This is not a reprint of the docs, but a collection of tips, tricks, and specific guidance for my own reference, and the development of others.
So long as your container has a CLI, you can access it by specifying 'interactive' and 'tty' (pseudo-tty).
docker run -it alpine:latest /bin/sh
🗒️ Don't forget the '-l' argument if you need a login shell.
FROM someimage
ENTRYPOINT ["tail", "-f", "/dev/null"]
docker run -d alpine tail -f /dev/null
💡 Prefferred overf
sleep infinity
simply for POSIX portability... But that's hardly a concern these days. ;)
Be aware of the following useful commands. Use man docker <command>
for specifics.
man docker <command>
docker logs <container id>
docker stats <container id>
docker cp <container id>:/path/to/file /path/to/local
docker inspect
can print the entire config, or specifics. See formatting for more. Here's a basic example:
docker inspect -f '{{ .Config.Env}} {{ .Config.Entrypoint}} {{ .Config.Cmd}} {{ .VolumesFrom}} {{.Volumes}} {{ .HostConfig.links}}' <container_id>
Sometimes a container just won't stay alive long enought to diagnose. These commands will copy the unhealthy container to a new image and then connect to it.
docker commit <bad_container_id> my_bad_container
docker run -it my-broken-container /bin/bash
Docker Ignore supports Dockerfile specific .dockerignore files, but if it's easy to miss in the docs if go too quickly. Checkout this GIST for a working example.
Not every shell picks up /etc/profile, or sources $ENV by default. Add workarounds as necessary.
TODO: Make a sourceable bash script to set this up automatically for a major distro X common shell matrix.
FROM alpine:3
## ENV is only picked up by sh, ash.
## The welcome script is handled by the .bashrc file for BASH.
ENV ENV="/root/.welcome"
RUN apk update \
&& apk upgrade \
&& apk add --no-cache \
bash \
bash-doc \
bash-completion \
vim \
curl
RUN curl -sSL "https://gist.githubusercontent.com/AlexAtkinson/db6059a55da536803b009ffc5a5000d2/raw/welcome.sh?now=$(date +%s)" -o /root/.welcome \
&& echo source /root/.welcome >> /root/.bashrc
CMD ["/bin/bash", "-c", "/root/.welcome ; /usr/bin/tail -f /dev/null"]
From inside a container, run:
/sbin/ip route|awk '/default/ { print $3 }'
A major gotcha for those with workloads dependent upon xattrs. (Don't have such worloads...)
"Docker imposes certain limitations that make working with capabilities much simpler. For example, file capabilities are stored within a file's extended attributes, and extended attributes are stripped out when Docker images are built. This means you will not normally have to concern yourself too much with file capabilities in containers.
It is of course possible to get file capabilities into containers at runtime, however this is not recommended."