Docker docker-compose

1. Introduction to docker-compose

docker-composeAs dokceran official orchestration tool, it allows users to quickly create and manage dockercontainer-based application clusters by writing a simple template file . Achieve dockerrapid orchestration of container clusters. We know that Dockerfiletemplate files allow users to easily define a separate application container. However, in daily work, we often encounter situations that require multiple containers to cooperate with each other to complete a certain task. For example, to implement a web project, in addition to the webserver container itself, it is often necessary to add a back-end database service container, and even include a load balancing container.
    And Compose can meet such needs, it allows users to define a set of related application containers as a project through a separate docker-compose.ymltemplate file )YAML格式project

There are 2 important concepts in Compose:

1) Service service: An application container can actually contain several container instances running the same image.
 2) Project: a completed business unit composed of a group of associated application containers, defined in the docker-compose.yml file.

2. docker-compose installation

Download Docker-compose binary file and add execute permission

[root@docker ~]# wget https://github.com/docker/compose/releases/download/1.23.2/docker-compose-`uname -s`-`uname -m`- O /usr/local/bin/docker-compose
[root@docker ~]# chmod +x /usr/local/bin/docker-compose
[root@docker ~]# docker-compose --version
docker-compose version
docker-compose version 1.23.2, build 1110ad01
docker-py version: 3.6.0
CPython version: 3.6.7
OpenSSL version: OpenSSL 1.1.0f  25 May 2017

3. Compose command

For Composemost of the commands, the object can be either the project itself or the service or container in the project. If there is no special explanation, the command object will be the project, which means that all services in the project will be affected by the command. docker-composeThe basic format of the command is as follows:

Usage:
  docker-compose [-f <arg>...] [options] [COMMAND] [ARGS...]
  docker-compose -h|--help

Options:
  -f, --file FILE             指定使用的Compose模板文件，默认为docker-compose.yml,可多次指定；                        
  -p, --project-name NAME     指定项目名称，默认将使用所在目录名称作为项目名 ；                           
  --verbose                   输出更多调试信息；

  -v, --version               打印版本信息；

Commands:
  build              构建项目中的服务容器
  help               获得一个命令的帮助
  images             列出所有镜像
  kill               通过发送SIGKILL信号来强制停止服务容器
  logs               查看服务器容器的输出
  pause              暂停一个服务容器
  port               打印某个容器的端口所映射的公共端口
  ps                 列出项目中目前的所有容器
  pull               拉取服务依赖的镜像
  push               推送服务依赖的镜像
  restart            重启项目中的服务
  rm                 删除所有的服务器容器（停止状态中的）
  run                在指定服务上执行一个命令
  scale              设置指定服务运行的容器个数
  start              启动已经存在的服务容器
  stop               停止已经处于运行状态的容器，但不删除它
  top                展示运行的进程
  unpause            恢复处于暂停状态中的服务
  up                 自动完成包括构建镜像、创建服务、启动服务并关联服务相关容器的一系列操作
  version            打印docker-compose的版本信息 

4. Compose template file

The template file is Composethe core of the use , and there are many design keyword keywords. The default template file name is docker-compose.ymland the format is YAMLformat. Examples:

version: "2"
service:
    webapp:
        image: examplses/web
        ports:
            - "80:80"
        volumes:
            - "/data"

Note that each service must automatically build and generate an image by imagespecifying the image or buildcommand required Dockerfile). If the buildinstruction is used , Dockerfilethe options set in (for example: CMD、EXPOSE、VOLUME、ENVetc.) will be automatically obtained without docker-compose.ymlsetting again in. The following are the main instructions and functions of the template:

1) build instruction

DockerfileThe path of the specified folder can be absolute path, or relative docker-compose.ymlfile path. ) ComposeWill use it to automatically build this image, and then use this image:

build: /path/to/build/dir

2)cap_add,cap_drop

Specifies the kernel capabilities of the container capacity) allocation. For example, letting the container have all the capabilities can be specified as:

cap_add:
    - ALL 

The NET_ADMINability to remove can be specified as:

cap_drop:
    - NET_ADMIN

3)command

Override the default command executed after the container starts:

command: echo "hello world"

4)cgroup_parent

Specifying the parent cgroup group means that the resource limits of the group will be inherited. For example, a cgroupgroup is created as cgroups_1:

cgroup_parent: cgroups_1

5)container_name

Specify the container name. By default, the format "Project Name_Service Name_Serial Number" will be used. E.g:

container_name: docker-web-container
指定容器名称后，该服务将无法进行扩展，因为Docker不允许多个容器具有相同的名称。

6)devices

Specify the device mapping relationship, for example:

devices:
    - "/dev/ttyUSB1:/dev/ttyUSB0"

7)dns

Custom DNS server. It can be a value or a list, for example:

dns: 8.8.8.8
dns:
    - 8.8.8.8
    - 114.114.114.114

8)dns_search

Configure the DNS search domain. It can be a value or a list, for example:

dns_search: example.com
dns_search:
    - domain1.example.com
    - domain2.example.com

9)dockerfile

If necessary, specify the additional Dockerfile file of the compiled image, which can be specified by this instruction, for example:
this instruction cannot be used with image, otherwise Compose does not know which instruction to generate the final service image.

dockerfile: Dockerfile-alternate

10)env_file

Get the environment variables from the file, which can be a separate file path or list.
If the Compose template file is specified by docker-compose -f FILE, the path of the variable in env_file will be based on the path of the template file. If there is a conflict between the name of the variable and the environment directive, the convention will prevail and the latter shall prevail:

env_file: .env
env_file:
    - ./common.env
    - ./apps/web.env
    - ./opt/secrets.env
环境变量文件中每一行都必须符合格式，支持#开头的注释行：

11)environment

Set environment variables, you can use array or dictionary format. A variable with only a given name will automatically obtain the value of the corresponding variable on the host running Compose, which can be used to prevent the disclosure of unnecessary data. E.g:

environment:
    RACK_ENV: development
    SESSION_SECRET
或者：
environment:
    - RACK_ENV=development
    - SESSION_SECRET

12)expose

The port is exposed, but not mapped to the host machine, and only allowed to be accessed by the linked service. Only internal ports can be specified as parameters, as follows:

expose:
    - "3000"
    - "8000"

13)extends

Expand based on other template files. For example, we already have a webapp service and define a basic template file as common.yml, as shown below:

# common.yml
webapp:
    build: ./webapp
    environment:
        - DEBUG=false
        - SEND_EMAILS=false

Write a new development.yml file and use the webapp service in common.yml to expand:

#development.yml
web:
    extends:
        file: common.yml
        service: webapp
    ports:
        - "8000:8000"
    links:
        - db
    environment:
        - DEBUG=true
db:
    image: postgres

development.yml will automatically inherit the webapp service and environment variable definitions in common.yml. Pay attention to the following points when using extends:

1. Avoid circular dependencies, such as A depends on B, B depends on C, and C depends on A

2. extends does not inherit the container and data volume resources defined in links and volume_from.

Under normal circumstances, it is recommended to define only some mirror and environment variables that can be shared in the basic template, and specify application variables, links, data volumes, and other information in the extended template.

14)external_links

Link to external containers in docker-compose.yml, or even external containers not managed by Compose. Parameter format is similar to links

external_links:
    - redis_1
    - project_db_1:mysql
    - project_db_1:postgresql

15)extra_hosts

Similar to the –add-host parameter in Docker, specify additional host name mapping information, for example:

extra_hosts:
    - "googledns:8.8.8.8"
    - "dockerhub:52.1.157.61"

会在启动后的服务容器中/etc/hosts文件中添加以下2个条目：
8.8.8.8 googledns
52.1.157.61 dockerhub

16)image

Specify the image name or image ID. If the image does not exist locally, Compose will try to pull the image.

image: centos
image: nginx

17)labels

Add Docker metadata information to the container. For example, you can add auxiliary information to the container:

labels:
    com.startupteam.description: "webapp for a startup team"
    com.startupteam.department: "devops department"
    com,startupteam.release: "rc3 for v1.0"

18)links

Link to containers in other services. Use the service name as an alias), or "service name: service alias" such as SERVICE: ALIAS), such a format is acceptable, for example:

links:
    - db
    - db:database
    - redis
使用的别名会将自动在服务容器中的/etc/hosts里创建。例如：
172.17.2.186 db
172.17.2.186 database
172.17.2.187 redis
所连接容器中相应的环境变量也将创建

19)log_driver

Similar to the –log-driver parameter in Docker, specifies the log driver type. Three types of log drivers are currently supported:

log_driver: "json-file"
log_driver: "syslog"
log_driver: "none"

20)log_opt

Log-driven related parameters. E.g:

log_driver: "syslog"
log_opt:
    syslog-address: "tcp://192.168.0.42:123"

21)net

Set the network mode. Parameters are similar to docker client's --net parameters

net: "bridge"
net: "none"
net: "container:[name or id]"
net: "host"

22)pid

Share the process namespace with the host system. Open the option between the container, and between the container and the host system can be accessed and operated by process ID:

pid: "host"

23)ports

Expose port information. Use the "host: container" format, or just specify the port of the container. The host will randomly select the port):

ports:
    - "3000"
    - "8000:8000"
    - "49100:22"
    - "127.0.0.1:8081:8081"

当使用"HOST:CONTAINER"格式来映射端口时，如果你使用的容器端口小于60并且没有放到引号里，可能会得到错误结果，因为YAML会自动解析xx:yy这种数字格式为60进制。为了避免这种问题的出现，建议数字串都用引号包括起来的字符串格式。

24)security_opt

Specify the default attribute of container template label) mechanism (user, role, type, level, etc.). For example, the user name and role name of the configuration label:

security_opt:
    - label:user:USER
    - label:role:ROLE

25)ulimits

Specify the ulimits limit value of the container, for example, specify the maximum number of processes as 65535, and specify the soft limit of 20000 for the number of file handles. The application can be modified at any time, and cannot exceed the hard limit.

ulimits:
    nproc:65535
    nofile:
        soft:20000
        hard:40000

26)volumes

The path setting of the data volume. You can set the host path HOST: CONTAINER) or add the access mode HOST: CONTAINER: ro). The path in this instruction supports relative paths. E.g:

volumes:
    - /var/lib/mysql
    - cache/:/tmp/cache
    - ~/configs:/etc/configs/:ro

27)volumes_driver

Newer versions of Docker support plug-in drivers for data volumes. Users can use a third-party driver to create a data volume, and then use the name to access it. At this time, you can specify the drive through volumes_driver:

volume_driver: mydriver

28)volumes_from

Mount its data volume from another service or container:

volumes_from:
    - service_name
    - container_name