My cheat sheet for Docker related things

docker-basics.md

Docker Basics

Contributors:

• Lee, Dennis
• Chua, Vui Seng

Contents

• Docker Setup
• Running Containers: docker run
  • Understand entrypoint
  • Override entrypoint
  • Run a Jupyter notebook in a docker image
  • How to make a container display a window app at runtime
  • How to save and restore an interactive container
  • How to have another terminal for the same container
  • How to delete a container/image
• Building Containers: docker build
  • What is a Dockerfile?
• FAQ
  • Is there a way to identify the owner of an image on a shared system?
  • How do I run a container as a specific user instead of root

Docker Setup

Setup docker, configuring proxy, proxy should work for docker pull/build/run

https://gist.github.com/vuiseng9/8d2ba7c44142a39d17a9c31af9d3f7ff

Pulling images from dockerhub, find out a few popular images, eg. Tensorflow, choice of your favourite, run them

1. docker pull tensorflow/tensorflow
2. docker run -it -p 8888:8888 tensorflow/tensorflow

Running Containers: docker run

Instantiate a container runtime

docker run <options> <image> <command/entrypoint>

Example: docker run -ti $DOCKER_PROXY_RUN_ARGS ubuntu apt-get update

Option	Description	Arguments
-ti or -it	Start with terminal	-
-d	Detach i.e. run as a background process	-
--memory	Maximum allowed memory	-
--cpu-shares	Something	-
--cpu-quota	Something	-
--rm	Cleanup container after use. Container will be removed instead of just exiting.	-
-p	Port number outside-port:inside-port	-
--name	Set machine name	-
--link	Link to a container	-
--net	Private network to connect/link to	-
--restart	Restart container if it dies	always
-e	Set environment variable	-

Understand entrypoint

ENTRYPOINT: sets a default application to be used every time a container is created with the image.

Example: Running top in batch mode

docker run -ti ubuntu top -b

Exec form

FROM ubuntu
ENTRYPOINT ["top", "-b"]
CMD ["-c"]

Note: ENTRYPOINT command and parameters are not ignored when Docker container runs with command line parameters.

Extras

• Docker RUN vs CMD vs ENTRYPOINT

Override entrypoint

Install packages within a container runtime, running something runtime

docker exec -ti <container_name> <command>

Example: Starting a new terminal

docker exec -ti <container_name> bash

Extras

• Docker run vs exec: deep-dive into their differences

Accessing host data/files from container

Known as volumes

• Persistent
• Ephemeral (not permanent)

docker-machine ssh

docker run -it -v /home/dennis:/<folder_name> ubuntu bash

To connect to a shared folder:

docker run -it --volumes-from <container_name> image <entrypoint>

Run a Jupyter notebook in a docker image, access the Jupyter pages from (1) host browser (2) browser on laptop

1. docker pull jupyter/datascience-notebook
2. docker run -d -p 8888:8888 jupyter/datascience-notebook start-notebook.sh

Extras

• Jupyter Notebook Data Science Stack

How to make container display a window app at runtime

Example: Building an image that runs a firefox web browser:

$ nano Dockerfile
...
FROM ubuntu:14.04

RUN apt-get update && apt-get install -y firefox

# Replace 1000 with your user / group id
RUN export uid=1000 gid=1000 && \
    mkdir -p /home/developer && \
    echo "developer:x:${uid}:${gid}:Developer,,,:/home/developer:/bin/bash" >> /etc/passwd && \
    echo "developer:x:${uid}:" >> /etc/group && \
    echo "developer ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/developer && \
    chmod 0440 /etc/sudoers.d/developer && \
    chown ${uid}:${gid} -R /home/developer

USER developer
ENV HOME /home/developer
CMD /usr/bin/firefox

Build:
docker build -t firefox .

Run:

docker run -e DISPLAY \
	-v $HOME/.Xauthority:/home/developer/.Xauthority \
	--net=host \
	firefox`

How to save and restore an interactive runtime, meaning you have install runtime or have some new data in the runtime

Run a detached container container

docker run -d <image> <command>

While running interactive

Ctrl + P, Ctrl + Q

How to have another terminal for the same container

1. docker exec -ti <container_name> bash
2. docker ps
3. docker attach <container_name>

How to delete a container/image

Deleting a container

docker rm <container_name>

Deleting an image

docker rmi <image>

Extras

• How To Remove Docker Images, Containers, and Volumes
• What are Docker <none>:<none> images?

Networking

Exposing a Specific Port

docker-machine ip

Dynamic: docker port echo-server

docker run

Private Networks

1. docker network create <network_name>
2. docker run -p 127.0.0.1:1234

Building Containers: docker build

What is a Dockerfile?

• A small script to create an image.
• Example: docker build -t <image_name> . (replace . with the path to a Dockerfile)
• Start with one image, make a container out of it, run something in it, make a new image.
• Executed lines are cached:
  • To redownload the latest version of anything
• If you need to have one program start and then another program start, those two operations need to be on the same line so that they run in the same container.

$ nano Dockerfile
...
FROM busybox
RUN echo "building simple docker image."
CMD echo "hello container"
...
$ docker build -t hello .
Sending build context to Docker daemon 2.048 kB
Step 1: ...

Option	Description
--tag or -t	tag

FAQ

Is there a way to identify the owner of an image on a shared system?

Motivation: Everyone runs docker on the same machine, how do I find my images?
Workaround: Use a naming convention with option --name.

Example: docker run --name dennis_<title>

How do I run a container as a specific user instead of root?

Motivation: Access Jupyter without --allow-root. Workaround: Create and activate a user from the Dockerfile

Example:

FROM <base_image>
RUN groupadd -g 999 guest && \
    useradd -r -u 999 -g guest guest
USER guest
... <rest of Dockerfile> ...

Extras

• Processes In Containers Should Not Run As Root