Here is a docker cheatsheet and quick reference. Want to contribute? Leave a comment down below.
Install docker (one liner):
curl -sSL https://get.docker.com/ | sh
Install docker: (Alternative)
curl -sSL get.docker.com -o get-docker.sh
sh get-docker.sh
Make sure you add your current user to group docker and verify if it is added succesfully.
sudo usermod -aG docker anoop
id anoop
Search for docker images:
docker search ubuntu
docker search mysql
Download a docker image:
docker pull ubuntu
[This will pull the ubuntu image from the docker repo]
Download specific version of an image:
docker pull ubuntu:14.04
Note: By default containers will be having ephimeral storage. Which means if its shutdown, all the data in it would be lost.
Start a container and go inside the container:
anoop@h0n3yp0t ~ $ docker run -ti ubuntu:12.10 /bin/bash
root@668a52b2c701:/#
-t => attach a terminal to get console
-I => interactive
668a52b2c701 => unique ID
[Note: When you run a container you would get a container ID. You would need these to interact or mess with the container.]
To exit out of container without stopping it:
Press CTRL+P+Q
To view running containers:
anoop@h0n3yp0t ~ $ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
668a52b2c701 ubuntu:12.10 “/bin/bash” 4 minutes ago Up 4 minutes keen_heyrovsky
-Docker generates random name to container if a custom name is not specific.
Here 668a52b2c701 -> Container ID
keen_heyrovsky – > Random container name generated for this docker container.
To attach to a container:
docker attach keen_heyrovsky OR docker attach 668a52b2c701
[Here we can give the container name or the container name]
To view all running and non-running containers:
anoop@h0n3yp0t~ $ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
668a52b2c701 ubuntu:12.10 “/bin/bash” 7 minutes ago Exited (0) 16 seconds ago keen_heyrovsky
Start a stopped container:
docker start 668a52b2c701
668a52b2c701
View running process of a docker container:
docker top 668a52b2c701
or
docker top keen_heyrovsky
Stop a container:
docker stop 668a52b2c701
Get details about container location:
-Docker containers are stored in /var/lib/docker/containers
[Note: login as root to check the folders]
If Ubuntu 12.04 is not present locally and we need to download the image & start it:
docker run -ti ubuntu:12.04 /bin/bash
Start container in detached mode:
docker run -d -ti ubuntu:12.04 /bin/bash
Add custom name for docker container:
docker run -d -ti –name=anoop ubuntu:12.04 /bin/bash
[Do not give flags after /bin/sh. –name=anoop is given before /bin/bash]
Create docker container with persistent storage:
docker -ti -v /data –name=storage ubuntu:12.04 /bin/bash
-This will create /data inside the container.
-Once you are in the container, we can change to /data and create a file.
cd /data
touch test-file
-We can also see this file under folders under /var/lib/docker/volumes/ in local host pc. The folder would be displayed with an underscore “_data”
cd /var/lib/docker/volumes/
find . | grep test-file
-Add custom local directory for persistent storage to docker container:
In local PC, make a folder /docker-disks/
mkdir /docker-disks/ubuntu1
-Then map this location to folder when creating a docker container.
docker run -ti -v /docker-disks/ubuntu1:/data –name=d1 ubuntu:12.04 /bin/bash
Inside the container, run
cd /data
touch custom-file
-Exit out of the container and in your local PC, go to /docker-disks/ubuntu1/ and list the contents and we will see the file created in the container here:
cd /docker-disks/ubunt1/
ls
custom
Create docker image with an open port:
docker run -d -p 3306 -ti mysql /bin/bash
-Lets check if port 3306 is open in docker.
anoop@h0n3yp0t ~ $ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
26225f771013 mysql “docker-entrypoint.s…” 4 seconds ago Up 3 seconds 0.0.0.0:32769->3306/tcp practical_raman
In local PC, we can check the NAT tables:
iptables -L -t nat
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
DOCKER all — anywhere anywhere ADDRTYPE match dst-type LOCAL
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
DOCKER all — anywhere !127.0.0.0/8 ADDRTYPE match dst-type LOCAL
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
MASQUERADE all — 172.17.0.0/16 anywhere
MASQUERADE tcp — 172.17.0.2 172.17.0.2 tcp dpt:mysql
Chain DOCKER (2 references)
target prot opt source destination
RETURN all — anywhere anywhere
DNAT tcp — anywhere anywhere tcp dpt:32769 to:172.17.0.2:3306
-Here the local port: 32769 will be forwarded to port: 3306 (mysql) with IP 172.17.0.2 (container IP for mysql IP)
-To port forward host PC port 32769 to docker mysql’s IP: 3306 we do the following:
docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
26225f771013 mysql “docker-entrypoint.s…” 2 hours ago Up 2 hours 0.0.0.0:32769->3306/tcp practical_raman
Host PC IP: 192.168.102.128
container IP:
nmap 192.168.102.128
Starting Nmap 7.01 ( https://nmap.org ) at 2018-03-15 15:27 IST
Nmap scan report for 192.168.102.128
Host is up (0.000086s latency).
Not shown: 994 closed ports
PORT STATE SERVICE
21/tcp open ftp
22/tcp open ssh
80/tcp open http
139/tcp open netbios-ssn
445/tcp open microsoft-ds
3128/tcp open squid-http
-From the nmap outputs, we can see that mysql is not open
-Here, we first stop the docker application.
docker stop practical_raman
-Then map a local port to mysql port on docker:
docker run -d -p 3306:3306 -ti mysql /bin/bash
Run docker by specifying dns:
docker run –dns 10.192.3.10 -it –name ubuntu-old -p 801:801 ubuntu:12.04 /bin/bash
(The above is useful if you running docker inside a VM where the host’s resolv.conf has 127.0.0.1 set the resolver).
Stop and remove all containers:
docker stop $(docker ps -a -q)
docker rm $(docker ps -a -q)
I will be updating this post with more cheats in the future. Do subscribe to my blog to get latest updates. If you have any cheats or tricks, do leave a comment down below. I will update this post with the same and will give you the credits. 🙂
References: DuckAcademy