Last active
November 8, 2022 05:44
-
-
Save hochun836/7ff4451c6afd09c05cf44f7855b8c11e to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# docker desktop | |
docker toolbox // win7 | |
docker desktop for windows // win10 (include linux container & window container) | |
docker desktop for mac | |
=> ref: https://skychang.github.io/2017/01/06/Docker-Docker_for_Windows_10_First/ | |
Q: can windows containers be hosted on linux? | |
A: no | |
=> ref: https://stackoverflow.com/questions/42158596/can-windows-containers-be-hosted-on-linux | |
# docker desktop for windows | |
hyper-v | |
wsl2 // windows subsystem for linux | |
=> ref: https://docs.docker.com/desktop/windows/install/ | |
=> ref: https://adersaytech.com/windowsos-tutorial/hyper-v-virtual-machine.html | |
=> ref: https://kknews.cc/zh-tw/tech/44k2yvx.html | |
Q: how to install wsl2 in win10 ? | |
TEST SUCCESSFULLY | |
win10 ver 10.0.19042.1165 | |
cpu intel core i7-9700 | |
dism.exe /online /enable-feature /featurename:Microsoft-Windows-Subsystem-Linux /all /norestart | |
dism.exe /online /enable-feature /featurename:VirtualMachinePlatform /all /norestart | |
download https://wslstorestorage.blob.core.windows.net/wslblob/wsl_update_x64.msi | |
wsl --set-default-version 2 | |
install linux distribution from microsoft store | |
wsl -l // -l <=> --list | |
wsl -l -v // -v <=> --verbose | |
wsl -l -q // -q <=> --quiet | |
=> ref: https://docs.microsoft.com/zh-tw/windows/wsl/install-win10#manual-installation-steps | |
=> ref: https://github.com/microsoft/WSL/issues/4280 | |
Q: can wsl2 and vmware be installed together in win10 ? | |
A: yes | |
TEST SUCCESSFULLY | |
win10 ver 10.0.19042.1165 | |
cpu intel core i7-9700 | |
vmware ver 15.5.7 | |
=> ref: https://stackoverflow.com/questions/39858200/vmware-workstation-and-device-credential-guard-are-not-compatible | |
=> ref: https://blogs.vmware.com/workstation/2020/05/vmware-workstation-now-supports-hyper-v-mode.html | |
Q: how to install docker desktop for windows in win10 in vmware ? | |
A: <win10-vm> | Settings | Processors | Virtualization engine | v "Virtualize Intel VT-x/EPT or AMD-V/RVI" | |
=> ref: https://dotblogs.com.tw/maduka/2014/07/07/145853 | |
Q: how to migrate asp.net mvc applications to windows container | |
=> ref: https://dotblogs.com.tw/rainmaker/2017/01/05/181153 | |
=> ref: https://docs.microsoft.com/en-us/aspnet/mvc/overview/deployment/docker-aspnetmvc | |
=> ref: https://docs.microsoft.com/en-us/archive/msdn-magazine/2017/april/containers-modernizing-traditional-net-apps-with-docker | |
Q: how to move docker images from C: to D: | |
docker info | |
Storage Driver: windowsfilter | |
Docker Root Dir: C:\ProgramData\Docker | |
=> ref: https://marcus116.blogspot.com/2019/03/change-download-docker-image-path.html | |
# base | |
a container is a process // use 'docker ps' to see running containers | |
# info | |
docker version | |
docker info | |
docker --help | |
docker <command> --help | |
# image | |
docker images | |
docker images -aq // a: all, q: quiet (only display image id) | |
docker images -f <filter> // f: filter | |
docker images -f "dangling=true" | |
docker images --format <format> | |
docker images --format "table {{.ID}}\t{{.Repository}}\t{{.Tag}}" | |
docker images --no-trunc // don't truncate output | |
docker images --digests // show digests | |
docker search <term> // search the docker hub for images | |
docker pull <image>[:tag] | |
docker run <image> // run the image to create a container | |
docker run -d <image> // d: detach (run container in background and print container id) | |
docker run -p <local-port>:<container-port> <image> // p: port | |
docker run -P <image> // P: publish all exposed ports to random ports | |
docker run -v <local-path>:<container-path>[ro|rw] <image> // v: volume, ro: read-only, rw: read-write | |
docker run -v <container-path> <image> // <local-path> is using anonymous volume | |
docker run -v <volume-name>:<container-path> <image> // <local-path> is using named volume | |
docker run --volumes-from <container-id> [<container-id> ...] <image> // mount volumes from the specified container(s) | |
docker run --link <container-id> [<container-id> ...] <image> // add link to another container | |
docker run --network <network-name> <image> // connect a container to a network | |
docker run --hostname <hostname> <image> // change hostname in the container (ps. --hostname and --name are two things) | |
docker run --rm <image> // rm: automatically remove the container when it exits | |
docker run -e <image> // set environment variables | |
docker run --name <name> -it <image> [command] // i: interactive, t: tty, command like /bin/bash | |
docker cp <local-src-path> <container-id>:<dest-path> | |
docker cp <container-id>:<src-path> <local-dest-path> | |
docker rmi [-f] <image-id> [<image-id> ...]// remove image, f: force | |
docker rmi $(docker images -aq) // remove all images | |
docker rmi $(docker images -aq -f dangling=true) // remove all dangling images | |
=> ref: https://docs.docker.com/engine/reference/commandline/images/ | |
# image (advanced) | |
docker image --help // here is image, not images | |
docker image inspect <image-id> // detail information ex. RootFS | |
docker commit -a <author> -m <message> <container-id>[:tag] | |
docker build --help | |
docker build -f <file> -t <name>[:tag] . // f: name of the dockerfile, t: name and optionally a tag in the 'name:tag' format | |
docker history <image-id> // show the dockerfile build phase of the image | |
docker tag <src-image>[:tag] <dest-image>[:tag] | |
# container | |
docker ps | |
docker ps -aq // a: all, q: quiet (only display container id) | |
docker start <container-id> // also can use container name | |
docker stop <container-id> // also can use container name | |
docker restart <container-id> // also can use container name | |
docker rm [-f] <container-id> [<container-id> ...] // remove container, f: force (force the removal of a running container) | |
docker rm $(docker ps -aq) // remove all containers | |
docker exec <container-id> [command] // run a command in a running container | |
docker exec -it <container-id> [command] // i: interactive, t: tty, command like /bin/bash | |
docker attach <container-id> // attach local standard input, output, and error streams to a running container | |
# info. | |
docker logs <container-id> | |
docker logs -f -t <container-id> // f: follow log output, t: show timestamps | |
docker logs -ft --tail <number> <container-id> // tail: number of lines to show from the end of the logs (default "all") | |
docker top <container-id> // show processes in the container | |
docker inspect <container-id> // detail information ex. HostConfig, Mounts, NetworkSettings, ... | |
docker stats // display a live stream of container(s) resource usage statistics | |
# volume | |
docker volume --help | |
docker volume create --help | |
docker volume create // create anonymous volume | |
docker volume create --name <name> // create named volume (ls -al /var/lib/docker/volumes/<name>/_data) | |
docker volume ls // show driver & volume name | |
docker volume inspect <volume-name> | |
docker volume rm <volume-name> // rm <=> remove | |
docker volume rm $(docker volume ls -q) | |
# network | |
docker network --help | |
docker network create --help | |
docker network create <network-name> | |
docker network create --subnet <subnet> --gateway <gateway> <network-name> | |
docker network ls // show network id & name & driver & scope | |
docker network inspect <network-name> | |
docker network rm <network-name> [<network-name> ...] // rm <=> remove | |
docker network connect --help | |
docker network connect <network-name> <container-id> // connect a container to a network | |
# dockerfile (one line one layer) | |
FROM | |
MAINTAINER | |
RUN | |
WORKDIR | |
COPY | |
ADD | |
EXPOSE | |
VOLUME | |
ENV | |
ENTRYPOINT | |
CMD | |
# docker hub | |
docker login -u <user> // prompt key in password | |
docker push <image>[:tag] // default tag: lastest | |
docker push -a -q <image> // a: all tags, q: quiet | |
docker tag <image>[:tag] <user>/<image>[:tag] // IMPORTANT: before push, tag image by using self account | |
docker logout | |
# docker compose (docker not builtin, need install) | |
docker-compose version | |
docker-compose --help | |
docker-compose config // validate and view the compose file | |
docker-compose build // build or rebuild services (see: docker images) | |
docker-compose pull // pull service images (see: docker images) | |
docker-compose create // create services | |
docker-compose up // create and start containers (see: docker ps, docker network ls) | |
docker-compose -f <file> up // f: specify an alternate compose file (default: docker-compose.yml) | |
docker-compose -p <project-name> up // p: specify an alternate project name (default: directory name) | |
docker-compose up --help | |
docker-compose up -d // d: detached mode | |
docker-compose start // start services (see: docker-compose ps, where state: up) | |
docker-compose stop // stop services (see: docker-compose ps, where state: exit) | |
docker-compose restart | |
docker-compose pause // pause services (see: docker-compose ps, where state: paused) | |
docker-compose unpause // unpause services (see: docker-compose ps, where state: up) | |
docker-compose down // stop and remove resources | |
docker-compose images // list images | |
docker-compose ps // list containers | |
# docker-compose.yml | |
version: "3.9" | |
services: | |
web: # called service | |
build: . | |
ports: | |
- "5000:5000" | |
redis: # called service | |
image: "redis:alpine" | |
=> ref: https://docs.docker.com/compose/compose-file/compose-file-v3/ | |
=> ref: https://docs.docker.com/samples/wordpress/ | |
# docker swarm (docker builtin) | |
docker swarm --help // manage swarm | |
docker swarm init --help // see: docker network ls, where name: 'docker_gwbridge' & 'ingress' | |
docker swarm init --advertise-addr <ip> // initialize a swarm | |
docker swarm join-token [worker|manager] // manage join tokens, this will display 'docker swarm join --token <token> <ip>:<port>' | |
docker swarm join --token <token> <ip>:<port> // join a swarm as a node and/or manager | |
docker swarm leave // leave the swarm (see: docker node ls, where state: down) | |
docker swarm leave -f // f: force | |
docker node --help // manage swarm nodes | |
docker node ls // show id & hostname & status & availability & manager status & engine version | |
docker node inspect [self|node-id] | |
docker service --help // manage services in swarm | |
docker service create --help // create a new service (depend on a swarm) | |
docker service create -p <local-port>:<service-port> --name <name> <image> | |
docker service create --mode <mode> <image> // service mode (replicated, global, replicated-job, or global-job) (default "replicated") | |
docker service ls // list services | |
docker service ps <service-name> // list the tasks of one or more services | |
docker service inspect <service-name> | |
docker service logs [service-name|task] | |
docker service update --replicas <num> <service-name> | |
docker service scale <service-name>=<replica-num> // <=> docker service update --replicas <num> <service-name> | |
docker service rm <service-name> // rm <=> remove | |
docker service rollback <service-name> | |
=> ref: https://docs.docker.com/engine/swarm/ | |
# other | |
docker stack --help | |
docker secret --help | |
docker config --help | |
# [note] docker run <image> | |
step1. search image from local | |
step2. if not exist, download image from docker hub | |
ls -al /var/lib/docker/image/overlay2/imagedb/content/sha256/ | |
ls -al /var/lib/docker/image/overlay2/layerdb/sha256/ | |
# [note] customize network | |
docker network create --subnet 192.168.0.0/16 --gateway 192.168.0.1 mynet | |
# [note] containers communicate with each other | |
- under default network | |
by using container ip | |
- under non-default network (customized network) | |
by using container name | |
=> ref: https://stackoverflow.com/questions/74337646/fail-to-connect-to-mongodb-from-net-webapi-using-docker | |
=> ref: https://blog.maxkit.com.tw/2017/04/docker-network-alias_30.html | |
# [note] docker run --link vs. docker run --network | |
docker run -d --name tomcat01 tomcat | |
docker run -d --name tomcat02 --link tomcat01 tomcat | |
docker exec tomcat02 ping tomcat01 // ok | |
docker exec tomcat01 ping tomcat02 // not work | |
docker run -d --name tomcat03 --network mynet tomcat | |
docker run -d --name tomcat04 --network mynet tomcat | |
docker exec tomcat03 ping tomcat04 // ok | |
docker exec tomcat04 ping tomcat03 // ok | |
# [note] WARNING: IPv4 forwarding is disabled. Networking will not work. | |
systemctl status network | |
systemctl start network | |
iptables -L -v -n -t nat | |
systemctl restart docker // see: iptables -L | |
# [note] COPY vs. ADD | |
=> ref: https://www.cnblogs.com/sparkdev/p/9573248.html | |
# [note] ENTRYPOINT vs. CMD | |
ENTRYPOINT | |
default: /bin/sh -c | |
if multi, use the last one | |
overrided by `docker run --entrypoint <ENTRYPOINT> <image>` | |
CMD | |
if multi, use the last one | |
overrided by `docker run <image> <CMD>` | |
IMPORTANT | |
the ENTRYPOINT specifies a command that will always be executed when the container starts. | |
the CMD specifies arguments that will be fed to the ENTRYPOINT. | |
=> ref: https://ithelp.ithome.com.tw/articles/10250988 | |
=> ref: https://stackoverflow.com/questions/21553353/what-is-the-difference-between-cmd-and-entrypoint-in-a-dockerfile | |
# [note] SHELL format vs. EXEC format | |
TODO: | |
# [note] multi stage build | |
prolicy: built image size is as small as possible | |
problem: when encountering languages which need to compile (ex. java, dotnet), how to write dockerfile ? | |
solution1: RUN install compiler and ADD compiled code in dockerfile // this makes image size larger | |
solution2: manually compile code, then ADD compiled code in dockerfile // inconvenient | |
solution3: dockerfile1 (RUN install compiler, RUN compile code) | |
dockerfile2 (ADD compiled code) // inconvenient | |
solution4: use multi stage build | |
=> ref: https://blog.wu-boy.com/2017/04/build-minimal-docker-container-using-multi-stage-for-go-app/ | |
=> ref: https://tachingchen.com/tw/blog/docker-multi-stage-builds/ | |
=> ref: https://docs.docker.com/develop/develop-images/multistage-build/ | |
# [note] scratch | |
FROM scratch | |
- when docker build | |
see: No image was generated. Is your Dockerfile empty? | |
FROM scratch | |
ENTRYPOINT ["/bin/sh", "-c"] | |
- when docker build | |
see: Successfully built | |
- when docker run | |
see: (error) starting container process caused "exec: \"/bin/sh\": stat /bin/sh: no such file or directory" | |
=> ref: https://stackoverflow.com/questions/54820846/starting-container-process-caused-exec-bin-sh-stat-bin-sh-no-such-file/ | |
=> ref: https://hub.docker.com/_/scratch | |
FROM debian:wheezy | |
- when docker build | |
see: Successfully built | |
- when docker run | |
see: no error | |
# [note] docker run --privileged | |
=> ref: https://mileslin.github.io/2019/05/%E5%9C%A8%E5%AE%B9%E5%99%A8%E4%B8%AD%E5%8F%96%E5%BE%97%E7%89%B9%E6%AC%8A%E5%AD%98%E5%8F%96%E6%AC%8A%E9%99%90/ | |
# [note] microsoft docker hub | |
FROM microsoft/* // deprecate | |
FROM mcr.microsoft.com/* // now | |
=> ref: https://techcommunity.microsoft.com/t5/azure-developer-community-blog/deprecating-the-distribution-of-microsoft-container-images-via/ba-p/2366861 | |
# [note] learn | |
=> ref: https://www.bilibili.com/video/BV1og4y1q7M4?p=1 | |
# [observe] docker pull mysql | |
Using default tag: latest // default tag: latest | |
latest: Pulling from library/mysql | |
b4d181a07f80: Already exists | |
a462b60610f5: Pull complete // download image layer | |
578fafb77ab8: Pull complete | |
524046006037: Pull complete | |
d0cbe54c8855: Pull complete | |
aa18e05cc46d: Pull complete | |
32ca814c833f: Pull complete | |
9ecc8abdb7f5: Pull complete | |
ad042b682e0f: Pull complete | |
71d327c6bb78: Pull complete | |
165d1d10a3fa: Pull complete | |
2f40c47d0626: Pull complete | |
Digest: sha256:52b8406e4c32b8cf0557f1b74517e14c5393aff5cf0384eff62d9e81f4985d4b | |
Status: Downloaded newer image for mysql:latest // status: download | |
docker.io/library/mysql:latest // real address | |
# [observe] docker pull docker.io/library/mysql:latest | |
latest: Pulling from library/mysql | |
Digest: sha256:52b8406e4c32b8cf0557f1b74517e14c5393aff5cf0384eff62d9e81f4985d4b | |
Status: Image is up to date for mysql:latest // status: up to date | |
docker.io/library/mysql:latest | |
# [observe] docker pull mysql:5.7 | |
5.7: Pulling from library/mysql | |
b4d181a07f80: Already exists // if exist, no necessary to download | |
a462b60610f5: Already exists | |
578fafb77ab8: Already exists | |
524046006037: Already exists | |
d0cbe54c8855: Already exists | |
aa18e05cc46d: Already exists | |
32ca814c833f: Already exists | |
52645b4af634: Pull complete // if not exist, download | |
bca6a5b14385: Pull complete | |
309f36297c75: Pull complete | |
7d75cacde0f8: Pull complete | |
Digest: sha256:1a2f9cd257e75cc80e9118b303d1648366bc2049101449bf2c8d82b022ea86b7 | |
Status: Downloaded newer image for mysql:5.7 | |
docker.io/library/mysql:5.7 | |
# [observe] docker run --name centos01 -i centos | |
pwd | |
/ | |
id | |
uid=0(root) gid=0(root) groups=0(root) | |
exit // work | |
# [observe] docker run --name centos02 -t centos | |
[root@5d78fa7ca6e0 /]# pwd // not work | |
id // not work | |
exit // not work | |
# [observe] docker run --name centos03 -it centos | |
[root@4f61616a44b2 /]# pwd // 4f61616a44b2 is the container id | |
/ | |
[root@4f61616a44b2 /]# id | |
uid=0(root) gid=0(root) groups=0(root) | |
[root@4f61616a44b2 /]# exit | |
exit | |
[root@centos99 hadoop]# docker ps -a | |
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES | |
4c6632270209 centos "/bin/bash" 7 seconds ago Exited (0) 4 seconds ago centos03 | |
# [observe] docker run --name centos04 -it centos | |
[root@67701342f172 /]# ctrl + p + q // different from exit | |
[root@centos99 hadoop]# docker ps -a | |
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES | |
96690bca74c0 centos "/bin/bash" 6 seconds ago Up 5 seconds centos04 | |
[root@centos99 hadoop]# docker logs centos04 | |
[root@centos99 hadoop]# | |
# [observe] docker run --name centos05 -d centos /bin/bash -c 'while true; do echo 100; sleep 1; done' | |
[root@centos99 hadoop]# docker logs -ft centos05 | |
2021-07-06T05:44:34.180442142Z 100 | |
2021-07-06T05:44:35.182660679Z 100 | |
2021-07-06T05:44:36.185160479Z 100 | |
2021-07-06T05:44:37.187594590Z 100 | |
2021-07-06T05:44:38.191985329Z 100 | |
2021-07-06T05:44:39.194236768Z 100 | |
2021-07-06T05:44:40.196883498Z 100 | |
2021-07-06T05:44:41.201843446Z 100 | |
2021-07-06T05:44:42.204546036Z 100 | |
2021-07-06T05:44:43.208671976Z 100 | |
^C | |
[root@centos99 hadoop]# |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment