Differences

This shows you the differences between two versions of the page.

--- технология_docker [2024/02/17 10:54]
val [Копирование файлов и подключение к контейнеру]
+++ технология_docker [2024/05/01 17:02]
val [Микросервисы]
@@ Line 90: / Line 90: @@
 root@webinar:~# docker exec greenlight-v3 wget -O /dev/null https://keycloak.corp13.un
+root@webinar:~# docker commit greenlight-v3 bigbluebutton/greenlight:v3
 </code>
@@ Line 151: / Line 153: @@
   * [[Сервис TACACS+]]
-  * [[Средства программирования shell#Web сервер на shell]]
 <code>
-server# mkdir /root/webd/ && cd /root/webd/
+server# mkdir -p /root/webd/ && cd /root/webd/
   или
 gitlab-runner@server:~$ mkdir -p ~/webd/webd/ && cd ~/webd/webd/
@@ Line 160: / Line 161: @@
 server# cp /usr/local/sbin/webd .
+или
+</code>
+  * [[Средства программирования shell#Web сервер на shell]]
+<code>
 gitlab-runner@server:~/webd/webd$ nano webd      # добавляем закомментированные строки
@@ Line 183: / Line 188: @@
 #FROM debian:buster
 FROM debian:bullseye
+#FROM debian:bookworm
 RUN cp /usr/share/zoneinfo/Etc/GMT-3 /etc/localtime \
@@ Line 253: / Line 259: @@
   * [[Технология cgroup]]
+  * [[https://www.baeldung.com/ops/docker-memory-limit|Setting Memory And CPU Limits In Docker]]
+  * [[https://stackoverflow.com/questions/72185669/what-is-the-real-memory-available-in-docker-container|What is the real memory available in Docker container?]]
   * [[Технология namespaces]]
 <code>
@@ Line 262: / Line 271: @@
 server# cat /proc/<PID>/cgroup
 server# systemd-cgls
-server# cat /sys/fs/cgroup/memory/docker/NNNNNNNNNNNNNNNNNNNNNNNNNNNNN/memory.max_usage_in_bytes
+cgroup-v1# cat /sys/fs/cgroup/memory/docker/NNNNNNNNNNNNNNNNNNNNNNNNNNNNN/memory.max_usage_in_bytes
+cgroup-v2# cat /sys/fs/cgroup/system.slice/docker-NNNNNNNNNNNNNNNNNNNNNNNNNNNNN.scope/memory.max
 server# docker stats
@@ Line 345: / Line 354: @@
 # docker stop sftp01
+# docker rm sftp01
 </code>
@@ Line 480: / Line 491: @@
 ==== Secure Private Registry ====
+  * [[Пакет OpenSSL#Импорт сертификата центра сертификации]]
 <code>
-docker login gitlab.bmstu.ru:5050
+# docker pull server.corp13.un:5050/student/gowebd
-docker tag gowebd gitlab.bmstu.ru:5050/val/gowebd
-docker push gitlab.bmstu.ru:5050/val/gowebd
+# docker login server.corp13.un:5050
 </code>
 ==== Использование образа Docker Registry и on-premise CA ====
@@ Line 511: / Line 525: @@
 }
 </code>
+===== Дополнительная информация =====
+==== Приложение apwebd ====
+<code>
+~/apwebd$ cat Dockerfile
+</code><code>
+FROM debian:bookworm
+RUN cp /usr/share/zoneinfo/Etc/GMT-3 /etc/localtime \
+    && apt-get update \
+    && apt-get install -y findutils gettext-base apache2 libapache2-mod-auth-openidc \
+    && apt-get clean \
+    && a2enmod cgid \
+    && a2enmod auth_openidc
+COPY rootfs/ /
+EXPOSE 80
+ENTRYPOINT ["/start.sh"]
+</code><code>
+~/apwebd$ find rootfs/ -type f | xargs tail -n +1
+</code><code>
+==> rootfs/var/www/html/index.html.apwebd-template <==
+</code><code>
+<HTML>
+  <HEAD>
+    <META HTTP-EQUIV="Refresh" CONTENT="10;URL=/cgi-bin/apwebd/">
+  </HEAD>
+  <BODY text="blue">
+    <H1><A HREF=/cgi-bin/apwebd/>Login to ${APWEBD_HOSTNAME}</A></H1>
+    Version: 1.2
+  </BODY>
+</HTML>
+</code><code>
+==> rootfs/start.sh <==
+</code><code>
+#!/bin/sh
+[ "$APWEBD_HOSTNAME" ] || { echo Please set env APWEBD_HOSTNAME; exit; }
+[ "$KEYCLOAK_HOSTNAME" ] || { echo Please set env KEYCLOAK_HOSTNAME; exit; }
+[ "$REALM_NAME" ] || { echo Please set env REALM_HOSTNAME; exit; }
+find / -type f -name '*.apwebd-template' | while read -r FILE; do envsubst < "$FILE" > "${FILE%.apwebd-template}"; done
+/etc/init.d/apache2 start
+tail -f /var/log/apache2/error.log -f /var/log/apache2/access.log
+</code><code>
+==> rootfs/etc/apache2/conf-available/serve-cgi-bin.conf.apwebd-template <==
+</code><code>
+<IfModule mod_alias.c>
+        <IfModule mod_cgi.c>
+                Define ENABLE_USR_LIB_CGI_BIN
+        </IfModule>
+        <IfModule mod_cgid.c>
+                Define ENABLE_USR_LIB_CGI_BIN
+        </IfModule>
+        <IfDefine ENABLE_USR_LIB_CGI_BIN>
+                OIDCSSLValidateServer Off
+                OIDCProviderMetadataURL https://${KEYCLOAK_HOSTNAME}/realms/${REALM_NAME}/.well-known/openid-configuration
+                OIDCRedirectURI http://${APWEBD_HOSTNAME}/cgi-bin/apwebd
+                OIDCClientID any-client
+                OIDCCryptoPassphrase anystring
+                ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
+                <Directory "/usr/lib/cgi-bin">
+                        AllowOverride None
+                        Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
+#                       Require all granted
+                        AuthType openid-connect
+                        Require valid-user
+                </Directory>
+        </IfDefine>
+</IfModule>
+</code><code>
+==> rootfs/usr/lib/cgi-bin/apwebd <==
+</code><code>
+#!/bin/sh
+echo Content-type: text/html
+echo
+echo "<h1 style=\"color:blue;\">Hello ${OIDC_CLAIM_preferred_username}</h1>"
+echo "<pre>"; env; echo "</pre>"
+</code><code>
+~/apwebd$ docker build -t server.corp13.un:5000/student/apwebd:ver1.2 .
+~/apwebd$ docker run -e APWEBD_HOSTNAME=apwebd.corp13.un -e KEYCLOAK_HOSTNAME=keycloak.corp13.un -e REALM_NAME=corp13 -itd --rm -P server.corp13.un:5000/student/apwebd:ver1.2
+~/apwebd$ docker run -e APWEBD_HOSTNAME=apwebd.corp13.un -e KEYCLOAK_HOSTNAME=keycloak.corp13.un -e REALM_NAME=corp13 -itd --entrypoint bash server.corp13.un:5000/student/apwebd:ver1.2
+~/apwebd$ docker push server.corp13.un:5000/student/apwebd:ver1.2
+</code>
 ===== Старая версия =====

Методические материалы Лохтурова Вячеслава

User Tools

Site Tools

Differences

Page Tools