Docker Cheat Sheet

Author: bluelul.com

Quick Concept

• Docker image ~ .gho (ghost) file , can be:
  • OS image {actually, only contains minimal OS dependencies/softwares, not included Linux kernel}
  • pre-installed application on an OS image
• Docker container ~ virtual machine (machine which is installed a Docker image, can be accessed via shell)

Install Docker

The fastest way

sudo apt install curl
curl -fsSL https://get.docker.com -o get-docker.sh
sudo sh get-docker.sh

For more methods, read Docker Homepage

Run Docker commands without sudo

Run these command:

sudo groupadd docker
sudo usermod -aG docker $USER
newgrp docker

Check docker command without sudo: docker ps -a
If not work, restart your Linux OS

Build Hello World image

• Make a folder contain docker image

mkdir hello
cd hello

• Add a Dockerfile (no extension) with content:

FROM ubuntu:18.04
RUN apt-get update
RUN apt-get install -y neofetch

• Build image

docker build -t docker_hello .

• Check image list

docker images

Run container (create new container)

Hello world example

• Default for hello_world example

docker run --name hello_container -h hello_container -it docker_hello bash

• Default for hello_world example with host machine's share-folder mounted

cd ~/Desktop
mkdir share_docker
cd share_docker
echo hello_world > hello.txt

docker run --name hello_container --mount src=$(pwd),target=/home,type=bind -it docker_hello bash

Basic

• Run container standalone (random name)

docker run image_name

• Run container with terminal shell, shell_name can be bash, sh, zsh,etc.
  -i : interact (stdin) with container's executed command (e.g. terminal shell)
  -t : create a pseudo tty

docker run -it image_name shell_name

Option add to Basic

• Run container with specific name

--name container_name

• Run container with specific hostname (instead of container's ID codename)

--hostname container_name

-h container_name

• Run container with mounted folder from host machine (first, cd to this folder)
  The target argument can be any destination folder, it will be automatically created if not exist in image_name yet

--mount src=$(pwd),target=/home,type=bind

• Run container with mounted usb devices

--privileged -v /dev/bus/usb:/dev/bus/usb

# install usbutils in container to use lsusb
apt-get update
apt-get install usbutils

• Run container with GUI app supported (X11)

--net=host --env="DISPLAY" --volume="$HOME/.Xauthority:/home/.Xauthority:rw"

# disable access control of X11 on host machine to allow any client to access host machine
# this command is unsafe, just for testing, google xhost for more strictly command
xhost +

• Add environment variable to container when startup

-e ENV_NAME=env_value

• Run container only one time (auto removed after exit)

--rm 

Manage container

List containers

• Show active containers

docker ps

• Show all containers

docker ps -a

• Show all containers with size usage

docker ps -as

• Note: Both container_id and container_name can be used to target a container in most Docker commands

Stat containers (Docker top, monitor resource usage of containers)

docker stat

Inspect container (show all information of a container)

docker inspect container_name

Log container (show all log, stdin, stdout history of the initial terminal shell of container)

Show log

docker logs container_name

Show log with timestamp of each command

docker logs -t container_name

Show log continuously

docker logs -f container_name

Operate container

Start container (start inactive container)

Start an inactive container (created by run command) in detach mode

docker start container_name

Start and jump into the initial terminal shell of an inactive container (created by run command with -it image_name shell_name option)

docker start -i container_name

Restart container (stop then start an active container or start an inactive container)

docker restart container_name

Open new terminal shell in active container

docker exec -it container_name shell_name

shell_name can be bash, sh, zsh,etc.

Stop container (properly shutdown container, make it inactive)

docker stop container_name

Kill container (force shutdown container, make it inactive)

docker kill container_name

Remove container (delete containter, wipe data)

Remove a container

docker rm container_name

Force remove a container

docker rm -f container_name

Remove all containers

docker rm $(docker ps -aq)

Container and Image

Commit container (backup/save/ghost container into an new image)

docker commit container_name image_name

Container and Host machine

Copy file / folder

• Copy file / folder from container to host machine

docker cp container_name:path_to_source_file_or_folder host_path_to_dest_folder

• Copy file / folder from host machine to container

docker cp host_path_to_source_file_or_folder container_name:path_to_dest_folder 

Image management

Show all images

docker images

Remove image

docker rmi image_name

Show image building history (with storage allocate of each step)

docker history image_name

Save image to .tar file

docker export image_name -o file_name.tar

Create image from .tar file

docker import file_name.tar image_name

Download image from Docker Hub

docker pull image_name

Upload image to Docker Hub

docker push image_name

Docker in Docker

docker run --privileged --name dind -d docker:dind

Build Dockerfile

ENTRYPOINT and CMD (autorun command when container startup)

Using

ENTRYPOINT exec arg
ENTRYPOINT ["exec", "arg"]
CMD exec arg
CMD ["exec", "arg"]

Running

docker run container_name
docker run container_name new_cmd
docker run --entrypoint new_entry_point container_name new_cmd

Working with pseudo code

if exist(--entrypoint):
  entrypoint = new_entry_point
else:
  entrypoint = ENTRYPOINT

if exist(new_cmd):
  cmd = new_cmd
else:
  cmd = CMD
  
the_final_autorun_startup_command = entrypoint + " " + cmd