Docker installation in Ubuntu:
sudo apt install docker.io
Assigns user of name username to docker group, allowing to run Docker to him:
sudo usermod -a -G docker username
Lists available (installed) Docker images/programms:
docker images
Installs specified (here busybox) Docker image/program on local machine:
docker pull busybox
Runs installed program with passing command line parameters to it:
docker run busybox echo "Hello world!"
Lists running containers:
docker ps
Lists all containers that are currently running or was executed previously - including stopped ones:
docker ps -a
Removes specified stopped container (of EXITED status, should be done successively because the containers grab disk space):
docker rm 85e291ad47ec
Removes all containers of status EXITED:
docker rm $(docker ps -a -q -f status=exited)
The same as command above but works on the latest versions of Docker:
docker container prune
Removes all containers:
docker rm $(docker ps -a -q)
Removes all images:
docker rmi $(docker images -q -)
Removes all containers that exited with status different than 0:
docker rm $(docker ps -a -q --filter 'exited!=0')
Removes all untagged images:
docker rmi $(docker images -q -f "dangling=true")
Removes image of installed application (here busybox):
docker rmi busybox
Builds Docker image basing on the Dockerfile file in current directory:
docker build -t example/docker-node-hello:latest .
Runs image of name example/docker-node-hello:latest in the background(-d option) with container's port 8080 mapped
to 8080 port of host machine:
docker run -d -p 8080:8080 example/docker-node-hello:latest
The command works as above but additionally sets WHO environment variable:
docker run -d -p 8080:8080 -e WHO="Marcin Zaleczny" example/docker-node-hello:latest
Stops conatiner of specified ID:
docker stop CONTAINER_ID
Logs in the Docker Hub's registry (there is created ~/.docker/config.json file that contains credentials):
docker login
Logs out from the Docker Hub's registry (the ~/.docker/config.json file is removed):
docker logout
Logs in to alternative Docker registry:
docker login alternative.rgistry.com
Lists installed images according to specified format:
docker images --format="table {{.ID}}\t {{.Repository}}"
Send image to Docker repository:
docker push progmar/program-name
Creates container of specified name (mycontainer-customname) basing on specified image (ubuntu:latest):
docker create --name="mycontainer-customname" ubuntu:latest
Runs program in the background and sets its label of name deployer:
docker run -d -l deployer=mzaleczny -p 8080:8080 -t example/docker-node-hello:latest
Lists all containers with label of name deployer set to mzaleczny value:
docker ps -a -f label=deployer=mzaleczny
Lists all labels and parameters within specified conatiner:
docker inspect CONTAINER_ID
Runs specified program with instructing Docker to removes its container after program exited (--rm option):
docker run -d --rm -p 8080:8080 -t example/docker-node-hello:latest
[1] Runs container with /bin/bash program making Docker to create pseudo-TTY (-t option) and start interactive
session (-i option):
docker run --rm -ti ubuntu:latest /bin/bash
Works as [1] but additionally sets hostname in the container:
docker run --rm -ti --hostname="progmar.net.pl" ubuntu:latest /bin/bash
Works as [1] but additionally sets dns settings in the container:
docker run --rm -ti --dns=4.4.4.4 --dns=2.2.2.2 --dns-search=progmar1.net --dns-search=progmar2.net ubuntu:latest /bin/bash
Works as [1] but additionally sets network adapter mac address in the container:
docker run --rm -ti --mac-address="aa:bb:cc:dd:11:22" ubuntu:latest /bin/bash
[2] Works as [1] but additionally mounts (-v option) ~ directory in host's file system to the /data/home directory
in the container (directory in host's filesystem has to be existing, directory in the container doesn't - if not it will
be created):
docker run --rm -ti -v ~:/data/home ubuntu:latest /bin/bash
[3] Works as [2] but host's directory is mounted as read-only. The writes can be applied only to container's /data/home directory:
docker run --rm -ti --read-only=true -v ~:/data/home ubuntu:latest /bin/bash
Works as [3] but additionally mounts host's /tmp directory as tmpfs filesystem in the container. The files can be created
in the tmpfs filesystem but is volatile - it will be cleaned after container stops:
docker run --rm -ti --read-only=true --tmpfs /tmp:rw,noexec,nodev,nosuid,size=256M -v ~:/data/home ubuntu:latest /bin/bash
Displays useul information about Docker installation:
docker info
Runs application with assigning max 512MB of memory (-m) and max 256MB of swap space to it (512MB + 256MB = 768MB,
value of -1 will turns out swap space):
docker run --rm -ti -m 512m --memory-swap 768m progrium/stress
Runs application and restricts it only to first cpu core (--cpuset=0) and to 512 cpu shares (half of cpu power - 1024 cpu
shares means full cpu power):
docker run --rm -ti --cpu-shares 512 --cpuset=0 progrium/stress
Stops specified container with SIGTERM signal. If container will not stop, then after 25 seconds the container will be
applied with SIGKILL signal what will definitively kill the container:
docker stop -t 25 CONTAINER_ID
Kills specified conatainer:
docker kill CONTAINER_ID
Sends USR1 signal to the container:
docker kill --signal=USR1 CONTAINER_ID
Pauses/Reruns specified container:
docker pasue CONTAINER_ID
docker unpause CONTAINER_ID
Prints Docker's version:
docker --version
Prints Docker's version (client and server) and libraries, APIs and programs used by it:
docker version
Prints details about Docker and the computer that it is runned on :
docker info
Attaching to the command line of the specified container being running:
docker exec -t -i CONTAINER_ID /bin/bash
Gets PID of process being running:
docker inspect --format \{{.State.Pid\}} 7ee7bc570efd
Attaching with the nsenter command to the shell of specified PID (the PID assigned to the shell within the container):
sudo nsenter --target 8166 --mount --uts --ipc --net --pid
Lists volumes mounted in Docker's root directory:
docker volume ls
Displays information about specified volume:
docker volume inspect VOLUME_NAME
Displays continously (aka tail -f) logs for specified conatiner:
docker logs -f CONTAINER_ID
Displays stats of specified containers:
docker stats CONTAINER_1_ID CONTAINER_2_ID ...
Displays continously events that was fired in the Docker (ex. starting program/container, stopping it, etc):
docker events
Lists processes running in the container:
docker top CONTAINER_ID
Sets storage driver to the devicemapper:
docker daemon --storage-driver=devicemapper
Lists all containers with full ID (not the one truncated):
docker ps -a --no-trunc
Builds two different Docker images hello1 and hello2 from the same Dockerfile file:
docker build -t hello1 .
docker build -t hello2 .
Runs program/container with privilege to set network adapter mac address:
docker run -ti --rm --cap-add=NET_ADMIN ubuntu /bin/bash
The specified container's privilege can be dropped thanks to --cap-drop option of docker run command.