCy_k32Dx5hwbPb_PjYCjydoZf8t_b1dGepl-d6S1/s1600/container_layout.png" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh7J68TOBZlgtWxVMNSeS-QUoOODJxSx5WvwzP_0RyCQAQW4Evt4pDSMeM-egW6ME0EuWTLbhBjwxSDMzsAs_GJy7PhFQK5IyWrhdfoCy_k32Dx5hwbPb_PjYCjydoZf8t_b1dGepl-d6S1/s1600/container_layout.png" height="319" width="320" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">Figure 1. Containers all share the same kernel and host OS and may also share the host's binaries and libraries as well.</td></tr>
</tbody></table>
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<br />
<h3>
<span style="font-family: Arial, Helvetica, sans-serif;">Advantages / Disadvantages</span></h3>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;">The advantages of containers depends solely on the environment needs. There are several benefits to utilizing this technology but there are also disadvantages as well. Let's list out some of the advantages of containers and then list out the disadvantages. Please note these pros and cons are a matter of opinion so where I see it as an advantage some might not.</span></div>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;"><b>Advantages </b></span></div>
<div>
<ul>
<li><span style="font-family: Arial, Helvetica, sans-serif;">Lightweight - As mentioned above, Linux containers are extremely lightweight due to the fact that they are not full fledged operating systems and take advantage of being a running process on the Linux kernel. </span></li>
<li><span style="font-family: Arial, Helvetica, sans-serif;">Open Source - Who doesn't like open source? Lots of enhancements and features being added all the time and also a backed community of people out there. Companies like Red Hat also have paid support in newer releases of their OS. </span></li>
<li><span style="font-family: Arial, Helvetica, sans-serif;">API - LXC is written in C, python3, shell and lua but has several language bindings including python, lua, ruby and Go. This would give the ability to program automate as far as your heart desires. </span></li>
<li><span style="font-family: Arial, Helvetica, sans-serif;">BTRFS - If you haven't read or heard about <a href="http://en.wikipedia.org/wiki/Btrfs" target="_blank">BTRFS </a>yet then I would suggest taking a look at its features. I won't get into discussing BTRFS here but note that container technology is a great case to take advantage of some of its features.</span></li>
<li><span style="font-family: Arial, Helvetica, sans-serif;">Isolation - Cgroups give admins the advantage of running multiple systems and applications inside containers on the same host without any interference to other containers. This reduces overhead an in return can help you better utilize resources like CPU and memory which will also in turn save rack space. A great way to get maximum utilization out of your hardware and return on investment.</span></li>
<li><span style="font-family: Arial, Helvetica, sans-serif;">Fast Deployment - One of the best advantages in my opinion and what I believe to be one of the main inspirations to a lot of the container-based technologies like Docker. You can create container templates, setup a repository, clone new instances from templates and be up and running in a matter of minutes. </span></li>
<li><span style="font-family: Arial, Helvetica, sans-serif;">Runs Linux - Linux is totally <i>wicked awesome</i> but that's not what I'm getting at. You can run several different flavors of Linux on the same host as long as they both share the same kernel. So for example you can run CentOS containers alongside Ubuntu containers on a Fedora host.</span></li>
</ul>
<span style="font-family: Arial, Helvetica, sans-serif;"><b><br /></b></span><b style="font-family: Arial, Helvetica, sans-serif;">Disadvantages</b></div>
<br />
<ul>
<li><span style="font-family: Arial, Helvetica, sans-serif;">Only Linux - Although you are able to run many different Debian and rpm based containers on the same host regardless of host OS, you are strictly limited to running Linux. You cannot run Windows, BSD, or OSX since containers utilize the Linux Kernel. </span></li>
<li><span style="font-family: Arial, Helvetica, sans-serif;">Configuration - I have found, especially in the beginning, configuring containers can be a bit of a task and a little frustrating at times. But if you play around with them for awhile it will start to click.</span></li>
<li><span style="font-family: Arial, Helvetica, sans-serif;">All command line - To me this is an advantage but to some this might be a disadvantage. There is no GUI program that comes with LXC for configuration or management of containers or repos. </span></li>
<li><span style="font-family: Arial, Helvetica, sans-serif;">Security - There are many people that do not believe that containers are secure. Security has come a long way through the integration of SELinux so I would say that this point could and probably should be argued. </span></li>
</ul>
<br />
<br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<br />
<h3>
<span style="font-family: Arial, Helvetica, sans-serif;">Getting Started</span></h3>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;">With this being part 1 of the series, let's go ahead and move forward with getting LXC installed on a system. LXC works on multiple flavors of Linux but for this demo and the rest of my demos I will be using CentOS 7. In the next post, we will dig deeper into LXC and start configuration.</span></div>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;">1. The first thing you are going to need to do is install the EPEL Repository for CentOS 7 if you have not already done so. This repository will contain the necessary packages for LXC. You can use wget like below to download. If you already have that repo on your machine skip to step 2.</span></div>
<div>
<br /></div>
<div>
<span style="background-color: white; font-family: 'Courier New', Courier, monospace; line-height: 1.2;"> # wget http://dl.fedoraproject.org/pub/epel/beta/7/x86_64/epel-release-7-0.2.noarch.rpm</span><br />
<span style="background-color: white; font-family: 'Courier New', Courier, monospace; line-height: 1.2;"><br /></span></div>
<div>
<span style="background-color: white; font-family: 'Courier New', Courier, monospace; font-size: x-small; line-height: 1.2;"> </span><span style="background-color: white; font-family: 'Courier New', Courier, monospace; line-height: 1.2;">#</span><span style="background-color: white; font-family: 'Courier New', Courier, monospace; font-size: x-small; line-height: 1.2;"> </span><span style="background-color: white; line-height: 1.2;"><span style="font-family: Courier New, Courier, monospace;">rpm -ivh epel-release-7-0.2.noarch.rpm</span></span><br />
<span style="background-color: white; line-height: 1.2;"><span style="font-family: Courier New, Courier, monospace;"><br /></span></span>
<br />
<span style="font-family: Arial, Helvetica, sans-serif;">2. Install the main LXC package along with the bridging utilities package for ethernet bridging.</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;"> <span style="background-color: white;"># <span style="line-height: 18.479999542236328px; white-space: pre;">yum install -y lxc bridge-utils</span></span></span><br />
<span style="background-color: white; line-height: 1.2;"><span style="font-family: Courier New, Courier, monospace;"><br /></span></span>
<span style="background-color: white; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 1.2;"><br /></span></span>
<span style="background-color: white; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 1.2;">That's it! Extremely simple. You can watch the video below for a visual on getting LXC installed. Please check back soon for Part 2 where I will walk us through setting up the host for networking. </span></span><br />
<span style="background-color: white; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 1.2;"><br /></span></span>
<span style="background-color: white; line-height: 1.2;"><span style="font-family: Courier New, Courier, monospace;"><br /></span></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div style="text-align: center;">
<iframe allowfullscreen='allowfullscreen' webkitallowfullscreen='webkitallowfullscreen' mozallowfullscreen='mozallowfullscreen' width='320' height='266' src='https://www.youtube.com/embed/p3CY0AMSFeM?feature=player_embedded' frameborder='0'></iframe><br />
<div style="text-align: left;">
<br /></div>
<div style="text-align: left;">
<span style="font-family: Arial, Helvetica, sans-serif;">Blog Series on Linux Containers:</span></div>
<div style="text-align: left;">
<span style="font-family: Arial, Helvetica, sans-serif;">Next Post: <a href="http://www.wickedawesometech.us/2014/07/the-container-world-part-2-networking.html">Networking</a></span></div>
</div>
<span style="background-color: white; line-height: 1.2;"><span style="font-family: Courier New, Courier, monospace;"><br /></span></span></div>
Anonymoushttp://www.blogger.com/profile/08401515398537055010noreply@blogger.com0tag:blogger.com,1999:blog-243202604267192203.post-59454182550475506542014-07-08T22:19:00.000-07:002014-07-08T22:19:08.190-07:00Managing Systemd Targets (Runlevels)<div class="MsoNormal" style="background-color: white; margin: 0in 0in 0.0001pt;">
<span style="color: #222222; font-family: Arial, Helvetica, sans-serif;">If you are a Linux geek then you are probably aware of the adoption of systemd in the majority of Linux distros. One of the differences that we will see is how the “new init” handles running in different modes (mult-user, single-user, graphical , etc). As you probably know, the older init versions such as SysV, used <i>runlevels 0-6 </i>to define the operating system’s mode of operation in which those modes would define which services would be run at the specified mode. Systemd uses targets which are represented by what is called <i>target units</i> that group together other system units through a chain of dependencies to define which services to run. Will be using Fedora 20 machine to demo a few commands on how to manage systemd targets. Also note that </span><span style="color: #222222; font-family: Arial, Helvetica, sans-serif;">the majority of the older init commands still work <i>for now</i> but I would highly suggest learning the </span><span style="color: #222222; font-family: Courier New, Courier, monospace;">systemctl </span><span style="color: #222222; font-family: Arial, Helvetica, sans-serif;">commands because from what I have been reading, all the older commands will slowly go away.</span><span style="color: #222222; font-family: Arial, Helvetica, sans-serif;"> </span></div>
<div class="MsoNormal" style="background-color: white; color: #222222; margin: 0in 0in 0.0001pt;">
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
<div class="MsoNormal" style="background-color: white; color: #222222; margin: 0in 0in 0.0001pt;">
<span style="font-family: Arial, Helvetica, sans-serif;">Systemd’s target units end in a “</span><span style="font-family: Courier New, Courier, monospace;">.target</span><span style="font-family: Arial, Helvetica, sans-serif;">” file extension. </span><span style="font-family: Arial, Helvetica, sans-serif;">So if we wanted to take a look at which mode you are currently running you could execute the following command:</span><br />
<h2>
<span style="font-family: arial; font-size: x-small; font-weight: normal;"><br /></span></h2>
<h2>
<span style="font-family: arial; font-size: x-small; font-weight: normal;">r</span><span style="font-family: Courier New, Courier, monospace; font-size: small;"><span style="font-weight: normal;">oot@localhost ~]# systemctl list-units --type=target</span><br style="font-weight: normal;" /><span style="font-weight: normal;">UNIT LOAD ACTIVE SUB DESCRIPTION</span><br style="font-weight: normal;" /><span style="font-weight: normal;">basic.target loaded active active Basic System</span><br style="font-weight: normal;" /><span style="font-weight: normal;">cryptsetup.target loaded active active Encrypted Volumes</span><br style="font-weight: normal;" /><span style="font-weight: normal;">getty.target loaded active active Login Prompts</span><br style="font-weight: normal;" /><span style="font-weight: normal;">graphical.target loaded active active Graphical Interface</span><br style="font-weight: normal;" /><span style="font-weight: normal;">local-fs-pre.target loaded active active Local File Systems (Pre)</span><br style="font-weight: normal;" /><span style="font-weight: normal;">local-fs.target loaded active active Local File Systems</span><br style="font-weight: normal;" /><span style="font-weight: normal;">multi-user.target loaded active active Multi-User System</span><br style="font-weight: normal;" /><span style="font-weight: normal;">network.target loaded active active Network</span><br style="font-weight: normal;" /><span style="font-weight: normal;">paths.target loaded active active Paths</span><br style="font-weight: normal;" /><span style="font-weight: normal;">remote-fs.target loaded active active Remote File Systems</span><br style="font-weight: normal;" /><span style="font-weight: normal;">slices.target loaded active active Slices</span><br style="font-weight: normal;" /><span style="font-weight: normal;">sockets.target loaded active active Sockets</span><br style="font-weight: normal;" /><span style="font-weight: normal;">sound.target loaded active active Sound Card</span><br style="font-weight: normal;" /><span style="font-weight: normal;">swap.target loaded active active Swap</span><br style="font-weight: normal;" /><span style="font-weight: normal;">sysinit.target loaded active active System Initialization</span><br style="font-weight: normal;" /><span style="font-weight: normal;">timers.target loaded active active Timers</span><br style="font-weight: normal;" /><br style="font-weight: normal;" /><span style="font-weight: normal;">LOAD = Reflects whether the unit definition was properly loaded.</span><br style="font-weight: normal;" /><span style="font-weight: normal;">ACTIVE = The high-level unit activation state, i.e. generalization of SUB.</span><br style="font-weight: normal;" /><span style="font-weight: normal;">SUB = The low-level unit activation state, values depend on unit type.</span><br style="font-weight: normal;" /><br style="font-weight: normal;" /><span style="font-weight: normal;">16 loaded units listed. Pass --all to see loaded but inactive units, too.</span><br style="font-weight: normal;" /><span style="font-weight: normal;">To show all installed unit files use 'systemctl list-unit-files'.</span></span></h2>
</div>
<div class="MsoNormal" style="background-color: white; margin: 0in 0in 0.0001pt;">
<div style="color: #222222;">
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Arial, Helvetica, sans-serif;">This command will tell you the targets name, if it has been loaded, high/low level activation state and a description. </span></div>
<div style="color: #222222;">
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
<div style="color: #222222;">
<span style="font-family: Arial, Helvetica, sans-serif;">The default target units for modes of operation are:</span></div>
<div style="color: #222222;">
<span style="color: #1a1a1a; font-family: Menlo, Monaco, 'Courier New', monospace; line-height: 20px; orphans: 4; white-space: pre-wrap; widows: 4;"><br /></span></div>
<div style="color: #222222;">
<span style="color: #1a1a1a; font-family: Menlo, Monaco, 'Courier New', monospace; line-height: 20px; orphans: 4; white-space: pre-wrap; widows: 4;"> poweroff.target</span><span style="color: #1a1a1a; line-height: 20px; orphans: 4; white-space: pre-wrap; widows: 4;"><span style="font-family: Arial, Helvetica, sans-serif;"> - which is used to poweroff the system (Runlevel 0).</span></span></div>
<div style="color: #222222;">
<span style="color: #1a1a1a; font-family: Menlo, Monaco, 'Courier New', monospace; line-height: 20px; orphans: 4; white-space: pre-wrap; widows: 4;"> rescue.target </span><span style="color: #1a1a1a; line-height: 20px; orphans: 4; white-space: pre-wrap; widows: 4;"><span style="font-family: Arial, Helvetica, sans-serif;">- used to setup rescue mode (Runlevel 1).</span></span></div>
<div style="color: #222222;">
<span style="color: #1a1a1a; font-family: Menlo, Monaco, 'Courier New', monospace; line-height: 20px; orphans: 4; white-space: pre-wrap; widows: 4;"> multi-user.target - </span><span style="color: #1a1a1a; line-height: 20px; orphans: 4; white-space: pre-wrap; widows: 4;"><span style="font-family: Arial, Helvetica, sans-serif;">used as mult-user non-graphical (Runlevels 2,3, and 4). </span></span></div>
<div style="color: #222222;">
<span style="color: #1a1a1a; font-family: Menlo, Monaco, 'Courier New', monospace; line-height: 20px; orphans: 4; white-space: pre-wrap; widows: 4;"> graphical.target </span><span style="color: #1a1a1a; line-height: 20px; orphans: 4; white-space: pre-wrap; widows: 4;"><span style="font-family: Arial, Helvetica, sans-serif;">- graphical multi-user (Runlevel 5).</span></span></div>
<div style="color: #222222;">
<span style="color: #1a1a1a; font-family: Menlo, Monaco, 'Courier New', monospace; line-height: 20px; orphans: 4; white-space: pre-wrap; widows: 4;"> reboot.target </span><span style="color: #1a1a1a; line-height: 20px; orphans: 4; white-space: pre-wrap; widows: 4;"><span style="font-family: Arial, Helvetica, sans-serif;">- reboot (Runlevel 6).</span></span></div>
<div style="color: #222222;">
<span style="color: #1a1a1a; line-height: 20px; orphans: 4; white-space: pre-wrap; widows: 4;"><span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></span></div>
<div style="color: #222222;">
<span style="color: #1a1a1a; line-height: 20px; orphans: 4; white-space: pre-wrap; widows: 4;"><span style="font-family: Arial, Helvetica, sans-serif;">If you would like to see what the default target unit is for your system, execute:</span></span></div>
<div style="color: #222222;">
<br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;"> [root@localhost ~]# systemctl get-default </span><br />
<span style="font-family: Courier New, Courier, monospace;"> graphical.target</span> </div>
<div style="color: #222222;">
<br />
<br /></div>
<div style="color: #222222;">
<span style="font-family: Arial, Helvetica, sans-serif;">You can also change the default target by using the </span><span style="font-family: Courier New, Courier, monospace;">set-deafult</span><span style="font-family: Arial, Helvetica, sans-serif;"> flag:</span></div>
<div style="color: #222222;">
<br /></div>
<div style="color: #222222;">
<span style="font-family: Courier New, Courier, monospace;"> [root@localhost ~]# systemctl set-default multi-user.target </span><br />
<span style="font-family: Courier New, Courier, monospace;"> rm '/etc/systemd/system/default.<wbr></wbr>target'<br /> ln -s '/usr/lib/systemd/system/<wbr></wbr>multi-user.target' </span><br />
<span style="font-family: 'Courier New', Courier, monospace;"> '/etc/systemd/system/default.</span><wbr style="font-family: 'Courier New', Courier, monospace;"></wbr><span style="font-family: 'Courier New', Courier, monospace;">target'</span><br />
<span style="font-family: Courier New, Courier, monospace;"> [root@localhost ~]# systemctl get-default<br /> multi-user.target</span></div>
<div style="color: #222222;">
<br />
<br /></div>
<div style="color: #222222;">
<span style="font-family: Arial, Helvetica, sans-serif;">One thing that I am sure you will have to do at some point in time as a Sys Admin is to switch from one of the target units to another. An example would be in the event a filesystem goes read-only and the system needs to be taken into rescue mode to run an </span><span style="font-family: Courier New, Courier, monospace;">fsck</span><span style="font-family: Arial, Helvetica, sans-serif;">. </span></div>
<div style="color: #222222;">
<span style="font-family: 'Courier New', Courier, monospace;"><br /></span>
<span style="font-family: 'Courier New', Courier, monospace;"><br /></span>
<span style="font-family: 'Courier New', Courier, monospace;"> [root@localhost ~]# systemctl isolate rescue.target </span><br />
<span style="font-family: 'Courier New', Courier, monospace;"><br /></span></div>
<div style="color: #222222;">
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
<div style="color: #222222;">
<span style="font-family: Arial, Helvetica, sans-serif;">In this case "</span><span style="font-family: Courier New, Courier, monospace;">systemctl rescue</span><span style="font-family: Arial, Helvetica, sans-serif;">" would work as well. </span></div>
<div style="color: #222222;">
<br /></div>
<div style="color: #222222;">
<span style="font-family: Arial, Helvetica, sans-serif;">There are tons and tons of material out there on managing targets. If you are looking for more information on systemd, I would suggest checking with your Linux Distros systemd page. Please check back soon for more tutorials on systemd. </span></div>
</div>
Anonymoushttp://www.blogger.com/profile/08401515398537055010noreply@blogger.com0tag:blogger.com,1999:blog-243202604267192203.post-88348302383064698852014-07-06T20:01:00.001-07:002014-07-06T20:01:42.258-07:00What is CoreOS?<span style="background-color: rgba(255, 255, 255, 0);"><span style="font-family: Arial, Helvetica, sans-serif;">I'm sure that many of you, especially those in the cloud realm, have been hearing a whole lot of buzz around the new operating system referred to as "CoreOS". I have been doing a lot of reading and have been following CoreOS over the past 5-6 months and I have to admit that it has really grabbed my attention. In this post Ill give an overview of what CoreOS is and also provide some insight on features and capabilities on why I think CoreOS is a game changer. Also please make sure you check the <a href="https://coreos.com/" target="_blank">CoreOS</a> site to get more information on the products offered, latest news, documentation and <i>great </i>tutorials.</span></span><br />
<span style="background-color: rgba(255, 255, 255, 0);"><span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></span>
<br />
<h2>
<span style="font-family: Arial, Helvetica, sans-serif; font-size: small;"><span style="background-color: rgba(255, 255, 255, 0);">Overview: CoreOS Explained </span></span></h2>
<div>
<span style="background-color: rgba(255, 255, 255, 0);"><span style="font-family: Arial, Helvetica, sans-serif;">In the most simplest definition, CoreOS is a minimized lightweight Linux based operating system that's purpose is to provide the ability to deploy and run mass amounts of software containers on a single host or across a cluster of hosts. It is basically a Linux kernel running a few utilities and nothing else. To give a visual on how minimal the operating system is, I have read that the entire OS consists of 100 megabytes of code or less and has the ability to be booted in less than two seconds. The boot I would have to see for myself but that is crazy small for a server style OS. CoreOS takes advantage of a service called "<a href="http://www.docker.com/whatisdocker/" target="_blank">Docker</a>" which is used to build, deploy and manage containers (watch for posts on Docker in the near future). Image below depicts a good visual representation of the fundamental layout of CoreOS and its utilities. CoreOS eliminates the need of a hypervisor to deploy full-fledged virtual machines running full-fledged operating systems and instead focuses on providing applications. It is completely open source under Apache license 2.0 and now also offering <a href="https://coreos.com/products/managed-linux/" target="_blank">new support option</a> released as of June 30th.</span></span><br />
<br />
<br />
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhoUf5AmhtoMs_8kO3T_x3DfXL382lkcYnULleptT1Te0CSXHbCDuwi3AuM66dDiYK3a_bf9FFfy5jmGyyCE6UitYzuredbny_grfIiITj2zcnBa4V2qqA9NzntznpCVaC4UdWv9UgeUTGw/s1600/CoreOS_Host.png" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhoUf5AmhtoMs_8kO3T_x3DfXL382lkcYnULleptT1Te0CSXHbCDuwi3AuM66dDiYK3a_bf9FFfy5jmGyyCE6UitYzuredbny_grfIiITj2zcnBa4V2qqA9NzntznpCVaC4UdWv9UgeUTGw/s1600/CoreOS_Host.png" height="317" width="400" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">Image: https://coreos.com/</td></tr>
</tbody></table>
<span style="background-color: rgba(255, 255, 255, 0);"><span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></span>
<br />
<h2>
<span style="font-family: Arial,Helvetica,sans-serif;"><span style="font-size: small;"><span style="font-weight: normal;"><b>Some Features</b></span></span></span></h2>
<span style="background-color: rgba(255, 255, 255, 0);"><span style="font-family: Arial, Helvetica, sans-serif;">One of the most surprising or interesting things about CoreOS is the fact that the OS is not a traditional full-fledged Linux OS like Red Hat or Ubuntu but instead is based on Google's Chrome OS. This is the reason why CoreOS is so lightweight and in fact so lightweight that it only requires just a little over 100meg of memory to boot which is less than half of what it takes to boot traditional Linux flavors. CoreOS is also able to run on both virtualized infrastructure such as KVM, Google Compute and other hypervisors or on plain ole bare metal machines. </span></span><br />
<br />
<span style="background-color: rgba(255, 255, 255, 0);"><span style="font-family: Arial, Helvetica, sans-serif;">Another surprising or interesting feature of CoreOS is the way that you patch the OS and the applications. CoreOS does not come packaged with any software packaging tools such as yum, apt or Zypper. They provide a web gui dashboard application, called <a href="https://coreos.com/products/coreupdate/" target="_blank">CoreUpdate</a>, that is used to manage all of your machines and applications. This application can give detailed information such as number of machines, versions, health of your clusters and more. The dashboard leverages<a href="https://coreos.com/using-coreos/updates/" target="_blank"> FastPatch</a>, an active-passive root partition scheme, which patches the entire OS as a single "unit" instead of package by package like traditional Linux. When the OS is patched it creates a completely new root partition as passive and then once the OS is rebooted it places the newly created partition as active and places the older partition as passive. There are several benefits to doing this but most importantly, especially if you are a Sys Admin, is still having the ability to rollback your update if needed. Pretty freaking brilliant.</span></span><br />
<span style="background-color: rgba(255, 255, 255, 0);"><span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></span></div>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;">Lets talk about one of the biggest key factors to CoreOS, <b>Docker</b>. As mentioned above, Docker is what CoreOS uses in order to run, build and deploy what is sitting on the OS which are essentially Linux containers. Containers are extremely lightweight virtual machines that's purpose is to simply serve applications. There is almost no overheard to run containers due to the fact that docker containers all share the host's kernel and run as an isolated processes in userspace. There are a lot of benefits of running containers (which will be discussed in other posts). You can deploy a new container within a matter of seconds, start and stop them even faster and share it across an entire cluster which will bring me to the next fundamental feature to cover, CoreOS clustering.</span></div>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;">CoreOS comes with built-in clustering of hosts which can range from just a couple to entire data centers. CoreOS uses etcd and systemd as the backbone of its clustering while fleet manages the containers and decides which host the containers should reside on based on application. According to the CoreOS team fleet creates seamless integration of clustered hosts into a shared pool of resources. Not sure I have a complete understanding of how their whole clustering architecture works but fleet definitely looks legit. Fleet has the capabilities of maintaining all of the individual containers and ensures that the containers maintain high availability in the event you have system updates or system failure.I would compare to fleet to VMware's HA solution. It also allows for containers that share the same application structure to run on separate hosts if needed or together. </span></div>
<div>
</div>
<div>
<br />
<br /></div>
<div>
<h2>
<span style="font-size: small;">Closing</span></h2>
<span style="font-family: Arial, Helvetica, sans-serif;"><span style="font-size: small;">CoreOS has definitely made its presence known over the past year or so. Whether or not it will become an adopted technology for most of the Cloud world, only time will tell. One would think that any "Big-Time" data center tech company would be taking a hard look as there are too many acclaimed benefits to using it. Regardless, CoreOS is definitely worth talking about and playing with. Check out their <a href="http://coreos.com/docs/" target="_blank">site </a>to get a copy and try it out for yourself. Will follow up with a video overview of my CoreOS lab as soon as I find a desktop recording application. </span></span></div>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
Anonymoushttp://www.blogger.com/profile/08401515398537055010noreply@blogger.com0tag:blogger.com,1999:blog-243202604267192203.post-75323165540177044532014-06-29T21:37:00.000-07:002014-06-29T21:40:44.592-07:00How to Manage Services with systemdFor all of you Red Hat enthusiasts out there, you are probably aware
that with the releases of CentOS 7 and the long anticipated
RHEL 7 comes the "new init", SYSTEMD. Many of Linux distros, including Fedora since release 15 (I believe), have already made the switch or are in process of switching. Most of my experience lies with the Red Hat distros so Ill be demoing on those. There are many benefits of switching to systemd such as tracking processes using <a href="https://www.kernel.org/doc/Documentation/cgroups/cgroups.txt" target="_blank">cgroups</a>, support for snapshots and state restore (much like the what the virtualization world uses) and optimized parallelization. Many more benefits that I wont get into for this post. For more of an overview or information visit the <a href="https://fedoraproject.org/wiki/Systemd" target="_blank">Fedora Project's Wiki on Systemd</a>. Ill have many more systemd posts to come but for now lets just focus on managing services. For this tutorial we will demonstrate on the <span style="font-family: "Courier New",Courier,monospace;">httpd</span> service due to its popularity in the Linux World. If following along please ensure that <span style="font-family: "Courier New",Courier,monospace;">httpd </span>is installed. Let's begin!<br />
<br />
One of the biggest and most flattering differences for managing services in systemd, atleast for me, is the fact that you only need to use one command line tool, <span style="font-family: "Courier New",Courier,monospace;">systemctl(</span>Be sure to check out the man page), whereas the traditional init system needs both <span style="font-family: "Courier New",Courier,monospace;">chkconfig </span>and <span style="font-family: "Courier New",Courier,monospace;">service </span>tools to manage services.<br />
<br />
To see the list of available services on your machine, run the following command:<br />
<span style="background-color: white; color: #222222; font-family: 'Courier New', Courier, monospace;"><br /></span>
<span style="background-color: white; color: #222222; font-family: 'Courier New', Courier, monospace;"> [root@localhost ~]</span><span style="font-family: 'Courier New', Courier, monospace;"># systemctl list-unit-files --type=service</span><br />
<span style="font-family: Arial,Helvetica,sans-serif;"><br /></span>
<span style="font-family: "Courier New",Courier,monospace;"><span style="font-size: x-small;"><span style="font-family: Arial,Helvetica,sans-serif;"> ***Additionally if you want to search for a specific service, feel free to grep for it.</span></span></span><br />
<br />
<br />
I<span style="font-family: Arial, Helvetica, sans-serif;">n our case the</span> <span style="font-family: "Courier New",Courier,monospace;">httpd </span>service is <span style="font-family: "Courier New",Courier,monospace;">"httpd.service</span>". To check to see if the service is running, use the following command:<br />
<br />
<span style="background-color: white; color: #222222;"><span style="font-family: Courier New, Courier, monospace;">[root@localhost ~]# systemctl status httpd.service</span></span><br />
<span style="font-family: Courier New, Courier, monospace;"><span style="background-color: white; color: #222222;"> httpd.service - The Apache HTTP Server</span><br style="color: #222222;" /><span style="background-color: white; color: #222222;"> Loaded: loaded (/usr/lib/systemd/system/</span><wbr style="color: #222222;"></wbr><span style="background-color: white; color: #222222;">httpd.service; disabled)</span><br style="color: #222222;" /><span style="background-color: white; color: #222222;"> Active: inactive (dead)</span></span><br />
<div>
<span style="color: #222222; font-family: Courier New, Courier, monospace;"><br /></span></div>
<div>
<span style="color: #222222;"><span style="font-family: Arial, Helvetica, sans-serif;">Note how descriptive the output is. The output gives a short couple of words on what the service is, if its loaded, if enabled/disabled for boot time and its state which in this case is not running. Note the output of the status of the </span><span style="font-family: Courier New, Courier, monospace;">httpd </span><span style="font-family: Arial, Helvetica, sans-serif;">service after issuing start, stop and restart below.</span></span><br />
<div>
<span style="color: #222222; font-family: arial; font-size: x-small;"><br /></span>
To start the <span style="font-family: "Courier New",Courier,monospace;">httpd </span>service issue the start command:<br />
<br />
<span style="font-family: Courier New, Courier, monospace;"> <span style="background-color: white; color: #222222;">[root@localhost ~]# systemctl start httpd.service</span></span><br />
<span style="background-color: white; color: #222222; font-family: 'Courier New', Courier, monospace;"> [root@localhost ~]# systemctl status httpd.service</span><br />
<span style="font-family: Courier New, Courier, monospace;"><span style="background-color: white; color: #222222;"> httpd.service - The Apache HTTP Server</span><br style="color: #222222;" /><span style="background-color: white; color: #222222;"> Loaded: loaded (/usr/lib/systemd/system/</span><wbr style="color: #222222;"></wbr><span style="background-color: white; color: #222222;">httpd.service; disabled)</span><br style="color: #222222;" /><span style="background-color: white; color: #222222;"> Active: active (running) since Fri 2014-06-27 16:18:19 EDT; 6s ago</span><br style="color: #222222;" /><span style="background-color: white; color: #222222;"> Main PID: 2049 (httpd)</span><br style="color: #222222;" /><span style="background-color: white; color: #222222;"> Status: "Processing requests..."</span><br style="color: #222222;" /><span style="background-color: white; color: #222222;"> CGroup: /system.slice/httpd.service</span><br style="color: #222222;" /><span style="background-color: white; color: #222222;"> ├─2049 /usr/sbin/httpd -DFOREGROUND</span><br style="color: #222222;" /><span style="background-color: white; color: #222222;"> ├─2050 /usr/sbin/httpd -DFOREGROUND</span><br style="color: #222222;" /><span style="background-color: white; color: #222222;"> ├─2051 /usr/sbin/httpd -DFOREGROUND</span><br style="color: #222222;" /><span style="background-color: white; color: #222222;"> ├─2052 /usr/sbin/httpd -DFOREGROUND</span><br style="color: #222222;" /><span style="background-color: white; color: #222222;"> ├─2053 /usr/sbin/httpd -DFOREGROUND</span><br style="color: #222222;" /><span style="background-color: white; color: #222222;"> └─2054 /usr/sbin/httpd -DFOREGROUND</span></span></div>
<div>
<br /></div>
<div>
<span style="font-family: Courier New, Courier, monospace;"><span style="background-color: white; color: #222222;"> Jun 27 16:18:19 localhost.localdomain systemd[1]: Started The Apache HTTP Ser...</span><br style="color: #222222;" /><span style="background-color: white; color: #222222;"> Hint: Some lines were ellipsized, use -l to show in full.</span><span style="color: #222222;"><br /></span></span><br />
<br />
To stop the service run:<br />
<br />
<span style="font-family: Courier New, Courier, monospace;"><span style="background-color: white; color: #222222;"> [root@localhost ~]# systemctl stop httpd.service</span><br style="color: #222222;" /><span style="background-color: white; color: #222222;"> [root@localhost ~]# systemctl status httpd.service</span><br style="color: #222222;" /><span style="background-color: white; color: #222222;"> httpd.service - The Apache HTTP Server</span><br style="color: #222222;" /><span style="background-color: white; color: #222222;"> Loaded: loaded (/usr/lib/systemd/system/</span><wbr style="color: #222222;"></wbr><span style="background-color: white; color: #222222;">httpd.service; disabled)</span><br style="color: #222222;" /><span style="background-color: white; color: #222222;"> Active: inactive (dead)</span><br style="color: #222222;" /><br style="color: #222222;" /><span style="background-color: white; color: #222222;"> Jun 27 16:18:19 localhost.localdomain systemd[1]: Starting The Apache HTTP Se...</span><br style="color: #222222;" /><span style="background-color: white; color: #222222;"> Jun 27 16:18:19 localhost.localdomain systemd[1]: Started The Apache HTTP Ser...</span><br style="color: #222222;" /><span style="background-color: white; color: #222222;"> Jun 27 16:19:02 localhost.localdomain systemd[1]: Stopping The Apache HTTP Se...</span><br style="color: #222222;" /><span style="background-color: white; color: #222222;"> Jun 27 16:19:03 localhost.localdomain systemd[1]: Stopped The Apache HTTP Ser...</span><br style="color: #222222;" /><span style="background-color: white; color: #222222;"> Hint: Some lines were ellipsized, use -l to show in full.</span></span><br />
<br />
<br />
To restart <span style="font-family: "Courier New",Courier,monospace;">httpd</span>, run below command:<br />
<br />
<span style="font-family: Courier New, Courier, monospace;"><span style="background-color: white; color: #222222;"> [root@localhost ~]# systemctl restart httpd.service</span><br style="color: #222222;" /><span style="background-color: white; color: #222222;"> [root@localhost ~]# systemctl status httpd.service</span><br style="color: #222222;" /><span style="background-color: white; color: #222222;"> httpd.service - The Apache HTTP Server</span><br style="color: #222222;" /><span style="background-color: white; color: #222222;"> Loaded: loaded (/usr/lib/systemd/system/</span><wbr style="color: #222222;"></wbr><span style="background-color: white; color: #222222;">httpd.service; disabled)</span><br style="color: #222222;" /><span style="background-color: white; color: #222222;"> Active: active (running) since Fri 2014-06-27 16:19:31 EDT; 2s ago</span><br style="color: #222222;" /><span style="background-color: white; color: #222222;"> Main PID: 2070 (httpd)</span><br style="color: #222222;" /><span style="background-color: white; color: #222222;"> Status: "Processing requests..."</span><br style="color: #222222;" /><span style="background-color: white; color: #222222;"> CGroup: /system.slice/httpd.service</span><br style="color: #222222;" /><span style="background-color: white; color: #222222;"> ├─2070 /usr/sbin/httpd -DFOREGROUND</span><br style="color: #222222;" /><span style="background-color: white; color: #222222;"> ├─2071 /usr/sbin/httpd -DFOREGROUND</span><br style="color: #222222;" /><span style="background-color: white; color: #222222;"> ├─2072 /usr/sbin/httpd -DFOREGROUND</span><br style="color: #222222;" /><span style="background-color: white; color: #222222;"> ├─2073 /usr/sbin/httpd -DFOREGROUND</span><br style="color: #222222;" /><span style="background-color: white; color: #222222;"> ├─2074 /usr/sbin/httpd -DFOREGROUND</span><br style="color: #222222;" /><span style="background-color: white; color: #222222;"> └─2075 /usr/sbin/httpd -DFOREGROUND</span><br style="color: #222222;" /><br style="color: #222222;" /><span style="background-color: white; color: #222222;"> Jun 27 16:19:31 localhost.localdomain systemd[1]: Started The Apache HTTP Ser...</span><br style="color: #222222;" /><span style="background-color: white; color: #222222;"> Hint: Some lines were ellipsized, use -l to show in full.</span></span><br />
<br />
<br />
Ill be doing a later segment on configuring boot time and runlevels (known as targets in systemd) in the near future but for the sake of this post let's take a look at enabling and disabling the service at Boot Time. To enable the <span style="font-family: "Courier New",Courier,monospace;">httpd </span>service to run at boot time, do the following:<br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;"><span style="background-color: white; color: #222222;"> [root@localhost ~]# systemctl enable httpd.service </span><br style="color: #222222;" /><span style="background-color: white; color: #222222;"> ln -s '/usr/lib/systemd/system/</span><wbr style="color: #222222;"></wbr><span style="background-color: white; color: #222222;">httpd.service' '/etc/systemd/system/multi-</span><wbr style="color: #222222;"></wbr><span style="background-color: white; color: #222222;">user.target.wants/httpd.</span><wbr style="color: #222222;"></wbr><span style="background-color: white; color: #222222;">service'</span></span><br />
Note the service link to "<span style="background-color: white; color: #222222; font-family: 'Courier New', Courier, monospace;">multi-</span><wbr style="color: #222222; font-family: 'Courier New', Courier, monospace;"></wbr><span style="background-color: white; color: #222222; font-family: 'Courier New', Courier, monospace;">user.target.wants".</span><br />
<span style="background-color: white; color: #222222; font-family: 'Courier New', Courier, monospace;"><br /></span>
<span style="background-color: white; color: #222222; font-family: 'Courier New', Courier, monospace;"><br /></span>
To remove the <span style="font-family: "Courier New",Courier,monospace;">httpd </span>service from running at boot time:<br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;"><span style="background-color: white; color: #222222;"> [root@localhost ~]# systemctl disable httpd.service </span><br style="color: #222222;" /><span style="background-color: white; color: #222222;"> rm '/etc/systemd/system/multi-</span><wbr style="color: #222222;"></wbr><span style="background-color: white; color: #222222;">user.target.wants/httpd.</span><wbr style="color: #222222;"></wbr><span style="background-color: white; color: #222222;">service'</span></span><br />
<span style="background-color: white; color: #222222; font-family: arial; font-size: x-small;"><br /></span>
Note the service removal of the link that was created when the service was enabled.<br />
<span style="background-color: white; color: #222222; font-family: arial; font-size: x-small;"><br /></span>
<br />
<span style="-webkit-text-stroke-width: 0px; background-color: white; color: black; display: inline !important; float: none; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 18.239999771118164px; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;"><span class="Apple-converted-space"><span style="font-family: sans-serif;">This was just a very short introduction and overview into managing services in systemd using </span><span style="font-family: Courier New, Courier, monospace;">systemctl</span><span style="font-family: sans-serif;">. There are several other things that you can do with systemctl such as kill processes and get a ton of information on them. Feel free to read its man page and as I mentioned above, Fedora's wiki page on systemd is a very good piece on using systemd. Please keep your eyes open as I will be posting a series of demos and discussions on systemd in the near future. Thanks for reading.</span></span></span></div>
</div>
Anonymoushttp://www.blogger.com/profile/08401515398537055010noreply@blogger.com0tag:blogger.com,1999:blog-243202604267192203.post-87883583440451356832014-06-27T07:22:00.000-07:002014-06-27T07:22:39.726-07:00Welcome Intro - The Awesome World of TechnologyTechnology. Where would we be in this day and age without it? Let's take a minute and think about some of the awesome technologies that we use on a daily basis and how they affect our lives...<br />
<br />
Skype allows a soldier on the other side of the world have a video chat with his wife and new born child. Facebook allows a person to reconnect with a high school friend that they have lost contact with for 30 years. A smartphone is a telephone that not only makes phone calls but is used as a camera, video camera, personal computer and a GPS. Streaming services such as Netflix change the way we watch TV by allowing us to select from a huge library of TV Series and Movies that can be watched anywhere there is Internet connectivity on virtually any device. Robotic Telepresence from Verizon allows a child the same educational opportunities that might impact their lives due to illness or geography. Apple and Withings allows an elderly person track and monitor their health from the comfort of their homes with their line of Smart Accessories. Google is currently working on cars that drive themselves?!?! The list goes on and on.<br />
<br />
These are just a few examples of awesome technologies that some of us may use on a daily basis that have created in just the past decade or less. Technology has changed the way that we live whether some people like to admit or not. Technology provides us with so many awesome advantages.<br />
<br />
What the majority of people do not see is how the technologies are created on the back end and what makes all of this technology possible. What makes this possible are things such as computer programming, operating systems, infrastructure, databases, communications, etc. The Wicked Awesome Tech Blog will not only provide discussion and insight on <b>Wicked Awesome </b>technologies but also show the underlying pieces that make all the technology possible.<br />
<br />
We hope that you enjoy!<br />
<br />
<b><a href="http://www.linkedin.com/pub/justin-miller/18/a32/346" target="_blank">Justin Miller</a> </b><br />
<b>& </b><br />
<b><a href="http://www.linkedin.com/pub/weston-bassler/90/13b/199" target="_blank">Weston Bassler</a></b>WickedAwesomeTechhttp://www.blogger.com/profile/02573410603388538214noreply@blogger.com0