I am using Docker Desktop on a Windows 10 client that is a member of an Active Directory domain. The users on our network want GitLab as a Docker container.
The Gitlab container runs on the Win 10 Client without any issues using the following command when i am logged in:
docker run `
--detach `
--hostname gitlab.companydomain.de `
--ip 192.168.178.35 `
--publish 443:443 --publish 80:80 --publish 22:22 `
--name gitlab `
--restart always `
--volume $env:GITLAB_HOME/config:/etc/gitlab `
--volume $env:GITLAB_HOME/logs:/var/log/gitlab `
--volume $env:GITLAB_HOME/data:/var/opt/gitlab `
--shm-size 256m `
gitlab/gitlab-ce:15.4.0-ce.0 `
My problem is the following: The GitLab container doesn't run if the system has started and i am not logged in.
I have tried several configurations that i found in the internet.
First, I registered dockerd as a service with the following command:
dockerd --register-service
Then I enabled ports 22, 80 and 443 for incoming and outgoing packets in the Windows firewall.
Then I tried to adapt the daemon.json file to my needs. But I don't know if I have set the values for hosts correctly or if some values are missing. Maybe the value "hosts": ["tcp://0.0.0.0:2375", "npipe://"] needs to be set to port 80 because the gitlab container is listening on port 80?
{
"allow-nondistributable-artifacts": [],
"authorization-plugins": [],
"bridge": "",
"cluster-advertise": "",
"cluster-store": "",
"data-root": "",
"debug": true,
"default-ulimits": {},
"dns": [],
"dns-opts": [],
"dns-search": [],
"exec-opts": [],
"experimental": false,
"features": {},
"fixed-cidr": "",
"group": "",
"hosts": ["tcp://0.0.0.0:2375","npipe://"]
"insecure-registries": [],
"labels": [],
"log-driver": "",
"log-level": "",
"max-concurrent-downloads": 3,
"max-concurrent-uploads": 5,
"max-download-attempts": 5,
"mtu": 0,
"pidfile": "",
"raw-logs": false,
"registry-mirrors": [],
"shutdown-timeout": 15,
"storage-driver": "",
"storage-opts": [],
"swarm-default-advertise-addr": "",
"tlscacert": "",
"tlscert": "",
"tlskey": "",
"tlsverify": false
}
Related
I recently installed Docker in Windows 10 (updated to Dec 2020). I can't find the real path of the container config. I need to change a container configuration.
It is not C:\ProgramData\Docker\\ nor C:\ProgramData\DockerDesktop\\.
I searched everywhere and I cannot find the config files.
Can you help me find them?
The configuration file might not exist but you can create it C:\ProgramData\Docker\config\daemon.json and add all the configurations that you need.
{
"authorization-plugins": [],
"dns": [],
"dns-opts": [],
"dns-search": [],
"exec-opts": [],
"storage-driver": "",
"storage-opts": [],
"labels": [],
"log-driver": "",
"mtu": 0,
"pidfile": "",
"data-root": "",
"cluster-store": "",
"cluster-advertise": "",
"debug": true,
"hosts": [],
"log-level": "",
"tlsverify": true,
"tlscacert": "",
"tlscert": "",
"tlskey": "",
"group": "",
"default-ulimits": {},
"bridge": "",
"fixed-cidr": "",
"raw-logs": false,
"registry-mirrors": [],
"insecure-registries": [],
"disable-legacy-registry": false
}
Worst case you can enter them from the Dashboard under the tab Docker Engine:
Resources:
https://learn.microsoft.com/en-us/virtualization/windowscontainers/manage-docker/configure-docker-daemon
As per two-years old post, something has changed.
Just in case someone is using Docker Engine v.20.10 like myself, it stores config files (config.json, daemon.json and features.json) under the path:
c:\Users\<user_name>\.docker\
I installed Docker on Windows. It's switched to Switched to Linux containers.
When I type in my console: docker inspect e3a934c54979 I see an information:
[
{
...
"Image": "sha256:2359fa12fdedef2af79d9b836a26175808d4b1433b5e7022d2d73c72b2a43b60",
"ResolvConfPath": "/var/lib/docker/containers/e3a934c549799d9ec45d65ad6aa73bba8fad924215087a9c9c60535ef2a5c2e8/resolv.conf",
"HostnamePath": "/var/lib/docker/containers/e3a934c549799d9ec45d65ad6aa73bba8fad924215087a9c9c60535ef2a5c2e8/hostname",
"HostsPath": "/var/lib/docker/containers/e3a934c549799d9ec45d65ad6aa73bba8fad924215087a9c9c60535ef2a5c2e8/hosts",
"LogPath": "/var/lib/docker/containers/e3a934c549799d9ec45d65ad6aa73bba8fad924215087a9c9c60535ef2a5c2e8/e3a934c549799d9ec45d65ad6aa73bba8fad924215087a9c9c60535ef2a5c2e8-json.log",
"Name": "/festive_edison",
...
"HostConfig": {
"Binds": null,
"ContainerIDFile": "",
"LogConfig": {
"Type": "json-file",
"Config": {}
},
"NetworkMode": "default",
"PortBindings": {
"80/tcp": [
{
"HostIp": "",
"HostPort": "80"
}
]
},
...
},
"GraphDriver": {
"Data": {
"LowerDir": "/var/lib/docker/overlay2/10f5348d5bfa76612ab30d1a253f17a6989fcd3f7ce23642b313c49f99a95f44-init/diff:/var/lib/docker/overlay2/028eac1b0f37fd3be798d222f7d1da48a40f0ef9c4470709e63c4c8f322a477f/diff:/var/lib/docker/overlay2/d15e7ce0f29f82d6d3b9537980b766c32e7f6ffc81374cdb26fede3872afed1e/diff:/var/lib/docker/overlay2/efab543606225e581832ef6e2b732a78c82b2f6d9fe662babe09b188f600dd72/diff:/var/lib/docker/overlay2/263366359e8a86cc6c009f70fa00a158dbcbcfd2a4e31d9538c559dd82e29b10/diff:/var/lib/docker/overlay2/32ea6c48b53f4846284e1baac83dffcfb039a53a8d2f33ac2728691160f5d100/diff:/var/lib/docker/overlay2/685745d44609453debf484b2ccf63035532b334e75b9f18a00c5e1253e18841a/diff:/var/lib/docker/overlay2/e30c0a304544255bc9eba90dfb720c332e168b4972df926a79ef27df707889fd/diff:/var/lib/docker/overlay2/a5743532bc060895f0a495249182787322400a1a33fd187b3210895e1ca83129/diff",
"MergedDir": "/var/lib/docker/overlay2/10f5348d5bfa76612ab30d1a253f17a6989fcd3f7ce23642b313c49f99a95f44/merged",
"UpperDir": "/var/lib/docker/overlay2/10f5348d5bfa76612ab30d1a253f17a6989fcd3f7ce23642b313c49f99a95f44/diff",
"WorkDir": "/var/lib/docker/overlay2/10f5348d5bfa76612ab30d1a253f17a6989fcd3f7ce23642b313c49f99a95f44/work"
},
"Name": "overlay2"
},
...
}
]
But Windows doesn't have those directories. It only has "MobyLinuxVM.vhdx" which, I think, contains this stuff.
My question is how to edit "config.json" and "hostconfig.json" in this case? How do I view a GUID-json.log? How do I view container's hashes (/var/lib/docker/aufs/diff)?
Information from https://blog.jongallant.com/2017/11/ssh-into-docker-vm-windows/
In a Windows command prompt enter:
docker run --privileged -it -v
/var/run/docker.sock:/var/run/docker.sock
jongallant/ubuntu-docker-client
docker run --net=host --ipc=host --uts=host --pid=host -it
--security-opt=seccomp=unconfined --privileged --rm -v /:/host alpine /bin/sh
chroot /host
From here you'll have access to the /var/lib/Docker/containers/ directories for the hostconfig.json and other files.
I have assigned slave resources to the particular role ("app-role") by set --default_role="app-role" parameter to ExecStart for slave service ( /etc/systemd/system/dcos-mesos-slave.service). Next I have restarted slave agent:
sudo systemctl daemon-reload
sudo systemctl stop dcos-mesos-slave.service
sudo rm -f /var/lib/mesos/slave/meta/slaves/latest
sudo systemctl start dcos-mesos-slave.service
and verified by: curl master.mesos/mesos/slaves.
After that I expect marathon app with acceptedResourceRoles attribute will receive only these particular resource offers, but it does not happen (the app is still in waiting state).
Why does marathon didn't receive it? How should this be done to make it work?
{
"id": "/basic-4",
"cmd": "python3 -m http.server 8080",
"cpus": 0.5,
"mem": 32,
"disk": 0,
"instances": 1,
"acceptedResourceRoles": [
"app-role"
],
"container": {
"type": "DOCKER",
"volumes": [],
"docker": {
"image": "python:3",
"network": "BRIDGE",
"portMappings": [
{
"containerPort": 8080,
"hostPort": 0,
"servicePort": 10000,
"protocol": "tcp",
"name": "my-vip",
"labels": {
"VIP_0": "/my-service:5555"
}
}
],
"privileged": false,
"parameters": [],
"forcePullImage": false
}
},
"portDefinitions": [
{
"port": 10000,
"protocol": "tcp",
"name": "default",
"labels": {}
}
]
}
This works only if marathon is started with --mesos_role set.
In the context of the question this should be: --mesos_role 'app-role'.
If you set --mesos_role other, Marathon will register with Mesos for this role – it will receive offers for resources that are reserved
for this role, in addition to unreserved resources.
If you set default_accepted_resource_roles *, Marathon will apply this default to all AppDefinitions that do not explicitly
define acceptedResourceRoles. Since your AppDefinition defines that
option, the default will not be applied (both are equal anyways).
If you set "acceptedResourceRoles": [""] in an AppDefinition (or the AppDefinition inherits a default of ""), Marathon will only
consider unreserved resources for launching of this app.
More: https://mesosphere.github.io/marathon/docs/recipes.html
I have docker network "my_network". I want to remove this docker network with docker network rm my_network. Before it I should disconnect all my containers from this network. I can use docker network inspect and get output like
[
{
"Name": "my_network",
"Id": "aaaaaa",
"Scope": "some_value",
"Driver": "another_value",
"EnableIPv6": bool_value,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "10.0.0.0/1"
}
]
},
"Internal": false,
"Containers": {
"bbb": {
"Name": "my_container_1",
"EndpointID": "ENDPOITID1",
"MacAddress": "MacAddress1",
"IPv4Address": "0.0.0.0/1",
"IPv6Address": ""
},
"ccc": {
"Name": "my_container_2",
"EndpointID": "ENDPOINTID2",
"MacAddress": "MacAddress2",
"IPv4Address": "0.0.0.0/2",
"IPv6Address": ""
}
},
"Options": {},
"Labels": {}
}
]
It is okay to manual disconnect if I have only several containers but if I have 50 containers I have problem.
How can I disconnect all containers from this network with single or several command?
docker network inspect has a format option.
That means you can list all Container names with:
docker network inspect -f '{{range .Containers}}{{.Name}}{{end}}' network_name
That should then be easy, by script, to read each name and call docker network disconnect.
wwerner proposes below in the comments the following command:
for i in ` docker network inspect -f '{{range .Containers}}{{.Name}} {{end}}' network_name`; do docker network disconnect -f network_name $i; done;
In multiple line for readability:
for i in ` docker network inspect -f '{{range .Containers}}{{.Name}} {{end}}' network_name`;\
do \
docker network disconnect -f network_name $i; \
done;
Adding:
Note that there is a space in the format as opposed to the answer to split the names by a space.
I am using the docker-custom-build-environment-plugin (https://wiki.jenkins-ci.org/display/JENKINS/CloudBees+Docker+Custom+Build+Environment+Plugin) to build a maven job inside a docker container.
I have done the following setup as shown in this image:
This is the result in the console log:
$ docker inspect maven:3.3.3-jdk-8
[{
"Architecture": "amd64",
"Author": "",
"Comment": "",
"Config": {
"AttachStderr": false,
"AttachStdin": false,
"AttachStdout": false,
"Cmd": [
"mvn"
],
"CpuShares": 0,
"Cpuset": "",
"Domainname": "",
"Entrypoint": null,
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"LANG=C.UTF-8",
"JAVA_VERSION=8u66",
"JAVA_DEBIAN_VERSION=8u66-b17-1~bpo8+1",
"CA_CERTIFICATES_JAVA_VERSION=20140324",
"MAVEN_VERSION=3.3.3",
"MAVEN_HOME=/usr/share/maven"
],
"ExposedPorts": null,
"Hostname": "",
"Image": "b7928b8a133284ec65b4790aa3d013bd3e266ea3e257c6a6d0254b9708a133e8",
"Labels": {},
"MacAddress": "",
"Memory": 0,
"MemorySwap": 0,
"NetworkDisabled": false,
"OnBuild": [],
"OpenStdin": false,
"PortSpecs": null,
"StdinOnce": false,
"Tty": false,
"User": "",
"Volumes": null,
"WorkingDir": ""
},
"Container": "7393955c8b148c5d2b6da0a5fdf5623aa699ce2ed9ab1f43c2ba79913654bf0b",
"ContainerConfig": {
"AttachStderr": false,
"AttachStdin": false,
"AttachStdout": false,
"Cmd": [
"/bin/sh",
"-c",
"#(nop) CMD [\"mvn\"]"
],
"CpuShares": 0,
"Cpuset": "",
"Domainname": "",
"Entrypoint": null,
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"LANG=C.UTF-8",
"JAVA_VERSION=8u66",
"JAVA_DEBIAN_VERSION=8u66-b17-1~bpo8+1",
"CA_CERTIFICATES_JAVA_VERSION=20140324",
"MAVEN_VERSION=3.3.3",
"MAVEN_HOME=/usr/share/maven"
],
"ExposedPorts": null,
"Hostname": "",
"Image": "b7928b8a133284ec65b4790aa3d013bd3e266ea3e257c6a6d0254b9708a133e8",
"Labels": {},
"MacAddress": "",
"Memory": 0,
"MemorySwap": 0,
"NetworkDisabled": false,
"OnBuild": [],
"OpenStdin": false,
"PortSpecs": null,
"StdinOnce": false,
"Tty": false,
"User": "",
"Volumes": null,
"WorkingDir": ""
},
"Created": "2015-11-11T08:06:10.345733061Z",
"DockerVersion": "1.9.0",
"Id": "642c36d39ed754e55c15a382531bc60591154b7280356708dca833d346891415",
"Os": "linux",
"Parent": "b7928b8a133284ec65b4790aa3d013bd3e266ea3e257c6a6d0254b9708a133e8",
"Size": 0,
"VirtualSize": 651375578
}
]
$ docker run --rm --entrypoint /bin/true maven:3.3.3-jdk-8
$ docker run --tty --detach --workdir /example/apphome/jenkins/workspace/IntegrationTesting-Components --volume /tmp:/tmp:rw --volume /example/apphome/jenkins:/example/apphome/jenkins:rw --net bridge --add-host dockerhost:172.17.42.1 --env BUILD_DISPLAY_NAME=#1733 --env BUILD_ID=1733 --env BUILD_NUMBER=1733 --env BUILD_TAG=jenkins-IntegrationTesting-Components-1733 --env BUILD_URL=http://tools.example.com/jenkins/job/IntegrationTesting-Components/1733/ --env buildInfoConfig.propertiesFile=/tmp/buildInfo6572943319531125678.properties --env CLASSPATH= --env EXECUTOR_NUMBER=1 --env extractor.used=true --env GIT_BRANCH=origin/feature/java8 --env GIT_COMMIT=8569f85875d85c7181dcf9bf261819a1c55279cf --env GIT_PREVIOUS_COMMIT=8569f85875d85c7181dcf9bf261819a1c55279cf --env GIT_PREVIOUS_SUCCESSFUL_COMMIT=49617fb1a913a30c7111f60d2ace4f9aca0d8aa9 --env GIT_URL=ssh://git#git.example.com/int/components.git --env HUDSON_HOME=/example/apphome/jenkins --env HUDSON_SERVER_COOKIE=cb467bbe36d08ed4 --env HUDSON_URL=http://tools.example.com/jenkins/ --env JAVA_HOME=/usr/lib/jvm/java-1.7.0 --env JENKINS_HOME=/example/apphome/jenkins --env JENKINS_SERVER_COOKIE=cb467bbe36d08ed4 --env JENKINS_URL=http://tools.example.com/jenkins/ --env JOB_NAME=IntegrationTesting-Components --env JOB_URL=http://tools.example.com/jenkins/job/IntegrationTesting-Components/ --env M2_HOME=/example/apps/apache-maven-3.0.3 --env MAVEN_HOME=/example/apps/apache-maven-3.0.3 --env "MAVEN_OPTS=-D-Xms256m -Xmx1024m -XX:MaxPermSize=512m -Dm3plugin.lib=D:\data\Jenkins\plugins\artifactory\WEB-INF\lib" --env "NODE_LABELS=deployqueue docker linux maven jenkins-server" --env NODE_NAME=jenkins-server --env PATH+JDK=/usr/lib/jvm/java-1.7.0/bin --env PATH+MAVEN=/example/apps/apache-maven-3.0.3/bin --env POM_ARTIFACTID=components --env "POM_DISPLAYNAME=Integration Testing Components" --env POM_GROUPID=com.example.integrationtesting --env POM_PACKAGING=jar --env POM_VERSION=java8-SNAPSHOT --env WORKSPACE=/example/apphome/jenkins/workspace/IntegrationTesting-Components maven:3.3.3-jdk-8 /bin/cat
Docker container 66994ba8669ba42203e0ced67fcf16674bceaab2d0477e04ed92466eb05858e1 started to host the build
Parsing POMs
maven3-agent.jar already up to date
maven3-interceptor.jar already up to date
maven3-interceptor-commons.jar already up to date
$ docker exec --tty 66994ba8669ba42203e0ced67fcf16674bceaab2d0477e04ed92466eb05858e1 env
[IntegrationTesting-Components] $ docker exec --tty --user 501216: 66994ba8669ba42203e0ced67fcf16674bceaab2d0477e04ed92466eb05858e1 env BUILD_DISPLAY_NAME=#1733 BUILD_ID=1733 BUILD_NUMBER=1733 BUILD_TAG=jenkins-IntegrationTesting-Components-1733 BUILD_URL=http://tools.example.com/jenkins/job/IntegrationTesting-Components/1733/ buildInfoConfig.propertiesFile=/tmp/buildInfo6572943319531125678.properties CA_CERTIFICATES_JAVA_VERSION=20140324 CLASSPATH= EXECUTOR_NUMBER=1 extractor.used=true GIT_BRANCH=origin/feature/java8 GIT_COMMIT=8569f85875d85c7181dcf9bf261819a1c55279cf GIT_PREVIOUS_COMMIT=8569f85875d85c7181dcf9bf261819a1c55279cf GIT_PREVIOUS_SUCCESSFUL_COMMIT=49617fb1a913a30c7111f60d2ace4f9aca0d8aa9 GIT_URL=ssh://git#git.example.com/int/components.git HOME=/root HOSTNAME=66994ba8669b HUDSON_HOME=/example/apphome/jenkins HUDSON_SERVER_COOKIE=cb467bbe36d08ed4 HUDSON_URL=http://tools.example.com/jenkins/ JAVA_DEBIAN_VERSION=8u66-b17-1~bpo8+1 JAVA_HOME=/usr/lib/jvm/java-1.7.0 JAVA_VERSION=8u66 JENKINS_HOME=/example/apphome/jenkins JENKINS_SERVER_COOKIE=cb467bbe36d08ed4 JENKINS_URL=http://tools.example.com/jenkins/ JOB_NAME=IntegrationTesting-Components JOB_URL=http://tools.example.com/jenkins/job/IntegrationTesting-Components/ LANG=C.UTF-8 M2_HOME=/example/apps/apache-maven-3.0.3 MAVEN_HOME=/example/apps/apache-maven-3.0.3 "MAVEN_OPTS=-D-Xms256m -Xmx1024m -XX:MaxPermSize=512m -Dm3plugin.lib=D:\data\Jenkins\plugins\artifactory\WEB-INF\lib" MAVEN_VERSION=3.3.3 "NODE_LABELS=deployqueue docker linux maven jenkins-server" NODE_NAME=jenkins-server PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin PATH+JDK=/usr/lib/jvm/java-1.7.0/bin PATH+MAVEN=/example/apps/apache-maven-3.0.3/bin POM_ARTIFACTID=components "POM_DISPLAYNAME=Integration Testing Components" POM_GROUPID=com.example.integrationtesting POM_PACKAGING=jar POM_VERSION=java8-SNAPSHOT TERM=xterm WORKSPACE=/example/apphome/jenkins/workspace/IntegrationTesting-Components /usr/lib/jvm/java-1.7.0/bin/java -D-Xms256m -Xmx1024m -XX:MaxPermSize=512m -Dm3plugin.lib=D:\data\Jenkins\plugins\artifactory\WEB-INF\lib -Djava.awt.headless=true -cp /example/apphome/jenkins/maven3-agent.jar:/example/apps/apache-maven-3.0.3/boot/plexus-classworlds-2.4.jar org.jvnet.hudson.maven3.agent.Maven3Main /example/apps/apache-maven-3.0.3 /example/apphome/jenkins/slave.jar /example/apphome/jenkins/maven3-interceptor.jar /example/apphome/jenkins/maven3-interceptor-commons.jar 44922
flag provided but not defined: --user
See 'docker exec --help'.
run PrePostClean
running on jenkins-server
clean on master
Stopping Docker container after build completion
$ docker kill 66994ba8669ba42203e0ced67fcf16674bceaab2d0477e04ed92466eb05858e1
66994ba8669ba42203e0ced67fcf16674bceaab2d0477e04ed92466eb05858e1
$ docker rm --force 66994ba8669ba42203e0ced67fcf16674bceaab2d0477e04ed92466eb05858e1
66994ba8669ba42203e0ced67fcf16674bceaab2d0477e04ed92466eb05858e1
ERROR: Failed to launch Maven. Exit code = 2
Any idea what i am doing wrong?
The advice from https://www.cloudbees.com/blog/templating-jenkins-build-environments-docker-containers on using their plugin is to base your slaves off evarga/jenkins-slave
The Dockerfile that you've based it off has some key differences such as the creation of the creation of the jenkins user and starting the sshd daemon. So if you're going to start off from your own image, base it off the evarga image first.