Skip to content

Instantly share code, notes, and snippets.

@nitzel

nitzel/Docker_Cheat_Sheet.md

Created October 29, 2020 12:58
Show Gist options
  • Save nitzel/74ad91e95850db3ac84108b03b749caf to your computer and use it in GitHub Desktop.
Save nitzel/74ad91e95850db3ac84108b03b749caf to your computer and use it in GitHub Desktop.
Download ZIP
Useful commands for docker
Raw
Docker_Cheat_Sheet.md

Thanks to the tutorial Docker for Beginners from KodeKloud.

General

  • Contains only live as long as their entry point is running
    • Running e.g. docker run ubuntu will exit as soon as ubuntu has finished starting
      • docker run ubuntu sleep 5 executes sleep 5 and then exits
  • Find docker's files
    • Unix: /var/lib/docker
    • Windows
      • Run docker run -it --privileged --pid=host debian nsenter -t 1 -m -u -i sh
      • Navigate to /var/lib/docker

The docker commands

  • Run a docker image (downloads it if not available)
    • docker run <user/image> (automatically tags it with :latest)
    • docker run <user/image:version>
    • Map a port
      • -p <host-port>:<container-path>
    • Run interactively, i.e. allowing the app to capture input from the console
      • -i and -it, the latter is helpful when linebreaks are different (ie running unix in a windows shell)
    • Run container in detached mode
      • -d
    • Map directory/volume on host to container
      • -v <host-path>:<container-path>
      • -v my_volume:/myvolume will create the folder /myvolume in the container and create the my_volume on the host
    • Set environment variable in container
      • -e <ENV_VAR>=<value>
      • You can find out which environment variables are set by using docker inspect
    • Change the entrypoint
      • --entrypoint sh
    • Pass parameters to the entry point / configure the entry point
      • For the ubuntu image the entry point bash but when you're not running interactively, it'll immediately exit
      • To pass in parameters to it (which, because it's bash, will be run), append them: docker run ubuntu sleep 5
        • To make this permanent, create a new image with the Dockerfile containing: 
          From ubuntu
CMD ["sleep", "5"]
      • Pass parameters to the entrypoint's program 
        From ubuntu
ENTRYPOINT ["sleep"]
CMD ["5"]
        And docker run ubuntusleeper 7 will result in sleep being called with the parameter 7 while docker run ubuntusleep will result in the default parameter 5 for sleep
      • --link <containerid/name>:<alias>
        • Creates an entry in the hosts file for the host name <alias> and linking to the ip of <containerid/name>. This is deprecated in favor of user-defined networks!
        • If containerid/name and alias are the same, one may use --link <alias>
      • Performance
        • --cpus=0.5 limits the container's CPU usage to 50% of the host's CPU
        • --memory=100m limits the memory usable by the container to 100MB
    • Networks
      • --network=<network>
      • Bridge
        • It's the default
        • Contains get their own IP and thus different containers can use the same port, since it's like they're on different machiens
        • IPs are usually 172.0.0.2 and onwards
      • None
        • No network available
      • Host
        • Runs in host network
        • IP same as host
        • Ports usable only once
      • Networks can be created with docker network create ...
  • Attach to the terminal of a running container
    • docker attach <containerid>
    • Disconnect with ctrl+c
  • List containers
    • docker ps
    • In the PORTS column you will see the published ports.
      • e.g. 0.0.0.0:3456->3456/tcp, 0.0.0.0:38080->80/tcp where 3456 and 80 are the ports on the container and 3456 and 38080 are on the host, forwarding to the container.
    • List all
      • docker ps a
  • Stop/Remove a continer
    • docker stop <containerid> [<containerid2> ..]
    • docker rm <containerid> [<containerid2> ..]
  • Images
    • List
      • docker image ls
    • Remove
      • docker image rm <imageid>
  • Details of a container
    • docker inspect <containerid> will yield all information in JSON
    • To get the IP address
      • docker inspect -f "{{ .NetworkSettings.IPAddress }}" <containerid>
  • Logs
    • docker logs <containerid>
  • Building an image
    • docker build -t <name>[:<tag>] <foldername>
      • In that foldery there must be a file called Dockerfile (upper case D!)
  • See layers in image and their sizes
    • docker history <imageid>
      • Example: ubuntu 120MB, python 300MB, pip packages 5MB, source code 500B)
    • The layers are cached, to speed up building of images
  • Network
    • ls List all
    • docker network create --driver bridge subnet 182.18.0.0/16 custom-isolated-network creates a new one with the given IP range and name
    • To connect to others hosts on the same network, one can use
      • their IP, but that's not optimal as it can change etc
      • their container name, which is resolved via DNS (the server is at 127.0.0.11)

Docker Compose

Name the file docker-compose.yml and run docker-compose up

version: "2" # must be string
services:
  web:
    image: "mmumshad/simple-webapp"
  database:
    image: "mongo"
  messaging:
    image: "redis:alpine"
  orchestration:
    image: "ansible/galaxy"
  myapp:
    build: ./myapp # instead of pulling an image from docker, build this folder
    ports:
      - 5000:80 # map host:5000 to container:80
    links:
      - database # link to mongodb, no longer required from 2 onwards
    depends_on:
      - messaging # messaging must start before this one

From version 2 onwards:

  • all containers are within services:
  • a dedicated network is created so links are no longer required since the container names are resolvable via DNS

From version 3 onwards:

  • Docker swarm is supported

Docker image registries

When specifying an image in docker run <image> or a docker-compose.yml file, the format is: registries/username/imagename:tag

  • registries if omitted will default to docker.io but there's also gcr.io for google's kubernetes related images and many other.
  • username is the name of the registered user on docker
  • imagename is optional as well, some users publish only a single image under their name alone
  • tag is optional and will default to :latest

Private repositories/images

Some registries allow to mark images as private, requiring login credentials

  • docker login <private-registry-url> will query you for credentials
  • docker run <private-registry-url>/<image> then should work if the user used above has access to <image>

Run your own registry

There is a docker image called registry that serves a docker registry.

  • docker run -d -p 5000:5000 --name registry registry to start it
  • To push an image to the registry
    • docker image tag my-image localhost:5000/my-image to tag it
    • docker push localhost:5000/my-image and push it
  • `docker pull

Running Windows Containers

When on Windows, Docker utilizes Microsoft's Hyper-V to run Linux Containers. To run Windows containers, go to the task bar, right click on the Docker icon and select Switch to Windows containers

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment