Skip to content

Instantly share code, notes, and snippets.

@lukaszlach
Last active December 17, 2020 18:24
  • Star 4 You must be signed in to star a gist
  • Fork 1 You must be signed in to fork a gist
Star You must be signed in to star a gist
Save lukaszlach/3f75c5ebe7e1852c2ccbb8676e955cc8 to your computer and use it in GitHub Desktop.

Docker Webinar

Łukasz Lach, Docker Captain | 2020

https://lach.dev/ | https://github.com/lukaszlach/

Docker Masters | http://dockermasters.pl/

Docker Workshop | http://dockerworkshop.pl/

Build-time

Code everywhere

docker run -it \
    -p 8080:8080 \
    -v "$PWD:/home/coder/project" \
    -u "$(id -u):$(id -g)" \
    codercom/code-server

https://github.com/cdr/code-server

DockerHub mirror

version: '3'
services:
  registry:
    image: registry:2
    ports:
      - 5000:5000
    environment:
      REGISTRY_STORAGE_DELETE_ENABLED: 'true'
      REGISTRY_PROXY_REMOTEURL: 'https://registry-1.docker.io'

Perfect Docker image

docker run -i hadolint/hadolint < Dockerfile
docker run -v /var/run/docker.sock:/var/run/docker.sock goodwithtech/dockle alpine:3.9

Security scan one-liner

docker build --no-cache -t security-scan - <<'EOF'
FROM alpine:3.9
ADD https://get.aquasec.com/microscanner .
RUN apk add --no-cache ca-certificates && \
    chmod +x ./microscanner && \
    ./microscanner YourAccessToken
EOF

Clean environment

docker image prune --filter "until=720h"
docker builder prune --filter "unused-for=24h"

Run-time

Detach from a container

docker run -it --name alpine alpine:3.9
^PQ
docker attach alpine

Group inspection

docker inspect --format \
   '{{if ne 0 .State.ExitCode}}{{.Name}} {{.State.ExitCode}}{{end}}' \
   $(docker ps -aq)
docker inspect \
    --format '{{ print .Path }} {{ join .Args " " }}' \
    $(docker ps -q)

Explore the container filesystem

docker inspect --format '{{json .GraphDriver.Data}}' alpine

Command on-demand

docker run -d --name nginx nginx
docker run -it --net container:nginx cmd.cat/curl/ab/ngrep/tcpdump/ip/nmap/netstat
docker run -it --pid container:nginx cmd.cat/htop/ps/strace 
docker run -it --pid container:nginx cmd.cat/rsync/tar/zip/find find /proc/1/root/etc/nginx

https://github.com/lukaszlach/commando

Explore the image contents

mkdir alpine
docker save alpine:3.9 | tar -C alpine/ -x -v

Kali Linux Desktop in a web browser

docker run -d -p 6080:6080 lukaszlach/kali-desktop:xfce-top10
open http://127.0.0.1:6080/

https://github.com/lukaszlach/kali-desktop

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment