Łukasz Lach, Docker Captain | 2020
https://lach.dev/ | https://github.com/lukaszlach/
Docker Masters | http://dockermasters.pl/
Docker Workshop | http://dockerworkshop.pl/
Code everywhere
docker run -it \
-p 8080:8080 \
-v "$PWD:/home/coder/project" \
-u "$(id -u):$(id -g)" \
codercom/code-serverDockerHub mirror
version: '3'
services:
registry:
image: registry:2
ports:
- 5000:5000
environment:
REGISTRY_STORAGE_DELETE_ENABLED: 'true'
REGISTRY_PROXY_REMOTEURL: 'https://registry-1.docker.io'Perfect Docker image
docker run -i hadolint/hadolint < Dockerfiledocker run -v /var/run/docker.sock:/var/run/docker.sock goodwithtech/dockle alpine:3.9Security scan one-liner
docker build --no-cache -t security-scan - <<'EOF'
FROM alpine:3.9
ADD https://get.aquasec.com/microscanner .
RUN apk add --no-cache ca-certificates && \
chmod +x ./microscanner && \
./microscanner YourAccessToken
EOFClean environment
docker image prune --filter "until=720h"
docker builder prune --filter "unused-for=24h"Detach from a container
docker run -it --name alpine alpine:3.9
^PQdocker attach alpineGroup inspection
docker inspect --format \
'{{if ne 0 .State.ExitCode}}{{.Name}} {{.State.ExitCode}}{{end}}' \
$(docker ps -aq)docker inspect \
--format '{{ print .Path }} {{ join .Args " " }}' \
$(docker ps -q)Explore the container filesystem
docker inspect --format '{{json .GraphDriver.Data}}' alpineCommand on-demand
docker run -d --name nginx nginxdocker run -it --net container:nginx cmd.cat/curl/ab/ngrep/tcpdump/ip/nmap/netstat
docker run -it --pid container:nginx cmd.cat/htop/ps/strace docker run -it --pid container:nginx cmd.cat/rsync/tar/zip/find find /proc/1/root/etc/nginxExplore the image contents
mkdir alpine
docker save alpine:3.9 | tar -C alpine/ -x -vKali Linux Desktop in a web browser
docker run -d -p 6080:6080 lukaszlach/kali-desktop:xfce-top10
open http://127.0.0.1:6080/