Docker quickreference
Overview
1. Dockerfile
-
FROM - Select base image
-
MAINTAINER - details about the author
-
ADD - Adds files from host to container. Can be used to copy files from URL to container.
-
RUN - Run commands at build time. CMD will be overwritten by the command specified when running the container
-
CMD - Run ocommand at runtime. Only one command is run, if specified more than one, the last command will overwrite the others
-
VOLUME - Adds a volume to the container. You can’t specify the host folder to be munted in a Dockerfile
-
ENTRYPOINT- Like CMD, with 2 differences. You can’t overwrite it when running the conainer. Averything thet is passed at the end of a docker run command will be used as an argument for the ENTRYPOINT command
-
ENV - Set a environment variable in the container. Also you can use it as a variable in the Docker file
-
WORKDIR - Sets the working directory for any RUN, CMD, ENTRYPOINT, COPY and ADD instructions that follow it in the Dockerfile. If the WORKDIR doesn’t exist, it will be created.
-
LABEL - Used to set metadata on an image. version,description,etc.. LABEL key=value
-
EXPOSE I informs Docker that the container listens on the specified network ports at runtime.
-
COPY - Copies new files or directories from src to dest on the container
-
USER - Sets the user name or UID to use when running the image and for any RUN, CMD and ENTRYPOINT cmmands
-
ARG - Defines a variable that users can pass at build-time to the builder with: docker build –build-arg varname=value. Use it in Dokerfile with USER command like this: USER ${user:-some_user}
Note: Each entry of the above types in a Dockerfile will be an intermediate docker image. Use as few entries as possible with “&& " at the end of the line.
Use this link for a full Dockerfile reference.
2.Docker commands
| Command | Description | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| docker pull ubuntu | Download prebuilt image | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| docker pull centos:5 | Download centos 5 version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| docker pull centos -a | Download all centos versions | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| docker run -i -t ubuntu /bin/bash | run in interactive mode | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| docker run centos:7 /usr/bin/echo hello | Run container and echo | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| docker run --net bridge -ti centos6/httpd | Run the run the container in specific network | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| docker run -it -name=andrei centos:6 | change the nme of the container | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| docker run -it -d centos:6 | Run in daemon mode. Use attach to get in | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| docker run -it -d -p 3305:3306 mysql | Forward local port 3305 to container port 3306 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| docker run -it -v /data --name duck centos:6 | Attach volume. You can fnd volume in /var/lib/docker/volumes | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| docker run -it -v /srv/folder:/data --name duck centos:6 | Attach a local specific drectory to the container | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
docker inspect | Show details about container | </tr>
docker networks | Show/add/delete docker networks | docker images | Shows existent images | docker build -t | Builds an image from a Dockerfile | </tr>
docker ps -a | Shows all existing containers | docker ps -a -s | Shows all existing containers with size | ctrl+p ctrl+q | Detach docker | docker attach | Attach a running container | </tr>
docker run -d -p 80:80 -name | Run a container from an image in daemon mod and publish port | </tr>
ID=$(docker ps -l -q) | Get the ID of last image run | PID=$(docker inspect --format "" $ID) | Get PID from the image | sudo nsenter --target $PID --mount --uts --ipc --net --pid | Enter the docker container | IP=$(docker inspect --format "" $ID) | Getting the private IP address of docker container | docker run -p | Map multiple ports | </tr>
nsenter --target $(docker inspect --format "" $(docker ps -l -q)) --mount --uts --ipc --net --pid | Enter docker container oneline | docker rm $(docker ps -a -q) | Remove all stopped docker instances | docker rmi $(docker images -q) | Remove all stopped docker images | nsenter --target $(docker inspect --format | Enter in a running container | </tr>
docker save -o image.tar | Save an image to tar | </tr>
docker load -o image.tar | load image from tar | docker build -t username/imagename:v1 . | Builds an image version1 using user | docker run -d --name | Run an image in daemon mode | </tr>
docker stop | Stops running container | </tr>
docker search | Dearch images | </tr>
docker top | What command is running in the container | </tr>
docker info | Information about current docker settings | usermod -G docker | Add your user to docker group to run docker without sudo | </tr>
docker -H 192.168.0.2 -d & | Run docker in network mode and not use local socket (/run/docker.sock) | export DOCKER_HOST="tcp://192.168.0.2:2375" | To use docker over network | docker -H 192.168.0.2 -H UNIX:///var/run/docker.sock -d & | Bind docker service to both the local socket and network | /var/lib/docker/aufs/diff/ | Location of container data even after container stopped | /var/lib/docker/containers | Location of container configurations | docker commit | Save an image from running container | </tr>
docker history | shows history of an image | </tr>
docker inspect | Get the pid of the container | </tr>
nsenter -m -u -n -p -i -t | Get shell to the container with | docker-enter | Get shell to a running container | </tr>
docker exec -it ffb718704ed0 /bin/bash | Recommended method to get shell inside acontainer | docker run -v /usr/local/bin:/target jpetazzo/nsenter | Get the nsenter command if missing from your host | docker logs | Shows output of PID 1 on container | </tr>
docker tag | Set different tag for image before pushing to hub | </tr>
docker push username/imagename:1.0 | Push image to hub | docker run -it --volumes-from= | Share a volume with an existing container | </tr>
docker -v rm | Remove container and the volume. Without -v the volume is not deleted | </tr>
docker logs -f | Sows logs for PID 1 in tail -f form | </tr>
docker kill $(docker ps|grep -v "CONTAINER"|awk '{print $1}'|head -1) | Kill last opened container | docker exec -it $(docker ps|grep -v "CONTAINER"|awk '{print $1}'|head -1) /bin/sh | Enter last opened container | docker rmi $(docker images | grep "^ | Remove docker images without tag | </tr>
docker volume rm $(docker volume ls -qf dangling=true) | Remove all volumes | |