Sign In
Sign In

Installing and Configuring PostgreSQL in Docker

Installing and Configuring PostgreSQL in Docker
Hostman Team
Technical writer
Docker PostgreSQL
12.03.2024
Reading time: 8 min

Docker helps create an isolated environment for various services, including databases. In this article, we will describe how to install PostgreSQL with Docker, configure it, and set up a database connection.

Why should you run PostgreSQL in a Docker container?

The main advantage of containerization is that it creates an isolated environment that helps avoid any dependency conflicts.

Let's see what dependent packages are installed on a Debian server along with PostgreSQL.

We ordered a server from Hostman, connected to it via SSH, and now run this command to install PostgreSQL:

sudo apt install postgresql postgresql-contrib

When executing the command, pay attention to the lines at the beginning:

The following additional packages will be installed:
libllvm11 libpq5 libsensors-config libsensors5 libxslt1.1 libz3-4 postgresql-13 postgresql-client-13

Postgres download comes with six more libraries: libllvm11, libpq5, libsensors-config, libsensors5, libxslt1.1 and libz3-4.

Now let's look at the list of PostgreSQL 13 dependencies:

sudo apt-cache depends postgresql-13

We get a list of 25 dependencies, only one of which is recommended, the rest are required.

If there is no required package or we have the wrong version, it leads to conflicts. Postgres run in Docker helps eliminate most of the problems. All dependencies are stored inside the container. When we download the image, we get a fully compatible environment, ready to go.

This leads to another advantage: reproducibility. For example, a developer wants to test a new feature in a product. Using an isolated environment, he can deploy a working environment on a local machine in a few clicks. 

And these are not all the advantages of PostgreSQL in Docker. With containers, fault tolerance also increases. If the server stops working, you can run the container on another machine and not worry about configuring the parameters.

Installing PostgreSQL with a Docker Image

Let's see how PostgreSQL is installed on Ubuntu. First, let's install Docker.

Add a key to work with Docker Hub:

curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -

Add the repository to the list of local ones and install Docker:

sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
sudo apt install docker-ce

Launch Docker and configure it to start at boot using the systemctl system utility:

sudo systemctl start docker
sudo systemctl enable docker

Next, create a Docker Postgres Volume, a directory for storing data.

mkdir -p $HOME/docker/volumes/postgres

Install the PostgreSQL image from Docker Hub using the docker pull command:

sudo docker pull postgres

PostgreSQL installation is complete.

Setup and manage your cloud database with ease

Launching the container

Run the command:

sudo docker run --rm --name hostman-pgdocker -e POSTGRES_PASSWORD=hostman -e POSTGRES_USER=hostman -e POSTGRES_DB=hostman -d -p 5531:5531 -v $HOME/docker/volumes/postgres:/var/lib/ postgresql/datapostgres

Here we use the following flags:

  • --rm tells the system to delete the container and its file system after the container is stopped. It helps saving server space.
  • --name is the container name, which must be unique within one server, regardless of status.
  • -e points to the environment variables: name and password of the superuser, default database name.
  • -d launches the container in background (offline) mode. After the launch, control is returned to the user.
  • -p binds the Postgres port to the server port.
  • -v creates a mount point.

When executing the command, the error "Error starting userland proxy: listen tcp4 0.0.0.0:5531: bind: address already in use" may occur. In this case, check what process is occupying port 5531:

sudo ss -lptn' sport = :5531'

To terminate the process, use the kill command. Specify the PID of the process that occupies port 5531. In our case, the PID os 2592:

sudo kill 2592

After fixing the error, try to restart Docker:

sudo docker run --rm --name hostman-pgdocker -e POSTGRES_PASSWORD=hostman -e POSTGRES_USER=hostman -e POSTGRES_DB=hostman -d -p 5531:5531 -v $HOME/docker/volumes/postgres:/var/lib/ postgresql/datapostgres

However, the command is rarely used this way. It is much more convenient to store the configuration in a Dockerfile. There you can specify Docker ADD, CMD, LABEL, ENV and other instructions to be applied at startup.

Connecting to PostgreSQL

First, let's connect to the isolated environment using the psql utility. It is included in the postgresql-client. Run:

sudo apt install postgresql-client

Connect to the database and execute a test query:

psql -h 127.0.0.1 -U hostman -d hostman

The output should be:

Password for user hostman:
psql (12.6 (Ubuntu 12.6-0ubuntu0.20.04.1), server 13.2 (Debian 13.2-1.pgdg100+1))
Type "help" for help.
hostman=#

A prompt with a username indicates that the connection has been established correctly.

You can also connect to the container using docker exec with the following keys:

sudo docker exec -it hostman-pgdocker psql -U hostman

The result is the same: an invitation to enter queries.

psql (12.6 (Debian 13.2-1.pgdg100+1))
Type "help" for help.
hostman=#

In the command above we used the arguments:

  • -i activates interactive work with the terminal.
  • -t launches a pseudo-terminal.
  • hostman-pogdocker is the name of the container to which queries will be made.
  • psql launches the utility for connecting to the database.
  • -U is a user name for connecting to the database.

To test the connection, let's create a new table, fill it with data and run the query:

hostman=# create table cities (name varchar(80));
CREATE TABLE
hostman=# insert into cities values ('Seattle');
INSERT 0 1
hostman=# select * from cities;
name
--------
Seattle
(1 row)

After completing the request, stop the container with the docker stop command:

sudo docker stop hostman-pgdocker

This is where we discover a security hole. The files and processes that the container creates are owned by the internal postgres user. Due to the lack of a namespace within the container, the UID and GID can be arbitrary.

The problem is that there may be other privileged users and groups on the server itself with the same UID and GID. This potentially leads to a situation where the user can access host directories and kill any processes. You can avoid this situation by specifying the USERMAP_UID and USERMAP_GID variables at startup.

Example command:

sudo docker run --rm --name hostman-pgdocker -e POSTGRES_PASSWORD=hostman -e POSTGRES_USER=hostman -e POSTGRES_DB=hostman -e USERMAP_UID=999 -e USERMAP_GID=999 -d -p 5432:5432 -v $HOME/docker /volumes/postgres:/var/lib/postgresql/data postgres

Installing PostgreSQL with Docker Compose

Let's consider another option for launching PostgreSQL: using docker-compose.

First, create a YAML file:

version: '3.1'
volumes:
   pg_hostman:
services:
   pg_db:
     image:postgres
     restart: always
     environment:
       - POSTGRES_PASSWORD=hostman
       - POSTGRES_USER=hostman
       - POSTGRES_DB=hostman
     volumes:
       - pg_project:/var/lib/postgresql/data
     ports:
       - ${POSTGRES_PORT:-5531}:5531

Then install Docker Compose:

sudo apt install docker-compose

And run it:

sudo docker-compose up -d

Check that you can connect to the database:

psql -h 192.168.0.4 -U hostman -d hostman

Output example:

Password for user hostman:
psql (12.6 (Ubuntu 12.6-0ubuntu0.20.04.1), server 13.2 (Debian 13.2-1.pgdg100+1))
Type "help" for help.
hostman=#

If a prompt to enter a request appears in the terminal, then the connection was successful.

To stop the container, run:

sudo docker-compose stop

Checking container status

To quickly find out that something is wrong with the isolated environment, we use healthcheck. 

Let's set up an automatic restart when problems are detected.

Example PostgreSQL settings in a YAML file:

version: "3.9"
services:
   postgres:
     image: postgres:13.3
     environment:
       POSTGRES_DB: "twdb"
       POSTGRES_USER: "twpguser"
       POSTGRES_PASSWORD: "785564tw"
       PGDATA: "/var/lib/postgresql/data/pgdata"
     volumes:
       - ../2. Init Database:/docker-entrypoint-initdb.d
       - .:/var/lib/postgresql/data
     ports:
       - "5531:5531"
     healthcheck:
       test: ["CMD-SHELL", "pg_isready -U twpguser -d twdb"]
       interval: 15s
       timeout: 10s
       retries: 7
       start_period: 12s
     restart: unless-stopped
     deploy:
       resources:
         limits:
           cpus: '1'
           memory: 4GB

Pay attention to the resources section. It allows you to limit resources for the database. This approach makes sense for local launch and experimentation.

Deploy your apps with a Dockerfile easily

Conclusion

In this guide, we studied the Docker and Docker Compose methods to run PostgreSQL within a Docker container. We also discussed deploying the container and connecting to the local machine.

Depending on the application architecture, you can deploy the database using Docker or Docker Compose. The second scenario will be more common, so pay more attention to the configuration that needs to be described in the docker-compose.yaml file.

Docker PostgreSQL
12.03.2024
Reading time: 8 min

Similar

Docker

How To Install and Use Docker Compose on Ubuntu

Docker Compose has fundamentally changed how developers approach containerized applications, particularly when coordinating services that depend on one another. This tool replaces manual container management with a structured YAML-driven workflow, enabling teams to define entire application architectures in a single configuration file.  For Ubuntu environments, this translates to reproducible deployments, simplified scaling, and reduced operational overhead. This guide provides a fresh perspective on Docker Compose installation and usage, offering deeper insights into its practical implementation. Prerequisites Before you begin this tutorial, you'll need a few things in place: Deploy an Ubuntu cloud server instance on Hostman. Ensure you have a user account with sudo privileges or root access. This allows you to install packages and manage Docker. Install Docker and have it running on your server, as Docker Compose works on top of Docker Engine. Why Docker Compose Matters Modern applications often involve interconnected components like APIs, databases, and caching layers. Managing these elements individually with Docker commands becomes cumbersome as complexity grows. Docker Compose addresses this by allowing developers to declare all services, networks, and storage requirements in a docker-compose.yml file. This approach ensures consistency across environments—whether you’re working on a local Ubuntu machine or a cloud server. For example, consider a web application comprising a Node.js backend, PostgreSQL database, and Redis cache. Without Docker Compose, each component requires separate docker run commands with precise networking flags. With Compose, these relationships are organized once, enabling one-command setups and teardowns. Docker Compose Installation Follow these steps to install Docker Compose on your Ubuntu machine: Step 1: Verify that the Docker Engine is Installed and Running Docker Compose functions as an extension of Docker, so verify its status with: sudo systemctl status docker Example output: ● docker.service - Docker Application Container Engine Loaded: loaded (/lib/systemd/system/docker.service; enabled; vendor preset: enabled) Active: active (running) since Thu 2025-02-20 08:55:04 GMT; 5min ago TriggeredBy: ● docker.socket Docs: https://docs.docker.com Main PID: 2246435 (dockerd) Tasks: 9 Memory: 53.7M CPU: 304ms CGroup: /system.slice/docker.service └─2246435 /usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock If inactive, start it using sudo systemctl start docker. Step 2: Update System Packages Refresh your package lists to ensure access to the latest software versions: sudo apt-get update You will see: Hit:1 https://download.docker.com/linux/ubuntu jammy InRelease Hit:2 http://archive.ubuntu.com/ubuntu jammy InRelease Hit:4 http://security.ubuntu.com/ubuntu jammy-security InRelease Hit:5 http://repo.hostman.com/ubuntu focal InRelease Hit:6 http://archive.ubuntu.com/ubuntu jammy-updates InRelease Hit:7 http://archive.ubuntu.com/ubuntu jammy-backports InRelease Hit:3 https://prod-cdn.packages.k8s.io/repositories/isv:/kubernetes:/core:/stable:/v1.31/deb InRelease Hit:8 https://packages.redis.io/deb jammy InRelease Reading package lists... Done Step 3: Install Foundational Utilities Secure communication with Docker’s repositories requires these packages: sudo apt-get install ca-certificates curl  Step 4: Configure Docker’s GPG Key Authenticate Docker packages by adding their cryptographic key: sudo install -m 0755 -d /etc/apt/keyringssudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.ascsudo chmod a+r /etc/apt/keyrings/docker.asc This step ensures packages haven’t been altered during transit. Step 5: Integrate Docker’s Repository Add the repository tailored to your Ubuntu version: echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu $(. /etc/os-release && echo "$VERSION_CODENAME") stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null The command auto-detects your OS version using VERSION_CODENAME. Step 6: Install the Docker Compose Plugin Update repositories and install the Compose extension: sudo apt updatesudo apt-get install docker-compose-plugin Step 7: Validate the Installation Confirm successful setup with: docker compose version The output displays the Docker Compose version: Docker Compose version v2.33.0 Building a Practical Docker Compose Project Let’s deploy a web server using Nginx to demonstrate Docker Compose’s capabilities. Step 1. Initialize the Project Directory Create a dedicated workspace: mkdir ~/compose-demo && cd ~/compose-demo Step 2. Define Services in docker-compose.yml Create the configuration file: nano docker-compose.yml Insert the following content: services: web: image: nginx:alpine ports: - "8080:80" volumes: - ./app:/usr/share/nginx/html In the above YAML file: services: Root element declaring containers. web: Custom service name. image: Uses the Alpine-based Nginx image for reduced footprint. ports: Maps host port 8080 to container port 80. volumes: Syncs the local app directory with the container’s web root. Step 3. Create Web Content Build the HTML structure: mkdir app nano app/index.html Add this HTML snippet: <!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <title>Docker Compose Test</title> </head> <body> <h1>Hello from Docker Compose!</h1> </body> </html> Orchestrating Containers: From Launch to Shutdown Let’s explore how you can use Docker Compose for container orchestration: Start Services in Detached Mode Launch containers in the background: docker compose up -d Example output: [+] Running 2/2 ✔ Network compose-demo_default Created ✔ Container compose-demo-web-1 Started Docker Compose automatically pulls the Nginx image if missing and configures networking. Verify Container Status Check operational containers: docker compose ps -a Access the Web Application Visit http://localhost:8080 locally or http://<SERVER_IP>:8080 on remote servers. The test page should display your HTML content. Diagnose Issues via Logs If the page doesn’t load or if you encounter any issues, you can inspect container logs: docker compose logs web Example output: web-1 | /docker-entrypoint.sh: /docker-entrypoint.d/ is not empty, will attempt to perform configuration web-1 | /docker-entrypoint.sh: Looking for shell scripts in /docker-entrypoint.d/ web-1 | /docker-entrypoint.sh: Launching /docker-entrypoint.d/10-listen-on-ipv6-by-default.sh web-1 | 10-listen-on-ipv6-by-default.sh: info: Getting the checksum of /etc/nginx/conf.d/default.conf web-1 | 10-listen-on-ipv6-by-default.sh: info: Enabled listen on IPv6 in /etc/nginx/conf.d/default.conf web-1 | /docker-entrypoint.sh: Sourcing /docker-entrypoint.d/15-local-resolvers.envsh … Graceful Shutdown and Cleanup Stop containers temporarily: docker compose stop Example output: [+] Stopping 1/1 ✔ Container compose-demo-web-1  Stopped Remove all project resources: docker compose down Example output: [+] Running 2/2 ✔ Container compose-demo-web-1  Removed ✔ Network compose-demo_default  Removed Command Reference: Beyond Basic Operations While the workflow above covers fundamentals, these commands enhance container management: docker compose up --build: Rebuild images before starting containers. docker compose pause: Freeze containers without terminating them. docker compose top: Display running processes in containers. docker compose config: Validate and view the compiled configuration. docker compose exec: Execute commands in running containers (e.g., docker compose exec web nginx -t tests Nginx’s configuration). Conclusion Docker Compose transforms multi-container orchestration from a manual chore into a streamlined, repeatable process. By adhering to the steps outlined—installing Docker Compose, defining services in YAML, and leveraging essential commands—you can manage complex applications with confidence.
26 February 2025 · 7 min to read
Docker

How to Automate Jenkins Setup with Docker

In the modern software development world, Continuous Integration and Continuous Delivery (CI/CD) have become an integral part of the development process. Jenkins, one of the leading CI/CD tools, helps automate application build, testing, and deployment. However, setting up and managing Jenkins can be time-consuming and complex, especially in large projects with many developers and diverse requirements. Docker, containerization, and container orchestration have come to the rescue, offering more efficient and scalable solutions for deploying applications and infrastructure. Docker allows developers to package applications and their dependencies into containers, which can be easily transported and run on any system with Docker installed. Benefits of Using Docker for Automating Jenkins Setup Simplified Installation and Setup: Using Docker to deploy Jenkins eliminates many challenges associated with installing dependencies and setting up the environment. You only need to run a few commands to get a fully functional Jenkins server. Repeatability: With Docker, you can be confident that your environment will always be the same, regardless of where it runs. This eliminates problems associated with different configurations across different servers. Environment Isolation: Docker provides isolation of applications and their dependencies, avoiding conflicts between different projects and services. Scalability: Using Docker and orchestration tools such as Docker Compose or Kubernetes allows Jenkins to be easily scaled by adding or removing agents as needed. Fast Deployment and Recovery: In case of failure or the need for an upgrade, Docker allows you to quickly deploy a new Jenkins container, minimizing downtime and ensuring business continuity. In this article, we will discuss how to automate the setup and deployment of Jenkins using Docker. We will cover all the stages, from creating a Docker file and setting up Docker Compose to integrating Jenkins Configuration as Code (JCasC) for automatic Jenkins configuration. As a result, you'll have a complete understanding of the process and a ready-made solution for automating Jenkins in your projects. Prerequisites Before you begin setting up Jenkins with Docker, you need to ensure that you have all the necessary tools and software. In this section, we will discuss the requirements for successfully automating Jenkins and how to install the necessary components. Installing Docker and Docker Compose Docker can be installed on various operating systems, including Linux, macOS, and Windows. Below are the steps for installing Docker on the most popular platforms: Linux (Ubuntu) Update the package list with the command: sudo apt update Install packages for HTTPS support: sudo apt install apt-transport-https ca-certificates curl software-properties-common Add the official Docker GPG key: curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add - Add the Docker repository to APT sources: sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" Install Docker: sudo apt install docker-ce Verify Docker is running: sudo systemctl status docker macOS Download and install Docker Desktop from the official website: Docker Desktop for Mac. Follow the on-screen instructions to complete the installation. Windows Download and install Docker Desktop from the official website: Docker Desktop for Windows. Follow the on-screen instructions to complete the installation. Docker Compose is typically installed along with Docker Desktop on macOS and Windows. For Linux, it requires separate installation: Download the latest version of Docker Compose: sudo curl -L "https://github.com/docker/compose/releases/download/$(curl -s https://api.github.com/repos/docker/compose/releases/latest | grep -Po '"tag_name": "\K.*?(?=")')/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose Make the downloaded file executable: sudo chmod +x /usr/local/bin/docker-compose Verify the installation: docker-compose --version Docker Hub is a cloud-based repository where you can find and store Docker images. The official Jenkins Docker image is available on Docker Hub and provides a ready-to-use Jenkins server. Go to the Docker Hub website. In the search bar, type Jenkins. Select the official image jenkins/jenkins. The official image is regularly updated and maintained by the community, ensuring a stable and secure environment. Creating a Dockerfile for Jenkins In this chapter, we will explore how to create a Dockerfile for Jenkins that will be used to build a Docker image. We will also discuss how to add configurations and plugins to this image to meet the specific requirements of your project. Structure of a Dockerfile A Dockerfile is a text document containing all the commands that a user could call on the command line to build an image. In each Dockerfile, instructions are used to define a step in the image-building process. The key commands include: FROM: Specifies the base image to create a new image from. RUN: Executes a command in the container. COPY or ADD: Copies files or directories into the container. CMD or ENTRYPOINT: Defines the command that will be executed when the container starts. Basic Dockerfile for Jenkins Let’s start by creating a simple Dockerfile for Jenkins. This file will use the official Jenkins image as the base and add a few necessary plugins. Create a new file named Dockerfile in your project directory. Add the following code: FROM jenkins/jenkins:lts RUN jenkins-plugin-cli --plugins workflow-aggregator git EXPOSE 8080 EXPOSE 50000 This basic Dockerfile installs two plugins: workflow-aggregator and git. It also exposes ports 8080 (for the web interface) and 50000 (for connecting Jenkins agents). Adding Configurations and Plugins For more complex configurations, we can add additional steps to the Dockerfile. For example, we can configure Jenkins to automatically use a specific configuration file or add scripts for pre-configuration. Create a jenkins_home directory to store custom configurations. Inside the new directory, create a custom_config.xml file with the required configurations: <?xml version='1.0' encoding='UTF-8'?> <hudson> <numExecutors>2</numExecutors> <mode>NORMAL</mode> <useSecurity>false</useSecurity> <disableRememberMe>false</disableRememberMe> <label></label> <primaryView>All</primaryView> <slaveAgentPort>50000</slaveAgentPort> <securityRealm class='hudson.security.SecurityRealm$None'/> <authorizationStrategy class='hudson.security.AuthorizationStrategy$Unsecured'/> </hudson> Update the Dockerfile as follows: FROM jenkins/jenkins:lts RUN jenkins-plugin-cli --plugins workflow-aggregator git docker-workflow COPY jenkins_home/custom_config.xml /var/jenkins_home/config.xml COPY scripts/init.groovy.d /usr/share/jenkins/ref/init.groovy.d/ EXPOSE 8080 EXPOSE 50000 In this example, we are installing additional plugins, copying the custom configuration file into Jenkins, and adding scripts to the init.groovy.d directory for automatic initialization of Jenkins during its first startup. Docker Compose Setup Docker Compose allows you to define your application's infrastructure as code using YAML files. This simplifies the configuration and deployment process, making it repeatable and easier to manage. Key benefits of using Docker Compose: Ease of Use: Create and manage multi-container applications with a single YAML file. Scalability: Easily scale services by adding or removing containers as needed. Convenience for Testing: Ability to run isolated environments for development and testing. Example of docker-compose.yml for Jenkins Let’s create a docker-compose.yml file to deploy Jenkins along with associated services such as a database and Jenkins agent. Create a docker-compose.yml file in your project directory. Add the following code to the file: version: '3.8' services: jenkins: image: jenkins/jenkins:lts container_name: jenkins-server ports: - "8080:8080" - "50000:50000" volumes: - jenkins_home:/var/jenkins_home networks: - jenkins-network jenkins-agent: image: jenkins/inbound-agent container_name: jenkins-agent environment: - JENKINS_URL=http://jenkins-server:8080 - JENKINS_AGENT_NAME=agent - JENKINS_AGENT_WORKDIR=/home/jenkins/agent volumes: - agent_workdir:/home/jenkins/agent depends_on: - jenkins networks: - jenkins-network volumes: jenkins_home: agent_workdir: networks: jenkins-network: This file defines two services: jenkins: The service uses the official Jenkins image. Ports 8080 and 50000 are forwarded for access to the Jenkins web interface and communication with agents. The /var/jenkins_home directory is mounted on the external volume jenkins_home to persist data across container restarts. jenkins-agent: The service uses the Jenkins inbound-agent image. The agent connects to the Jenkins server via the URL specified in the JENKINS_URL environment variable. The agent's working directory is mounted on an external volume agent_workdir. Once you create the docker-compose.yml file, you can start all services with a single command: Navigate to the directory that contains your docker-compose.yml. Run the following command to start all services: docker-compose up -d The -d flag runs the containers in the background. After executing this command, Docker Compose will create and start containers for all services defined in the file. You can now check the status of the running containers using the following command: docker-compose ps If everything went well, you should see only the jenkins-server container in the output. Now, let’s set up the Jenkins server and agent. Open a browser and go to http://localhost:8080/. During the first startup, you will see the following message: To retrieve the password, run this command: docker exec -it jenkins-server cat /var/jenkins_home/secrets/initialAdminPassword Copy the password and paste it into the Unlock Jenkins form. This will open a new window with the initial setup. Select Install suggested plugins. After the installation is complete, fill out the form to create an admin user. Accept the default URL and finish the setup. Then, go to Manage Jenkins → Manage Nodes. Click New Node, provide a name for the new node (e.g., "agent"), and select Permanent Agent. Fill in the remaining fields as shown in the screenshot. After creating the agent, a window will open with a command containing the secret for the agent connection. Copy the secret and add it to your docker-compose.yml: environment: - JENKINS_URL=http://jenkins-server:8080 - JENKINS_AGENT_NAME=agent - JENKINS_AGENT_WORKDIR=/home/jenkins/agent - JENKINS_SECRET=<your-secret-here> # Insert the secret here To restart the services, use the following commands and verify that the jenkins-agent container has started: docker-compose downdocker-compose up -d Configuring Jenkins with Code (JCasC) Jenkins Configuration as Code (JCasC) is an approach that allows you to describe the entire Jenkins configuration in a YAML file. It simplifies the automation, maintenance, and portability of Jenkins settings. In this chapter, we will explore how to set up JCasC for automatic Jenkins configuration when the container starts. JCasC allows you to describe Jenkins configuration in a single YAML file, which provides the following benefits: Automation: A fully automated Jenkins setup process, eliminating the need for manual configuration. Manageability: Easier management of configurations using version control systems. Documentation: Clear and easily readable documentation of Jenkins configuration. Example of a Jenkins Configuration File First, create the configuration file. Create a file named jenkins.yaml in your project directory. Add the following configuration to the file: jenkins: systemMessage: "Welcome to Jenkins configured as code!" securityRealm: local: allowsSignup: false users: - id: "admin" password: "${JENKINS_ADMIN_PASSWORD}" authorizationStrategy: loggedInUsersCanDoAnything: allowAnonymousRead: false tools: jdk: installations: - name: "OpenJDK 11" home: "/usr/lib/jvm/java-11-openjdk" jobs: - script: > pipeline { agent any stages { stage('Build') { steps { echo 'Building...' } } stage('Test') { steps { echo 'Testing...' } } stage('Deploy') { steps { echo 'Deploying...' } } } } This configuration file defines: System message in the systemMessage block. This string will appear on the Jenkins homepage and can be used to inform users of important information or changes. Local user database and administrator account in the securityRealm block. The field allowsSignup: false disables self-registration of new users. Then, a user with the ID admin is defined, with the password set by the environment variable ${JENKINS_ADMIN_PASSWORD}. Authorization strategy in the authorizationStrategy block. The policy loggedInUsersCanDoAnything allows authenticated users to perform any action, while allowAnonymousRead: false prevents anonymous users from accessing the system. JDK installation in the tools block. In this example, a JDK named OpenJDK 11 is specified with the location /usr/lib/jvm/java-11-openjdk. Pipeline example in the jobs block. This pipeline includes three stages: Build, Test, and Deploy, each containing one step that outputs a corresponding message to the console. Integrating JCasC with Docker and Docker Compose Next, we need to integrate our jenkins.yaml configuration file with Docker and Docker Compose so that this configuration is automatically applied when the Jenkins container starts. Update the Dockerfile to copy the configuration file into the container and install the JCasC plugin: FROM jenkins/jenkins:lts RUN jenkins-plugin-cli --plugins configuration-as-code COPY jenkins.yaml /var/jenkins_home/jenkins.yaml EXPOSE 8080 EXPOSE 50000 Update the docker-compose.yml to set environment variables and mount the configuration file. Add the following code in the volumes block: - ./jenkins.yaml:/var/jenkins_home/jenkins.yaml After the volumes block, add a new environment block (if you haven't defined it earlier): environment: - JENKINS_ADMIN_PASSWORD=admin_password Build the new Jenkins image with the JCasC configuration: docker-compose build Run the containers: docker-compose up -d After the containers start, go to your browser at http://localhost:8080 and log in with the administrator account. You should see the system message and the Jenkins configuration applied according to your jenkins.yaml file. A few important notes: The YAML files docker-compose.yml and jenkins.yaml might seem similar at first glance but serve completely different purposes. The file in Docker Compose describes the services and containers needed to run Jenkins and its environment, while the file in JCasC describes the Jenkins configuration itself, including plugin installation, user settings, security, system settings, and jobs. The .yml and .yaml extensions are variations of the same YAML file format. They are interchangeable and supported by various tools and libraries for working with YAML. The choice of format depends largely on historical community preferences; in Docker documentation, you will more often encounter examples with the .yml extension, while in JCasC documentation, .yaml is more common. The pipeline example provided below only outputs messages at each stage with no useful payload. This example is for demonstrating structure and basic concepts, but it does not prevent Jenkins from successfully applying the configuration. We will not dive into more complex and practical structures. jenkins.yaml describes the static configuration and is not intended to define the details of a specific CI/CD process for a particular project. For that purpose, you can use the Jenkinsfile, which offers flexibility for defining specific CI/CD steps and integrating with version control systems. We will discuss this in more detail in the next chapter. Key Concepts of Jobs in JCasC Jobs are a section of the configuration file that allows you to define and configure build tasks using code. This block includes the following: Description of Build Tasks: This section describes all aspects of a job, including its type, stages, triggers, and execution steps. Types of Jobs: There are different types of jobs in Jenkins, such as freestyle projects, pipelines, and multiconfiguration projects. In JCasC, pipelines are typically used because they provide a more flexible and powerful approach to automation. Declarative Syntax: Pipelines are usually described using declarative syntax, simplifying understanding and editing. Example Breakdown: pipeline: The main block that defines the pipeline job. agent any: Specifies that the pipeline can run on any available Jenkins agent. stages: The block that contains the pipeline stages. A stage is a step in the process. Additional Features: Triggers: You can add triggers to make the job run automatically under certain conditions, such as on a schedule or when a commit is made to a repository: triggers { cron('H 4/* 0 0 1-5') } Post-Conditions: You can add post-conditions to execute steps after the pipeline finishes, such as sending notifications or archiving artifacts. Parameters: You can define parameters for a job to make it configurable at runtime: parameters { string(name: 'BRANCH_NAME', defaultValue: 'main', description: 'Branch to build') } Automating Jenkins Deployment in Docker with JCasC Using Scripts for Automatic Deployment Use Bash scripts to automate the installation, updating, and running Jenkins containers. Leverage Jenkins Configuration as Code (JCasC) to automate Jenkins configuration. Script Examples Script for Deploying Jenkins in Docker: #!/bin/bash # Jenkins Parameters JENKINS_IMAGE="jenkins/jenkins:lts" CONTAINER_NAME="jenkins-server" JENKINS_PORT="8080" JENKINS_AGENT_PORT="50000" VOLUME_NAME="jenkins_home" CONFIG_DIR="$(pwd)/jenkins_configuration" # Create a volume to store Jenkins data docker volume create $VOLUME_NAME # Run Jenkins container with JCasC docker run -d \ --name $CONTAINER_NAME \ -p $JENKINS_PORT:8080 \ -p $JENKINS_AGENT_PORT:50000 \ -v $VOLUME_NAME:/var/jenkins_home \ -v $CONFIG_DIR:/var/jenkins_home/casc_configs \ -e CASC_JENKINS_CONFIG=/var/jenkins_home/casc_configs \ $JENKINS_IMAGE The JCasC configuration file jenkins.yaml was discussed earlier. Setting Up a CI/CD Pipeline for Jenkins Updates To set up a CI/CD pipeline, follow these steps: Open Jenkins and go to the home page. Click on Create Item. Enter a name for the new item, select Pipeline, and click OK. If this section is missing, you need to install the plugin in Jenkins. Go to Manage Jenkins → Manage Plugins. In the Available Plugins tab, search for Pipeline and install the Pipeline plugin. Similarly, install the Git Push plugin. After installation, go back to Create Item. Select Pipeline, and under Definition, choose Pipeline script from SCM. Select Git as the SCM. Add the URL of your repository; if it's private, add the credentials. In the Branch Specifier field, specify the branch that contains the Jenkinsfile (e.g., */main). Note that the Jenkinsfile should be created without an extension. If it's located in a subdirectory, specify it in the Script Path field. Click Save. Example of a Jenkinsfile pipeline { agent any environment { JENKINS_CONTAINER_NAME = 'new-jenkins-server' JENKINS_IMAGE = 'jenkins/jenkins:lts' JENKINS_PORT = '8080' JENKINS_VOLUME = 'jenkins_home' } stages { stage('Setup Docker') { steps { script { // Install Docker on the server if it's not installed sh ''' if ! [ -x "$(command -v docker)" ]; then curl -fsSL https://get.docker.com -o get-docker.sh sh get-docker.sh fi ''' } } } stage('Pull Jenkins Docker Image') { steps { script { // Pull the latest Jenkins image sh "docker pull ${JENKINS_IMAGE}" } } } stage('Cleanup Old Jenkins Container') { steps { script { // Stop and remove the old container if it exists def existingContainer = sh(script: "docker ps -a -q -f name=${JENKINS_CONTAINER_NAME}", returnStdout: true).trim() if (existingContainer) { echo "Stopping and removing existing container ${JENKINS_CONTAINER_NAME}..." sh "docker stop ${existingContainer} || true" sh "docker rm -f ${existingContainer} || true" } else { echo "No existing container with name ${JENKINS_CONTAINER_NAME} found." } } } } stage('Run Jenkins Container') { steps { script { // Run Jenkins container with port binding and volume mounting sh ''' docker run -d --name ${JENKINS_CONTAINER_NAME} \ -p ${JENKINS_PORT}:8080 \ -p 50000:50000 \ -v ${JENKINS_VOLUME}:/var/jenkins_home \ ${JENKINS_IMAGE} ''' } } } stage('Configure Jenkins (Optional)') { steps { script { // Additional Jenkins configuration through Groovy scripts or REST API sh ''' # Example script for performing initial Jenkins setup curl -X POST http://localhost:${JENKINS_PORT}/scriptText --data-urlencode 'script=println("Jenkins is running!")' ''' } } } } post { always { echo "Jenkins setup and deployment process completed." } } } On the page of your new pipeline, click Build Now. Go to Console Output. In case of a successful completion, you should see the following output. For this pipeline, we used the following files.  Dockerfile: FROM jenkins/jenkins:lts USER root RUN apt-get update && apt-get install -y docker.io docker-compose.yml: version: '3.7' services: jenkins: build: . ports: - "8081:8080" - "50001:50000" volumes: - jenkins_home:/var/jenkins_home - /var/run/docker.sock:/var/run/docker.sock environment: - JAVA_OPTS=-Djenkins.install.runSetupWizard=false networks: - jenkins-network volumes: jenkins_home: networks: jenkins-network: Ports 8081 and 50001 are used here so that the newly deployed Jenkins can occupy ports 8080 and 50000, respectively. This means that the main Jenkins, from which the pipeline is running, is currently located at http://localhost:8081/. One way to check if Jenkins has been deployed is to go to http://localhost:8080/, as we specified this in the pipeline. Since this is a new image, a welcome message with authentication will appear on the homepage. Conclusion Automating the deployment, updates, and backups of Jenkins is crucial for ensuring the reliability and security of CI/CD processes. Using modern tools enhances this process with a variety of useful features and resources. If you're further interested in exploring Jenkins capabilities, we recommend the following useful resources that can assist with automating deployments: Official Jenkins website Jenkins Configuration as Code documentation Pipeline Syntax
30 January 2025 · 19 min to read
Docker

Docker Exec: How to Use It to Run Commands in a Container

Docker is an effective and versatile environment built to assist you in the matter of running, creating, as well as deploying apps within containers. One of the significant utilities in it is docker exec. It permits you to run code within a particular container. Furthermore, you can maintain as well as build a reliable, compact container through it. During creation or installation, it is significant to analyze different operations/configurations and examine the current condition or resolve bugs. Therefore, it offers an environment where commands can be run in dockerized apps. This tutorial will cover docker exec, complete with possible use cases and explanations. Prerequisites You must meet certain prerequisites before beginning the article: Installation: Verify that Docker is already installed. If not, check our tutorial to install it. Permissions: The user account should have permissions/privileges to run the script. Running Container: A container needs to be accessible as well as running at the moment. Through the docker ps, you can determine the ID or name of the container. General Concepts: You should be familiar with core concepts of Docker. Familiarity with Linux systems and Docker basics will help in troubleshooting any issues during configuration. These requirements are necessary before beginning the setup. Basic Introduction  docker exec permits greater control, enhanced privacy, as well as better security for your apps. It helps users with regarding, management, monitoring, and debugging running apps within the particular container. Explore its features to boost your productivity and automate workflows. In this way, you can run direct commands by performing several operations like opening sessions, shell commands, and even running scripts. This significantly enhances workflow by enabling interaction with the active/operational app. You can address issues as well as make configurations without the need for a full container restart, which improves efficiency. General Syntax  The general syntax is: docker exec [OPTIONS] CONTAINER CODE [ARG...] OPTIONS: These are flags for customizing the behaviour of the particular command. Several options are as below: -i: It indicates STDIN is launched even if not connected. -t: It addresses the allocation of a pseudo-TTY. -u USER: It indicates the particular user for running the command. -w WORKDIR: It indicates the directory which is working for the particular command. CONTAINER: It indicates the container ID or name, where instructions are executed. CODE:  This is the script or command that you require to run inside the container ARG: It represents the additional parameters that are required to be passed to the particular CODE. How to Use Docker Exec to Run Commands in a Container Through this utility, you can run programs, check logs, and perform other admin operations inside the particular running container by accessing its CLI. It is beneficial for effective management since it increases adaptability and gives more hold of dockerized apps. Testing with a Sample Container Before running the specific command, you should have the minimum of one container that is currently operational. If you do not have it yet, execute the below command by with the particular container name. In our case, we use mynginx:  docker run -d --name mynginx nginx Finding the Active Container ID Before beginning, you are required to know the ID or name of the running container. Let’s run the below command to obtain the info on all dockerized apps that are currently operational: docker ps In the figure, the operational instance ID is b51dc8e05c77 and the name is mynginx.  Working With a Particular Directory In this first example, you can run the command in the particular directory of the operational container. To achieve this, the --workdir or -w option is used by mentioning the folder name. Look at a use case where the pwd is run within the operational container mynginx: docker exec --workdir /tmp mynginx pwd Here: docker exec: It is the core command to run the command within the operational container. --workdir /tmp: This OPTION indicates our working directory. mynginx: It indicates the CONTAINER name.  pwd: It indicates the executed CODE within the container. In the figure, the pwd executes within the particular mynginx instance and allocates the working directory to /tmp.  Single Command Execution  In this example, execute a single command. For this, first mention the container name or ID, and afterwards, the particular command that you are required to execute. Here, mynginx is the name of the operational container, and the echo "Hello, Hostman Users!" is the command: docker exec mynginx echo "Hello, Hostman Users!" In the figure, there is an execution of the echo "Hello, Hostman Users!" command within mynginx. Several Commands Execution  You can execute several commands in a single line statement by splitting them with semicolon. Let’s look at the below statement: docker exec mynginx /bin/bash ls; free -m; df -h; In the result, ls shows the content inside of the mentioned folder, free -m shows the system memory and df -h disk space usage. It permits you to analyze the memory state, filesystem, and other info in one statement. Enabling the Shell Through Name You can enable the shell within the dockerized app. It permits an interface for the file system as well as script execution. Here, the -it option activates interactive mode and assigns the interface: docker exec -it mynginx /bin/bash The figure enables the bash shell interface within mynginx. But, /bin/bash is not guaranteed to be present in every image of Docker. Therefore, other shells like sh can also be enabled. Now, input exit and press ENTER to close the interface: exit To launch other shells like sh (which is a symbolic link to bash or another shell), use /bin/sh in the below statement line: docker exec -it mynginx /bin/sh In the figure, the code line launches the shell interface, which is operational.  Enabling the Shell Through ID In this particular use case, enable the session through the b51dc8e05c77 container ID inside the Docker app. Furthermore, you have the ability to interact with the interface as though you directly logged in via the -it flag. The -t indicates the assignment of pseudo-TTY, and the -i opens the STDIN. Both are beneficial for analysis, debugging, as well as managerial operations: docker exec -it b51dc8e05c77 bash Furthermore, you can analyse the information of the current folder inside the particular shell (in a detailed format), e.g., file size, owner, group, number of links, modification date, and file permissions: ls -l It gives detailed information on each file as well as the folder that assists you in knowing their attributes and managing them effectively. Working As a Particular User You can execute a command as the specific user through the -u option. It is beneficial when you are permitted to work with specific privileges. It runs the command in the operational container through the particular user and group: docker exec -u <user>:<group> <container_id> <command>  For instance, the whoami runs as the www-data in the mynginx container: docker exec -u www-data mynginx whoami In the figure, www-data verifies that the particular command is executed successfully with the correct user permissions and within the expected interface.  Enabling a Non-Interactive Shell Sometimes, users prefer not to have any interaction. For such circumstances, they can execute the command without any argument: docker exec mynginx tail /etc/passwd  The last 10 lines of the passwd file have been shown. This passwd file is stored in the /etc/passwd folder containing the user information. It helps you monitor the user account information, permitting you to quickly check for troubleshooting or update issues.  Working With a Single Environment Variable You may need to pass environment variables to the command that is run in the operational container. To achieve this, use the -e option as below: docker exec -e MY_VAR=value mynginx printenv MY_VAR In the figure, the printenv MY_VAR is successfully executed in mynginx when the MY_VAR is set to value correctly. Working With Multiple Environment Variables You can set more than one variable through the -e flag.  docker exec -e TEST=john -e ENVIRONMENT=prod mynginx env The figure confirms that the two variables TEST and ENVIRONMENT have been set to john and prod in the mynginx. Working With the Detached Mode You can run commands in the detached mode through the -d flag. Therefore, it runs in the background: docker exec -d mynginx sleep 500 The figure confirms that the mynginx is executing the sleep 500 command. Working With the Privileged Mode Here, the --privileged flag permits you to execute the command, such as mount, with elevated privileges in the running container: docker exec --privileged mynginx mount In the figure, mount permits the system to create a mount point with the particular permissions in the mynginx. More Information on docker exec The --help option shows the manual with a list of available options with concise explanations.  docker exec --help Final Words docker exec is an effective utility for controlling and interacting with active containers. It is helpful for operations like monitoring, managing, and debugging apps without interfering with their functionality. It permits you to run code, launch shells, customize several configuration aspects, and also set environment variables. Once you become familiar with the usage of this utility, you can manage containers easily. It makes your operations much smoother for creating and deploying apps.
29 January 2025 · 8 min to read

Do you have questions,
comments, or concerns?

Our professionals are available to assist you at any moment,
whether you need help or are just unsure of where to start.
Email us
Hostman's Support