Ghi chú về docker compose
Kiểm tra phiên bản compose v2
-
- docker compose
# V1
docker-compose version
# V2
docker compose version
# disable v2
# docker-compose disable-v2Tìm hiểu docker-compose.yaml file
- https://github.com/compose-spec/compose-spec/blob/master/spec.md
- compose.yaml, docker-compose.yaml
services:
web:
build: .
# CMD
command: bundle exec thin -p 3000
# ENTRYPOINT
entrypoint: /code/entrypoint.sh
# USER
user:
# namespace
userns_mode: "host"
# [HOST:]CONTAINER[/PROTOCOL]
# HOST - [IP:](port | range)
# CONTAINER - port | range
# PROTOCOL - tcp|udp
ports:
- '5000:5000'
- target: 80
host_ip: 127.0.0.1
published: 8000-9000
protocol: tcp
mode: host
expose:
- "3000"
- "8000"
env_file: .env
environment:
RACK_ENV: development
SHOW: "true"
USER_INPUT:
environment:
- RACK_ENV=development
- SHOW=true
- USER_INPUT
depends_on:
- redis
depends_on:
redis:
# service_healthy
condition: service_started
container_name: my_web
credential_spec:
# Windows HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Virtualization\Containers\CredentialSpecs
file: my-credential-spec.json
registry: my-credential-spec
# SERVICE:ALIAS
links:
# /etc/hosts
# container -> alias
external_links:
- redis
- database:mysql
# /etc/hosts
extra_hosts:
- "somehost:162.242.195.82"
- "otherhost:50.31.209.229"
# ACL
group_add:
- mail
# https://docs.docker.com/engine/reference/builder/#healthcheck
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost"]
interval: 1m30s
timeout: 10s
retries: 3
start_period: 40s
# always|never|missing|build
pull_policy:
# no|always|no-failure|unless-stopped
restart:
read_only:
tmpfs:
- /run
- /tmp
runtime: runc
configs:
- web_config
- source: my_config
target: /redis_config
uid: "103"
gid: "103"
mode: 0440
profiles:
# secrets
# /run/secrets/<secret_name>
secrets:
- server-certificate
# VOLUME:CONTAINER_PATH:ACCESS_MODE
volumes:
- type: volume
source: db-data
target: /data
volume:
nocopy: true
- type: bind
source: /var/run/postgres/postgres.sock
target: /var/run/postgres/postgres.sock
volumes_from:
working_dir:
redis:
image: 'redis:alpine'
domainname:
hostname:
labels:
stdin_open:
tty:
ulimits:
nproc: 65535
nofile:
soft: 20000
hard: 40000
stop_grace_period: 10s
stop_signal: SIGTERM
storage_opt:
size: '1G'
# tinit
init: false
# shareable
# service:{name}
ipc:
isolation:
logging:
driver: syslog
options:
syslog-address: "tcp://192.168.0.42:123"
# host|none|service:[service name]
network_mode:
networks:
some-network:
ipv4_address:
ipv6_address:
aliases:
- alias1
app_net:
link_local_ips:
- 57.123.22.11
priority: 100
mac_address:
dns:
- 8.8.8.8
- 9.9.9.9
# /etc/resolv.conf
dns_opt:
- use-vc
- no-tld-query
dns_search:
- dc1.example.com
- dc2.example.com
cap_add:
- ALL
cap_drop:
- NET_ADMIN
- SYS_ADMIN
sysctls:
net.core.somaxconn: 1024
net.ipv4.tcp_syncookies: 0
privileged:
security_opt:
- label:user:USER
# CPU
cpu_count:
cpu_percent:
cpu_shares:
cpu_period:
cpu_quota:
cpu_rt_runtime:
cpu_rt_period:
cpuset:
mem_swappiness:
memswap_limit:
oom_kill_disable:
oom_score_adj:
# /dev/shm
shm_size:
#
pid:
# os[/arch[/variant]]
platform:
# cgourp
cgroup_parent:
# https://www.kernel.org/doc/html/latest/admin-guide/cgroup-v1/devices.html
device_cgroup_rules:
- 'c 1:3 mr'
- 'a 7:* rmw'
# HOST_PATH:CONTAINER_PATH[:CGROUP_PERMISSIONS]
devices:
- "/dev/ttyUSB0:/dev/ttyUSB0"
- "/dev/sda:/dev/xvda:rwm"
# Block device
blkio_config:
weight: 300
weight_device:
- path: /dev/sda
weight: 400
device_read_bps:
- path: /dev/sdb
rate: '12mb'
device_read_iops:
- path: /dev/sdb
rate: 120
device_write_bps:
- path: /dev/sdb
rate: '1024k'
device_write_iops:
- path: /dev/sdb
rate: 30
configs:
web_config:
file: ./default.nginx
redis_config:
external: true
networks:
front-tier:
ipam:
driver: default
config:
- subnet: "172.16.238.0/24"
- subnet: "2001:3984:3989::/64"
app_net:
driver: bridge
volumes:
db-data:
web:
extends:
# compose.yaml
file: common.yml
# base service
service: webappMời cà phê
Nếu cảm thấy blog mang đến những thông tin hữu ích cho công việc, cuộc sống, đam mê của bạn, đừng ngại ủng hộ một ly cà phê để mình có thêm động lực chia sẻ thêm nhiều kinh nghiệm, kiến thức nhé.
Bạn có thể ủng hộ mình qua:
Mời cà phê
Nếu cảm thấy blog mang đến những thông tin hữu ích cho công việc, cuộc sống, đam mê của bạn, đừng ngại ủng hộ một ly cà phê để mình có thêm động lực chia sẻ thêm nhiều kinh nghiệm, kiến thức nhé.
Bạn có thể ủng hộ mình qua:
Ví MoMo
Paypal
Cám ơn mọi người!
Không có bình luận