Image -docker run> Running Container -> Stopped Container -docker commit> New Image

parent image - image that your image is based on (FROM)

Состоит:

• Docker daemon- manages Docker containers and handles container objects - Docker client program - provides a command-line interface
• Container c т.з. ч. - стандартизированный метод упаковки приложений, его конфигурациии и всех зависимостей в единый объект.
• Container c т.з. ОС - процесс извлеченный из tarball привязанный к namespaces и контролируемый через cgroups
• Container - состоит из слоев - слепков состояний файловой системы из image + read-write layer on top. Images become containers when they run on Docker Engine. при перезапуске возвращается к image
  • UUID short and long
  • name - by user or random
• Container Runtime - software that can run containers on a host operating system or each node in the cluster so that Pods can run there.
• Image - read-only template used to build containers - to store and ship applications - series of read-only layers
• Docker service - allows containers to be scaled across multiple Docker daemons - result is "swarm"
• Docker registr - repository for Docker images - download ("pull") - upload ("push"). Registries can be public or private
• Docker Hub - default registry where Docker looks for images https://hub.docker.com/
• volumes -
• Dockerfile - Docker can build images automatically by reading the instructions from a Dockerfile by "$docker build ."
• task - container running in a service
• replicas - containers or task in one service defined in docker-compose.yml

explore:

• docker images - list images and layers
  • docker images | grep superset | awk '{print $1}' | xargs docker image rm
• docker ps - containers currently running
  • docker ps -a - was ran
• docker logs image

• docker pull busybox - download image
• docker build -t fedora/jboss:1.0 . # –tag to give a name to the image
  • docker build image –build-args HTTPS_PROXY=172.0.0.1:8888
  • docker build -t aa -f Dockerfile.app .
• docker run -it debian_my bash - create container based on image and attach to tty
• docker exec -it debian_my bash - connect to running
  • docker exec -it debian_my bash -c "command ; command"
  • docker exec -w /workspace -it ps bash
• docker rename ngin nginx
• docker start/stop/kill/restart/rm nginx
• docker events/top/stats/diff nginx
• docker -it superset_db pg_dump -U superset superset > backups.sql - бэкап БД из контейнера в папку

networks

• docker network create my-net
• docker create –name my-nginx –network my-net –publish 8080:80 nginx:latest
• docker networks ls # show networs
• docker network inspect NAME
• docker network create -d bridge MyBridgeNetwork
• docker network rm
• docker connect MyOverlayNerwork nginx - подключение работающего контейнера к сети
• docker run -it -d –network=MyOverlayNetwork ngixn - подключение к сети при его запуске
• docker network disconnect MyOverlayNerwork nginx

Комманды

• docker ps -a - все контейнеры
• docker image ls - все images
• docker load -i file.tar - Load saved image
• docker pull debian:testing
• docker inspect [CONTAINER ID] – "Config": { "Entrypoint": ["/pause"],
• docker pull storm:TAG – download image
• docker ps –no-trunc – full command
• docker system prune –volumes - clean unused everything

docker run [OPTIONS] IMAGE [COMMAND] [ARG…]

Commit a container’s file changes or settings into a new image: docker commit CONTAINER ID mysnapshot

Build image and run:

• docker build –tag=friendlyhello .
• docker run -p 4000:80 friendlyhello -d - execute CMD in Dockerfile, background

docker run - require CMD or ENTRYPOINT specified in Dokerfile

both CMD and ENTRYPOINT have exec and shell form

• ENTRYPOINT ["executable", "param1", "param2"] - exec form - recommended
• ENTRYPOINT command param1 param2 - shell form - Ctrl + C will not stop ex. ping google.com

CMD can be used to set additional defaults that are more likely to be changed

• ENTRYPOINT ["top", "-b"]
• CMD ["-c"]

• ARG is only available during the build of a Docker imag
• ENV values are available to containers, but also RUN-style commands during the Docker build starting with the line where they are introduced. If you set an environment variable in an intermediate container using bash (RUN export VARI=5 && …) it will not persist in the next command.

docker build . –build-arg -t foo

FROM debian:bullseye-slim ARG WTF ENV WTF=$WTF CMD echo $WTF

• ANTIFAQ https://habr.com/ru/company/southbridge/blog/452108/
• https://docs.docker.com/get-started/part2/
• for java https://github.com/docker/labs/tree/master/developer-tools/java/
• Linux virtualization
• building project inside docker https://mikulskibartosz.name/how-to-build-a-project-inside-a-docker-container-fd575058bf4a operating-system-level virtualization
• Dockerfile reference https://docs.docker.com/engine/reference/builder/ tool that can package an application and its dependencies in a lightweight! virtual container
  • Сontainers may simplify the creation of highly distributed systems.
  • Containers are created from "images" - read-only template

https://docs-stage.docker.com/engine/install/ubuntu/ from deb https://download.docker.com/linux/ubuntu/dists/focal/stable/binary-amd64/Packages

• https://download.docker.com/linux/ubuntu/dists/focal/stable/binary-amd64/
• pool/stable
• wget docker-ce, docker-ce-cli and containerd.io
• compare hashes from Package.
• apt-get install

from Dcoker Repository https://docs-stage.docker.com/engine/install/ubuntu/

Installing Docker CE using Docker Installation Script

Проверка:

• docker run hello-world

Запускать без sudo https://docs-stage.docker.com/engine/install/linux-postinstall/#manage-docker-as-a-non-root-user

• ~/.docker/config.json
• 192.168.2.252 это srv-proxy

{ "proxies": { "default": { "httpProxy": "http://192.168.2.252:8080", "httpsProxy": "http://192.168.2.252:8080" } } }

• https://docs.docker.com/storage/

by default a writable container layer.

• volumes - on Docker var/lib/docker/volumes - best way - cannot be modified externaly - When you mount the volume into a container, this directory is what is mounted into the container
• bind mounts - can be modified externaly

kebenrenets - The Docker image is at the root of the filesystem hierarchy, and any volumes are mounted at the specified paths within the image.

Хранятся в var/lib/docker

• REPOSITORY - откуда был скачен или имя, <none> - локально

image is built up from a series of layers. Each layer except the very last one is read-only.

commands:

• docker image ls - все images
• docker rmi $(docker images -q) - удалить все images
• docker run PARAMETERS repository_or_name - запускает image и делает его контенером, если его нет, то скачивает из публичного репозитория
  • -d - deattached in background
  • -p <host_port>:<container_port>

Container has: read only layers: 1 writable layer - сохраняется только если завершается нормально, в случае сбоя теряется.

1. docker build –cache-from image0 -t image1
2. https://stackoverflow.com/questions/48449326/how-to-docker-reuse-layers-with-different-base-images

https://medium.com/google-cloud/kubernetes-configmaps-and-secrets-68d061f7ab5b

builder pattern - one Dockerfile to use for development, and a slimmed-down one to use for production, which only contained your application and exactly what was needed to run it.

• FROM - starts new stage
• FROM golang:1.16 AS builder; COPY –from=builder /go/a ./a # if stages will be reoreded
• COPY –from=nginx:latest /etc/nginx/nginx.conf /nginx.conf # copy from separate image

nnterms:

• dangling - not associated with container

remove parts not connected to running contatinters:

• docker system/image/container/network prune -a

remove images:

• docker image prune # dangling
• docker image prune -a # remove all images which are not used by containers
• docker image prune -a –filter "until=24h" # removes older than 24 hours
• docker rmi $(docker images -f "dangling=true" -q)
• remove images by pattern
  • docker images -a | grep “some_pattern” | awk ‘{print $3}’ | xargs docker rmi

remove containers:

• docker container prune # stopped containers
• docker rm $(docker ps -q -f status=exited) # remove all the containers that are not running (exited).
• docker rm $(docker ps -a -q) # wipe all containers
• remove container by pattern
  • docker ps -a | grep “some_pattern” | awk ‘{print $3}’ | xargs docker rm

remove volumes (Volumes are never removed automatically):

• docker volume prune # remove all volumes not used by at least one container
• docker volume prune –filter "label!=keep" # only removes volumes which are not labelled with the keep label
• docker volume ls -f name=syst
• docker volume rm volume1_name volume2_name

remove networks:

• docker network prune # networks which aren’t used by any containers

Prune everything:

• docker system prune # shortcut that prunes images, containers, and networks
• docker system prune –volumes # and volumes too

docker builder prune - удаление кэша сборки

• sudo mount -t tmpfs tmpfs /var/lib/docker
• systemctl restart docker

• COPY local.conf . # to current directory # preffered # stripped-down version of ADD
• ADD . /code # Too Much Magic
  • ADD foo.tar.gz /tmp # autounpack
• WORKDIR /code
• ENV FLASK_APP app.py # set env variable inside of running container
• RUN pip3 install –upgrade pip # run command to build image

can be baked into the image definition

• HEALTHCHECK –interval=5s –timeout=3s CMD curl –fail http://localhost:8091/pools || exit 1
  • –interval=DURATION (default 30s)
  • –timeout=DURATION (default 30s)
  • –retries=N (default 3)

If health check is enabled, then the container can have three states:

• starting
• healthy
• unhealthy

docker-compose.yml:

services:
        webapp:
                image: your-repo-name/webapp:1.0.1-nginx
                container_name: webapp
                network_mode: host
                healthcheck:
                        test: mysql airflowdb -u $MYSQL_USER --password=$MYSQL_PASSWORD -e 'SELECT 1;'
                        interval: 20s
                        timeout: 60s
                        start_period: 15s
                restart: always

• docker swarm init - to enable swarm mode and make your current machine a swarm manage
• docker-machine - инструмент который работает на базе виртуальных машин. ХЗ как что
• docekr swarm leave

• https://docs.docker.com/compose/compose-file/
• 2 chars indentation

structure:

1. docker-compose.yaml

version: "3.9"  # optional since v1.27.0
services:
  web:
    build: path_to_Dockerfile
    ports:
      - "8000:5000" # host port : container port

1. Dockerfile

default environment variable file named .env (or –env-file command line option):

• TAG=v1.5

var

• ${VARIABLE:?err} exits with an error message containing err if VARIABLE is unset or empty in the environment.
• ${VARIABLE?err} exits with an error message containing err if VARIABLE is unset in the environment.

web:
  environment:
    - DEBUG=1

network per application

• network name based on the “project name”, which is based on the name of the directory it lives in (You can override the project name with either the –project-name flag or the COMPOSE_PROJECT_NAME environment variable.)
  • myapp_default
• container join the network under own name
  • URL http://web
• standalone containers can connect default network (attachable=true)

ports: ["8001:5432"] - distinction between HOST_PORT and CONTAINER_PORT

• service-to-service communication uses the CONTAINER_PORT
• HOST_PORT is defined, the service is accessible outside the swarm as well.

error: for webb No such image: sha256

• docker-compose -f docker-compose-filename.yml down
• docker-compose -f docker-compose-filename.yml up

Credentials store error: StoreError

• https://stackoverflow.com/questions/56267890/docker-compose-unable-to-start
• sudo rm ~/.docker/config.json
• Create login at https://hub.docker.com/
• docker login
• docker-compose up

OR remove "credsStore wincredis" from ~/.docker/config.json

infinity restarts

version: '3'
services:
  my-service:
    restart: on-failure:5

• docker-compose -f docker-compose.yml up
• docker-compose up -d
• docker-compose down
• docker-compose down –volumes # and remove volumes
• docker-compose up –no-deps –build <service_name> - rebuild
• docker-compose build ServiceName+1

services:

• xxx_service: volumes: - ./local:/root/container:ro

The imperative way (Docker client):

• docker volume create [OPTIONS] [VOLUME]

Types of volumes in Docker:

• Docker host-mounted volumes
  • /host/path:/container/path
• Docker named volumes
  • named_volume_name:/container/path
  • types:
    • internal - used only inside docker-compose (app)
    • external - can be used across docker installation - must be created by the user

docker external named volume:

1. docker volume create –driver local –opt type=none –opt device=/var/opt/my_website/dist –opt o=bind web_data

volumes:
  web_data:
    external: true

Override Docker ENTRYPOINT and CMD.

• entrypoint: /code/entrypoint.sh
• entrypoint: ["php", "-d", "memory_limit=-1", "vendor/bin/phpunit"]

entrypoint: ["tail", "-f", "/dev/null"] # sleep

K8s is a platform for creating, deploying and managing distributed applications.

• container-orchestration system for automating application deployment, scaling, and management.

container orchestration system for automating application deployment, scaling, and management. It aims to provide a "platform for automating deployment, scaling, and operations of application containers across clusters of hosts".

It eliminates the need for orchestration - continuously drive the current state towards the provided desired state.

Master/slave (Primary/replica architecture) - model of asymmetric communication (data speed or quantity, when averaged over time, is different in one direction from the other).

• 2003: Borg System - Google
• 2013: Omega - Google
• 2014: Kubernetes - Google - as an open source version of Borg
• 2015: v1.0
• 2016:
  • First release of Helm the package manager of Kubernetes.
  • Minikube a tool that makes it easy to run Kubernetes locally.
  • Kops official project for managing production-grade Kubernetes clusters.
  • kubeadm
  • supports OpenAPI - Specification defines a standard interface to RESTful APIs
• 2017:
  • Google and IBM announce Istio
  • role-based access control (RBAC) authorizer
  • Introducing Kubeflow - Machine Learning Stack Built for Kubernetes.
  • Amazon EKS - to run Kubernetes on AWS without needing to install, operate, and maintain your own Kubernetes control plane or nodes.
  • Azure AKS
  • the principal competitors:
    • VMware
    • Mesosphere, Inc.
    • Docker, Inc.
    • Microsoft Azure
    • AWS
• the hard way guilde 4

workload

app running on k8s - one or several components, you run it inside a set of pods.

workload resources

Deployment, StatefulSet

container runtime

software that responsible for running containers.

control loop

is a non-terminating loop that regulates the state of a system. (used in controller)

control plane

set of components that run on mster nodes and control the overall state of the cluster.

bootstaping

is the process of setting up a new Kubernetes cluster from scratch.

provisioning machines

the process of creating and preparing virtual of phisical machines: install OS, configure network, etc.

container

executable image that contains software and all of ins dependencies

ConfigMaps

non-confidential data in key-value pairs. environment-specific configuration.

Secret

an object that contains a small amount of sensitive data such as a password. stored unencrypted in the API server's underlying data store (etcd). 1) as a files in a volume mounted 2) as a env variable 3) By the kubelet when pulling images

Pod template

specifications for creating Pods .spec.template included in workload resources such as Deployments, Jobs, and DaemonSets.

Services

type of object to group pods.

resources

types of objects, can by got by # kubectl api-resources. Defined and deployed with yaml of json files.

cluster

joined worker nodes with "control plane" which is nodes also.

• Кубернетис кластер, это joined worker nodes with "control plane" which is nodes also. Результат выполнения kubeadm init и kubeadm join, в результате которой поднимаются все необходимые сервисы на нодах и из нод формирутся кластер. К которому можно подключиться через доступ к API server. Подробная статья. https://www.airplane.dev/blog/kubernetes-control-plane

resource

kind of API object

collection

A list of instances of a resource. There are dozens of collection types (such as PodList, ServiceList, and NodeList)

(no term)

reconsilation loop - user-declared desired state -> observed current state (action, observe) - у каждого вида рабочей нагрузки есть свой контроллер который наблюдает за текущим состоянием и желаемым. (kube-controller manager)

• pods - ip adress, volumes - not durable by default. (has hidden default container). a set of running containers on your cluster
• node - виртуальные машины в VMware. Can run(be assigned with) several pods.
• controller - высшая обстрация над pods - CRI specification -
• contrainer - run in pods - binary package with files
  • Docker image Format (often)

• \\srv-file\Share\DEV\Обучение\AML
• k create deployment nginx –image=nginx - создать pod c одной репликой
• k scale deployment nginx –replicas 3 - реплики 3

pod name - nginx-(HashOfConfiguration)-randomValue

Deployments

• случайные имена
• чтобы мы не делали сервис будет работать

StatefulSet DaemonSets Job - при инициализации приложения

linux

• kubelet - node and master - взаимодействуют с API-сервером и подписываются на выставленные данных scheduler-oм
• kube-proxy - отвечает за настройку iptables
• Kubernetes CRI Container Runtime Interface
  • на dev - docker CRI shim
  • prod - CRI-O
• Addons дополнительные компоненты worker - kubectl -n kube-system get pods
  • fluent-d - logging - Cluster-level Logging
  • weave addon - creates a virtual network that connects containers across multiple hosts and enables their automatic discovery
  • coredns addon
  • ambasador API gateway

master

• kube-apiserver - API Server - все взаимодействие с k8s
• kube-controller-manager - Controller manager - reconsilation loop
• kube-scheduler - Scheduler - оценить на какой ноде должен быть запущен контейнер
• etcd - distributed key-value store, у значений есть версия. Optimistic concurrency control

Используется для развертывания подов на виртуалках. Kubernetes cluster on bare-metal or VMs.

Использует Vagrant?

Playbooks are Ansible’s configuration, deployment, and orchestration language. playbooks are your instruction manuals

• web server - gitlab registry
• Scheduler - command to kubelet
• kubelet use cri (Container Runtime Interface) to pull nodes

master - one or many nodes - control plane

• etcd - distributed key-value data store stores the configuration (like Apache ZooKeeper)
• API server - internal and external interface - REST JSON over HTTP
• Scheduler - запускает pods на node based on resource availability - match resource "supply" to workload "demand"
• Controller manager - communicating with the API server to create, update, and delete the resources it manages (pods, service endpoints, etc.).
  • Replication Controller - handles replication and scaling
  • Autosclaer - use metrics from Prometheus чтобы подстроить количество репли к количеству запросов

node or Worker -

• Kubelet - starting, stopping, and maintaining application containers organized into pods
• Kube-proxy (network proxy and a load balancer) - routing traffic to the appropriate container
• Container runtime - must implement Container Runtime Interface (CRI) - Most container runtime environments use runc.
  • Docker
  • CRI-O
  • Containerd
  • Other CRI runtimes: frakti

runc provide OCI API. Kubelet communicate with the container runtime via the CRI’s gRPC interface.

it is impossible for a distributed data store to simultaneously provide more than two out of the following three guarantees:

• Consistency: Every read receives the most recent write or an error
• Availability: Every request receives a (non-error) response, without the guarantee that it contains the most recent write
• Partition tolerance: The system continues to operate despite an arbitrary number of messages being dropped (or delayed) by the network between nodes

• https://habr.com/ru/company/selectel/blog/316258/
• libcontainer, которая по сути является частью runc, используется в Docker вместо LXC

homogeneous ˌhōməˈjēnēəs - однородная система heterogeneous ˌhɛt(ə)rə(ʊ)ˈdʒiːnɪəs - неоднородная система

• https://vzurczak.wordpress.com/2019/02/13/using-graylog-for-centralized-logs-in-k8s-platforms-and-permissions-management/

3 variants:

• letting applications directly output their traces in other systems
• collector per pod
• collector per node - this

Two architectures for log managements:

1. "Elastic Stack" (formerly the "ELK stack") (products for Elastic Search):
   • Logstash - data collection and log-parsing engine
   • Kibana - visualisation platform
   • ?
   • ?
2. Graylog - three-tier architecture and scalable storage (based on Elasticsearch - its backend)

Collecting logs per node - Logstash or (FileBeat, Fluentd, Fluent Bit…)

Think of it like apt/yum/homebrew for Kubernetes.

• Container: Container refers to operating system level virtualization
• Docker: Docker is a popular program to create and run containers
• Kubernetes: Kubernetes is a popular container orchestration program.

Helm cnsist of:

• Tiller Server: installed within a Kubernates cluster - interacts with the Kubernetes API server to install, upgrade, query and remove Kubernetes resources
• Client: command-line interface - install, upgrade and rollback charts

Charts - Kubernetes resources package

• collection of files
• configuration

Release - running instance of a chart

https://en.wikipedia.org/wiki/List_of_cluster_management_software

• Kubernetes - google
• Docker Swarm
• CoreOS
• Mesos – Apache

оверлейная сеть

kubeadm init and kubeadm join as best-practice "fast paths" for creating Kubernetes clusters.

• kubeadm init to bootstrap a Kubernetes control-plane node
• kubeadm join to bootstrap a Kubernetes worker node and join it to the cluster

• /etc/kubernetes/manifests as the path where kubelet should look for static Pod manifests.

1. Verify the MAC address and product_uuid are unique for every node
   1. ip link or ifconfig -a
   2. cat /sys/class/dmi/id/product_uuid
2. check that required ports for master and worker nodes are open and don't blocked by firewall
3. Installing a container runtime, most common:
   • containerd - began as part of Docker
   • CRI-O
   • Docker Engine
   • Mirantis Container Runtime
4. Installing kubeadm, kubelet and kubectl
5. Configuring a cgroup driver - isolates the resource usage (CPU, memory, disk I/O, etc.) of a collection of processes.
6. Creating a cluster with kubeadm https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/create-cluster-kubeadm/
   1. install to provisioning systems such as Ansible or Terraform or on your own.

apt-get install bash-completion

## Install
apt-get install bash-completion
## Bash
echo 'source <(kubectl completion bash)' >>~/.bashrc

echo 'alias k="kubectl"' >>~/.bashrc

• ns namespaces
• componentstatuses cs
• configmaps cm
• endpoints ep
• events ev
• limitranges limits
• namespaces ns
• nodes no
• persistentvolumeclaims pvc
• persistentvolumes pv
• pods po
• replicationcontrollers rc
• resourcequotas quota
• serviceaccounts sa
• services svc
• customresourcedefinitions crd, crds
• daemonsets ds
• deployments deploy
• replicasets rs
• statefulsets sts
• horizontalpodautoscalers hpa
• cronjobs cj
• certificiaterequests cr, crs
• certificates cert, certs
• certificatesigningrequests csr
• ingresses ing
• networkpolicies netpol
• podsecuritypolicies psp
• replicasets rs
• scheduledscalers ss
• priorityclasses pc
• storageclasses sc

establish what resources a given role is able to access. Implement principle of least privilege.

kubectl auth can-i '*' '*' # allowed commands

kube-system - namespace for system services

k -n kube-system get all

alias k=kubectl

Krew is the plugin manager for kubectl command-line tool.

k get ns --show-labels # with labels

---

apiVersion: v1
kind: Namespace
metadata:
  # name: mlsynth
  name: ml1

{'apiVersion': 'v1', 'kind': 'Namespace', 'metadata': {'name': 'ml1'}}

template:
  metadata:
    labels:
      app: paramserv
  spec:
    affinity:
      podAntiAffinity:
        requiredDuringSchedulingIgnoredDuringExecution:
        - labelSelector:
            matchExpressions:
            - key: app
              operator: In
              values:
              - paramserv
          topologyKey: kubernetes.io/hostname

{'template': {'metadata': {'labels': {'app': 'paramserv'}},
              'spec': {'affinity': {'podAntiAffinity': {'requiredDuringSchedulingIgnoredDuringExecution': [{'labelSelector': {'matchExpressions': [{'key': 'app',
                                                                                                                                                    'operator': 'In',
                                                                                                                                                    'values': ['paramserv']}]},
                                                                                                            'topologyKey': 'kubernetes.io/hostname'}]}}}}}

k -n ml1 get all # will get pods and services

-v, –v Level number for the log level verbosity. Up to 8.

kubectl cluster-info - Display cluster info

responses:

• Error from server: etcdserver: request timed out
  • no response from
• The connection to the server kube-exp-m.clive.tk:6443 was refused - did you specify the right host or port?
• "Kubernetes control plane is running at https://kube-exp-m.clive.tk:6443" "CoreDNS is running at https://kube-exp-m.clive.tk:6443/api/v1/namespaces/kube-system/services/kube-dns:dns/proxy"
  • everything is allright

• cilium - networking, observability, and security solution with an eBPF-based dataplane.
• Calico - full-blown Kubernetes “networking solution” with functionality including network policy controller, kube-proxy replacement and network traffic observability.

• docs https://kubernetes.io/docs/
• guide https://kubectl.docs.kubernetes.io/guides/
• api https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/
  • template(PodTemplateSpec) https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#podtemplate-v1-core
• https://github.com/kelseyhightower/kubernetes-the-hard-way
• https://kubernetes.io/ru/docs/reference/kubectl/cheatsheet/

https://kubernetes.io/docs/tasks/administer-cluster/dns-debugging-resolution/

• https://donofden.com/blog/2020/06/14/Python-Flask-automatically-generated-Swagger-3-0-openapi-Document
• https://apispec.readthedocs.io/en/latest/install.html

OpenAPI Specification (formerly Swagger Specification) is an API description format for REST APIs.

YAML, being a superset of JSON

Consist off

• Swagger Editor – browser-based editor where you can write OpenAPI specs.
• Swagger UI – renders OpenAPI specs as interactive API documentation.
• Swagger Codegen – generates server stubs and client libraries from an OpenAPI spec.

• https://stackoverflow.com/questions/36634281/list-of-swagger-ui-alternatives
• article https://pronovix.com/blog/free-and-open-source-api-documentation-tools?platform=hootsuite