Docker

# creating new docker image
mkdir exim

cat << EOF >> ./exim/Dockerfile
FROM alpine:latest

RUN echo http://mirror.yandex.ru/mirrors/alpine/edge/testing >> /etc/apk/repositories \
    && apk add --update exim \
    && rm -rf /var/cache/apk/*

EXPOSE 25/tcp 465/tcp 587/tcp
VOLUME ["/etc/exim"]
VOLUME ["/var/log/exim"]

RUN mkdir /usr/lib/exim/ && chown exim:exim /var/log/exim

ENTRYPOINT ["exim"]
CMD ["-bdf", "-v", "-q30m"]

EOF

#######################################

# build the image
docker build -t exim:latest exim/

# create container from image
docker create -p 80:80 -p 443:443 --name exim yourrepo/exim

# save image
docker save yourrepo/exim | gzip > exim.tar.gz

# load image
docker load < exim.tar.gz

# start container
docker start exim

# connect to running container
docker exec -it exim sh

#######################################

# install container from outside
docker pull repo/image
docker run -d image

# download & create & start
docker run -d -v /data/etc/exim:/etc/exim -v /data/logs/mail/:/var/log/exim/ -p 25:25 -p 465:465 --restart always --name exim fserver/alpine-exim

#######################################

# list docker containers
docker ps -a

# list docker images
docker images

# remove stopped containers
docker ps -aq |xargs docker rm

# remove unused docker images
docker images -q |xargs docker rmi

# remove unused docker volumes (after image delete)
docker volume ls -qf dangling=true | xargs -r docker volume rm

Non root user with docker
# Create the docker group
groupadd docker

#Restart the docker service
systemctl restart docker

# Add users to this group
usermod -aG docker user123

Docker registry
# install
yum install nginx docker -y
systemctl enable docker
systemctl restart docker

# config proxy if needed
grep PROXY /etc/sysconfig/docker
 HTTP_PROXY="http://192.168.0.1:3128"
 HTTPS_PROXY="http://192.168.0.1:3128"
 NO_PROXY="*.local, 192.168.0.0/16"

# on remote docker nodes config INSECURE_REGISTRY if you do not have valid ssl cert
grep INSECURE /etc/sysconfig/docker
 INSECURE_REGISTRY='--insecure-registry=127.0.0.1 --insecure-registry=192.168.0.123'

# start registry
mkdir -p /data/registry
docker run -d -p 5000:5000 -v /data/registry:/var/lib/registry --restart=always --name registry registry

# config nginx
openssl req -x509 -newkey rsa:4086 -keyout /etc/nginx/key.pem -out /etc/nginx/cert.pem -days 36500 -nodes
cat << EOF > /etc/nginx/conf.d/default.conf
upstream docker-registry {
    server 127.0.0.1:5000;
}
map $upstream_http_docker_distribution_api_version $docker_distribution_api_version {
    '' 'registry/2.0';
}
server {
    listen 80;
    server_name _;
    client_max_body_size 0;
    chunked_transfer_encoding on;
    location /v2/ {
      if ($http_user_agent ~ "^(docker\/1\.(3|4|5(?!\.[0-9]-dev))|Go ).*$" ) {
        return 404;
      }
      add_header 'Docker-Distribution-Api-Version' $docker_distribution_api_version always;
      proxy_pass                          http://docker-registry;
      proxy_set_header  Host              $http_host;   # required for docker client's sake
      proxy_set_header  X-Real-IP         $remote_addr; # pass on real client's IP
      proxy_set_header  X-Forwarded-For   $proxy_add_x_forwarded_for;
      proxy_set_header  X-Forwarded-Proto $scheme;
      proxy_read_timeout                  900;
    }
}
server {
    listen 443 ssl;
    server_name _;
    ssl_certificate /etc/nginx/cert.pem;
    ssl_certificate_key /etc/nginx/key.pem;
    ssl_protocols TLSv1.1 TLSv1.2;
    ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
    ssl_prefer_server_ciphers on;
    ssl_session_cache shared:SSL:10m;
    client_max_body_size 0;
    chunked_transfer_encoding on;
    location /v2/ {
      if ($http_user_agent ~ "^(docker\/1\.(3|4|5(?!\.[0-9]-dev))|Go ).*$" ) {
        return 404;
      }
      add_header 'Docker-Distribution-Api-Version' $docker_distribution_api_version always;
      proxy_pass                          http://docker-registry;
      proxy_set_header  Host              $http_host;   # required for docker client's sake
      proxy_set_header  X-Real-IP         $remote_addr; # pass on real client's IP
      proxy_set_header  X-Forwarded-For   $proxy_add_x_forwarded_for;
      proxy_set_header  X-Forwarded-Proto $scheme;
      proxy_read_timeout                  900;
    }
}
EOF

nginx -t && systemctl enable nginx && systemctl start nginx

ZFS for Docker
# install
yum install -y http://download.zfsonlinux.org/epel/zfs-release.el6.noarch.rpm
vi /etc/yum.repos.d/zfs.repo ## and enable kernel module repo
yum install -y zfs
modprobe zfs

# create pool
zpool create -f zfs-pool -m /data /dev/vg_root/lv_vol1 /dev/sdb /dev/sdc

# add disk to vol
zpool add zfs-pool /dev/sdd

# create docker volume
zfs create -o mountpoint=/var/lib/docker zfs-pool/docker

# set vol size
zfs set volsize=10GB zfs-pool/docker

# online resize/extend vol
zpool online -e zfs-pool /dev/resized-disk