Docker Commands
- Ingress now
- Apr 22, 2022
- 3 min read
Verifying the requirements for the docker installation
Docker is support on many linux platforms, such as RHEl, Ubuntu,fedora, Centos.
It also supported on many cloud platforms such as amazon ec2, rackspace, GCP engine
Requirements:
Docker is not support on 32bit architecture
#uname -I
It supported on Kernel 2.6 version above
#uname -r
Running kernel should support an appropriate storage backend. Some of these are VFS, DeviceMapper, AUFS, BTFS and overlayFS
# grep device-mapper /proc/devices
Support for cgroups and namespaces are in kernel for sometimes and should be enable by default.
To check for their presence.
#grep -i namespaces /boot/config-3.18.7.<tab>
#grep -I cgroups /boot/config-3.18.7<tab>
yum install libcgroup-tools
ll /sys/fs/cgroup
Docker Installation
--------------------------
Docker split the docker project into two distinct editions.
Docker Community Edition is basically a rebranding of the free Docker tools that have been available since inception.
Docker Enterprise Edition release in yearly once.
How to install docke CE?
#yum update
#yum install docker
How to install docke EE?
Download the packages from docker hub for one month free trail.
How to start the docker?
#systemctl start docker
#docker info
#systemctl enable docker
How to download the docker image?
#docker pull fedora
#docker pull httpd
How to check the docker images
#docker images
How run docker image as a container?
#docker run -id --name f21 docker.io/fedora bash
How to search top rated images?
#docker search fedora| head -n5
How to list out more than 20 starts and are automated images?
#docker search -s 20 --automated fedora
#docker search --help -----> search help
How to download the image with tag name?
#docker pull fedora:latest
Or
#docker pull centos:centos7
How to start the docker ?
#docker run -I -t --name=f21 centos /bin/bash
i=interactive mode
t=terminal
Note: The run command create and start the container. With cocker 1.3 or later it is possible to create the container using the create command and run it later using start command.
#ID=$(docker create -t -I fedora bash)
#docker start -a -I $ID
How to start the container in background?
#docker run -d -I -t fedora /bin/bash
Method2
# ID= 'docker run -d -t -I fedora /bin/bash'
#docker attach $ID
How to run and remove after check the output?
#docker run --rm fedora date
How to set root filesystem as read only?
#docker run --read-only -d -I -t fedora /bin/bash
Container can be referred in three ways 1. by name 2. by container ID 3. short container ID
How to check the containers?
#docker ps
Or
#docker ps -a
It will list both running and stopped containers use the -a option
How to check the containers id`s only?
#docker ps -l
How to check the latest created containers and including the non-running container?
#docker ps -l
Look at the help options of docker ps
#docker ps --help
How to check logs
#docker logs -f |{--follow[=false]] [-t | --timestamps[=false]} Container
Docker will look at the container specific log file from /var/lib/docker/container/<container ID>
How to stop the containers ?
#docker stop -t | --time =10 container
Method 2
#ID='docker run -d -I fedora /bin/bash
#docker stop $ID
How to stop all containers?
#docker stop 'docker ps -q'
Deleting a container
---------------------------
We can delete a container permanently. But before that that we have to stop the container or use the force option.
#docker rm container
Method 2
# ID='docker run -d -I fedora /bin/bash
#docker stop $ID
#docker rm $ID
To delete all containers
#docker stop "docker ps -q'
#docker rm 'docker ps -aq'
Restart policy on a container?
#docker run --restart=POLICY [OPTIONS] Image[:TAG] [COMMAND]
#docker run --restart=always -d -I -t fedora /bin/bash
There are three restart policies to choose from:
--> NO: this does not start the container if it dies
--> ON-FAILURE: This restart the container if it fails with nonzero exit code
--> always: this always restarts the container without worrying about the return code
Ex: #docker run --restart=on-failure:3 -d -I -t fedora /bin/bash
Getting privileged access inside a container
---------------------------------------------------------
Linux divides the privileges traditionally associated with superuser into distinct units.
#docker run --privileged -I -t fedora /bin/bash
Bash-4.3# dd if=/dev/zero of=disk.img bs=1M count=100 &> /dev/null
Bash-4.3# mkfs -t minix disk,img &> /dev/null
Bash-4.3# mount disk.img /mnt/
Bash-4.3# mount | grep disk
Additional info:
--------------------
This mode casus security rks as containers can get root-level access on the docker host .
With docker 1.2 or new , there are two flags --cap-add and --cap-del have been added to give fine-grained control inside a container
Ex: To prevent any chown inside the container
#docker run --cap-drop=CHOWN {options} IMAGE[:TAG] [COMMAND} [ARG…]
Exposing a port while starting a container
-------------------------------------------------------
#docker run --expose=PORT [options] IMAGE[:TAG] [command]
#docker run --expose=22 -I -t fedora /bin/bash
ACCESSING the host device inside the container
---------------------------------------------------------------
#docker run ---device =<host device>:<container devices mapping>:<permissions> [options] IMAGE[:TAG] [command]
#docker run --device=/dev/sdc:dev/xvdc -I -t fedora /bin/bash
Returning Low-level information about a container
-------------------------------------------------------------------
while doing the debugging and so on we will need the container configuration details.
#docker inspect [-f| --format=" " CONTAINER|IMAGE
Method2
We will start the container and then inspect it:
#ID='docker run -d -I fedora /bin/bash'
#docker inspect $ID
Labeling and filtering containers
-------------------------------------------
#docker images
#docker run --label environment=dev f21 date
Lets start a container without a label and start two others with same label
#docker run --name container1 f21 date
#docker run --name container2 --label environment=dev f21 date
#docker run --name container3 --label environment=dev f21 date
Comments