I have inherited some cloud hosted vms, with several services hosted in docker containers on these. Think we server and then DB, both hosted in separate containers. Several (overpriced) vms are involved. Would really like some pointers as to how I can get into these / edit them. Would really like to consolidate. I use proxmox at home and am comfortable in Linux but this is new to me. Any docs / tutorials would be super helpful. Still don’t really understand why the design was done quite like this, so if you have insight on that, please let me know why you would do it this way. Thanks!
If you don’t understand the system, how do you know switching to containers will be an improvement, or even work at all? Are there already published container images for this, or are you also going to learn how to build a container for a custom app?
so the dockers already exist. I want to understand how they were built (I suspect Ansible is involved, but I don’t know how this would work) so I can understand how they interact with one another and then modify.
If you want to know how they’re built, look for
Dockerfile
in the code base; that’s usually the file that would create a container image whendocker build …
command is used. Perhaps you’d also see something about CI and you’d find a build server some where, too.
You can run containers as systemd services with the help of podman: https://www.putorius.net/how-to-start-podman-containers-on-boot.html
Where the containers built by someone in your company or provided by the software vendor?
built by someone who is no longer with the company and no longer available to provide insight.
Docker inspect $container should return you most of the info for the container. You can also get a shell inside the container via docker exec -it $container sh. If you have a dockerfile for the container you can see how the container has been set up.
Additionally the shell history can also yield useful information on what has been done. Docker saves the logs of running containers in /var/lib/docker/containers
thanks, super-useful. I think I will bring up a couple of docker containers at home and check where and what they log, then try and extrapolate from that. I’ve managed to get into a couple of them with the -it command.
You usually want to prioritize changing the container’s build config instead of getting into them and modifying them. Much better to get into the mindset of them not being pets you have to nurture.
Separating the different services into containers is overall a good practice but having the DB in one can be a pain as it’s easier to work with stateless applications. The isolation aspect is very valuable as its easier to debug a problem. I would look into container orchestration if there isn’t already and making sure logs are centralized first.
okay, that makes a lot of sense. I can’t see any immediate orchestration, but maybe I’m looking in the wrong place. would the logs go to /var/log on the main system? just realized I haven’t looked for those (d’oh!)
Terny has the correct answer here OP. While I have never used Docker in an enterprise environment (manufacturing applications aren’t known for supporting any technology from the last decade at least), I have used Docker extensively in my home lab. You don’t want to modify the container itself, but the image it was created from. The data doesn’t reside in the container itself anyway, but typically a volume attached to the container (assuming it stores anything in the first place). Your best bet will be to figure out what image the container was created from, and modify the image. From there, you can update the existing containers to use the new image, or move them elsewhere if you like.
You mentioned these VM’s are in the cloud. Depending on the hyperscaler, it is likely that you could migrate these to a native container service to save on cost since you wouldn’t have to pay for the overhead of a VM.
If you have proxmox at home, play with docker in a VM, there are a great deal of docker images you can throw up and play with to help you understand. Once you get that down, play with building docker images to wrap your head around that, then best to copy the image that’s being used in your work infra if you need to make changes, then throw it up on another test VM to ensure you don’t break anything before pulling it into the live environment.
As for how the docker infra is setup, your explanation is pretty vague as far as what the images are doing, so nobody will really be able to tell you without that information - but my bet would be resources and/or segmentation
this is true, I hadn’t thought about bringing one up at home. thanks!