Don’t remember how, but I ended up with two Kubernetes installs on my mcfly desktop with macOS: the one that came with Docker Desktop for macOS and the minikube variety that I must have downloaded and installed in the past.

What is minikube?

minikube is a local Kubernetes environment for testing and development purposes. It spins up a lightweight virtual machine (will work even on a modest laptop) and runs an entire Kubernetes cluster in it.

Kubernetes (I haven’t written about it on Unix Tutorial yet) is an open-source system for managing containerized applications – deploying, scaling and failing them over using cluster architecture.

Deleting minikube

It’s great that minikube has support for such scenarios, so I just stopped it and invoked delete command like this:

greys@mcfly:~ $ minikube stop
 ✋  Stopping "minikube" in hyperkit …
 🛑  "minikube" stopped.
 greys@mcfly:~ $ minikube delete
 🔥  Deleting "minikube" in hyperkit …
 💔  The "minikube" cluster has been deleted.
 🔥  Successfully deleted profile "minikube"

To be sure things aren’t left behind, I also deleted the minikube configurartion directory:

and even the binary symlink itself:

Docker-desktop variety of Kubernetes is now the only one left, so I can continue my experiments and will publish more in the coming days:

See Also

• Docker
• Install Docker with brew
• Docker Desktop vs Docker Machine

Has it been a year since VirtualBox 6.0 release already? Time flew! This week brought us the first major release of the VirtualBox 6.x family, with lots of improvements – traditionally focus is on performance and stability.

VirtualBox 6.1 Changelog

Looking at the official changelog for VirtualBox 6.1, I can see the following as very welcome changes:

• Implemented support for importing a VM from Oracle Cloud Infrastructure – VirtualBox 6.0 previously introduced exporting VMs into the same cloud – this is now a complete workflow
• New style 3D support (VBoxSVGA and VMSVGA) – old style using VBoxVGA is gone
  • Support YUV2 and related texture formats with hosts using OpenGL (macOS and Linux), which accelerates video playback when 3D is enabled by delegating the color space conversion to the host GPU
• Virtualization core: recompiler is gone, meaning full CPU hardware virtualization is required now
• Support for nested hardware-virtualization on Intel CPUs
• vboximg-mount: Experimental support for direct read-only access to NTFS, FAT and ext2/3/4 filesystems inside a disk image without the need for support on the host – sounds like you can use Windows to run a VM that would access Linux filesystems on attached storage – pretty cool!

I’m quite happy with Parallels Desktop on my macOS systems, but install VirtualBox among the first 5 apps on any Linux laptop or desktop. Have upgraded to 6.1 on my Dell XPS already, will post more screenshots soon!

See Also

• VirtualBox
• VirtualBox 6.0
• HW Virtualization

I’ve been reading about Docker for Mac recently, and realized that there was something I never quite understood – how does Docker run on the recent macOS versions without VirtualBox or Parallels that I remember it required just a few years ago.

Docker Machine

This is the original implementation of Docker for macOS and Wndows. You have a special VM image (Docker Machine) that needs a third party virtualization solution like VirtualBox or Parallels to run.

VM image acts as a Docker host – it’s a minimal Linux distro optimised for minimal footprint and best performance. You also have a set of command line utilities that you can run from your native OS – macOS, for instance – that talk to the Docker Machine for starting/stopping or otherwise managing Docker containers.

The way I understand it, you must expand RAM and vCPU allocation for the Docker Machine manually to provide more compute and memory resources for your Docker containers.

Docker Desktop

Docker Desktop is a different kind of solution. It doesn’t need a third party virtualization because it depends on native OS virtualization methods. Will be interesting to research this for Windows, but for macOS these technologies are called Hypervisor Framework.

Docker Desktop spins up a kind of VM using HyperKit, which is an open-source solution for embedding Hypervisor virtualization into your app.

You don’t need to manage this VM and have a nice interface for controlling how many virtual CPUs and RAM is allocated to that Docker instance.

There’s less overhead when it comes to managing Docker VM, but some functionality is limited by the OS implementation.

That’s it for today! Will share more if/when I’m researching this topic again.

See Also

• Docker
• How To Tag Docker Images
• Migrating Docker Containers
• List All Docker Contianers
• Install Docker on Mac

I’m positive that sometime later this year I’ll revisit OpenStack basics, but for now there’s just no time. This post is one of those as-we-go technical notes taken for my own reference.

List OpenStack Servers using CLI

Once your OpenStack environment variables are configured, you can list servers using a very simple command:

$ openstack server list

But since one of the OpenStack variables is default project, the command above will probably just get you the list of servers within that project.

List OpenStack Servers Across All Projects

Provided your username and password have enough access, it should be possible to expand the previous command to get you a much longer list – namely every OpenStack server in every project available:

$ openstack server list --all-projects

See Also

• Advanced Unix Commands
• VirtualBox
• KVM
• OpenStack
• DevStack

One of the first things I wanted to try on my fresh Linux Mint 19.1 install was Docker. This post captures the steps I’ve taken to get Docker CE (community edition) version installed on my Linux-based Dell XPS laptop.

Docker in Linux Mint

Since Linux Mint is based on Ubuntu, you shouldn’t have any issues getting Docker installed from the official repository of Docker.io.  I have followed instructions from here: Docker Docs – Install Docker CE in Ubuntu.

I followed instruction pretty much word for word, except the part where you’re adding a new apt repository to your Linux Mint.

In the procedure fully documented below, I have changed this command:

greys@xps:/$ sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"

to this:

greys@xps:/$ sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu bionic stable"

This is because Linux Mint has its own version names and they don’t match Ubuntu ones. But because I know that Linux Mint 19.1 is based on Ubuntu Bionic, I just made the replacement as shown above.

Install Docker CE in Linux Mint 19.1

Here are the full steps for the installation.

Installing Additional Packages

greys@xps:/$ sudo apt-get install \
> apt-transport-https \
> ca-certificates \
> curl \
> gnupg-agent \
> software-properties-common
Reading package lists... Done
Building dependency tree
Reading state information... Done
ca-certificates is already the newest version (20180409).
The following additional packages will be installed:
dirmngr gnupg gnupg-l10n gnupg-utils gpg gpg-agent gpg-wks-client gpg-wks-server gpgconf
gpgsm gpgv libcurl4
Suggested packages:
tor parcimonie xloadimage scdaemon
The following NEW packages will be installed:
apt-transport-https gnupg-agent software-properties-common
The following packages will be upgraded:
curl dirmngr gnupg gnupg-l10n gnupg-utils gpg gpg-agent gpg-wks-client gpg-wks-server
gpgconf gpgsm gpgv libcurl4
13 upgraded, 3 newly installed, 0 to remove and 232 not upgraded.
Need to get 2,535 kB of archives.
After this operation, 224 kB of additional disk space will be used.
Do you want to continue? [Y/n] y
...

Add Ubuntu version of Docker Repository To Our System

greys@xps:/$ curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
OK
greys@xps:/$ sudo apt-key fingerprint 0EBFCD88
pub rsa4096 2017-02-22 [SCEA]
9DC8 5822 9FC7 DD38 854A E2D8 8D81 803C 0EBF CD88
uid [ unknown] Docker Release (CE deb) <[email protected]>
sub rsa4096 2017-02-22 [S]
greys@xps:/$ sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu bionic stable"
greys@xps:/$ sudo apt-get update
Hit:1 http://archive.canonical.com/ubuntu bionic InRelease
Get:2 http://security.ubuntu.com/ubuntu bionic-security InRelease [88.7 kB]
Hit:3 http://archive.ubuntu.com/ubuntu bionic InRelease
Hit:4 http://archive.ubuntu.com/ubuntu bionic-updates InRelease
Get:5 http://archive.ubuntu.com/ubuntu bionic-backports InRelease [74.6 kB]
Hit:6 https://download.docker.com/linux/ubuntu bionic InRelease
Ign:7 http://packages.linuxmint.com tessa InRelease
Hit:8 http://packages.linuxmint.com tessa Release
Fetched 163 kB in 1s (239 kB/s)
Reading package lists... Done
greys@xps:$ sudo apt-get install docker-ce docker-ce-cli containerd.io
Reading package lists... Done
Building dependency tree
Reading state information... Done
Recommended packages:
aufs-tools cgroupfs-mount | cgroup-lite git pigz
The following NEW packages will be installed:
containerd.io docker-ce docker-ce-cli
0 upgraded, 3 newly installed, 0 to remove and 243 not upgraded.
Need to get 50.4 MB of archives.
After this operation, 242 MB of additional disk space will be used.
Get:1 https://download.docker.com/linux/ubuntu bionic/stable amd64 containerd.io amd64 1.2.2-3 [19.9 MB]
Get:2 https://download.docker.com/linux/ubuntu bionic/stable amd64 docker-ce-cli amd64 5:18.09.2~3-0~ubuntu-bionic [13.2 MB]
Get:3 https://download.docker.com/linux/ubuntu bionic/stable amd64 docker-ce amd64 5:18.09.2~3-0~ubuntu-bionic [17.4 MB]
Fetched 50.4 MB in 5s (10.8 MB/s)
Selecting previously unselected package containerd.io.
(Reading database ... 259022 files and directories currently installed.)
Preparing to unpack .../containerd.io_1.2.2-3_amd64.deb ...
Unpacking containerd.io (1.2.2-3) ...
Selecting previously unselected package docker-ce-cli.
Preparing to unpack .../docker-ce-cli_5%3a18.09.2~3-0~ubuntu-bionic_amd64.deb ...
Unpacking docker-ce-cli (5:18.09.2~3-0~ubuntu-bionic) ...
Selecting previously unselected package docker-ce.
Preparing to unpack .../docker-ce_5%3a18.09.2~3-0~ubuntu-bionic_amd64.deb ...
Unpacking docker-ce (5:18.09.2~3-0~ubuntu-bionic) ...
Setting up containerd.io (1.2.2-3) ...
Created symlink /etc/systemd/system/multi-user.target.wants/containerd.service → /lib/systemd/system/containerd.service.
Processing triggers for ureadahead (0.100.0-20) ...
ureadahead will be reprofiled on next reboot
Processing triggers for systemd (237-3ubuntu10.9) ...
Processing triggers for man-db (2.8.3-2ubuntu0.1) ...
Setting up docker-ce-cli (5:18.09.2~3-0~ubuntu-bionic) ...
Setting up docker-ce (5:18.09.2~3-0~ubuntu-bionic) ...
update-alternatives: using /usr/bin/dockerd-ce to provide /usr/bin/dockerd (dockerd) in auto mode
Created symlink /etc/systemd/system/multi-user.target.wants/docker.service → /lib/systemd/system/docker.service.
Created symlink /etc/systemd/system/sockets.target.wants/docker.socket → /lib/systemd/system/docker.socket.
Processing triggers for ureadahead (0.100.0-20) ...
Processing triggers for systemd (237-3ubuntu10.9) ...

Listing Docker Containers

There shouldn’t be any:

greys@xps:/$ sudo docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES

Checking Docker Version

greys@xps:/$ docker --version
Docker version 18.09.2, build 6247962

Installing hello-world with Docker

greys@xps:/$ sudo docker run hello-world
Unable to find image 'hello-world:latest' locally
latest: Pulling from library/hello-world
1b930d010525: Pull complete
Digest: sha256:2557e3c07ed1e38f26e389462d03ed943586f744621577a99efb77324b0fe535
Status: Downloaded newer image for hello-world:latest

Hello from Docker!
This message shows that your installation appears to be working correctly.

To generate this message, Docker took the following steps:
1. The Docker client contacted the Docker daemon.
2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
(amd64)
3. The Docker daemon created a new container from that image which runs the
executable that produces the output you are currently reading.
4. The Docker daemon streamed that output to the Docker client, which sent it
to your terminal.

To try something more ambitious, you can run an Ubuntu container with:

$ docker run -it ubuntu bash

Share images, automate workflows, and more with a free Docker ID:
https://hub.docker.com/

For more examples and ideas, visit:
https://docs.docker.com/get-started/

That’s it!

See Also

• Docker
• Linux Mint
• Ubuntu
• List Docker Containers
• Restart All Stopped Docker Containers

I’ve been tidying up some of my dedicated servers and needed to remove some of the VMs under KVM setup. This post shows you how to use virsh command to do just that.

List virtual machines using virsh

As you can see, there are quite a few VMs not running and possibly pending decommission:

root@s2:/ # virsh list --all

Id Name State
----------------------------------------------------
1 m running
2 dbm1 running
3 v15 running
- centos7 shut off
- elk shut off
- infra shut off
- jira shut off
- v10.ts.im shut off
- v9.ts.im shut off

List VM storage using virsh

centos7 VM was definitely there for some quick test, so should be safe to remove.

Let’s confirm the virtual disk files it has:

root@s2:/ # virsh dumpxml --domain centos7 | grep source
<source file='/var/lib/libvirt/images/rhel7.0-3.qcow2'/>
<source bridge='vbr1'/>
<source bridge='vbr0'/>

This is a large enough file with virtual disk:

root@s2:/var/lib/docker/containers # ls -lad /var/lib/libvirt/images/rhel7.0-3.qcow2
-rw------- 1 root root 17182752768 Apr 11 2018 /var/lib/libvirt/images/rhel7.0-3.qcow2
root@s2:/var/lib/docker/containers # du -sh /var/lib/libvirt/images/rhel7.0-3.qcow2
17G /var/lib/libvirt/images/rhel7.0-3.qcow2

Remove KVM virtual machine with storage files

Time to remove our virtual machine and its virtual storage:

root@s2:/var/lib/docker/containers # virsh undefine centos7 --remove-all-storage
Domain centos7 has been undefined
Volume 'vda'(/var/lib/libvirt/images/rhel7.0-3.qcow2) removed.

That’s it for today!

See Also

• KVM
• Virtual Machine
• Update VM title with virsh
• How To: enable auto-start for virtual machines in KVM
• HW virtualization

This is a quick post to explain that by default Docker does not need hardware virtualization (VT-X).

Is Docker a Virtualization?

In a sense of allowing you to run multiple independent environments on the same physical host, yes. Docker containers allow you to run processes in isolation from each other and from the base OS – you decide and specify if you want base system to share any resources (IP addresses, TCP ports, directories with files) with any of the containers.

The key difference from KVM or VMware virtualization is that Docker is not using hardware virtualization. Instead, it leverages Linux functionality: namespaces and control groups.

Linux namespaces are provided and supported by Linux kernel to allow separation (virtualization) of process ID space (PID numbers), network interfaces, interprocess communication (IPC), mount points and kernel information.

Control groups in Linux allow accurate resource control: using control groups allows Docker to limit CPU or memory usage for each container.

Does Docker use Hardware Virtualization?

The short answer is: no. Docker needs a 64-bit Linux OS running a modern enough kernel to operate properly. Which means if that what you have happily running on your hardware without hw virtualization support, it will be plenty enough for Docker.

Now, this gets a bit tricky when you’re talking about Docker in Windows or MacOS. They don’t have a native Linux environment, so they have to run a Linux virtual machine that runs the Docker engine. You then typically have command line tools installed in your base OS (Windows or MacOS) that allow seamless management of the Docker containers in the Docker VM.

Does Your CPU Support Hardware Virtualization?

You can grep the special /proc/cpuinfo file for a quick answer:

• if it contains vmx – you have an Intel CPU and it supports HW virtualization
• if it contains svm – you have an AMD CPU and it supports HW virtualization

Here’s how this looks on my XPS laptop:

See Also

• Docker
• Docker Storage Volumes Clean-up
• Docker Restart Containers

I needed to forward X11 output from one of my Linux servers recently to run virt-manager (manager for virtual machines in KVM), and because it’s been a while I had to download and install X11 server again.

As some of you know, Xorg server is no longer shipped/installed with macOS by default. So you have to download it from XQuartz page: https://www.xquartz.org/releases/index.html. Usually you do it, install it and that’s it – no additional steps are needed.

But things are slightly different for the macOS High Sierra, apparently.

The latest release hasn’t been updated since 2016 which I believe is before High Sierra – which explains why things don’t “just work” anymore. Fear not though – I tracked the issue down and it’s explained below.

UPDATE 03/2019: MacOS Mojave works just great, you may skip Step 3 in the procedure below.

Steps to get X11 Forwarding in macOS High Sierra

1. Download and install the latest release from xquartz.org website
2. Start XQuartz
3. IMPORTANT: verify xauth location
   SSH configuration file /etc/ssh/ssh_config might contain path to xauth tool, which may be incorrect depending on your OSX/MacOS version. Here’s how to check:

   greys@maverick:~ $ grep xauth /etc/ssh/sshd_config

   if this returns nothing, you can skip to Step 4 below.  If this gives you an output, compare it to the path from the next command:

   greys@maverick:~ $ which xauth
   /opt/X11/bin/xauth

   If the locations differ, update the /etc/ssh/ssh_config file:

   greys@maverick:~ $ sudo vi /etc/ssh/ssh_config

4. Connect to remote server using -X option which does X11 forwarding for SSH:

   greys@maverick:~ $ ssh -X centos.unixtutorial.or

5. Check the DISPLAY variable, it should now be set correctly:

   greys@centos:~ $ echo $DISPLAY
   localhost:10.0

That’s it for today!

See Also

• Enable Auto-Start in KVM
• hw virtualization
• Fix fonts in X11 forwarding

As soon as you get familiar with listing Docker containers and starting containers or stopping containers, you’ll probably get curious about learning a little more. Docker has a great command for obtaining low level configuration details about containers: docker inspect.

Docker Inspect features

I find the following to be most useful when using docker inspect to look at one of the running containers:

• long form container ID and timestamp when it was created
• current status (really useful even if container is stopped – will show you why)
• Docker image info
• Filesystem binds and volume info, mounts
• environment variables – this is where a lot of usernames/passwords will be found – automation comes at a cost to security
• command line parameters passed into the container
• network configuration: IP address and gateway, secondary addresses for IPv4 and IPv6

Docker Inspect output

Here’s a fragment of the docker inspect output for a MariaDB container on one of my hosts:

root@centos:~ # docker inspect c74010b06784
[
{
"Id": "c74010b06784ee04976239fb6dc08062b6f5f9ea6ce3e67bd2c876365986910c",
"Created": "2019-02-04T12:41:34.958272492Z",
"Path": "docker-entrypoint.sh",
"Args": [
"--character-set-server=utf8",
"--collation-server=utf8_bin",
"--transaction-isolation=READ-COMMITTED"
],
"State": {
"Status": "running",
"Running": true,
"Paused": false,
"Restarting": false,
"OOMKilled": false,
"Dead": false,
"Pid": 21868,
"ExitCode": 0,
"Error": "",
"StartedAt": "2019-02-26T22:30:33.060964954Z",
"FinishedAt": "2019-02-26T21:43:52.895816071Z"
},
"Image": "sha256:901583bfdf5a129ba68b033c989dab7f10d2a9235c3a2093ad16f9ac979ac9f9",
"ResolvConfPath": "/var/lib/docker/containers/c74010b06784ee04976239fb6dc08062b6f5f9ea6ce3e67bd2c876365986910c/resolv.conf",
"HostnamePath": "/var/lib/docker/containers/c74010b06784ee04976239fb6dc08062b6f5f9ea6ce3e67bd2c876365986910c/hostname",
"HostsPath": "/var/lib/docker/containers/c74010b06784ee04976239fb6dc08062b6f5f9ea6ce3e67bd2c876365986910c/hosts",
"LogPath": "/var/lib/docker/containers/c74010b06784ee04976239fb6dc08062b6f5f9ea6ce3e67bd2c876365986910c/c74010b06784ee04976239fb6dc08062b6f5f9ea6ce3e67bd2c876365986910c-json.log",
"Name": "/db",
"RestartCount": 0,
"Driver": "devicemapper",
"MountLabel": "",
"ProcessLabel": "",
"AppArmorProfile": "",
"ExecIDs": null,
"HostConfig": {
"Binds": [
"/storage/docker/db/datadir:/var/lib/mysql",
"/storage/docker/db/conf.d:/etc/mysql/conf.d"
],
"ContainerIDFile": "",
"LogConfig": {
"Type": "json-file",
"Config": {}
},
"NetworkMode": "confluencenet",
"PortBindings": {},
"RestartPolicy": {
"Name": "no",
"MaximumRetryCount": 0
},
...

See Also

• Docker
• Docker website
• Stop all Docker containers
• List Docker containers
• Remove unused Docker volumes
• Migrate Docker container to another server
• Restart stopped Docker containers

Sometimes an issue on one of your servers may interrupt your Docker based development and stop all the containers that you haven’t fully configured to be auto-started just yet. In such cases, it will be useful for you to know how to find stopped containers and restart them all using a single command.

List Stopped Containers in Docker

Using the filtering functionality of the docker ps command, we can quickly get all the necessary information for the stopped containers:

root@xps:~# docker ps -a -f status=exited
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
014a746dbb9d wordpress "docker-entrypoint.s…" 21 hours ago Exited (0) 21 hours ago romantic_fermi
080cf6412ac4 hello-world "/hello" 3 days ago Exited (0) 3 days ago modest_mestorf

Since we want to restart of these containers, we’ll probably need to pass their docker container IDs to another command, like docker start.

Hence the command above should be run with the -q parameter, which skips all the non-essential info and only returns the list of docker containers:

root@xps:~# docker ps -a -q -f status=exited
014a746dbb9d
080cf6412ac4

Restart all the Stopped Containers in Docker

Now all we have left to do is pass the above command to the docker start, like shown below. One by one, all the container IDs will appear as Docker restarts them:

root@xps:~# docker start $(docker ps -a -q -f status=exited)
014a746dbb9d
080cf6412ac4

Sure enough, when we do docker ps now, we should see these containers:

root@xps:~# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
9e7115e34496 wordpress "docker-entrypoint.s…" 19 hours ago Up 19 hours 127.0.0.1:80->80/tcp, 127.0.0.1:443->443/tcp wordpress
014a746dbb9d wordpress "docker-entrypoint.s…" 21 hours ago Up 2 seconds 80/tcp romantic_fermi
c397a72fbd58 mariadb:latest "docker-entrypoint.s…" 21 hours ago Up 21 hours 3306/tcp db

I can see the 014a746dbb9d container, but the other one is not running. Want to know why? It’s because this was a Hello, world Docker container – it’s not mean to stay running in background. Instead, it shows Hello, world and exits. It’s usually run like this:

root@xps:~# docker run hello-world

Hello from Docker!
This message shows that your installation appears to be working correctly.

To generate this message, Docker took the following steps:
1. The Docker client contacted the Docker daemon.
2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
(amd64)
3. The Docker daemon created a new container from that image which runs the
executable that produces the output you are currently reading.
4. The Docker daemon streamed that output to the Docker client, which sent it
to your terminal.

To try something more ambitious, you can run an Ubuntu container with:
$ docker run -it ubuntu bash

Share images, automate workflows, and more with a free Docker ID:
https://hub.docker.com/

For more examples and ideas, visit:
https://docs.docker.com/get-started/


That's it for today. Enjoy!

See Also

• Docker
• Docker – Stop Containers
• Docker – List containers
• Migrate Docker container
• Remove Unused Volumes in Docker
• Inspect Docker containers