This document provides tips for using Docker including: not needing to fetch Dockerfiles directly but instead using build commands; storing configs at runtime instead of in images; using smaller focused images and linking them together; using Docker as a program, service, data container, shell, and network device; and considering options for managing users and permissions within containers.

1. Docker Tips

2. Need fetch Dockerfile?

3. Need fetch Dockerfile?
• No!

4. Need fetch Dockerfile?
• No!
• docker build https://github.com/menghan/
airvideo-server-in-docker.git

5. Need fetch Dockerfile?
• No!
• docker build https://github.com/menghan/
airvideo-server-in-docker.git
• docker build https://raw.githubusercontent.com/
menghan/menghanrc/master/Dockerfiles/go-builder/
Dockerfile

6. Need fetch Dockerfile?
• No!
• docker build https://github.com/menghan/
airvideo-server-in-docker.git
• docker build https://raw.githubusercontent.com/
menghan/menghanrc/master/Dockerfiles/go-builder/
Dockerfile
• | docker build -

7. Store config in docker
image?

8. Store config in docker
image?
• No!

9. Store config in docker
image?
• No!
• volume configs at runtime

10. Store config in docker
image? cont.

11. Full stack image?

12. Full stack image?
• No!

13. Full stack image?
• No!
• size

14. Full stack image?
• No!
• size
• update frequently

15. Full stack image? cont.
• use —-link —-volumes-from

16. Use ONBUILD

17. Use ONBUILD
# base/Dockerfile
FROM gentoo:base
ONBUILD RUN layman -s douban
ONBUILD RUN eix-layman add douban
ONBUILD RUN eix-sync

18. Docker as service
• redis

19. Docker as program

20. Docker as program
• docker run -v /usr/local:/data menghan/go-builder
go get github.com/tools/godep

21. Docker as program
• docker run -v /usr/local:/data menghan/go-builder
go get github.com/tools/godep
• use as much docker as possible

22. Docker as program
• docker run -v /usr/local:/data menghan/go-builder
go get github.com/tools/godep
• use as much docker as possible
• install OS, install docker, pull images, work!

23. Docker as data

24. Docker as data
• docker run -v /html —-name jekyll-html-c busybox true

25. Docker as data
• docker run -v /html —-name jekyll-html-c busybox true
• docker run —-volumes-from jekyll-html-c -v /path/to/src:/
src jekyll-image [compile /src and save html /html]

26. Docker as data
• docker run -v /html —-name jekyll-html-c busybox true
• docker run —-volumes-from jekyll-html-c -v /path/to/src:/
src jekyll-image [compile /src and save html /html]
• docker run —-volumes-from jekyll-html-c nginx-image

27. Docker as data
• docker run -v /html —-name jekyll-html-c busybox true
• docker run —-volumes-from jekyll-html-c -v /path/to/src:/
src jekyll-image [compile /src and save html /html]
• docker run —-volumes-from jekyll-html-c nginx-image
• docker run —-volumes-from jekyll-html-c -v $(pwd):/backup
backup-image [tar czf /backup/html.tar.gz /html]

28. Docker as shell

29. Docker as shell
• We use this pattern a lot!

30. Docker as shell
• We use this pattern a lot!
• docker run -it [-—rm] ubuntu bash

31. Docker as shell
• We use this pattern a lot!
• docker run -it [-—rm] ubuntu bash
• start then attach

32. Docker as shell
• We use this pattern a lot!
• docker run -it [-—rm] ubuntu bash
• start then attach
• docker in docker

33. Docker as shell
• We use this pattern a lot!
• docker run -it [-—rm] ubuntu bash
• start then attach
• docker in docker
• docker in docker in docker ?…

34. Docker as net device
• docker run -v /path/config:/etc/config —-name vpn-client
openvpn-client [connect]
• docker run —-net=container:vpn-client transmission-image
[start transmission service]

35. Runtime uid

36. Runtime uid
We have two ways:

37. Runtime uid
We have two ways:
• use root everywhere (use 1000 everywhere)

38. Runtime uid
We have two ways:
• use root everywhere (use 1000 everywhere)
• plan && arrange carefully

39. Runtime uid
We have two ways:
• use root everywhere (use 1000 everywhere)
• plan && arrange carefully
My thought:

40. Runtime uid
We have two ways:
• use root everywhere (use 1000 everywhere)
• plan && arrange carefully
My thought:
add all possible users into an image, make it as
base image

41. Docker’s latest update
(since v1.0)
• .dockerignore (v1.1)
• /etc/{hosts,resolve.conf,hostname} editable
(v1.2)
• search private registry

42. Q and A