Using Docker

Watch the video tutorial

Docker is a platform for distributed applications for developers and system administrators that allows running applications in containers. It enables you to use specific software, such as Redis or MongoDB, or a specific version of software, which might not be supported by your operating system or might need compiling.

Docker is available as a Plesk extension. Plesk allows you to run and manage containers that are based on specific Docker images, and to use Docker not only on the local host, but also on the specified remote machine.

 

在本章中:

Requirements and Limitations

How to Start Using Docker

The Image Catalog

容器設定

Operations with Containers

Using Remote Docker

Creating Images with Custom Settings

Managing Local Images

Setting up nginx to Proxy Requests from Domains to a Container

 

Requirements and Limitations

  • Docker is supported in Plesk for the following operating systems: CentOS 7, RedHat 7, Debian 8, Ubuntu 14.04, and Ubuntu 16.04.

    In Plesk for Windows, you can use Docker installed on a remote machine (see Using Remote Docker further in this section).

  • You cannot use Docker in Plesk running on Windows Server 2008.
  • You cannot use Docker in Plesk that is deployed in a Docker container.
  • To use remote Docker services in Plesk, you need an additional license. It can be purchased either separately or as a part of the Hosting Pack.
  • Docker runs only on x64 systems.
  • Docker containers in Plesk cannot be migrated or backed up. However, you can back up data used by containers (see Volume Mapping below), or download snapshots.
  • Virtuozzo 7 with Update 1 Hotfix 1 (7.0.1-686) or later installed is supported. Note that starting with this update, new containers based on CentOS 7 are created with the firewall enabled by default due to Virtuozzo pushing for increased security. Plesk administrator must manually configure the firewall to ensure that ports necessary for Plesk to operate are open.

  

 

How to Start Using Docker

Install the Docker extension in Plesk.

To start using it, go to Docker in the left navigation panel.

 

The Image Catalog

In the catalog (Docker > Docker Image Catalog), Plesk displays images from https://hub.docker.com/explore. By default, only recommended images are displayed. To view more images, use the search box or filters.

For each application, multiple versions can be available. You can run a specific version by selecting the appropriate tag, as shown below:

Docker_Containers

To use filters:

  1. Click the arrow arrow next to the search box.
  2. Specify both or one of the following: image name and repository.

    The repositories that you can select:

    • Local repository - contains local images. These are images that have already been downloaded and are now stored on the server with Docker. For details, see Managing Local Images further in this section.
    • Docker Hub - https://hub.docker.com/explore.

To run a container:

  1. Go to Docker > Docker Image Catalog.
  2. Use the search box or filters to quickly find applications in the catalog.
  3. To view the application description and documentation on Docker Hub, click the image name. This does not apply to local images.
  4. To run a specific version, click the arrow next to the Run button, and select the application version.
  5. To run the latest version of the selected application, click Run.

    If the image is stored locally, the button appears as Run (local).

    Plesk creates a container and prompts you to specify its settings, such as environment variables, and then runs it. You can cancel running by clicking Cancel on the Settings screen. For details about the settings, see Container Settings later on this page.

  6. The container appears in the list of containers at the top of the Docker Catalog page.

    Docker_Container_displayed

See the log (Logs) to find out what settings the container needs to run successfully.

  

 

容器設定

注意:如果您想要更改容器設定,您則需要停止運行容器:當您保存新設定時,Plesk 會重新創建容器。

若要編輯容器設定,請進入 設定詳情 > 設定

Docker_container_settings

限制記憶體

默認可在Docker容器中使用的RAM記憶體是不限的。若要限制使用RAM,請清空無限核取方塊,並在記憶體限制 欄位輸入限制值,以MB為單位。

注意:目前還不能限制Docker 容器的CPU和磁片使用量。

注意:Docker容器是管理員級別的對象,不受訂閱級別的cgroup限制 (CPU、RAM和磁片使用量)的控制。

自動啟動

如果沒有選中 系統重啟後自動啟動 選項,那麼在系統重啟後,使用該容器的網站可能會中斷,您則需要手動啟動容器。

埠映射

默認會啟用 自動埠映射 選項,容器的內部埠會被映射到主機系統上的任意埠(例如,32768)。

若要更改主機系統上的埠,請清空選項 自動埠映射 並在 手動映射 中指定其它的外部埠。如果當您清空該核取方塊時沒有出現 手動映射 則表示容器不顯示埠。

重要:如果配置了埠映射,Docker會與主機系統的所有網路介面上的指定埠捆綁。也就是說可從任何地方存取該應用。Docker認定應用本身會執行驗證,但其實有時候不會(例如 MySQL默認不允許匿名存取,但是redis允許)。
Plesk無法決定在指定的Docker 容器中安裝哪些服務,也無法控制對這些服務的存取權限。如果您想要禁止從 Plesk外部存取應用,可使用主機系統上的防火牆進行手動設定。

卷映射

Docker 卷宗是伺服器上被掛載到 Docker 容器的目錄,因而您擁有可以從主機系統進行存取的永久存儲。Docker 卷宗中的資料可以備份,而且更重要的是,當您停止或刪除容器時不會刪除資料。

有關容器中的資料的更多資訊請參閱 Docker 文檔

若要添加卷宗映射,請指定以下項:

  • 左邊的 "目的" 欄位 - 進入容器內的某個目錄的絕對路徑。
  • 右邊的 “源” 欄位 - 進入伺服器中您要掛載到容器的目錄的絕對路徑。

若要映射更多目錄,請點按 添加映射

設定環境變數

容器內的應用會使用環境變數。您可能需要添加更多變數或編輯現有的變數。Plesk 允許您添加任意數量的變數。 

 

Operations with Containers

You can do the following with containers:

  • Restart (Restart) or stop (Stop) a container. In these cases, the container will be recreated with the current settings.

    Note: If you did not save the data to the mounted volumes (see the Volume Mapping section below), the data will be lost.

  • View logs and resource consumption (Details).
  • Change container settings, such as environment variables or volume mapping (Settings or Details > Settings).

    In Plesk on CentOS, you can set a memory limit for a container (Settings > Memory limit).

  • Rename a container (Settings > Container name).
  • Recreate a container using the same or another version of the image (Details > Recreate).
  • Create an image based on a container with your custom settings (Details > Save as Image).
  • Take a snapshot of a container (Details > Download a Snapshot).
  • Remove a container (Remove or Details > Remove).

  

Recreating a Container

Usually, you need to recreate a container when you want to update the application to a newer version. In fact, you can rebuild a container using any application version available in the catalog, not only a newer one.

Custom settings are preserved during recreation. To preserve data used by the application inside a container, you should specify volume mapping before you recreate a container. Volume mapping enables you to have access to directories used inside a container (see Volume Mapping in container settings).

To recreate a container:

  1. Go to Docker and click Details below the container you want to recreate.
  2. Click Recreate in the container settings and specify the image version, and whether to use default environment variables.

 

Using Remote Docker

By default, Plesk uses Docker installed as a Plesk component. However, you can use one or more Docker services installed outside of Plesk. Note that you can use only one service at a time. The hostname of the selected server is displayed in the title of Docker Catalog in Plesk.

Important: Managing remote Docker services requires a Plesk license key add-on. Without this add-on, you can only manage the local Docker service, which is running on the Plesk server.

Configuring Remote Services

Configure the remote server that runs Docker as described in the Docker documentation to use it as a remote server in Plesk.

Managing Remote Services

The following steps are applicable to both Plesk for Linux and for Windows.

To start using Docker that runs on a remote host:

  1. Go to Tools & Settings > Docker (under Server Management).
  2. Click Add Server and specify the settings of the remote server with Docker.
  3. To start using this Docker service in Plesk, leave Set active selected.

The link to Docker will appear in the left navigation panel.

To switch between Docker services:

  1. Go to Tools & Settings > Docker (under Server Management).
  2. In the list of servers, select the server that you are going to use and click Set Active.

Alternatively, you can set the server as active while editing its settings.

set_active

  

 

Creating Images with Custom Settings

If you want to create a new image based on the changes that you have made to a container, use the Save as Image command. This takes a snapshot of your container, which appears as a new image in the image catalog. In this way, you can create images with custom settings such as environment variables.

To create an image from one of your containers:

Go to Docker > Details under the container name > Save as Image, and optionally specify:

  • Image name. By default, an ID will be generated and used as the name.
  • Tag. You can specify the image version here. By default, the version will be "latest".

The created image appears in the image catalog and is marked Local image.

 

 

Managing Local Images

Local images are images that are stored by Docker on a local disk, so there is no need to download them from the Image Catalog.

An image becomes local in the following situations:

  • You have selected any version (tag) of an image and the image has started downloading. If you either later run a container or cancel running (in the Settings screen), the image is saved locally.
  • You upload an image to Docker catalog in Plesk (Upload Image in Docker Image Catalog).
  • You have created a custom image from a container (see Creating Images with Custom Settings).
  • You have built an image using the command line interface.

If Docker has at least one downloaded version from a group of versions belonging to an image, this image is marked Local image in the catalog. Run (local) means that the latest version was already downloaded. Plesk also shows how many local images exist for a product.

local_image

To view local images and remove outdated local images:

  1. Go to Docker > Docker Image Catalog.
  2. To find all local images, click the arrow next to the search box and select Local in the Repository filter.
  3. To view all local images of a specific product, click the link under the product name. All local images' tags and occupied disk space will be displayed.

    remove_images

  4. To remove all images, click Clean All Images.
  5. To remove a specific image, click the Remove docker_icon_remove icon next to the image that you want to remove.

  

 

Setting up nginx to Proxy Requests from Domains to a Container

Some Docker containers expose ports so that applications in containers could be accessible via those ports.

When you use an application in Docker container on your website, you may find it inconvenient to specify the non-standard port in its URL. To avoid inconvenience, you can set up nginx to proxy requests from domains to that port, so domains can use a standard port (such as 80) and there is no need to explicitly specify the port in URL.

Requirements

  • nginx must be running in Plesk.
  • You must map the port inside a container to a port on the host system (for example, 32768) manually (Docker > select a container > Settings > clear the option Automatic port mapping).

After you have mapped the port inside a container manually to some port on your system (for example, 32768), you can set up nginx to proxy requests from domains to that port, so domains can use a standard port on nginx (for example, 80). To make this possible, add a rule for nginx in the domain settings in the following way:

Go to Websites & Domains > the domain > Proxy Rules > Add Rule and specify the following:

  • URL. Specify the URL of the website that uses an application running in a container. It can be either the main website or a part of it.
  • Container. Select the application running as a Docker container.
  • Port. Select one of the mappings that was specified in the container settings (a port inside a container mapped to a port on your system). Nginx will proxy requests to the port on the system.

 Proxy rules are implemented in the web server configuration, e.g., in the website's file nginx.conf (in /var/www/vhosts/system/$domain/conf/):

#extension docker begin
location ~ ^/.* {
    proxy_pass http://0.0.0.0:9080;
    proxy_set_header Host             $host;
    proxy_set_header X-Real-IP        $remote_addr;
    proxy_set_header X-Forwarded-For  $proxy_add_x_forwarded_for;
}
#extension docker end

Proxy rules should work fine on servers behind NAT.

Note: Docker containers connected via Proxy Rules to a website are not counted towards the subscription's disk space usage. An exception to this would be when a website directory is mounted to a Docker container as a volume, as in this case all files located in the container will be counted towards the disk space usage of the website.