Book Image

Troubleshooting Docker

By : Vaibhav Kohli, Rajdeep Dua, John Wooten
Book Image

Troubleshooting Docker

By: Vaibhav Kohli, Rajdeep Dua, John Wooten

Overview of this book

You?re pro Docker? You?ve read all about orchestration with Docker in books? Now learn how to troubleshoot Docker in practice. Gain all the tools to safely see Docker in action with this 2017 book.

Related Content you might be interested in

Current Title:

Small book image
Troubleshooting Docker
Vaibhav Kohli | Rajdeep Dua | John Wooten
Mar, 2017 | 290 pages
Small book image
Containers in OpenStack
Madhuri Kumari | Pradeep Kumar Singh
Dec, 2017 | 176 pages
Small book image
Learning Docker
Jeeva S Chelladhurai | Pethuru Raj | Vinod Singh
May, 2017 | 300 pages
Small book image
Docker Cookbook
Jeeva S Chelladhurai | Ken Cochrane | Neependra K Khare
Aug, 2018 | 352 pages
Table of Contents (17 chapters)
Troubleshooting Docker
Troubleshooting Docker
Credits
Credits
About the Authors
About the Authors
About the Reviewer
About the Reviewer
www.PacktPub.com
www.PacktPub.com
Customer Feedback
Customer Feedback
Preface
Preface
Free Chapter
1
Understanding Container Scenarios and an Overview of Docker
Understanding Container Scenarios and an Overview of Docker
Decoding containers
Unikernels
Summary
2
Docker Installation
Docker Installation
Installing Docker on Ubuntu
Installing Docker on Red Hat Linux
Deploy CentOS VM on AWS to run Docker containers
Installing Docker on CoreOS
Installing Docker on Fedora
Installing Docker with script
Installing Docker on SUSE Linux
Summary
3
Building Base and Layered Images
Building Base and Layered Images
Building container images
Image testing and debugging
Automated image building
Summary
4
Devising Microservices and N-Tier Applications
Devising Microservices and N-Tier Applications
Hype or hubris
Monolithic architecture
N-tier application architecture
Microservices architecture
Summary
5
Moving Around Containerized Applications
Moving Around Containerized Applications
Redistributing via Docker registry
Pushing images to Docker Hub
Docker Trusted Registry (DTR)
Docker Universal Control Plane
Summary
6
Making Containers Work
Making Containers Work
Privileged containers
Super-privileged container
Puppet
Ansible
Chef
Summary
7
Managing the Networking Stack of a Docker Container
Managing the Networking Stack of a Docker Container
Docker networking
docker0 bridge
Configuring DNS
Troubleshooting communication between containers and the external network
libnetwork and the Container Network Model
Docker networking tools based on overlay and underlay networks
Configuring an overlay network with the Docker Engine swarm node
Configuring OpenvSwitch (OVS) to work with Docker
Summary
8
Managing Docker Containers with Kubernetes
Managing Docker Containers with Kubernetes
Deploying Kubernetes on Bare Metal machine
Troubleshooting the Kubernetes Fedora manual setup
Deploying Kubernetes using Minikube
Deploying Kubernetes on AWS
Deploying Kubernetes on vSphere
Kubernetes setup troubleshooting
Kubernetes pod deployment
Deploying Kubernetes in a production environment
Debugging Kubernetes issues
Summary
9
Hooking Volume Baggage
Hooking Volume Baggage
Avoiding troubleshooting by understanding Docker volumes
Default case storing data inside the Docker container
Data-only container
Host mapped volume backed up by shared storage
Docker storage driver performance
Summary
10
Docker Deployment in a Public Cloud - AWS and Azure
Docker Deployment in a Public Cloud - AWS and Azure
Architecture of Amazon ECS
Troubleshooting - AWS ECS deployment
Updating Docker containers in the ECS cluster
Microsoft Azure container service architecture
Troubleshooting - The Microsoft Azure Container Service
Docker Beta for AWS and Azure
Summary

Super-privileged container

This concept is introduced in one of the Project Atomic blogs, by Redhat. It provides the capability to use a special/privileged container as an agent to control the underlying host. If we ship only the application code, we risk turning the container into a black box. There are many benefits to the host of packaging up an agent as a Docker container with the right access. We can bind in devices via -v /dev:/dev, which will help to mount devices inside the container without needing super-privileged access.

Using nsenter trick, allows you to run commands in another namespace, that is, if Docker has its own private mount namespace, with nsenter and the right mode we can reach out to the host and mount things in its namespace.

We can run in privileged mode to mount the whole host system on some path (/media/host):

$ docker run -it -v /:/media/host --privileged fedora 
nsenter --mount=/media/host/proc/1/ns/mnt --mount /dev/xvdf /home/mic

We can then use nsenter...

Previous Section
End of Section 3
Next Section