Docker-Cookbook

monitoring with InfluxDB, Grafana, and networking basics, 76-78
cAdvisor, 296 networking on multiple hosts with Docker

visualizing with Graphite, 288-293 Network, 100-103
container VMs, 240 networking pods for connectivity, 134
container(s), 273-298 obtaining usage statistics while running, 276
orchestrating with Ansible Docker module,
and pipework, 81-83
backing up database running in, 30-32 210-212
cAdvisor to monitor resource usage in, 294 Rancher for managing containers on cluster
cluster IP services for dynamic linking,
of Docker hosts, 213-216
146-150 removing, 23
Collectd to visualize container metrics, runc and, 115-117
running Docker containers with Atomic,
288-293
copying data to and from, 35 182
creating, 23 running Hello World in, 20-22
data sharing between, 33 running multiple, in a pod, 144-146
Docker in GCE Google-container instances, running on a cluster with Lattice, 217-219
running on multiple hosts, 175-178
252-254 running on RancherOS, 191
Elasticsearch and Kibana to store and visu‐ running on Weave network, 94-96
running via Apache Mesos and Marathon,
alize container logs, 287
exposing port on host, 71-73 219-223
finding IP address, 70 saving as tar files for sharing, 39
flannel for overlay network between Docker sharing data in Docker host with, 32
starting, 23
hosts, 98 starting on an ECS cluster, 265-268
Flask application in, 43 starting on Kubernetes cluster with pods,
fleet to start on CoreOS cluster, 178
gaining visibility into layout with Weave 139-140
starting with --net=host, 80
Scope, 297 stopping, 23
getting detailed information with docker Supervisor to run WordPress in, 25-27
WordPress blog with two containers, 28-30
inspect, 274-276 continuous delivery pipeline, 304-308
getting logs with docker logs, 279 CoreOS
in detached mode, 22 and cloud-init, 173
keeping changes by committing to image, and flannel overlay, 180-182
and fleet, 178
38 and OCP, 117
logging driver other than Docker daemon, running containers on multiple hosts,

280-282 175-178
Logspout to collect container logs, 282-285 CoreOS Linux distribution, 170-172
managing locally with Kitematic UI, curl, 118, 123
custom bridge, 88
204-206
managing Logspout routes to store con‐ D

tainer logs, 285 dashboard
managing through Docker UI, 206-208 Kibana, 287
Mesos Docker containerizer on Mesos clus‐ Kubernetes, 162

ter, 224 data container, 33
monitoring, 273-298 data management
monitoring Docker events on Docker hosts,

277-279
monitoring metrics with InfluxDB, Grafana,

and cAdvisor, 296
network namespace selection, 79-81

Index | 331

backing up a database running in a con‐ docker exec, 114
tainer, 30-32 Docker host

copying data to and from containers, 35 monitoring Docker events on, 277-279
sharing data between containers, 33 on AWS EC2, 235-238
sharing data in Docker host with containers, on AWS with Docker Machine, 243-245
on Azure with Docker Machine, 245-247
32 on Google GCE, 239-241
debugging, nsenter for, 113-115 on Microsoft Azure, 241-243
detached mode, 22 Docker Hub
development, 107-117 publishing images to, 55-57
setting up automated build for images on,
compiling Docker binary from source,
109-111 62-66
webhooks, 67
compiling Kubernetes to create your own docker inspect, 274-276
release, 154-157 docker kill command, 23
docker logs, 201
exploring Docker remote API to automate Docker Machine
Docker tasks, 119-121 for creating Swarm cluster across cloud pro‐

nsenter for debugging, 113-115 viders, 202
replacing current Docker binary with new starting a Docker host on AWS with,

one, 112 243-245
runc, 115-117 starting a Docker host on Azure with,
running Docker test suite for, 111
setting up development environment, 245-247
starting Docker host in the cloud using,
300-304
discovery, 130 15-18
discovery token, Swarm, 202 Docker Network
Docker
for networking containers on multiple
basics, 1-36 hosts, 100-103
experimental binaries, 19
installation, 2-18 MySQL Galera cluster on, 319-321
namespaces configuration, 104
(see also installation, Docker) docker package (Ubuntu), 2
local host setup using Vagrant, 4 Docker provider, 49-51
Docker binary docker ps command, 201
compiling from source, 109-111 Docker remote API, 119-121
replacing current with new, 112 docker restart command, 23
Docker Compose docker rm command, 23
for single-node Kubernetes cluster, 151-154 docker search command, 57
for WordPress site creation, 194-196 docker start command, 23
testing Apache Mesos and Marathon with, docker stats command, 276
docker stop command, 23
197 Docker Swarm (see Swarm)
docker cp command, 35 docker tag command, 47
docker create command, 23 Docker test suite, 111
Docker daemon Docker Toolbox, 7-9
Docker UI, managing containers through,
IP tables/IP forwarding settings, 81-83 206-208
logging driver alternatives to, 280-282 docker-compose command, 194-196
managing and configuring, 108 docker-py
remote access to, 118
remote access using docker-py, 123-126
securing for remote access, 121-123
Docker engine, 1
docker events command, 278

332 | Index

for remote access of Docker daemon, G
123-126
Galera cluster
with TLS secure access, 125 dynamically configuring a load-balancer
docker0 bridge, 76 for, 321-323
Dockerfile on Docker Network, 319-321

defined, 2, 24 GCE (see Google Computing Engine)
for packaging a Flask application inside a generator, 277
Generic Routing Encapsulation (GRE) tunnel,
container, 44
image building with, 24 91-94
optimizing by following best practices, Git, xiv
Git Hook, for automated builds, 66
45-47 GitHub, 62-66
order of instructions, 301 Go (build system), xiv, 154
writing your first, 40-43 Google, 129
dynamic load balancer Google Computing Engine (GCE), 190
configuring for a MySQL Galera cluster,
account creation, 233
321-323 CLI, 248
creating with confd and registrator, 308-314 principles for instances, 235
starting Docker host on, 239-241
E using Docker in GCE Google-container

EC2 container service (ECS) instances, 252-254
and Mesos, 219 using Kubernetes in cloud via, 254-258
cluster creation, 261-265 Google Container Engine (GKE), 139, 145, 255
principles for instances, 234 Google Container Registry (GCR), 250
setting up for testing, 259-261 Gradle, 303
starting Docker containers on, 265-268 Grafana, 296
GRE (Generic Routing Encapsulation) tunnel,
Elasticsearch, 287 91-94
ELB (Elastic Load Balancing), 308-314
encapsulation, 91-94 H
ENTRYPOINT instruction, 41
etcd, 175, 177, 180, 226-228 hack directory, 110
events, monitoring, 277-279 HAProxy, 96
experimental binaries, 19 HashiCorp, 51
expose command, 257 Hello World, echoing in container, 20-22
host (see Docker host)
F HTTPD, 28-32
hyperkube, 153, 157
Fig, 196
flannel daemon I

overlay networking between CoreOS instan‐ images
ces, 180-182 and ONBUILD directive, 58
automated builds with Docker Hub, 62-66
overlay networking between Docker hosts, automated builds with Git Hook and private
98 registry, 66
building with Dockerfile, 24
Flask, 43 Conduit for continuous deployment, 67
fleet, 178 creation and sharing, 37
fleetctl CLI, 178
Fluentd, 280-282
FROM instruction, 41

Index | 333

Dockerfile optimization with best practices, configuring authentication to cluster, 165
45-47 configuring client to access remote clusters,

keeping changes made to container by com‐ 167
mitting to, 38 creating single-node cluster using Docker

migrating from Vagrant to Docker with Compose, 151-154
Docker provider, 49-51 dashboard, 162
multinode cluster creation with Vagrant,
packaging a Flask application inside a con‐
tainer, 43 135-138
networking pods for container connectivity,
publishing to Docker Hub, 55-57
running private registry for, 59-61 134
saving as tar files for sharing, 39 querying objects via labels, 140
using GCR to store, 250-252 running multiple containers in a pod,
using Packer to create, 51-54
versioning with tags, 47-49 144-146
writing Dockerfile for, 40-43 S3-compatible object store with Cassandra,
InfluxDB, 296
inspect method, 75 315
installation, Docker, 2-18 Spark cluster deployment, 324
CentOS 6.5, 3 starting components with hyperkube
CentOS 7, 4
Docker host in cloud with Docker Machine, binary, 157
starting containers on a cluster with pods,
15-18
local host setup with Vagrant, 4 139-140
OS X with Boot2Docker, 9-13 upgrading from old API version, 163
OS X with Docker Toolbox, 7-9 using cluster IP services for dynamic linking
Raspberry Pi, 6
Ubuntu 14.04, 2 of containers, 146-150
Windows 8.1 desktop with Boot2Docker, using in cloud via GCE, 254-258
using replication controller to manage pod
13-15
IP addresses, container, 70 replicas, 142-143
IP forwarding, 78, 81-83
IP tables, 81-83 L

J labels, querying Kubernetes objects via, 140
Lattice, 217-219
Jenkins, 304-308 Libcloud, 188
logging driver, 280-282
K logs (see container logs)
Logspout
Kibana, 287
Kismatic, 162 collecting container logs with, 282-285
Kitematic UI, 204-206 managing routes to store container logs, 285
kubectl, 142, 167, 256-258 Logstash, 282-285
kubectl create, 143 ltc create command, 218
kubectl get pods, 140
kubelet service, 131, 253 M
Kubernetes, 129-168
Machine (see Docker Machine)
API, 158-161 Makefile, 111
architecture basics, 131-134 Marathon (Mesos framework)
compiling to create your own release,
running containers via, 219-223
154-157 using Docker Compose to test, 197
Maven, 303
Mesos
continuous delivery pipeline using, 304-308
running containers via, 219-223

334 | Index

using Docker Compose to test, 197 CoreOS cluster to run containers on multi‐
Microsoft Azure (see Azure) ple hosts, 175-178
MySQL (see Galera cluster)
MySQL database, 28-32 CoreOS Linux distribution, 170-172
CoreOS with cloud-init, 173
N CoreOS with fleet, 178
RancherOS, 191
namespace Ubuntu Core Snappy, 185-187
for container, 79-81 Ubuntu Core Snappy instance on AWS EC2,
for Docker Network, 104
nsenter and, 114 188-191
Orchard, 196
networking, 69-105 orchestration system, 129
and pipework, 81-83 OS X
basics of networking Docker containers,
76-78 Docker installation using Docker Toolbox,
configuring Docker daemon IP tables/IP 7-9
forwarding settings, 81-83
container networking namespace selection, using Boot2Docker to get Docker host on,
79-81 9-13
containers on multiple hosts with Docker
Network, 100-103 overlay networking, flannel, 180-182
custom bridge for Docker, 88 OVS (Open vSwitch), 90
Docker Network namespaces configuration,
104 P
exposing container port on host, 71-73
finding IP addresses for container, 70 Packer, 51-54
flannel overlay between Docker hosts, 98 paravirtualized (PV) Amazon Linux AMI, 237
GRE tunnel between Docker hosts, 91-94 parent image, 58
linking containers in Docker, 73-75 pipework, 81-83
of pods for container connectivity, 134 Pithos, 315, 317
running containers on Weave network, pods, 131
94-96
running Weave Net on AWS, 96 and gcloud CLI, 256
using OVS with Docker, 90 and replication controllers, 142-143
defined, 132
Node.js, development environment for, networking, 134
300-304 running multiple containers in, 144-146
scheduling, 133
nodes, 129 starting containers on a cluster with,
nsenter, 113-115
139-140
O port, container, 71-73
postrouting rule, 82
object store, S3-compatible, 315 private registry, 59-61, 66
ONBUILD directive, 58 process logs, 279
Open Container Project (OCP), 115, 117 Project Atomic (see Atomic)
Open vSwitch (OVS), 90 project directory, 110
operating system distributions, Docker- proxy, 132
public clouds, accessing, 232-235
optimized, 169-192 public registry, 21
Atomic on AWS, 184 PV (paravirtualized) Amazon Linux AMI, 237
Atomic to run Docker containers, 182 Python
CoreOS and flannel overlay, 180-182
about, xiv
and Wharfee, 209
Boto (see Boto)
Flask framework, 43

Index | 335

Q creating clusters across cloud providers, 202
starting containers on a cluster with,
queries, Kubernetes objects, 140
199-201
R swarm discovery token, 202
systemd unit file, 109
Rancher, 213-216
RancherOS, 191 T
Raspberry Pi, 6
RedHat Atomic (see Atomic) tags, versioning image with, 47-49
registrator tar files, 39
tarball, 39
and dynamic load balancer, 308-311 task (defined), 265
discovering Docker services with, 226-229 tools, 193-229
registry, private, 59-61, 66
registry, public, 21 Ansible Docker module, 210-212
remote access Apache Mesos/Marathon, 219-223
configuring Kubernetes client for cluster Docker Compose (to create WordPress site),

access, 167 194-196
Docker remote API, 119-121 Docker Compose (to test Apache Mesos and
securing Docker daemon for, 121-123
to Docker daemon, 118 Marathon), 197
using docker-py to access Docker daemon, Docker Machine, 202
Docker Swarm, 199-201
123-126 Docker UI, 206-208
replication controllers Kitematic UI, 204-206
Lattice, 217-219
and pods, 134, 142-143 Mesos Docker containerizer, 224
defined, 131 Rancher, 213-216
resource utilization monitoring, 294 registrator, 226-229
REST API Wharfee, 208
Docker remote API as, 119 TUN device, 182
Kubernetes and, 158
Rancher and, 216 U
Rocket, 172
runc, 115-117 Ubuntu 14.04, Docker installation on, 2
Ubuntu Core Snappy (see Snappy)
S use cases (see application use cases)
user-data, 172-177
Selenium, 303
service, running in background, 22 V
shellinit command, 13
single-node cluster, 151-154 Vagrant
Snappy about, xiv
Ansible provisioner with, 212
running Docker on, 185-187 for multinode Kubernetes cluster creation,
starting an instance on AWS EC2, 188-191 135-138
Spark cluster, 323-327 installation, 5
SSH key, 16 local host setup using, 4
ssh, accessing instance via, 236 migrating images to Docker with Docker
storage driver, 126-128 provider, 49-51
Supervisor, 25-27 running CoreOS Linux distribution on local
supervisord, 2 machine with, 170-172
Swagger, 159
Swarm

336 | Index

starting CoreOS cluster to run containers on WordPress
multiple hosts, 175-178 and Ansible playbook, 211
and MySQL database, 28-32
WordPress and, 26 running linked containers with Kubernetes,
Vagrantfile, Ansible Docker module and, 210 147-149
virtual machine (VM), 241-243 running multiple containers in pod with
Kubernetes, 144-146
(see also Vagrant) running single container with Supervisor,
virtual switch, 90 25-27
VirtualBox, 202 running with two containers, 266-268
virtualization, 86 running with two linked containers, 28-30
VXLAN encapsulation, 182 using Docker Compose for site creation,
VXLAN interfaces, 104 194-196

W wordpress.yml, 211

Weave Net, 94-96 Z
Weave Scope, 297
webhooks, 65, 67 Zookeeper, 219
Wharfee interactive shell, 208
Windows 8.1, running Boot2Docker on desk‐

top, 13-15

Index | 337

About the Author

Sébastien Goasguen built his first compute cluster in the late 90s (when they were
still called Beowulf clusters) while working on his PhD; he has been working on mak‐
ing computing a utility since then. He has done research in grid computing and high-
performance computing, and with the advent of virtualization moved to cloud com‐
puting in the mid-2000s when he was a professor at Clemson University.
He is currently a senior open source solutions architect at Citrix, where he works pri‐
marily on the Apache CloudStack project helping develop the CloudStack ecosystem.
He was elected vice president of the Apache CloudStack project in March 2015. He is
also a member of the project management committee (PMC) of Apache libcloud, and
a member of the Apache Software Foundation. Sébastien focuses on the cloud ecosys‐
tem and has contributed to dozens of open source projects.

Colophon

The animal on the cover of Docker Cookbook is a beluga whale (Delphinapterus leu‐
cas), which along with the narwhal is one of two members of the family
Monodontidae.
Because it is adapted to life in the Arctic, the beluga whale is anatomically different
from most other types of whales. It is all white in color, does not have a dorsal fin, has
the highest percentage of blubber, and has a very large protuberance on its forehead
that houses its echolocation organ (called the “melon”). The melon is very important
because it not only allows the whale to hunt, but it also enables it to find blowholes
among shifting ice sheets.
Belugas are very gregarious creatures, and usually live in groups of around 10 indi‐
viduals. During the summer, these groups gather in coastal areas for breeding,
meaning that there can be hundreds or even thousands of belugas in one place. The
worldwide population has been estimated at 150,000, with the majority living in the
seas off of North America, Russia, and Greenland.
The native peoples of North America and Russia have hunted belugas for centuries,
but the whales were also hunted commercially during the 19th and early 20th centu‐
ries. Since whale hunting came under international regulation in the 1970s, only cer‐
tain Inuit and Alaska Native tribes are allowed to continue the practice today.
Belugas in the wild can live for 70 to 80 years, but they are a popular species of whale
for aquarium display, where the lifespan is significantly less. Currently the beluga is
considered to be a “near threatened” species because of population loss due to chang‐
ing habitat, polluted water, and infectious disease.

Many of the animals on O’Reilly covers are endangered; all of them are important to
the world. To learn more about how you can help, go to animals.oreilly.com.
The cover image is from A History of British Quadrupeds. The cover fonts are URW
Typewriter and Guardian Sans. The text font is Adobe Minion Pro; the heading font
is Adobe Myriad Condensed; and the code font is Dalton Maag’s Ubuntu Mono.