Syntax:
docker version
Syntax:
docker image ls
Syntax:
docker container ls
Syntax:
docker container ls --all
docker image pull diamol/ch02-hello-diamol-web
docker image build --tag web-ping .
or
docker image build -t web-ping .
docker build -t <tag> --pull --no-cache -f <dockerfile> .
Stop all and remove all containers (Linux):
docker ps -aq | xargs docker stop | xargs docker rm
Remove all containers (Windows, PowerShell):
docker rm @(docker ps -aq)
Remove all images (Linux):
docker image rm -f $(docker image ls -f reference='diamol/*' -q)
Remove all containers (Linux):
docker container rm -f $(docker container ls -aq)
or (for non-running only)
docker rm $(docker ps -q -f status=exited)
Remove all containers (Windows Batch):
FOR /f "tokens=*" %i IN ('docker ps -a -q') DO docker rm %i
Remove all unused objects except volumes and containers:
docker system prune
Remove all unused objects with volumes:
docker system prune --volumes
Remove all unused objects with volumes and stopped containers:
docker system prune --volumes -a
Remove all unused volumes:
docker volume prune
Remove all unused images:
docker image prune
Remove all stopped containers:
docker container prune
Remove all stopped containers older than 24 hours:
docker container prune --filter "until=24h"
Remove unused networks
docker network prune
interactive mode:
docker container run -it --tty diamol/base
detached mode:
docker container run --detach --publish 8088:80 diamol/ch02-hello-diamol-web
or
docker container run -d --name web-ping diamol/ch03-web-ping
start stopped container:
docker container start --attach <container-id>
ex. docker container start --attach f1
docker container run -d --env TARGET=google.com diamol/ch03-web-ping
or
docker container run -d -e TARGET=google.com diamol/ch03-web-ping
Syntax:
docker ps -a
docker stop <container-id>
docker container run --name <container-name> -d -p <published-port> --network <network-name> <image-name>
ex. docker container run --name iotd -d -p 800:80 --network nat image-of-the-day
Syntax:
docker exec -it <container> bash
or
docker exec -it <container> /bin/bash
or
docker exec -it <container> /bin/sh
Example:
docker exec -it 881 bash
or
docker run -it my-image:v1 sh
Syntax:
docker container exec <container-id> <command>
or for Windows:
docker container exec <container-id> cmd /C "<command>"
Example (Linux):
docker container exec 74f86665f0fd ls
Example (Windows):
docker container exec 86b cmd /s /c dir C:\usr\local\apache2\htdocs
docker container exec 86b cmd /C "dir C:\data"
Syntax:
docker image history <image-name>
Example:
docker image history diamol/ch03-web-ping
Syntax:
docker container inspect <container-id>
Example:
docker container inspect c0
Syntax:
docker container logs <container-id>
or
docker container logs <container-name>
Example:
docker container logs c0
Syntax:
docker container cp <source-path> <container-id>:<target-path>
Example:
docker container cp index.html 86b:/usr/local/apache2/htdocs/index.html
Syntax:
docker container cp <container-id>:<source-path> <target-path>
Example:
docker container cp rn1:/random/number.txt number1.txt
Syntax:
docker container commit <container-id>
Example:
docker container commit 881
// or (creates new container)
docker container commit ch03lab ch03-lab-soln
The host networking driver only works on Linux hosts, and is not supported on Docker Desktop for Mac, Docker Desktop for Windows, or Docker EE for Windows Server.
Syntax:
docker network create <network-name>
Example:
docker network create nat
docker container run --name <container-name> -d -p <published-port> --network <network-name> <image-name>
ex. docker container run --name iotd -d -p 800:80 --network nat image-of-the-day
Note:
- on Windows, when you need to use "nat" network it is possible user will not be able to create it for Windows containers
- "nat" is predefined network on Windows
- see also: Windows container network drivers
- on Linux, you can use any name, "nat" is recommended for compatibility with Windows
Syntax:
docker network rm <network-name>
Example (Linux):
docker network rm nat
List mount points for container
docker container inspect --format '{{.Mounts}}' todo1
List all existing volumes in system
docker volume ls
Create volume manually:
docker volume create <volume-id>
Attach manually created volume:
docker container run -d -p <port-mapping> -v <volume-name>:<container-path> --name <image-name>
ex. docker container run -d -p 8011:80 -v todo-list:/data --name todo-v1
Attach volume from another container:
docker container run -d -p 8011:80 --volumes-from todo1 /diamol/ch06-todo-list
List volume contents
docker run --rm -i -v=<volume-name>:<tmp-path> busybox find <tmp-path>
ex. docker run --rm -i -v=ch06-lab:/tmp/myvolume busybox find /tmp/myvolume
Mount host directory as container directory
docker container run (...) --mount type=bind,source=$source,target=$target[,readonly]
Mount volume as directory
docker run -d --name=<container-name> --mount source=<volume-name>,destination=<container-path> <image-name>
ex. docker run -d --name=nginxtest --mount source=nginx-vol,destination=/usr/share/nginx/html nginx:latest
Login action is required in order to publish images.
Syntax:
docker login --username <registry-user-name>
Example:
docker login --username myuser
Image must be tagged with account id in order to be published in the repository.
Syntax:
docker image tag <input-image-name> <account-id>/<image-reference>:<version-id>
Example:
docker image tag image-gallery myuser/image-gallery:v1
To list image references with a given name:
Syntax:
docker image ls --filter reference=<image-reference> --filter reference='*/<image-reference>'
Example:
docker image ls --filter reference=image-gallery --filter reference='*/image-gallery'
Syntax:
docker image push <account-id>/<image-name>:<image-version>
Example:
docker image push myuser/image-gallery:v1
Syntax:
docker image push <host>:<port>/<account-id>/<image-name>:<image-version>
Example:
docker image push localhost:5000/myuser/image-gallery:v1
Syntax:
docker pull <image-name>:<version-id>
Example:
docker pull alpine:edge
Syntax:
docker pull <host>:<port>/<image-name>:<version-id>
Example:
docker pull localhost:5000/alpine
Syntax:
docker pull --all-tags <image-name>
Example:
docker pull --all-tags alpine
Syntax:
docker export <container_ID> > <file_name>
Example:
docker export 3673f8996e1a > helloworld.tar
Syntax:
docker import <archive_name> <Image_name>
or
cat <archive_name> | docker import - <image_name>
Example:
docker import helloworld.tar my-imported-img:v1
Syntax:
docker save <image-name> > <file-name>.tar
Example:
docker save verse_gapminder > verse_gapminder.tar
Load image from a file
Syntax:
docker load --input <input-file>.tar
Example:
docker load --input verse_gapminder.tar
See: https://docs.docker.com/registry/deploying/
docker run -d -p 5000:5000 --restart=always --name registry registry:2
Tag image for local registry:
docker tag diamol/ch03-web-ping localhost:5000/ch03-web-ping
Push image to local registry:
docker push localhost:5000/ch03-web-ping
docker container stop registry
docker container stop registry && docker container rm -v registry
Run scan:
docker scout cves <image-name>
FROM ubuntu:latest
It can be passed to container with default value:
ENV TARGET="my.blog.com"
or
ENV TARGET="my.blog.com" \
METHOD="HEAD" \
INTERVAL="3000"
-
syntax:
COPY
-
example:
COPY app.js .
Makes changes and performs implicit commit.
RUN command - shell form (uses sh
as default shell):
RUN apk add --no-cache openssh-client
RUN command - exec form (can use different shell):
RUN ["/bin/bash", "-c", "echo hello"]
SHELL command - change default shell
Syntax:
HEALTHCHECK CMD <command>
Example:
HEALTHCHECK CMD curl --fail http://localhost/health
Syntax:
CMD <check-command> && \
<run-command>
Example:
CMD curl --fail http://localhost/health && \
dotnet numbers.dll
List of possible optimizations:
- join ENV commands into one
- move CMD command up, closer to FROM
- keep frequently changed commands / data at the bottom
Dockerfile can have several FROM steps, each step can use a different image.
Steps can have a name as follows:
FROM <base-image> as <step-name>
ex. FROM diamol/maven as builder
Steps can generate files which can be used in next steps as follows:
COPY --from=<source-step-name> <source-path> <target-path>
ex. COPY --from=builder /usr/src/iotd/target/iotd.jar .
To define volume for container
VOLUME /data
Run all services from specific file
docker compose -f docker-compose-mysql.yml up -d
Run joined definition from two or more files
docker compose -f docker-compose.yml -f docker-compose.admin.yml up -d
Run specific service from specific file
docker compose -f docker-compose.yml -f docker-compose.admin.yml run backup_db
Build and run
docker-compose up -d
Build and run, rebuild images defined inside compose
docker-compose up -d --build
Skip cache while rebuildimg
docker-compose rm -f
docker-compose pull
docker-compose up --build --force-recreate -d
Stop and destroy
docker-compose down
Stop
docker-compose stop
Full stop (with clean)
docker stop $(docker ps -aq)
docker rm $(docker ps -aq)
Start
docker-compose start
Scale one of services
docker-compose up -d --scale <service-name>=<required-number-of-instances>
ex. docker-compose up -d --scale iotd=3
Access other dockerized services from container:
- Use
http://host.docker.internal:8080/
- instead of
http://localhost:8080/
Overview: https://docs.docker.com/registry/spec/api/
Url:
http://localhost:5000/v2
Get repository list:
GET http://localhost:5000/v2/_catalog
Get image tag list:
GET http://localhost:5000/v2/<name>/tags/list
ex. http://localhost:5000/v2/ch03-web-ping/tags/list
Get tag manifest info:
GET http://localhost:5000/v2/<name>/manifests/<reference>
ex. http://localhost:5000/v2/ch03-web-ping/manifests/latest
See:
See: Store configuration data using Docker Configs
Run:
wsl --shutdown
wsl
List running containers
docker ps
Show performance stats of all containers
docker stats
Show performance inside container:
docker container top <container-id>
example:
docker container top c0
Show usage statistics (mem, cpu, io)
docker container stats <container-id>
example:
docker container stats c0
Show storage used by all images and containers
docker system df