{"id":15069465,"url":"https://github.com/sureshg/containers","last_synced_at":"2025-04-10T17:35:45.308Z","repository":{"id":40466931,"uuid":"424751402","full_name":"sureshg/containers","owner":"sureshg","description":"🐳 Container/K8S/Compose playground using moby/nerdctl/Rancher Desktop.","archived":false,"fork":false,"pushed_at":"2025-03-19T17:39:27.000Z","size":216,"stargazers_count":5,"open_issues_count":0,"forks_count":1,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-03-19T18:35:53.828Z","etag":null,"topics":["docker","docker-compose","graalvm-native-image","java","jlink-image","k8s","kotlin","kubernetes","linux","moby","nerdctl","openjdk","rancher-desktop"],"latest_commit_sha":null,"homepage":"https://suresh.dev/notes/containers.html","language":"Dockerfile","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/sureshg.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-11-04T21:59:06.000Z","updated_at":"2025-03-19T17:39:30.000Z","dependencies_parsed_at":"2023-12-14T00:34:48.243Z","dependency_job_id":"7ada1fc0-ecb6-44db-97c9-c326c2aa36bf","html_url":"https://github.com/sureshg/containers","commit_stats":null,"previous_names":[],"tags_count":6,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sureshg%2Fcontainers","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sureshg%2Fcontainers/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sureshg%2Fcontainers/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sureshg%2Fcontainers/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/sureshg","download_url":"https://codeload.github.com/sureshg/containers/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248262029,"owners_count":21074230,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["docker","docker-compose","graalvm-native-image","java","jlink-image","k8s","kotlin","kubernetes","linux","moby","nerdctl","openjdk","rancher-desktop"],"created_at":"2024-09-25T01:42:40.925Z","updated_at":"2025-04-10T17:35:45.299Z","avatar_url":"https://github.com/sureshg.png","language":"Dockerfile","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Container/Kubernetes Playground!\n\n[![GitHub Workflow Status][gha_badge]][gha_url]\n[![Docker Linter][lint_img]][lint_url]\n[![OpenJDK App][openjdk_app_img]][container-images]\n[![Native Image App][nativeimage_app_img]][container-images]\n\nContainer/K8S/Compose playground using [dockerd(moby)][7]/[nerdctl][2]/[Rancher Desktop][3].\n\n### Run Container Images\n\n```bash\n# Build OpenJDK jLinked image with AOT cache\n$ docker build -t sureshg/openjdk-app:latest --pull --target openjdk .\n$ docker run -it --rm -p 8080:80 sureshg/openjdk-app:latest\n$ dive sureshg/openjdk-app:latest\n\n# GraalVM native image (For debug, --progress=plain --pull --no-cache)\n$ docker build -t sureshg/graalvm-static --pull --target graalvm-static .\n$ docker run -it --rm -p 8080:80 sureshg/graalvm-static\n$ curl http://localhost:8080\n$ dive sureshg/graalvm-static\n```\n\n\u003cdetails\u003e\n\u003csummary\u003eMisc Images\u003c/summary\u003e\n\n```bash\n# GraalVM Dev image\n$ docker build --progress=plain --tag sureshg/graalvm-community-dev --pull --target graalvm-community-dev .\n$ docker run -it --rm -p 8080:80 sureshg/graalvm-community-dev  --version\n\n# OpenJDK HSDIS image to print assembly\n# --mount type=volume,source=new-volume,destination=/var/lib/data \\\n$ docker build -t sureshg/openjdk-hsdis:latest --target openjdk-hsdis .\n$ docker run \\\n        -it \\\n        --rm \\\n        --env APP_NAME=HSDIS \\\n        --workdir /app \\\n        --publish 8080:80 \\\n        --mount type=bind,source=$(pwd),destination=/app,readonly \\\n        sureshg/openjdk-hsdis:latest src/App.java   \n        \n# JShell Image  \n$ docker build -t sureshg/jshell --no-cache --target jshell .\n$ docker run -it --rm -e TZ=\"UTC\" sureshg/jshell \n\n# JDK Slim Image\n$ docker build -t sureshg/jdk-slim --no-cache --target jdk-slim .\n$ docker run -it --rm sureshg/jdk-slim   \n\n# Chainguard static image\n$ docker build -t sureshg/cgr-static --target cgr-static .\n$ docker run -it --rm sureshg/cgr-static \n\n# NetCat Webserver\n$ docker build -t sureshg/netcat-server --target netcat .\n$ docker run -p 8080:80 -e PORT=80 -it --rm sureshg/netcat-server \n\n# Netshoot Image\n$ docker build -t sureshg/tools --target tools .\n$ docker run -it --rm sureshg/tools \n\n# Run Python script as part of build\n$ docker build --progress=plain -t sureshg/py-script --target python .\n$ docker run -it --rm sureshg/py-script\n\n# SSH Server container with sysstat (sar)\n$ docker build -t sureshg/ssh-server --target ssh-server .\n$ docker run -it --rm -p 2222:22 sureshg/ssh-server\n$ ssh test@localhost -p 2222   \n```\n\n\u003c/details\u003e\n\n### Run Compose\n\n```bash\n# OpenJDK App\n$ docker compose -f compose/docker-compose.yml up --build --pull=always\n$ docker compose watch\n$ docker compose -f compose/docker-compose.yml down --remove-orphans --volumes\n# curl http://localhost:[8080|8081|8082|8083]\n\n# GraalVM Native Image\n$ docker compose -f compose/graalvm-compose.yml up\n# docker compose -f compose/graalvm-compose.yml build --no-cache app-arm64\n$ docker compose -f compose/graalvm-compose.yml up --remove-orphans --build app-arm64\n$ docker compose -f compose/graalvm-compose.yml up --remove-orphans --build app-amd64 \n```\n\n\u003cdetails\u003e\n\u003csummary\u003eCompose Misc\u003c/summary\u003e\n\n```bash\n# Misc Compose files\n$ docker compose -f compose/tcpdump-compose.yml up\n$ docker compose -f compose/binfmt-compose.yml up\n$ docker compose -f compose/clickhouse-compose.yml up\n$ docker compose -f compose/grafana-prom-compose.yml up\n$ docker compose -f compose/kafka-compose.yml up\n```\n\n\u003c/details\u003e\n\n### Run images from [GHCR][container-images]\n\n```Bash\n# Run the openjdk application\n$ docker run \\\n         --pull always \\\n         -p 8080:80 \\\n         -it --rm \\\n         --name openjdk-app \\\n         ghcr.io/sureshg/containers:openjdk-latest\n\n# Run the native image application\n$ docker run \\\n         --pull always \\\n         -p 8080:80 \\\n         -it --rm \\\n         --name nativeimage-app \\\n         ghcr.io/sureshg/containers:nativeimage-latest\n        \n# Use \"--platform=linux/amd64\" to run cross platform images.         \n```\n\n### Multi-Platform Builds\n\nThe following commands are used to build multi-platform images locally using `Docker Buildx` on [Rancher Desktop][3].\n\n```bash\n# Create a new buildx builder instance\n$ docker buildx create --name=buildkit-container --driver=docker-container\n# docker buildx use buildkit-container\n# docker buildx inspect\n# docker buildx rm buildkit-container\n\n# Docker Bake\n$ docker buildx bake --print\n$ docker buildx bake\n\n# Build images for all platforms\n$ docker buildx \\\n         --builder buildkit-container \\\n         build \\\n         --sbom=true \\\n         --platform=linux/amd64,linux/arm64 \\\n         --pull \\\n         --no-cache  \\\n         --target openjdk \\\n         -t sureshg/openjdk-app:latest .\n\n# Load just one platform (ARM64)\n$ docker buildx \\\n         --builder buildkit-container \\\n         build \\\n         --load \\\n         --platform=linux/arm64 \\\n         --target openjdk \\\n         -t sureshg/openjdk-app:latest .\n\n# Load another platform with a different tag (AMD64)\n$ docker buildx \\\n         --builder buildkit-container \\\n         build \\\n         --load \\\n         --platform=linux/amd64 \\\n         --target openjdk \\\n         -t sureshg/openjdk-app:latest-amd64 .\n\n# Push both platforms as one image manifest list\n$ docker buildx \\\n         --builder buildkit-container \\\n         build \\\n         --push \\\n         --platform=linux/arm64,linux/amd64 \\\n         --target openjdk \\\n         -t sureshg/openjdk-app:latest .  \n         \n# Run the images\n$ docker run -it --rm -p 8080:80 sureshg/openjdk-app:latest\n$ docker run -it --rm --platform linux/amd64 -p 8080:80 sureshg/openjdk-app:latest-amd64            \n```\n\n### Debug Distroless Images\n\n```bash       \n# Run the container\n$ docker run \\\n         --pull always \\\n         -p 8080:80 \\\n         -it \\\n         --rm \\\n         --name openjdk-app \\\n         ghcr.io/sureshg/containers:openjdk-latest\n       \n# Install cdebug\n$ brew install cdebug  \n\n# Use \"--image nixery.dev/busybox/curl\" to use custom images.\n# Use \"--platform linux/arm64\" to select platform for busybox image.    \n$ cdebug exec \\\n         --privileged \\\n         -it \\\n         --rm \\\n         docker://openjdk-app\n```\n\n### Misc\n\n- Docker Init\n\n  ```bash\n  # Initialize the docker file\n  $ docker init\n  ```\n\n- IntelliJ Support for Rancher Desktop\n\n  ```bash\n  # Create a symlink to docker installed by Rancher Desktop\n  $ sudo ln -s $(which docker) /usr/local/bin/docker\n  ```\n- Install [Rancher Desktop][3] with [containerd][0] [multi-platform][1] support\n\n  ```bash\n  # Install Rancher Desktop and Select containerd as runtime.\n  $ sudo docker run --privileged --rm tonistiigi/binfmt --install all\n  $ rdctl shell\n     # To list all architectures\n     $ ls -1 /proc/sys/fs/binfmt_misc/qemu*\n  \n  $ docker run --rm --platform=linux/arm64 alpine uname -a\n  $ docker run --rm --platform=linux/s390x alpine uname -a\n  \n  # Check for all the OS archs\n  $ for i in `docker images --format {{.ID}}`; do echo $i `docker image inspect $i | grep -e Architecture -e Os`; done\n  \n  # Remove unused data\n  $ docker system prune -f\n  ```\n\n- Run a private container registry\n\n  ```bash\n  $ docker run -d -p 5000:5000 --restart=always --name registry registry:2\n  ```\n\n## Resources\n\n- [Java containerization strategies](https://learn.microsoft.com/en-us/azure/developer/java/containers/)\n- [OpenJDK Container Awareness](https://developers.redhat.com/articles/2022/04/19/java-17-whats-new-openjdks-container-awareness)\n- [Single Core Java Containers](https://developers.redhat.com/articles/2022/04/19/best-practices-java-single-core-containers#)\n- [Docker Best Practices](https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#add-or-copy)\n- [Choosing Between RUN, CMD, and ENTRYPOINT](https://www.docker.com/blog/docker-best-practices-choosing-between-run-cmd-and-entrypoint/)\n- [A collection of docker-compose files][6]\n- [Runtime privilege and Linux capabilities](https://docs.docker.com/engine/reference/run/#runtime-privilege-and-linux-capabilities)\n- [Runtime options with Memory, CPUs, and GPUs](https://docs.docker.com/config/containers/resource_constraints/)\n\n## Local Dev Tools\n\n- [Rancher Desktop][3]\n- [Docker Desktop](https://www.docker.com/products/docker-desktop/)\n- [Podman Desktop](https://podman-desktop.io/)\n- [Minikube](https://minikube.sigs.k8s.io/docs/start/)\n- [Lima-Linux VM on Mac](https://github.com/lima-vm/lima)\n- [Macpine](https://github.com/beringresearch/macpine)\n\n[0]: https://github.com/containerd/containerd\n\n[1]: https://github.com/containerd/nerdctl/blob/master/docs/multi-platform.md\n\n[2]: https://github.com/containerd/nerdctl\n\n[3]: https://github.com/rancher-sandbox/rancher-desktop\n\n[4]: https://k3s.io/\n\n[5]: https://github.com/jpetazzo/minimage\n\n[6]: https://github.com/jonatan-ivanov/local-services\n\n[7]: https://github.com/moby/moby\n\n\n[gha_url]: https://github.com/sureshg/containers/actions/workflows/container-build.yml\n\n[gha_img]: https://github.com/sureshg/containers/actions/workflows/container-build.yml/badge.svg\n\n[gha_badge]: https://img.shields.io/github/actions/workflow/status/sureshg/containers/container-build.yml?branch=main\u0026color=green\u0026label=Container%20Build\u0026logo=Github-Actions\u0026logoColor=green\n\n[lint_url]: https://hadolint.github.io/hadolint/\n\n[lint_img]: https://img.shields.io/badge/Dockerfile%20Linter-%E2%9D%A4-2596ec.svg?logo=Docker\u0026logoColor=2596ec\n\n[openjdk_app_img]: https://ghcr-badge.egpl.dev/sureshg/containers/size?tag=openjdk-latest\u0026label=OpenJDK%20App\u0026color=mediumslateblue\n\n[nativeimage_app_img]: https://ghcr-badge.egpl.dev/sureshg/containers/size?tag=nativeimage-latest\u0026label=NativeImage%20App\u0026color=mediumvioletred\n\n[container-images]: https://github.com/sureshg/containers/pkgs/container/containers\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsureshg%2Fcontainers","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsureshg%2Fcontainers","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsureshg%2Fcontainers/lists"}