From charlesreid1

Also see Docker/Dockerfiles

Filesystems

Working directory

You can set the working directory using the -w flag:

$ docker  run -w /path/to/dir/ -i -t  ubuntu pwd

Volumes

You can set storage drive options using storage opt fllag:

$ docker run -it --storage-opt size=120G fedora /bin/bash

You can also mount external (your machine) drives/folders inside the Docker container:

$ docker  run  \
  -v `pwd`:`pwd` \
  -w `pwd` \
  -i -t  ubuntu pwd


The -v flag mounts the current working directory into the container. The -w lets the command being executed inside the current working directory, by changing into the directory to the value returned by pwd. So this combination executes the command using the container, but inside the current working directory.

Docker run documentation


Docker creates any folders on your machine if they don't exist, before it spins up the docker container:

$ docker run -v /doesnt/exist:/foo -w /foo -i -t ubuntu bash

Read-Only Volumes

Read only control can be set on volumes as well: --read-only flag. This flag makes the entire contents of the container's root filesystem read-only, except for volumes mounted with the -v flag. To illustrate:

$ # this will not work, because /canttouchthis is part of the container's root filesystem
$ docker run -t --read-only -v /icanwrite busybox touch /canttouchthis
touch: /canttouchthis: Read-only file system

$ # this will work, because /icanwrite is mounted with -v and is not read-only
$ docker run --read-only -v /icanwrite busybox touch /icanwrite/here

$ # no error, no poblem!


The --read-only flag mounts the container’s root filesystem as read only prohibiting writes to locations other than the specified volumes for the container.

Docker run documentation


Instances

Listing all/running containers

To list containers that are currently running:

$ docker ps

To list all containers that have been run:

$ docker ps -a

If, for example, I run the docker hello world app, it will print a hello world message and then shut down:

$ docker run hello-world

Hello from Docker!
This message shows that your installation appears to be working correctly.

To generate this message, Docker took the following steps:
 1. The Docker client contacted the Docker daemon.
 2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
 3. The Docker daemon created a new container from that image which runs the
    executable that produces the output you are currently reading.
 4. The Docker daemon streamed that output to the Docker client, which sent it
    to your terminal.

To try something more ambitious, you can run an Ubuntu container with:
 $ docker run -it ubuntu bash

Share images, automate workflows, and more with a free Docker ID:
 https://cloud.docker.com/

For more examples and ideas, visit:
 https://docs.docker.com/engine/userguide/

Now, if I run the ps command to list running containers, it will not show up, because it shut down when it was finished printing its message. But if I run the ps -a command, I will see when it ran and what it was called:


$ docker ps
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES

$ docker ps -a
CONTAINER ID        IMAGE                COMMAND             CREATED              STATUS                          PORTS               NAMES
d6a0776634d4        hello-world:latest   "/hello"            About a minute ago   Exited (0) About a minute ago                       cranky_blackwell

Note that cranky_blackwell is just an autogenerated name from docker, since we didn't specify a name. We could have used the --name flag:

$ docker run --name my_uncreative_name hello-world

Hello from Docker!
This message shows that your installation appears to be working correctly.

To generate this message, Docker took the following steps:
 1. The Docker client contacted the Docker daemon.
 2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
 3. The Docker daemon created a new container from that image which runs the
    executable that produces the output you are currently reading.
 4. The Docker daemon streamed that output to the Docker client, which sent it
    to your terminal.

To try something more ambitious, you can run an Ubuntu container with:
 $ docker run -it ubuntu bash

Share images, automate workflows, and more with a free Docker ID:
 https://cloud.docker.com/

For more examples and ideas, visit:
 https://docs.docker.com/engine/userguide/

$ docker ps -a
CONTAINER ID        IMAGE                COMMAND             CREATED             STATUS                      PORTS               NAMES
48d33ae27050        hello-world:latest   "/hello"            31 seconds ago      Exited (0) 30 seconds ago                       my_uncreative_name
d6a0776634d4        hello-world:latest   "/hello"            3 minutes ago       Exited (0) 3 minutes ago                        cranky_blackwell

Networking and Ports

Networks

To connect a container to a network when starting, use --network=MYNETWORK:

$ docker run -itd --network=wlan0 ubuntu

$ docker run -itd --network=wlan0 --ip=192.168.0.101 ubuntu

Httpd container: automatic network interface creation

If you don't specify a network interface for a container that provides a network service, e.g., Apache httpd,

$ docker run httpd
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.17.0.7. Set the 'ServerName' directive globally to suppress this message
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.17.0.7. Set the 'ServerName' directive globally to suppress this message
[Fri Mar 24 05:37:18.878881 2017] [mpm_event:notice] [pid 1:tid 140136493913984] AH00489: Apache/2.4.25 (Unix) configured -- resuming normal operations
[Fri Mar 24 05:37:18.879282 2017] [core:notice] [pid 1:tid 140136493913984] AH00094: Command line: 'httpd -D FOREGROUND'

it will actually create a brand new networking interface with the IP address 172.17.0.7, available at the device docker0:

$ ifconfig docker0
docker0   Link encap:Ethernet  HWaddr 02:42:a1:02:56:a7
          inet addr:172.17.0.1  Bcast:0.0.0.0  Mask:255.255.0.0
          inet6 addr: fe80::42:a1ff:fe02:56a7/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:22 errors:0 dropped:0 overruns:0 frame:0
          TX packets:3 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:1536 (1.5 KB)  TX bytes:258 (258.0 B)

Ports

Internal and External Ports

The way that the docker container works is, it's a tiny virtual Linux box. This means there is an internal port scheme, as well as a separate host port scheme. When you run containers, their ports can be connected to the host's ports, and therefore be made available externally.

Exposing Ports

If you want to bind the container's CONTAINER_PORT to the host's HOST_PORT on HOST_IP of the host machine (e.g., 127.0.0.1), use the syntax:

docker run -p HOST_IP:HOST_PORT:CONTAINER_PORT

docker run -p 127.0.0.1:80:8080 ubuntu bash

This binds port 8080 of the container to port 80 on 127.0.0.1 of the host machine. You can also leave out the host IP:

docker run -p 80:8080 ubuntu bash

The Docker User Guide explains in detail how to manipulate ports in Docker.

Httpd container: bind to private, local host port

Don't specify any details of the network when you start up the container.

This creates a subnet with just you and the docker machine on the network.


Httpd container: bind to public host port

Note: the httpd container uses port 80 internally by default.

Docs link: https://docs.docker.com/engine/reference/commandline/run/#publish-or-expose-port--p---expose

If you are running a host server available at the IP address 192.168.0.10, and you want the docker container's service to be available at port 8000 for other machines that are on the 192.168.0.* network, you can bind the docker container to that IP and port when you spin it up.

Map the internal port 80 (for the docker container) map to the public IP address port of choice on the host machine.

If your host is at the IP 192.168.0.10:

$ docker run -p 192.168.0.10:8000:80 -it httpd
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.17.0.12. Set the 'ServerName' directive globally to suppress this message
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.17.0.12. Set the 'ServerName' directive globally to suppress this message
[Fri Mar 24 05:50:51.400325 2017] [mpm_event:notice] [pid 1:tid 140701557254016] AH00489: Apache/2.4.25 (Unix) configured -- resuming normal operations
[Fri Mar 24 05:50:51.400737 2017] [core:notice] [pid 1:tid 140701557254016] AH00094: Command line: 'httpd -D FOREGROUND'
100.200.155.18 - - [24/Mar/2017:05:50:53 +0000] "GET / HTTP/1.1" 200 45
100.200.155.18 - - [24/Mar/2017:05:50:53 +0000] "GET /favicon.ico HTTP/1.1" 404 209

This makes the service publicly available using the server's IP, and specifying port 8000.

DockerHttpdPublicPort.png



Troubleshooting

See =Troubleshooting Running Processes=

Troubleshooting Stopped Processes

Container starts and immediately stops

You can try running an interactive shell by adding the -it flag to the container you are running, and giving it a command (a shell).

For example, suppose we want to run the ubuntu container, and get a shell: we can just add the -it flag before the name of the image, and give it a command to run.

$ docker run -it ubuntu /bin/bash
root@3c554e350f70:/#

The -i flag opens STDIN for the container, allowing us to send information to the container, and -t creates a tty terminal so that the shell has something to communicate with (send text to).

Now we have a regular old shell on a Ubuntu box:

root@3c554e350f70:/# ls /
bin  boot  dev  etc  home  lib  lib64  media  mnt  opt  proc  root  run  sbin  srv  sys  tmp  usr  var

Adding the -it and a shell to a container that is immediately dying can help troubleshoot what's going on - you can check logs, running processes, etc.

Inspecting container process

Inspecting a container process:

$ docker inspect intrepid_hawking

[
    {
        "Id": "1912d9ff49fd270795954979264e7819311c63309cef3861a9477bb2a7f59540",
        "Created": "2017-09-23T19:18:31.706170871Z",
        "Path": "python2",
        "Args": [],
        "State": {
            "Status": "exited",
            "Running": false,
            "Paused": false,
            "Restarting": false,
            "OOMKilled": false,
            "Dead": false,
            "Pid": 0,
            "ExitCode": 0,
            "Error": "",
            "StartedAt": "2017-09-23T19:18:32.415935613Z",
            "FinishedAt": "2017-09-23T19:18:32.529070289Z"
        },
        "Image": "sha256:80947d6d85ec25656b97d764796d383f9cf7002a5dc695867e7abcc002c257ec",
        "ResolvConfPath": "/var/lib/docker/containers/1912d9ff49fd270795954979264e7819311c63309cef3861a9477bb2a7f59540/resolv.conf",
        "HostnamePath": "/var/lib/docker/containers/1912d9ff49fd270795954979264e7819311c63309cef3861a9477bb2a7f59540/hostname",
        "HostsPath": "/var/lib/docker/containers/1912d9ff49fd270795954979264e7819311c63309cef3861a9477bb2a7f59540/hosts",
        "LogPath": "/var/lib/docker/containers/1912d9ff49fd270795954979264e7819311c63309cef3861a9477bb2a7f59540/1912d9ff49fd270795954979264e7819311c63309cef3861a9477bb2a7f59540-json.log",
        "Name": "/hardcore_saha",
        "RestartCount": 0,
        "Driver": "overlay2",
        "MountLabel": "",
        "ProcessLabel": "",
        "AppArmorProfile": "",
        "ExecIDs": null,
        "HostConfig": {
            "Binds": null,
            "ContainerIDFile": "",
            "LogConfig": {
                "Type": "json-file",
                "Config": {}
            },
            "NetworkMode": "default",
            "PortBindings": {},
            "RestartPolicy": {
                "Name": "no",
                "MaximumRetryCount": 0
            },
            "AutoRemove": false,
            "VolumeDriver": "",
            "VolumesFrom": null,
            "CapAdd": null,
            "CapDrop": null,
            "Dns": [],
            "DnsOptions": [],
            "DnsSearch": [],
            "ExtraHosts": null,
            "GroupAdd": null,
            "IpcMode": "",
            "Cgroup": "",
            "Links": null,
            "OomScoreAdj": 0,
            "PidMode": "",
            "Privileged": false,
            "PublishAllPorts": false,
            "ReadonlyRootfs": false,
            "SecurityOpt": null,
            "UTSMode": "",
            "UsernsMode": "",
            "ShmSize": 67108864,
            "Runtime": "runc",
            "ConsoleSize": [
                0,
                0
            ],
            "Isolation": "",
            "CpuShares": 0,
            "Memory": 0,
            "NanoCpus": 0,
            "CgroupParent": "",
            "BlkioWeight": 0,
            "BlkioWeightDevice": null,
            "BlkioDeviceReadBps": null,
            "BlkioDeviceWriteBps": null,
            "BlkioDeviceReadIOps": null,
            "BlkioDeviceWriteIOps": null,
            "CpuPeriod": 0,
            "CpuQuota": 0,
            "CpuRealtimePeriod": 0,
            "CpuRealtimeRuntime": 0,
            "CpusetCpus": "",
            "CpusetMems": "",
            "Devices": [],
            "DeviceCgroupRules": null,
            "DiskQuota": 0,
            "KernelMemory": 0,
            "MemoryReservation": 0,
            "MemorySwap": 0,
            "MemorySwappiness": -1,
            "OomKillDisable": false,
            "PidsLimit": 0,
            "Ulimits": null,
            "CpuCount": 0,
            "CpuPercent": 0,
            "IOMaximumIOps": 0,
            "IOMaximumBandwidth": 0
        },
        "GraphDriver": {
            "Data": {
                "LowerDir": "/var/lib/docker/overlay2/0f7ec661c39afe24cff6b3c87f5f6b1b0a68f2cbe8a245321812dbdb8ec645fb-init/diff:/var/lib/docker/overlay2/c63dc14d739efe2dc37637c184a7ff53207ae4d487423699ef932ad28d2aaeec/diff:/var/lib/docker/overlay2/5916f418bd68d16adae51da08ce87319bb7f985251d3a5119e14812c6efe2012/diff:/var/lib/docker/overlay2/5d3e9a15ac7a254d47f789674baa03267a8489f02897381d66dd4d159640d211/diff:/var/lib/docker/overlay2/b251e4381097b765b55743331812d0ba4110c84f86d63cdd302fe1dde5f09e51/diff:/var/lib/docker/overlay2/c376ea5ec86153c198272f9a26c0b9934ba35a638763c7107cb0a21e96384c04/diff:/var/lib/docker/overlay2/b6889968d71ef57b1fceecd9be37e30700e66777f890b6e64ad669b61b2ba3c9/diff:/var/lib/docker/overlay2/9f724a626fa3e0d9423da98d98e8b7755985b4ad815d4d4b56ca406ad4502c83/diff:/var/lib/docker/overlay2/1e8897cad6f65abcea5ab665c255e2afd8cb422c48033f6a17eeed96c558b45d/diff:/var/lib/docker/overlay2/a8fb2cb175ad127722947a5e90f5907a9c70830f77a1ef2f58f0e7e46bed3678/diff:/var/lib/docker/overlay2/788ba685cd2f28c33dc81f2db4df1b2967530b069ac4dd64c81802d336ea54ba/diff:/var/lib/docker/overlay2/bd198cdea742ce2b4945fcb34f15971216fd1b350b460b85ea18cbb5694ed8eb/diff:/var/lib/docker/overlay2/a710a02b6f6e3c1d6a4870a6209b1d7296d3a61fbba8e8eff90c1da5f41665c5/diff:/var/lib/docker/overlay2/1fdbcb4ea6ccbf8b9f1505d8b6cf1f8daa5e269eb743a0c799ef0cec416ef819/diff:/var/lib/docker/overlay2/26b13156f68f6eb6e85e018da7e2ed09fcd13254e2ab93627cf55d6d2b074971/diff:/var/lib/docker/overlay2/5cce4aedd245bc44db5ddd4df1712b2f1b98b697caaa70af82e43b9677f51607/diff:/var/lib/docker/overlay2/9d76cd9207be311355e483ffca0286b0c6938949e4766833684fb48131c657f9/diff:/var/lib/docker/overlay2/1ffe41c672d5f8d174d8a28311f9cf4bd67f4d5b612f9f716f7f23c44b7438d0/diff:/var/lib/docker/overlay2/71ebecc49f62606cdf251bfbb4ab418191551c214463eeacac0d431de7da77cd/diff:/var/lib/docker/overlay2/d74e289e8f8e2fd3fc45c3680cfbfee86dbec58353b0a83fdad699fef15cfad8/diff:/var/lib/docker/overlay2/fd3860e8a0a8cf38437bb8e2625f9e99f7f650681407d89a15126aadc741fed5/diff:/var/lib/docker/overlay2/9d518fec29b54f188425ca868311ad8aeebd0a2303b5b1d8e6dfdc8f5832ef54/diff:/var/lib/docker/overlay2/f4d645535385d1ab0a751894a3bea4f35e8bc8a2aa6a9ba0135ff75b24e8438c/diff:/var/lib/docker/overlay2/dce5458a8ebbc913c92699bd1c08ee8cb158ae120cbce37e46f24699ca633f14/diff:/var/lib/docker/overlay2/09f9178b161a16b39d521615f5925e186d1296e84d6a5699fb320e9c75cc3755/diff:/var/lib/docker/overlay2/ed526544ae2c2dae9280871723dedd8ef21d43e3e9d801fe0b5d864873e574d5/diff:/var/lib/docker/overlay2/556d1a2f2e6632a96baf14df6d9759c5971f728c40d986c7de1660f2124d8cf3/diff:/var/lib/docker/overlay2/2bbebaab3b3f1c2a5293fcb73f7ad16d52417aedec93506266abb5a200efdff4/diff:/var/lib/docker/overlay2/b7ea78affdb467f7104d93c1d68e42ad413ce76b34f98e92d1ef1c17694c0a84/diff:/var/lib/docker/overlay2/ef7a9205bacea4473ee8976e4c0e1e52a037a496ccd97084d4d857a7706f4a44/diff:/var/lib/docker/overlay2/32c3830d5aab841a0db3bb2db21a05d26de87c15c830e478934474b031147054/diff:/var/lib/docker/overlay2/da81fc6385d1c268f6d0981a9fbfe5092762dd65536f3eebcab93cb8cf7bf91d/diff:/var/lib/docker/overlay2/d38caa99d5860c603a77cfa10f83a6604460377f1a6075e3bd52350a4560c775/diff:/var/lib/docker/overlay2/ab7668a515d8d288e2c10d6c09093f0c67cf447ea9a721683ba4e0fb2dc6d886/diff:/var/lib/docker/overlay2/cbcca5e8460c1183ed63b1e45b1f709340cee7780ebe8115999fd6faee339db1/diff:/var/lib/docker/overlay2/48715da4236392d9c2a0ff66d58131816063187238d0ef10b5b5bcb43509a3b6/diff:/var/lib/docker/overlay2/5f3752d0aae6d8ca4267471e8b8f7e047a014c7906ed0f531c63286707e60bc3/diff:/var/lib/docker/overlay2/1fd4e7b03965f7014459f077e0ca7c7eb06a4e6a5cdc158c0e916cf9ab2c6df0/diff:/var/lib/docker/overlay2/a7c9b2ab1b62f334967a06fe51af0633236b03eaf6c02fe3f61bcc5f616bb776/diff:/var/lib/docker/overlay2/5e77a6272564be5d5a7b6bd220b172ad4f676a6e851b075808bdd4d48fad989e/diff:/var/lib/docker/overlay2/3ca8331268a6cbcc91bd18fd2584c42a5cfeb7befba3dfceb038e0430e73ffcf/diff:/var/lib/docker/overlay2/354add5ffb036fcbe4982139f17e08d7f689befcbf9d47dee833bf4fe454cd41/diff:/var/lib/docker/overlay2/214e10fc30a18188d862aabdbf90cccac77af3f063f7de1356d7d85eebfa3cfb/diff",
                "MergedDir": "/var/lib/docker/overlay2/0f7ec661c39afe24cff6b3c87f5f6b1b0a68f2cbe8a245321812dbdb8ec645fb/merged",
                "UpperDir": "/var/lib/docker/overlay2/0f7ec661c39afe24cff6b3c87f5f6b1b0a68f2cbe8a245321812dbdb8ec645fb/diff",
                "WorkDir": "/var/lib/docker/overlay2/0f7ec661c39afe24cff6b3c87f5f6b1b0a68f2cbe8a245321812dbdb8ec645fb/work"
            },
            "Name": "overlay2"
        },
        "Mounts": [],
        "Config": {
            "Hostname": "1912d9ff49fd",
            "Domainname": "",
            "User": "",
            "AttachStdin": false,
            "AttachStdout": true,
            "AttachStderr": true,
            "Tty": false,
            "OpenStdin": false,
            "StdinOnce": false,
            "Env": [
                "no_proxy=*.local, 169.254/16",
                "PATH=/usr/local/rbenv/shims:/usr/local/rbenv/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
                "LANG=C.UTF-8",
                "PYTHON_VERSION=2.7.10",
                "PYTHON_PIP_VERSION=7.1.2",
                "AWS_DEFAULT_REGION=us-west-2",
                "DEBIAN_FRONTEND=noninteractive",
                "JAVA_HOME=/usr/lib/jvm/java-7-openjdk-amd64",
                "RBENV_ROOT=/usr/local/rbenv",
                "R_BASE_VERSION=3.2.3",
                "R_LIBS=/usr/local/lib/R/site-library:/usr/local/lib/R/library:/usr/lib/R/library"
            ],
            "Cmd": [
                "python2"
            ],
            "Image": "datalab/datalab-analytics",
            "Volumes": null,
            "WorkingDir": "/",
            "Entrypoint": null,
            "OnBuild": null,
            "Labels": {}
        },
        "NetworkSettings": {
            "Bridge": "",
            "SandboxID": "b239153fb86ac3d24185d5fd658a4d4b3d39a37d58abcf038837daa912790181",
            "HairpinMode": false,
            "LinkLocalIPv6Address": "",
            "LinkLocalIPv6PrefixLen": 0,
            "Ports": {},
            "SandboxKey": "/var/run/docker/netns/b239153fb86a",
            "SecondaryIPAddresses": null,
            "SecondaryIPv6Addresses": null,
            "EndpointID": "",
            "Gateway": "",
            "GlobalIPv6Address": "",
            "GlobalIPv6PrefixLen": 0,
            "IPAddress": "",
            "IPPrefixLen": 0,
            "IPv6Gateway": "",
            "MacAddress": "",
            "Networks": {
                "bridge": {
                    "IPAMConfig": null,
                    "Links": null,
                    "Aliases": null,
                    "NetworkID": "1c73c2ed54ce01953cdf07db0e1d8bcd9a26687d22229fcf0214e5a78e88361e",
                    "EndpointID": "",
                    "Gateway": "",
                    "IPAddress": "",
                    "IPPrefixLen": 0,
                    "IPv6Gateway": "",
                    "GlobalIPv6Address": "",
                    "GlobalIPv6PrefixLen": 0,
                    "MacAddress": "",
                    "DriverOpts": null
                }
            }
        }
    }
]

Flags







Flags