Skip to content

🐳 Container/K8S/Compose playground using moby/nerdctl/Rancher Desktop.

License

Notifications You must be signed in to change notification settings

sureshg/containers

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 

Repository files navigation

Container/Kubernetes Playground!

GitHub Workflow Status Docker Linter OpenJDK App Native Image App

Container/K8S/Compose playground using dockerd(moby)/nerdctl/Rancher Desktop.

Run Container Images

# Build OpenJDK jLinked image with AOT cache
$ docker build -t sureshg/openjdk-app:latest --pull --target openjdk .
$ docker run -it --rm -p 8080:80 sureshg/openjdk-app:latest
$ dive sureshg/openjdk-app:latest

# GraalVM native image (For debug, --progress=plain --pull --no-cache)
$ docker build -t sureshg/graalvm-static --pull --target graalvm-static .
$ docker run -it --rm -p 8080:80 sureshg/graalvm-static
$ curl http://localhost:8080
$ dive sureshg/graalvm-static
Misc Images
# GraalVM Dev image
$ docker build --progress=plain --tag sureshg/graalvm-community-dev --pull --target graalvm-community-dev .
$ docker run -it --rm -p 8080:80 sureshg/graalvm-community-dev  --version

# OpenJDK HSDIS image to print assembly
# --mount type=volume,source=new-volume,destination=/var/lib/data \
$ docker build -t sureshg/openjdk-hsdis:latest --target openjdk-hsdis .
$ docker run \
        -it \
        --rm \
        --env APP_NAME=HSDIS \
        --workdir /app \
        --publish 8080:80 \
        --mount type=bind,source=$(pwd),destination=/app,readonly \
        sureshg/openjdk-hsdis:latest src/App.java   
        
# JShell Image  
$ docker build -t sureshg/jshell --no-cache --target jshell .
$ docker run -it --rm -e TZ="UTC" sureshg/jshell 

# JDK Slim Image
$ docker build -t sureshg/jdk-slim --no-cache --target jdk-slim .
$ docker run -it --rm sureshg/jdk-slim   

# Chainguard static image
$ docker build -t sureshg/cgr-static --target cgr-static .
$ docker run -it --rm sureshg/cgr-static 

# NetCat Webserver
$ docker build -t sureshg/netcat-server --target netcat .
$ docker run -p 8080:80 -e PORT=80 -it --rm sureshg/netcat-server 

# Netshoot Image
$ docker build -t sureshg/tools --target tools .
$ docker run -it --rm sureshg/tools 

# Run Python script as part of build
$ docker build --progress=plain -t sureshg/py-script --target python .
$ docker run -it --rm sureshg/py-script

# SSH Server container with sysstat (sar)
$ docker build -t sureshg/ssh-server --target ssh-server .
$ docker run -it --rm -p 2222:22 sureshg/ssh-server
$ ssh test@localhost -p 2222   

Run Compose

# OpenJDK App
$ docker compose -f compose/docker-compose.yml up --build --pull=always
$ docker compose watch
$ docker compose -f compose/docker-compose.yml down --remove-orphans --volumes
# curl http://localhost:[8080|8081|8082|8083]

# GraalVM Native Image
$ docker compose -f compose/graalvm-compose.yml up
# docker compose -f compose/graalvm-compose.yml build --no-cache app-arm64
$ docker compose -f compose/graalvm-compose.yml up --remove-orphans --build app-arm64
$ docker compose -f compose/graalvm-compose.yml up --remove-orphans --build app-amd64 
Compose Misc
# Misc Compose files
$ docker compose -f compose/tcpdump-compose.yml up
$ docker compose -f compose/binfmt-compose.yml up
$ docker compose -f compose/clickhouse-compose.yml up
$ docker compose -f compose/grafana-prom-compose.yml up
$ docker compose -f compose/kafka-compose.yml up

Run images from GHCR

# Run the openjdk application
$ docker run \
         --pull always \
         -p 8080:80 \
         -it --rm \
         --name openjdk-app \
         ghcr.io/sureshg/containers:openjdk-latest

# Run the native image application
$ docker run \
         --pull always \
         -p 8080:80 \
         -it --rm \
         --name nativeimage-app \
         ghcr.io/sureshg/containers:nativeimage-latest
        
# Use "--platform=linux/amd64" to run cross platform images.         

Multi-Platform Builds

The following commands are used to build multi-platform images locally using Docker Buildx on Rancher Desktop.

# Create a new buildx builder instance
$ docker buildx create --name=buildkit-container --driver=docker-container
# docker buildx use buildkit-container
# docker buildx inspect
# docker buildx rm buildkit-container

# Build images for all platforms
$ docker buildx \
         --builder buildkit-container \
         build \
         --sbom=true \
         --platform=linux/amd64,linux/arm64 \
         --pull \
         --no-cache  \
         --target openjdk \
         -t sureshg/openjdk-app:latest .

# Load just one platform (ARM64)
$ docker buildx \
         --builder buildkit-container \
         build \
         --load \
         --platform=linux/arm64 \
         --target openjdk \
         -t sureshg/openjdk-app:latest .

# Load another platform with a different tag (AMD64)
$ docker buildx \
         --builder buildkit-container \
         build \
         --load \
         --platform=linux/amd64 \
         --target openjdk \
         -t sureshg/openjdk-app:latest-amd64 .

# Push both platforms as one image manifest list
$ docker buildx \
         --builder buildkit-container \
         build \
         --push \
         --platform=linux/arm64,linux/amd64 \
         --target openjdk \
         -t sureshg/openjdk-app:latest .  
         
# Run the images
$ docker run -it --rm -p 8080:80 sureshg/openjdk-app:latest
$ docker run -it --rm --platform linux/amd64 -p 8080:80 sureshg/openjdk-app:latest-amd64            

Debug Distroless Images

# Run the container
$ docker run \
         --pull always \
         -p 8080:80 \
         -it \
         --rm \
         --name openjdk-app \
         ghcr.io/sureshg/containers:openjdk-latest
       
# Install cdebug
$ brew install cdebug  

# Use "--image nixery.dev/busybox/curl" to use custom images.
# Use "--platform linux/arm64" to select platform for busybox image.    
$ cdebug exec \
         --privileged \
         -it \
         --rm \
         docker://openjdk-app

Misc

  • Docker Init

    # Initialize the docker file
    $ docker init
  • IntelliJ Support for Rancher Desktop

    # Create a symlink to docker installed by Rancher Desktop
    $ sudo ln -s $(which docker) /usr/local/bin/docker
  • Install Rancher Desktop with containerd multi-platform support

    # Install Rancher Desktop and Select containerd as runtime.
    $ sudo docker run --privileged --rm tonistiigi/binfmt --install all
    $ rdctl shell
       # To list all architectures
       $ ls -1 /proc/sys/fs/binfmt_misc/qemu*
    
    $ docker run --rm --platform=linux/arm64 alpine uname -a
    $ docker run --rm --platform=linux/s390x alpine uname -a
    
    # Check for all the OS archs
    $ for i in `docker images --format {{.ID}}`; do echo $i `docker image inspect $i | grep -e Architecture -e Os`; done
    
    # Remove unused data
    $ docker system prune -f
  • Run a private container registry

    $ docker run -d -p 5000:5000 --restart=always --name registry registry:2

Resources

Local Dev Tools