Docker

Docker is a computer program used to run software packages called containers in an operating-system-level virtualization process called containerization. It’s developed by Docker, Inc. and was first released in 2013.

Share tech news, updates, or what's on your mind.

Sign up to Post

Our apps architect recommends  Alpine Linux for our
microservices/container environment.

Some time back, a patch management vendor told us
that patching for Alpine can't be managed by Satellite
or BigFix  ie we have to manually download & patch.

Q1:
is the above true or is there something like 'yum' in
RHEL to patch Alpine.

Q2:
Also, there's no CIS hardening benchmark nor any
docs that standardize what to harden for Alpine.

Q3:
Architect further points out that Alpine is the most
secure & efficient Linux to use for microservices;
is this true?  Does Alpine has good development
team that constantly check for vulnerabilities &
release advisories/patches (at least like RHEL)?

https://alpinelinux.org/about/
https://en.wikipedia.org/wiki/Alpine_Linux

Q4:
Where can I view past Alpine's CVEs/vulnerabilities
list & how can we assess how good are support
for Alpine?  Don't want a case where we log a
case for support & there's lack of response &
no solution
0
HTML5 and CSS3 Fundamentals
LVL 13
HTML5 and CSS3 Fundamentals

Build a website from the ground up by first learning the fundamentals of HTML5 and CSS3, the two popular programming languages used to present content online. HTML deals with fonts, colors, graphics, and hyperlinks, while CSS describes how HTML elements are to be displayed.

Trying to run Docker and I'm getting this error:

$ bash bin/development.sh
Building express-mongoose-es6-rest-api
Step 1/9 : FROM node:8.10.0
 ---> 41a1f5b81103
Step 2/9 : MAINTAINER Kunal Kapadia <kunalkapadia12@gmail.com>
Service 'express-mongoose-es6-rest-api' failed to build: failed to start service utility VM (createreadwrite): hcsshim::CreateComputeSystem 7be3d4b1e2c0b1026873e49e7b782f851fde4296ed082a0942ddee02bbb9f688_svm: The virtual machine could not be started because a required feature is not installed.
(extra info: {"SystemType":"container","Name":"7be3d4b1e2c0b1026873e49e7b782f851fde4296ed082a0942ddee02bbb9f688_svm","Layers":null,"HvPartition":true,"HvRuntime":{"ImagePath":"C:\\Program Files\\Linux Containers","LinuxInitrdFile":"initrd.img","LinuxKernelFile":"kernel"},"ContainerType":"linux","TerminateOnLastHandleClosed":true})

When I'm looking at that, I'm seeing what I have in bold. I'm google-ing this stuff now, but if there's anybody out there who's been down this road who can tell me what I need to do to make this work, I'm all ears!

Thanks!
0
I've got Docker installed and I've downloaded a boilerplate from https://github.com/kunalkapadia/express-mongoose-es6-rest-api

Everything's installed including "yarn" - all good.

But when I run this: $ bash bin/development.sh, which, from what I understand is instantiating the docker dynamic, it just hangs on "3.4: Pulling from library/mongo."

Here's what it looks like:

screenshot
I am poised on the threshold of greatness! I've got my Node syntax proofed and ready! All I've got to do is drop it into the Boilerplate and wrap it in a Docker image and I will be done!

But I can't get past this thing and I'm stuck!

Thoughts?
0
Q1:
Is there any hardening guide for RHEL 8?
If there's none, can I assume it's very close to RHEL 7's hardenings?
Then I'll ask vendors to harden RHEL 8 as per CIS RHEL7's benchmark.

Q2:
We're hosting docker/microservices in an RHEL host: previously the
vendor tested using RHEL7: can I safely say it makes no difference/
impact to the services/app whether we use RHEL 7 or 8?

Q3:
at the VMs level is there any difference/impact?  The docker
instances is spinned from the various Ubuntu, Debian images,
so I'm guessing it doesn't matter which version of RHEL runs
on the VMs
0
i have a very little script which is running when i use   $ ./check_dock
docker -com.... ok cpuuerc 0.xx%
 when i used in $ ./check_nrp -H "ip/localhost/127.0.0.1" -c check_dock
return:  NRPE: Unable to read output
all other command i defined in nrpe is running.
What i missing here?

my check_dock scripts is:
-------
#!/bin/bash -el
#
#
#
# Author: Bahman Sharzad
# Mail: bshmsn.sharzad@process-factory.dk

SUDO=/usr/bin/sudo
alias direc="cd /usr/local/nagios/libexec"
# . check docker container
ERROR_CODE1=-1
statu=$((sudo /usr/local/nagios/libexec/check_docker -n $1 -c 80,90) | awk '{print $2}')
#echo $statu
all=$(sudo /usr/local/nagios/libexec/check_docker -n $1 -c 80,90)
#echo $all
if [ $statu = 'WARN' ]; then
        echo $all
        ERROR_CODE1=1
elif [ $statu = 'CRIT' ]; then
        echo $all
        ERROR_CODE1=2
elif [ $statu = 'OK' ]; then
        echo $all
        ERROR_CODE1=0
fi
exit $ERROR_CODE1
------

and command in nrpe is
--
command[check_dock]=/usr/local/nagios/libexec/check_dock docker-compose_mongodb_1
---
i run command :  $ sudo ./check_nrpe -H 127.0.0.1 -c check_dock
NRPE: Unable to read output
0
i have a ubuntu lxd container (on ubuntu 18.04).
i add a domain group in visudo. and run lxc set security.priviliged true on my lxd docker.
i try to update ubuntu 16 as domain user in sudores group:
return error : sudo apt update
sudo: unable to resolve host “my-host”
sudo: no tty present and no askpass program specified.
0
Is there any method to check status for docker container in nagios core 4?
0
hi,

reading this :

https://severalnines.com/blog/mariadb-maxscale-load-balancing-docker-deployment-part-1?utm_campaign=MariaDB_Campaign_JUN19&utm_content=maxscale_docker_1&utm_medium=Social_Media&utm_source=Facebook&fbclid=IwAR3pMjAyEA7qt4x9CKRHQdJah1feHuwIF_OhhRb-K6Bc_MjTDSRMJyfJzNA

what is  Docker Swarm ?

it say

"MaxScale Clustering with Docker Swarm
With Docker Swarm, we can create a group of MaxScale instances via Swarm service with more than one replica together with Swarm Configs."

so what is that ?


also in here:

https://severalnines.com/blog/mariadb-maxscale-load-balancing-docker-management-part-2

it say:

Query Rewriting
Query rewrite is a feature that, depending on the queries running against the database server, quickly allows to isolate and correct problematic queries and improve performance.

Open in new window


I dont' understand what it means ?

and this one :

uery rewriting can be done via regexfilter. This filter can match or exclude incoming statements using regular expressions and replace them with another statement. Every rule is defined in its own section and include the section name in the corresponding service to activate it.

Open in new window


this means if we see a bad query we use maxsale to replace any string ?
0
java invoked oom-killer: gfp_mask=0xd0, order=0, oom_score_adj=0

we are using docker swarm for deploying docker containers that run java application.   Recently the containers are getting stopped frequently and we have observed the above-metioned log in system logs.
0
Hi,

I would like to use Piehole (or another add blocking/security enabling feature) for my home network.
My Synology NAS supports Docker, so I stumbled upon this article: http://tonylawrence.com/posts/unix/synology/free-your-synology-ports/
Not going to buy a Pie, my Synology is good enough and dont want extra hardware to buy/maintain/configure anyway.
 
I like the idea of Docker/containers since I do think it is the future, I have no Docker experience whatsoever for now. My questions:
-is Piehole the right protection tool to use or are there better (Docker) solutions?
-if I follow the procedure described, what to do then, just point my dhcp dns to the ip of Synology? Any config I can do to the Piehole? Then where?  Not clear to me.
-I also have a Synology Router mc2200 ac, can/should I combine it's security features?

Thanks for your input!
J
0
Ensure you’re charging the right price for your IT
Ensure you’re charging the right price for your IT

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden using our free interactive tool and use it to determine the right price for your IT services. Start calculating Now!

hi,

I found this:

https://stackoverflow.com/questions/44648343/mysql-upper-case-table-schema-name

and i try that setting in server.cnf for mariaDB and it doesn't work, lower_case_table_names is STILL 0 if I double check from UI when MariaDB is up !:

SHOW VARIABLES LIKE 'lower_case_table_names';

for the content of my server.cnf please refer to this :

https://www.experts-exchange.com/questions/29151495/MariaDB-export-to-a-mariaDB-Docker.html?anchor=a42906273¬ificationFollowed=233535265#a42906273

when I do this inside MariaDB via UI :

SET lower_case_table_names=2;

Open in new window


error returns by saying:

Lookup Error - MySQL Database Error: Variable 'lower_case_table_names' is a read only variable

Open in new window



what is the problem? MariaDB seems can't see the setting in mysqlid section.

is it say it once MariaDB is installed we can't change it, what if it is a MariaDB docker ?

any doc detail how to set this setting during installation ?
0
My company has Azure but has decided for pricing reasons that they think AWS is cheaper than Azure.

Regardless of that now i am being told we should go to Maria DB within AWS versus MS SQL as that is also cheaper.

is this true.  I am having a hard time finding anything online to back up this factually.

I would be looking at utlizing the database as a service.

I would also need the ability to be on prem and in the cloud as well if needed.

I am a .net developer too so I need to be able to develop this locally......so my appication can work in IIS but also be deployed as a Docker Container.  

I am nto sure in the case of AWS if my database needs to be in a docker container or not.

Experts please help.
0
Hi Docker experts,

as part of docker run, i mount a NFS volume to the container,

but inside the container, would like to copy a file from the mounted volume and copy to a different location inside the container during docker run

since files in this volume will be more dynamic. I can only copy file after mounting

please suggest/advice
0
hi,

what is the full command to do SQL dump from MariaDB v 10.4.x to a SQL files which include all index, schema, trigger, function. ?

I want to import it to a MariaDb on a docker.
0
I am looking for the best DB giving the following considerations.

1)  I will be deploying a .net /angular application into Azure via Docker / Kubernetes.

2)  I would want on prem and cloud capabilities..natively

3)  Finally we will be moving to AWS in the next year..so migration is important as well.


I will want to use relational database.  High availability, on prem and off prem  capabilities, as well as other great scaling capabilities.

Also having a hard time with the cost model here...so any knowledge there would be helpful.

I will be doing this in a CI/CD ...I am guessing I would have docker in my local enviornment (free)  then move to a dev / stage/ prod enviornment.
0
Hi,

Id like a jumpstart on containers.
Know there is plenty of info out there, but need to have a powershell up and running in container quickly and not really time to go through the documentation.

This is an example of what I d like to do (also, later on):
https://stefanstranger.github.io/2018/10/03/RunningUniversalDashboardContainerInwebAppForContainers/ input appreciates.

Please advise with simple howto steps so I grasp the concept and can go from there.
0
Looking for suggestions for a good DB to use given the archictecture of this application.

I have been given a pretty open ended choice to make so looking for reasons to use on dB over another.

Here is the environment:

I will be developing a web application using .net core.
I will be building a parallel deployment ..
1)  Traditional Azure deployment.  
2)  I will be using Docker in the future..so was hoping to put that planning in at the beginning of my design...but this initial rollout will just be using Azure in the private cloud.
3)  I will have some level of web api and microservices...to what extent I am not sure.
4) My front end so far I am leaning the latest Angular 7.

My company wants me to pilot something new so that rules out SQL Server versions or Oracle.

I am gussing this leaves me to Mysql or MariaDB.  PostGresSQl

Or

some version of NoSQL such as Mongo or Cassandra.


This application will be low transactional...and will not be very large..thus the reason the company wants to use it to pilot...yet
at the same time I dont want to put that in as the requirement as its possible this is more a pilot for the company to think about one database going forward
versus having many different versions of Dbs in the enterprise.

Currently we have alot of SQL Server, Oracle, and DB2.  I also believe out external website is Maria.

So any thoughts?

I honestly hate just picking one only to say lets test it.  But that does seem to be the …
0
I have installed  SQL Server 2017 on my Mac on Docker along with SQL Server Azure Data studio .  I have Cloudera virtual box installed on this Mac with Hadoop

Now I need to connect to my SQL Server 2017 and import a table into HDFC using SQOOP  . Can anyone please tell me what exactly I need to do to achieve this ?

Many Thanks
0
is There any docker documentation to insatll samba active directory control as docker conatiner or LXC/LXD.
I want to move my domain (on samba on ubuntu 16.04) move to docker.
1
Learn Ruby Fundamentals
LVL 13
Learn Ruby Fundamentals

This course will introduce you to Ruby, as well as teach you about classes, methods, variables, data structures, loops, enumerable methods, and finishing touches.

i have a sftp server on docker. In compose file i open a port 2121:2121 and 2222:22 as you can see here
 sftp_server                                      "/usr/local/bin/entr…"   40 hours ago         Up 2 hours              0.0.0.0:2121->2121/tcp, 0.0.0.0:2222->22/tcp
it's working fine when i ask    sftp -P 2121 "user_name@"host_name"
in my domain.
i create an haproxy in other server (is internet connection)  i add following in my /etc/haproxy.cfg
listen  sftp-server
            bind   *:2121
            mod     tcp
            option  tcplog
             default_backend          sftp-server01
backend       sftp-server01
 server ftp01         "docker_container_with_sftp_name"."domain":2222 check port 2222
and i restart haproxy

in my domain i can ssh to sftp with port 2121 (ssh "user_name"@"host_name" -p 2222)
without any problem.
but nor working with haproxy even in my domain. what is wrong ?
0
i have an ssh-sftp container on my ubuntu.
from ubuntu i add ip for container ( docker inspect "container_id")
then i can ssh and sftp from my ubuntu server to container
how to do it out of ubuntu server (on my domain)?
where to add container's ip for ssh or sftp to container?
0
is it possible to commit docker in docker-compose file?
what i want is when i say docker-compose stop want to commit before stop.
0
Hi, I have requirement to use Kerberos authentication for ASP.NET WebAPI application deployed in Docker Swarm .NET Core linux containers. WebApi will be used by web clients with Kerberos support. Application also should be connected to active directory to subscribe and get list of all users from AD. Docker Swarm deployed on premises in the organization network. Anyone have experience with such configuration?
- What should be done to enable Kerberos authentication in the ASP.NET and its Docker linux image? Will this require 3rd party kerberos tools or it can be handled by .NET Core?
- To enable such configuration what should be configured in the SWARM cluster?
- What should be used as service principal names (SPN)? And how to get user AD Identity inside ASP.NET?
- Is it possible to use multiple container instances of the same application?
- How I could use background worker service inside SWARM cluster to sync users list with the AD database?
0
i have sonar 7.7-community docker on postgres 11.0.3
this my compose file:

------------------
version: "2"
services:
  db:
    image: postgres:11.3
    user: "${UID}:${GID}"
    restart: unless-stopped
    container_name: sonar-postgresql
    ports:
     - 5430:5432
    environment:
      POSTGRES_DB: sonar
      POSTGRES_USER: sonar
      POSTGRES_PASSWORD: Sonar
    volumes:
      - /containers/postgres/sonar/sonar_data:/var/lib/postgresql/data
    restart: always
    ulimits:
      nproc: 65535
      nofile:
        soft: 32000
        hard: 40000
  sonarqube:
    image: pf-sonar:1.0
    restart: unless-stopped
    container_name: PF-sonar
    ports:
      - 9100:9000
      - 9092:9092
    volumes:
      - /containers/sonar/sonarqube_conf:/opt/sonarqube/conf
      - /containers/sonar/sonarqube_data:/opt/sonarqube/data
      - /containers/sonar/sonarqube_extensions:/opt/sonarqube/extensions
      - /containers/sonar/sonarqube_plugins:/opt/sonarqube/lib/bundled-plugins
    environment:
      - sonar.jdbc.url=jdbc:postgresql://db:5432/sonar
      - DB_TYPE=postgresql
      - DB_USER=sonar
      - DB_PASSWORD=Sonar
#    restart: always
    ulimits:
      nproc: 65535
      nofile:
        soft: 32000
        hard: 40000
----------------

it try to use port 9000 and then try port 9100  i have error

2019.05.22 18:12:20 ERROR web[][o.s.s.a.EmbeddedTomcat] Fail to start web server
PF-sonar     | …
0
sonarqube on docker on ubuntu.
i try to install sonarqube 7.7-community with postgres version 11.3
its failed with
 
 ERROR web[][o.a.c.h.Http11NioProtocol] Failed to initialize end point associated with ProtocolHandler ["http-nio-"my-ip-9000"]
sonar      | java.net.BindException: Cannot assign requested address
ERROR web[][o.s.s.a.EmbeddedTomcat] Fail to start web server
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:113)
at org.apache.catalina.core.StandardService.initInternal(StandardService.java:556)
 WARN  app[][o.s.a.p.AbstractProcessMonitor] Process exited with exit value [es]: 143

Open in new window


the port 9000 is not occupied.
0

Docker

Docker is a computer program used to run software packages called containers in an operating-system-level virtualization process called containerization. It’s developed by Docker, Inc. and was first released in 2013.

Top Experts In
Docker
<
Monthly
>