- if you've hear a bit about container technology then you're probably wondering a bit about it. That's the point of this point of this post. It's "special but not". It can be replicated in a few hundred lines of code as indicated in the following (these notes are from a long while back/maybe even years? so if they're not entirely up to date please excuse me)
Docker Tutorial - What is Docker & Docker Containers, Images, etc
Learn Docker in 12 Minutes
- if you dig around then you'll realise that higher lever languages can implement it in an even small number of lines of code. It's a good/interesting read if you're curious
lizzie container linux
Linux Container Internals
Linux containers in 500 lines of code
- you can build, run images locally or download from remote repositories. Since I seem to have occasional connectivity issues I've tried using proxies as well as alternate mirrors. Note, iptraf is an easier way to track progress when dealing with network issues but something like wirehsark is needed to track exactly where/what the connection drop out may be caused by? I have a gut feeling that it may be caused by a specific type of packet?
proxify docker
mirror docker images
sudo vim /etc/docker/daemon.json
{
"registry-mirrors": ["https://mirror.gcr.io"]
"debug": true
}
sudo service squid restart
- if you don't realdy know it doesn't really work on 32-bit platforms as yet. Even if you can get it running on 32-bit platforms it's likely to only have limited images available for it to work with. You'll be on your own creating images
docker on x86
- this is the most basic version of it
hello world docker image
sudo docker run hello-world
- there are obviously lots of templates and examples out there if you look around
debian docker configuration
- if you don't want to create a login you can download the client application via github and/or your local software repository (if relevant)
docker github download
- I've obviously been looking at spiderfoot of late (it's a OSINT security product if you don't know). I tried using it via python python but my local setup is sometimes awkward so decided to switch to a Docker container format instead. If you don't already know spiderfoot and spiderpig have no relation... Note, that you may need to download and install cgroupfs-mount to deal with mounting issues on some systems
docker build -t spiderfoot .
docker run -p 5009:5001 -d spiderfoot
https://github.com/tianon/cgroupfs-mount
cd cgroupfs-mount
sudo ./cgroupfs-mount
- ironically, downloading both docker and spiderfoot is not as straightforward as it may seem. There can be a lot of dependencies depending on your local, setup
git clone https://github.com/docker/docker/
git clone https://github.com/moby/moby
- before you start you should probably check that your system fulfil Docker requirements. One interesting thing is that in spite of mentions of 32-bit packages being available support is limited
docker kernel requirements
debian 32bit docker package
sudo docker search i386
sudo docker pull i386/busybox
sudo docker images
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
hello-world latest 19b3f968b60c 10 days ago 1.84 kB
i386/busybox latest a716e59aa377 6 weeks ago 1.102 MB
sudo docker run a716e59aa377
FATA[0001] Error response from daemon: Cannot start container 3cb9841dd899c6dc2c215695c07975bf45c0ee9ab3e29e092acca6197aebac44: [8] System error: pivot_root invalid argument
- cheatsheets are available all over the place. The problems with a lot of documentation is that it doesn't cover enough of the core architecture for Docker. You need to consult a wide variety of sources to gain a good understanding of it. Most of what I've seen gives you a basic overview only. Your best bet is to read the source code of an alternate version of it (top of this post)
Recap and cheat sheet
## List Docker CLI commands
docker
docker container --help
## Display Docker version and info
docker --version
docker version
docker info
## Execute Docker image
docker run hello-world
## List Docker images
docker image ls
## List Docker containers (running, all, all in quiet mode)
docker container ls
docker container ls --all
docker container ls -aq
https://docs.docker.com/get-started/#recap-and-cheat-sheet
- this is core log file
sudo less /var/log/docker.log
- simple sample Dockerfile
FROM scratch
COPY /echo /
CMD ["./echo"]
- simple build sample
sudo docker build --tag scratch .
Sending build context to Docker daemon 34.82 kB
Sending build context to Docker daemon
Step 0 : FROM scratch
--->
Step 1 : COPY /echo /
---> b750e76ae4c8
Removing intermediate container 295a02e11a50
Step 2 : CMD ./echo
---> Running in 8e62d5ce6709
---> 024cc21a7703
Removing intermediate container 8e62d5ce6709
Successfully built 024cc21a7703
- simple examples for the build process. Obviously, once you realise what docker/containerisation actually is you realise simple it is
creating a docker image
create docker image locallly
- clearly 'Dockerfiles' look pretty simple but if your local setup is screwed up things can get pretty hairy pretty quickly. Be prepared for some heavy hacking? Note that in some cases, the error messages can be pretty cryptic. I suspect the following came from trying to run it on a 32-bit platform
sudo docker build -t spiderfoot .
Sending build context to Docker daemon 18.42 MB
Sending build context to Docker daemon
Step 0 : FROM alpine:3.7
3.7: Pulling from alpine
43957646aca8: Pull complete
32ad7db8a12e: Pull complete
Digest: sha256:6df50d972722fafbdc8db14f1062ea201557425202b4792c553f428fe11e1afa
Status: Downloaded newer image for alpine:3.7
---> 32ad7db8a12e
Step 1 : ENV SPIDERFOOT_VERSION 2.11.0
---> Running in 20bae07e1a5b
---> 487a7df8a7a2
Removing intermediate container 20bae07e1a5b
Step 2 : COPY requirements.txt .
---> 12d15bb775ca
Removing intermediate container 356886f3d164
Step 3 : RUN apk
---> Running in 9103666a686b
INFO[0050] [8] System error: pivot_root invalid argument
- even with debian:jessie still getting
sudo docker build -t spiderfoot .
Sending build context to Docker daemon 18.14 MB
Sending build context to Docker daemon
Step 0 : FROM debian:jessie
jessie: Pulling from debian
4d048f4dff67: Pull complete
fc84940165ce: Pull complete
Digest: sha256:2c215e695cefc8f3de6a063818458c4ee3f247795fa01ffbf9fe71ced21517f4
Status: Downloaded newer image for debian:jessie
---> fc84940165ce
Step 1 : RUN apt-get install -y swig --no-install-recommends
---> Running in ed2473f05f23
INFO[0519] [8] System error: pivot_root invalid argument
----------------------------------------
pivot_root fails docker wrong image
----------------------------------------
i586-linux-gnu-gcc -pthread -DNDEBUG -g -fwrapv -O2 -Wall -Wstrict-prototypes -fno-strict-aliasing -D_FORTIFY_SOURCE=2 -g -fstack-protector-strong -Wformat -Werror=format-security -fPIC -DPSUTIL_POSIX=1 -DPSUTIL_VERSION=543 -DPSUTIL_LINUX=1 -I/usr/include/python2.7 -c psutil/_psutil_common.c -o build/temp.linux-i686-2.7/psutil/_psutil_common.o
psutil/_psutil_common.c:9:20: fatal error: Python.h: No such file or directory
compilation terminated.
error: command 'i586-linux-gnu-gcc' failed with exit status 1
----------------------------------------
Cleaning up...
Command /usr/bin/python -c "import setuptools, tokenize;__file__='/tmp/pip-build-cdwF4G/psutil/setup.py';exec(compile(getattr(tokenize, 'open', open)(__file__).read().replace('\r\n', '\n'), __file__, 'exec'))" install --record /tmp/pip-OxmEYZ-record/install-record.txt --single-version-externally-managed --compile failed with error code 1 in /tmp/pip-build-cdwF4G/psutil
Storing debug log for failure in /root/.pip/pip.log
pivot_root docker
- management of large numbers of containers can be handled via manager type utilities now. A lot of them say they're 100% fullproof but if you spend enough time around them you also realise that this claim isn't always true
docker swarm
docker swarm alternative to
http://mesos.apache.org/
kubernetes quickstart
https://cloud.google.com/kubernetes-engine/docs/quickstart
https://kubernetes.io/docs/tutorials/kubernetes-basics/
https://blog.sourcerer.io/a-kubernetes-quick-start-for-people-who-know-just-enough-about-docker-to-get-by-71c5933b4633
kubernetes quickstart
https://cloud.google.com/kubernetes-engine/docs/quickstart
https://kubernetes.io/docs/tutorials/kubernetes-basics/
https://blog.sourcerer.io/a-kubernetes-quick-start-for-people-who-know-just-enough-about-docker-to-get-by-71c5933b4633
- if all else fails and you can't get Docker running on your system just download a live 64-bit based Linux distro or else run something via the cloud such as Amazon Web Services or Azure. There are some websites that even offer pure web based simulations scenarios
Random Stuff:
- as usual thanks to all of the individuals and groups who purchase and use my goods and services
- latest in science and technology
Crowdcube alternative to
sqlite quick reference
sqlite alternative to
Ask HN: Strict alternatives to SQLite?
IBM Think Academy
University's letter of admission contains homemade CPU chip
- latest in finance and politics
- latest in defense and intelligence
Galloway: "I've lost count of how many countries the US has sanctioned"
Neocons ‘flailing,’ threaten Venezuela officials – Dan Kovalik
Rick Sanchez explains why Russian Nuclear Bombers are in Venezuela
US attack on Huawei backfires, sales way up
A coup is a coup: ‘Semantics don’t change the nature of US activities in Venezuela’
Number of F-35s Built for USAF Eclipses Number of F-22s
AJ+
Is The U.S. Going To War With Iran? | AJ+
- latest in animal news
- latest in music and entertainment
How Patrick Cantlay Changed His Swing To Protect His Lower Back - and His Career
golf shaft weight difference
http://www.golfwrx.com/521024/watch-pga-tour-players-play-hole-blindfolded-and-its-hilariousamazing/
Random Quotes:
- It’s something Mr Voigt can relate to, saying the role of a principal has shifted from school leader and mentor to corporate manager.
Most of the paperwork he had to do was “pointless” box-ticking and red tape that offered little-to-no value to the school environment, he said.
“There was a study about how principals spend their time and less than one per cent was talking to teachers about students. That should be the core business of their role.
“For principals, it’s the administrative load they’re expected to carry. The sheer volume of paperwork is absolutely enormous. What you’re expected to deal with and the hours you’re expected to work are huge.
“They’re sitting in their offices forced to write reports and do admin when they should be helping teachers to become better teachers.”
Another factor that current and former teachers say is making the job a nightmare is the attitude of parents, which seems to have shifted dramatically in the past decade.
Mr Voigt said the “blame game” was becoming worse, with mums and dads expecting schools to be a single solution for every requirement.
“We wind up crowding schools with nonsense. Instead of teaching kids how to learn and to be good citizens, we teach them how to drive, how to eat, how to have manners … all of those things that take up precious time.”
- Geoff Ogilvy once said something to me that a lot of golfers would understand: “When you’re playing well, you can’t remember how you could ever shoot a bad score over par. But when you play poorly, you can’t remember how you ever played well and shot the scores you used to.” The second part of that comment is what has haunted me for the past two years.
- Thucydides (/θjuːˈsɪdɪdiːz/; Greek: Θουκυδίδης Thoukydídēs [tʰuːkydídɛːs]; c. 460 – c. 400 BC) was an Athenian historian and general. His History of the Peloponnesian War recounts the fifth-century BC war between Sparta and Athens until the year 411 BC. Thucydides has been dubbed the father of "scientific history" by those who accept his claims to have applied strict standards of impartiality and evidence-gathering and analysis of cause and effect, without reference to intervention by the deities, as outlined in his introduction to his work.[1][2][3]
He also has been called the father of the school of political realism, which views the political behavior of individuals and the subsequent outcomes of relations between states as ultimately mediated by and constructed upon the emotions of fear and self-interest.[4] His text is still studied at universities and military colleges worldwide.[5] The Melian dialogue is regarded as a seminal work of international relations theory, while his version of Pericles' Funeral Oration is widely studied by political theorists, historians, and students of the classics.
More generally, Thucydides developed an understanding of human nature to explain behaviour in such crises as plagues, massacres, and civil war.
- “In dogs there's something called trigger stacking. A dog may have a moderate or low-level response to any one particular thing, but if you build up the stress of multiple things that can result in a dog reacting quite strongly, even if none of the individual triggers would do it.
“Just like you and I, you wake up late, and then the hot water heater is broken, and then you go out to your car and it won't start so you have to call a cab, things stack up and by the time you get to work you snap uncharacteristically. I think it's the case that the dog got so ramped up, so focused, that this was an individual dog that didn't have the coping mechanisms for severe stress, maybe due to the violent assaults in the past.
“It could have been in this particular case a perfect storm of factors came together at that particular time. Had the gentleman not been wearing a headlamp, or had he not had a bicycle, or maybe even had it not been storming outside. Maybe if it had been 3 in the afternoon instead of the morning, who knows? Somewhere it went off the rails where Tania was trying to restrain the dog.”
Today, few hints of the tragedy remain. The public housing property has since been demolished, replaced with a neat new brick home with colourful bunting around the front yard, waiting to welcome its new tenants.
Crosby understands that his and the coroner’s findings may be difficult for some worried members of the Canberra community to accept.
“I've seen an awful lot, more than just about anyone else, but they are very unusual occurrences. In all the cases I've been involved in there have been an accumulation of factors and if anything had gone differently, it probably wouldn't have turned out that way.
“We just have to accept that your normal pet dog doesn't kill somebody.”
- A Zambian firm said on Wednesday it had suspended production of an energy drink after a consumer in Uganda complained of a prolonged erection, with tests suggesting it contained the active ingredient of Viagra.
SX Energy Natural Power drink, produced by Revin Zambia, is exported around the region including to Uganda, where the consumer also complained of profuse sweating.
Revin Zambia general manager Vikas Kapoor said his company stopped making the drink on Tuesday while launching an internal investigation.
"We have allowed the government or any of its agencies to conduct their own investigations as well, but as far as we know, the drink does not contain any drug," he told AFP.
He said his company, based in the city of Ndola north of the Zambian capital Lusaka, has made the energy drink since last year.
The Pharmaceutical Society of Zambia (PSZ) said tests shared by the Uganda National Drug Authority had revealed the presence of sildenafil citrate - a drug used to treat erectile dysfunction and dispensed under the brand name Viagra.
The PSZ said the label claims that the drink "contains natural extracts of ginger and tongkat ali, a well-known aphrodisiac, and testosterone booster as the main ingredients".
It called on Zambians to avoid the drink.
Ugandan authorities confirmed they are seizing imported supplies.
"We received notification from [the Ugandan] National Drug Authority that the energy drink was adulterated and our teams are impounding it," Uganda's bureau of standards spokesman Godwin Muhwezi told AFP.
- So far, at least nine countries have cut off their national internet connections to assert political control at critical moments. A countersecurity fellow at the New America Foundation in Washington, Justin Sherman, in a piece last month called "Here Come the Internet Blackouts", listed Egypt, Libya, the Maldives, Myanmar, Nepal, Sierra Leone and Syria as countries that had deliberately shut down the internet in recent years to contain people's protest, and, so far this year, Gabon and the Democratic Republic of Congo have done the same.
Much smarter are the countries that have managed to retain political control of the web without resorting to the crude tactic of disconnecting it. The standout success is China. China long ago figured out how to plunder the web globally while walling itself off from attack locally. The West's tech geniuses always said that this was impossible, that the web was beyond the control of any government, that censorship in the age of the internet was quixotically pathetic. But the Great Firewall of China has proved them wrong.
Beijing not only wants to keep sovereign control of its web and its people, it also wants to be able to survive a US internet embargo, the equivalent of the old-style trade embargo. Last week Russia's Duma gave initial approval to a bill that would allow Moscow to do the same.