Category: docker

How Docker uses cgroups to set resource limits?

Today, I was interested to know how does Docker uses cgroups to set resource limits. In this short post, I will share with you what I learnt.

I will assume that you have a machine on which Docker is installed.

Docker allows you to pass resource limits using the command-line options. Let’s assume that you want to limit the IO read rate to 1mb per second for a container. You can start a new container with the device-read-bps option as shown below

$ docker run -it --device-read-bps /dev/sda:1mb centos

In the above command, we are instantiating a new centos container. We specified device-read-bps option to limit the read rate to 1mb per second for /dev/sda device.

Continue reading “How Docker uses cgroups to set resource limits?”

Using wait-for-it with Oracle database docker image

Today, I was working with an application that uses Oracle as the database. We decided dockerize the application to make it easy for fellow developers to work with the beast. We found a working Oracle docker image by sath89. Oracle 12c Docker image is close to 5.7GB on disk so we are not talking about lightweight containers here :). Once image was dowloaded, running image was as easy as running the following command.
Continue reading “Using wait-for-it with Oracle database docker image”

Amazon ECS: The Modern Cluster Manager Part 1

In the last few posts, we looked at various Docker utilities and how XL Deploy can make it easy for enterprises to adopt and use Docker. Docker streamlines software development and testing for teams that have started embracing it. The package once deploy anywhere (PODA) capability of Docker minimises the issue of environmental (like staging, quality assurance, and production) differences. Continue reading “Amazon ECS: The Modern Cluster Manager Part 1”

Upgrading Docker Compose to latest version

If you use Docker for Mac or something similar, Docker Compose will be installed along with it. Docker Compose has a different release timeline for Docker for Mac so you will not be able to try latest version of Docker compose until you upgrade Docker for Mac. This is limiting. You should be able to install Docker compose independently. To achieve that, you can run following command

$ composeVersion=1.13.0
$ curl -L https://github.com/docker/compose/releases/download/$composeVersion/docker-compose-`uname -s`-`uname -m` > /usr/local/bin/docker-compose$ chmod +x /usr/local/bin/docker-compose

In the above commands, $ signify bash prompt. You don’t have to type it. Now, you can check Compose version using the command shown below.

$ docker-compose version

Talk: Container Performance Analysis

Today, I watched DockerCon 2017 talk on Container Performance Analysis. Talk is given by Brendan Gregg, Senior Performance Architect at Netflix. In his talk, he shares various linux tools that can help you understand performance of your container platform. It is a great talk for anyone trying to do performance analysis of containers. In one of his slides, he shared 10 tools that he will use to start the investigation.

  1. uptime to check load averages
  2. dmesg | tail  to check kernel errors
  3. vmstat 1 to see overall stats by time
  4. mpstat -P ALL 1 to check CPU balance
  5. pidstat 1 to check process usage
  6. iostat -xz 1 to disk I/O
  7. free -m to check memory usage
  8. sar -n DEV 1 to check network I/O
  9. sar -n TCP, ETCP 1 to view TCP stats
  10. top for overview

Continue reading “Talk: Container Performance Analysis”

Multi-stage Docker Image Build for Java Applications

A few days back, I discovered a new Docker feature — multi-stage builds. The multi-stage build feature helps you create thin Docker images by giving possibility to divide image building process into multiple stages. Artifacts produced in one stage can be resused by another stage. This is very beneficial for languages like Java as multiple steps are required to build the Docker image. The main advantage of multi-stage build feature is that it can help you create smaller size images. This feature is not yet available in stable versions of Docker. It will become available in Docker 17.05. To use this feature, you have to use edge version of Docker CE.

To build a Docker image for a Java application, you first need to build the Java project. Java build process needs JDK and a build tool like Maven, Gradle, or Ant. Once Java binary artifact is produded, you can package the binary in a Docker image. For running a Java binary, you only need JRE so you don’t have to pay the cost of bundling the whole JDK.

You can read full blog at https://blog.xebialabs.com/2017/05/25/multi-stage-docker-image-build-for-java-applications/

5 Docker Utilities You Should Know

There are a lot of cool Docker utilities that you can find on the web. Most of these are open source and available on Github. I have become an active user of Docker for last two years, using it for most of my development projects. As you start using Docker, you will find Docker is suitable for more use cases than you initially envisioned it for. You will want Docker to do a little more for you, and it will not disappoint you.

Docker community is very active, a lot of useful utilities keep popping daily. It is difficult to keep check of all the innovation happening in the community. In the following post, I have collected some interesting and useful Docker utilities which I use in my daily work. These utilities makes me more productive, otherwise would have been a manual work.

In this post, I will cover watchtower, docker-gc, docker-slim, rocker, and ctop utilities. You can read full blog at https://blog.xebialabs.com/2017/05/18/5-docker-utilities-you-should-know/.

Docker Machine Error Unable to Query Docker Version

Today, when I created a new docker machine I started getting Unable to query docker version: Get https://192.168.99.101:2376/v1.15/version: x509: certificate is valid for 192.168.99.100, not 192.168.99.101

To fix this error, run the following command.

docker-machine regenerate-certs default

Please change default with name of your docker machine.

Docker Machine — dial tcp: i/o timeout error on Mac

Today, while trying to use Docker Machine to create a local docker host on my macbook I was greeted with an exception as shown below.

$ docker-machine create -d virtualbox dev
Creating CA: /Users/abc/.docker/machine/certs/ca.pem
Creating client certificate: /Users/abc/.docker/machine/certs/cert.pem
Image cache does not exist, creating it at /Users/abc/.docker/machine/cache...
No default boot2docker iso found locally, downloading the latest release...No default boot2docker iso found locally, downloading the latest release...
Error creating machine: Get https://api.github.com/repos/boot2docker/boot2docker/releases: dial tcp: i/o timeout
You will want to check the provider to make sure the machine and associated resources were properly removed.

I tried to clear the local docker cache by deleting ~/.docker directory but each time I got the same exception. After a bit of trial and error I found out that it is because of the non-resolvable DNS server in the network settings. You can view your DNS server by going to System Preference > Network > Your internet connection > DNS. Make sure you are using a valid DNS server name. In case you don’t know a valid DNS server then you can use Googles **8.8.8.8** server. Now, next time you will usedocker-machine create` command you will be able to successfully create a machine.