Docker/Basics
From charlesreid1
Also see Docker/Dockerfiles
Contents
Filesystems
Working directory
You can set the working directory using the -w flag:
$ docker run -w /path/to/dir/ -i -t ubuntu pwd
Volumes
You can set storage drive options using storage opt fllag:
$ docker run -it --storage-opt size=120G fedora /bin/bash
You can also mount external (your machine) drives/folders inside the Docker container:
$ docker run \ -v `pwd`:`pwd` \ -w `pwd` \ -i -t ubuntu pwd
The -v flag mounts the current working directory into the container. The -w lets the command being executed inside the current working directory, by changing into the directory to the value returned by pwd. So this combination executes the command using the container, but inside the current working directory.
Docker creates any folders on your machine if they don't exist, before it spins up the docker container:
$ docker run -v /doesnt/exist:/foo -w /foo -i -t ubuntu bash
Read-Only Volumes
Read only control can be set on volumes as well: --read-only flag. This flag makes the entire contents of the container's root filesystem read-only, except for volumes mounted with the -v flag. To illustrate:
$ # this will not work, because /canttouchthis is part of the container's root filesystem $ docker run -t --read-only -v /icanwrite busybox touch /canttouchthis touch: /canttouchthis: Read-only file system $ # this will work, because /icanwrite is mounted with -v and is not read-only $ docker run --read-only -v /icanwrite busybox touch /icanwrite/here $ # no error, no poblem!
The--read-onlyflag mounts the container’s root filesystem as read only prohibiting writes to locations other than the specified volumes for the container.
Instances
Listing all/running containers
To list containers that are currently running:
$ docker ps
To list all containers that have been run:
$ docker ps -a
If, for example, I run the docker hello world app, it will print a hello world message and then shut down:
$ docker run hello-world
Hello from Docker!
This message shows that your installation appears to be working correctly.
To generate this message, Docker took the following steps:
1. The Docker client contacted the Docker daemon.
2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
3. The Docker daemon created a new container from that image which runs the
executable that produces the output you are currently reading.
4. The Docker daemon streamed that output to the Docker client, which sent it
to your terminal.
To try something more ambitious, you can run an Ubuntu container with:
$ docker run -it ubuntu bash
Share images, automate workflows, and more with a free Docker ID:
https://cloud.docker.com/
For more examples and ideas, visit:
https://docs.docker.com/engine/userguide/
Now, if I run the ps command to list running containers, it will not show up, because it shut down when it was finished printing its message. But if I run the ps -a command, I will see when it ran and what it was called:
$ docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES $ docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES d6a0776634d4 hello-world:latest "/hello" About a minute ago Exited (0) About a minute ago cranky_blackwell
Note that cranky_blackwell is just an autogenerated name from docker, since we didn't specify a name. We could have used the --name flag:
$ docker run --name my_uncreative_name hello-world
Hello from Docker!
This message shows that your installation appears to be working correctly.
To generate this message, Docker took the following steps:
1. The Docker client contacted the Docker daemon.
2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
3. The Docker daemon created a new container from that image which runs the
executable that produces the output you are currently reading.
4. The Docker daemon streamed that output to the Docker client, which sent it
to your terminal.
To try something more ambitious, you can run an Ubuntu container with:
$ docker run -it ubuntu bash
Share images, automate workflows, and more with a free Docker ID:
https://cloud.docker.com/
For more examples and ideas, visit:
https://docs.docker.com/engine/userguide/
$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
48d33ae27050 hello-world:latest "/hello" 31 seconds ago Exited (0) 30 seconds ago my_uncreative_name
d6a0776634d4 hello-world:latest "/hello" 3 minutes ago Exited (0) 3 minutes ago cranky_blackwell
Networking and Ports
Networks
To connect a container to a network when starting, use --network=MYNETWORK:
$ docker run -itd --network=wlan0 ubuntu $ docker run -itd --network=wlan0 --ip=192.168.0.101 ubuntu
Httpd container: automatic network interface creation
If you don't specify a network interface for a container that provides a network service, e.g., Apache httpd,
$ docker run httpd AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.17.0.7. Set the 'ServerName' directive globally to suppress this message AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.17.0.7. Set the 'ServerName' directive globally to suppress this message [Fri Mar 24 05:37:18.878881 2017] [mpm_event:notice] [pid 1:tid 140136493913984] AH00489: Apache/2.4.25 (Unix) configured -- resuming normal operations [Fri Mar 24 05:37:18.879282 2017] [core:notice] [pid 1:tid 140136493913984] AH00094: Command line: 'httpd -D FOREGROUND'
it will actually create a brand new networking interface with the IP address 172.17.0.7, available at the device docker0:
$ ifconfig docker0
docker0 Link encap:Ethernet HWaddr 02:42:a1:02:56:a7
inet addr:172.17.0.1 Bcast:0.0.0.0 Mask:255.255.0.0
inet6 addr: fe80::42:a1ff:fe02:56a7/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:22 errors:0 dropped:0 overruns:0 frame:0
TX packets:3 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1536 (1.5 KB) TX bytes:258 (258.0 B)
Ports
Internal and External Ports
The way that the docker container works is, it's a tiny virtual Linux box. This means there is an internal port scheme, as well as a separate host port scheme. When you run containers, their ports can be connected to the host's ports, and therefore be made available externally.
Exposing Ports
If you want to bind the container's CONTAINER_PORT to the host's HOST_PORT on HOST_IP of the host machine (e.g., 127.0.0.1), use the syntax:
docker run -p HOST_IP:HOST_PORT:CONTAINER_PORT
to expose a port on the host machine to local requests:
docker run -p 127.0.0.1:80:8080 ubuntu bash
This binds port 8080 of the container to port 80 on 127.0.0.1 of the host machine.
Similarly, if you are connected to a VPN subnet like 10.6.0.x,
docker run -p 10.6.0.1:80:8080 ubuntu bash
You can also leave out the host IP:
docker run -p 80:8080 ubuntu bash
The Docker User Guide explains in detail how to manipulate ports in Docker: https://docs.docker.com/engine/userguide/networking/default_network/binding/
Httpd container: bind to private, local host port
Don't specify any details of the network when you start up the container.
This creates a subnet with just you and the docker machine on the network.
Httpd container: bind to public host port
Note: the httpd container uses port 80 internally by default.
Docs link: https://docs.docker.com/engine/reference/commandline/run/#publish-or-expose-port--p---expose
If you are running a host server available at the IP address 192.168.0.10, and you want the docker container's service to be available at port 8000 for other machines that are on the 192.168.0.* network, you can bind the docker container to that IP and port when you spin it up.
Map the internal port 80 (for the docker container) map to the public IP address port of choice on the host machine.
If your host is at the IP 192.168.0.10:
$ docker run -p 192.168.0.10:8000:80 -it httpd AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.17.0.12. Set the 'ServerName' directive globally to suppress this message AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.17.0.12. Set the 'ServerName' directive globally to suppress this message [Fri Mar 24 05:50:51.400325 2017] [mpm_event:notice] [pid 1:tid 140701557254016] AH00489: Apache/2.4.25 (Unix) configured -- resuming normal operations [Fri Mar 24 05:50:51.400737 2017] [core:notice] [pid 1:tid 140701557254016] AH00094: Command line: 'httpd -D FOREGROUND' 100.200.155.18 - - [24/Mar/2017:05:50:53 +0000] "GET / HTTP/1.1" 200 45 100.200.155.18 - - [24/Mar/2017:05:50:53 +0000] "GET /favicon.ico HTTP/1.1" 404 209
This makes the service publicly available using the server's IP, and specifying port 8000.
Troubleshooting
See =Troubleshooting Running Processes=
Troubleshooting Stopped Processes
Attaching to a running container
To attach to a running container, use docker exec and pass it bash:
sudo docker exec -i -t happy_mongo /bin/bash
Container starts and immediately stops
You can try running an interactive shell by adding the -it flag to the container you are running, and giving it a command (a shell).
For example, suppose we want to run the ubuntu container, and get a shell: we can just add the -it flag before the name of the image, and give it a command to run.
$ docker run -it ubuntu /bin/bash root@3c554e350f70:/#
The -i flag opens STDIN for the container, allowing us to send information to the container, and -t creates a tty terminal so that the shell has something to communicate with (send text to).
Now we have a regular old shell on a Ubuntu box:
root@3c554e350f70:/# ls / bin boot dev etc home lib lib64 media mnt opt proc root run sbin srv sys tmp usr var
Adding the -it and a shell to a container that is immediately dying can help troubleshoot what's going on - you can check logs, running processes, etc.
Inspecting container process
Inspecting a container process:
$ docker inspect intrepid_hawking
[
{
"Id": "1912d9ff49fd270795954979264e7819311c63309cef3861a9477bb2a7f59540",
"Created": "2017-09-23T19:18:31.706170871Z",
"Path": "python2",
"Args": [],
"State": {
"Status": "exited",
"Running": false,
"Paused": false,
"Restarting": false,
"OOMKilled": false,
"Dead": false,
"Pid": 0,
"ExitCode": 0,
"Error": "",
"StartedAt": "2017-09-23T19:18:32.415935613Z",
"FinishedAt": "2017-09-23T19:18:32.529070289Z"
},
"Image": "sha256:80947d6d85ec25656b97d764796d383f9cf7002a5dc695867e7abcc002c257ec",
"ResolvConfPath": "/var/lib/docker/containers/1912d9ff49fd270795954979264e7819311c63309cef3861a9477bb2a7f59540/resolv.conf",
"HostnamePath": "/var/lib/docker/containers/1912d9ff49fd270795954979264e7819311c63309cef3861a9477bb2a7f59540/hostname",
"HostsPath": "/var/lib/docker/containers/1912d9ff49fd270795954979264e7819311c63309cef3861a9477bb2a7f59540/hosts",
"LogPath": "/var/lib/docker/containers/1912d9ff49fd270795954979264e7819311c63309cef3861a9477bb2a7f59540/1912d9ff49fd270795954979264e7819311c63309cef3861a9477bb2a7f59540-json.log",
"Name": "/hardcore_saha",
"RestartCount": 0,
"Driver": "overlay2",
"MountLabel": "",
"ProcessLabel": "",
"AppArmorProfile": "",
"ExecIDs": null,
"HostConfig": {
"Binds": null,
"ContainerIDFile": "",
"LogConfig": {
"Type": "json-file",
"Config": {}
},
"NetworkMode": "default",
"PortBindings": {},
"RestartPolicy": {
"Name": "no",
"MaximumRetryCount": 0
},
"AutoRemove": false,
"VolumeDriver": "",
"VolumesFrom": null,
"CapAdd": null,
"CapDrop": null,
"Dns": [],
"DnsOptions": [],
"DnsSearch": [],
"ExtraHosts": null,
"GroupAdd": null,
"IpcMode": "",
"Cgroup": "",
"Links": null,
"OomScoreAdj": 0,
"PidMode": "",
"Privileged": false,
"PublishAllPorts": false,
"ReadonlyRootfs": false,
"SecurityOpt": null,
"UTSMode": "",
"UsernsMode": "",
"ShmSize": 67108864,
"Runtime": "runc",
"ConsoleSize": [
0,
0
],
"Isolation": "",
"CpuShares": 0,
"Memory": 0,
"NanoCpus": 0,
"CgroupParent": "",
"BlkioWeight": 0,
"BlkioWeightDevice": null,
"BlkioDeviceReadBps": null,
"BlkioDeviceWriteBps": null,
"BlkioDeviceReadIOps": null,
"BlkioDeviceWriteIOps": null,
"CpuPeriod": 0,
"CpuQuota": 0,
"CpuRealtimePeriod": 0,
"CpuRealtimeRuntime": 0,
"CpusetCpus": "",
"CpusetMems": "",
"Devices": [],
"DeviceCgroupRules": null,
"DiskQuota": 0,
"KernelMemory": 0,
"MemoryReservation": 0,
"MemorySwap": 0,
"MemorySwappiness": -1,
"OomKillDisable": false,
"PidsLimit": 0,
"Ulimits": null,
"CpuCount": 0,
"CpuPercent": 0,
"IOMaximumIOps": 0,
"IOMaximumBandwidth": 0
},
"GraphDriver": {
"Data": {
"LowerDir": "/var/lib/docker/overlay2/0f7ec661c39afe24cff6b3c87f5f6b1b0a68f2cbe8a245321812dbdb8ec645fb-init/diff:/var/lib/docker/overlay2/c63dc14d739efe2dc37637c184a7ff53207ae4d487423699ef932ad28d2aaeec/diff:/var/lib/docker/overlay2/5916f418bd68d16adae51da08ce87319bb7f985251d3a5119e14812c6efe2012/diff:/var/lib/docker/overlay2/5d3e9a15ac7a254d47f789674baa03267a8489f02897381d66dd4d159640d211/diff:/var/lib/docker/overlay2/b251e4381097b765b55743331812d0ba4110c84f86d63cdd302fe1dde5f09e51/diff:/var/lib/docker/overlay2/c376ea5ec86153c198272f9a26c0b9934ba35a638763c7107cb0a21e96384c04/diff:/var/lib/docker/overlay2/b6889968d71ef57b1fceecd9be37e30700e66777f890b6e64ad669b61b2ba3c9/diff:/var/lib/docker/overlay2/9f724a626fa3e0d9423da98d98e8b7755985b4ad815d4d4b56ca406ad4502c83/diff:/var/lib/docker/overlay2/1e8897cad6f65abcea5ab665c255e2afd8cb422c48033f6a17eeed96c558b45d/diff:/var/lib/docker/overlay2/a8fb2cb175ad127722947a5e90f5907a9c70830f77a1ef2f58f0e7e46bed3678/diff:/var/lib/docker/overlay2/788ba685cd2f28c33dc81f2db4df1b2967530b069ac4dd64c81802d336ea54ba/diff:/var/lib/docker/overlay2/bd198cdea742ce2b4945fcb34f15971216fd1b350b460b85ea18cbb5694ed8eb/diff:/var/lib/docker/overlay2/a710a02b6f6e3c1d6a4870a6209b1d7296d3a61fbba8e8eff90c1da5f41665c5/diff:/var/lib/docker/overlay2/1fdbcb4ea6ccbf8b9f1505d8b6cf1f8daa5e269eb743a0c799ef0cec416ef819/diff:/var/lib/docker/overlay2/26b13156f68f6eb6e85e018da7e2ed09fcd13254e2ab93627cf55d6d2b074971/diff:/var/lib/docker/overlay2/5cce4aedd245bc44db5ddd4df1712b2f1b98b697caaa70af82e43b9677f51607/diff:/var/lib/docker/overlay2/9d76cd9207be311355e483ffca0286b0c6938949e4766833684fb48131c657f9/diff:/var/lib/docker/overlay2/1ffe41c672d5f8d174d8a28311f9cf4bd67f4d5b612f9f716f7f23c44b7438d0/diff:/var/lib/docker/overlay2/71ebecc49f62606cdf251bfbb4ab418191551c214463eeacac0d431de7da77cd/diff:/var/lib/docker/overlay2/d74e289e8f8e2fd3fc45c3680cfbfee86dbec58353b0a83fdad699fef15cfad8/diff:/var/lib/docker/overlay2/fd3860e8a0a8cf38437bb8e2625f9e99f7f650681407d89a15126aadc741fed5/diff:/var/lib/docker/overlay2/9d518fec29b54f188425ca868311ad8aeebd0a2303b5b1d8e6dfdc8f5832ef54/diff:/var/lib/docker/overlay2/f4d645535385d1ab0a751894a3bea4f35e8bc8a2aa6a9ba0135ff75b24e8438c/diff:/var/lib/docker/overlay2/dce5458a8ebbc913c92699bd1c08ee8cb158ae120cbce37e46f24699ca633f14/diff:/var/lib/docker/overlay2/09f9178b161a16b39d521615f5925e186d1296e84d6a5699fb320e9c75cc3755/diff:/var/lib/docker/overlay2/ed526544ae2c2dae9280871723dedd8ef21d43e3e9d801fe0b5d864873e574d5/diff:/var/lib/docker/overlay2/556d1a2f2e6632a96baf14df6d9759c5971f728c40d986c7de1660f2124d8cf3/diff:/var/lib/docker/overlay2/2bbebaab3b3f1c2a5293fcb73f7ad16d52417aedec93506266abb5a200efdff4/diff:/var/lib/docker/overlay2/b7ea78affdb467f7104d93c1d68e42ad413ce76b34f98e92d1ef1c17694c0a84/diff:/var/lib/docker/overlay2/ef7a9205bacea4473ee8976e4c0e1e52a037a496ccd97084d4d857a7706f4a44/diff:/var/lib/docker/overlay2/32c3830d5aab841a0db3bb2db21a05d26de87c15c830e478934474b031147054/diff:/var/lib/docker/overlay2/da81fc6385d1c268f6d0981a9fbfe5092762dd65536f3eebcab93cb8cf7bf91d/diff:/var/lib/docker/overlay2/d38caa99d5860c603a77cfa10f83a6604460377f1a6075e3bd52350a4560c775/diff:/var/lib/docker/overlay2/ab7668a515d8d288e2c10d6c09093f0c67cf447ea9a721683ba4e0fb2dc6d886/diff:/var/lib/docker/overlay2/cbcca5e8460c1183ed63b1e45b1f709340cee7780ebe8115999fd6faee339db1/diff:/var/lib/docker/overlay2/48715da4236392d9c2a0ff66d58131816063187238d0ef10b5b5bcb43509a3b6/diff:/var/lib/docker/overlay2/5f3752d0aae6d8ca4267471e8b8f7e047a014c7906ed0f531c63286707e60bc3/diff:/var/lib/docker/overlay2/1fd4e7b03965f7014459f077e0ca7c7eb06a4e6a5cdc158c0e916cf9ab2c6df0/diff:/var/lib/docker/overlay2/a7c9b2ab1b62f334967a06fe51af0633236b03eaf6c02fe3f61bcc5f616bb776/diff:/var/lib/docker/overlay2/5e77a6272564be5d5a7b6bd220b172ad4f676a6e851b075808bdd4d48fad989e/diff:/var/lib/docker/overlay2/3ca8331268a6cbcc91bd18fd2584c42a5cfeb7befba3dfceb038e0430e73ffcf/diff:/var/lib/docker/overlay2/354add5ffb036fcbe4982139f17e08d7f689befcbf9d47dee833bf4fe454cd41/diff:/var/lib/docker/overlay2/214e10fc30a18188d862aabdbf90cccac77af3f063f7de1356d7d85eebfa3cfb/diff",
"MergedDir": "/var/lib/docker/overlay2/0f7ec661c39afe24cff6b3c87f5f6b1b0a68f2cbe8a245321812dbdb8ec645fb/merged",
"UpperDir": "/var/lib/docker/overlay2/0f7ec661c39afe24cff6b3c87f5f6b1b0a68f2cbe8a245321812dbdb8ec645fb/diff",
"WorkDir": "/var/lib/docker/overlay2/0f7ec661c39afe24cff6b3c87f5f6b1b0a68f2cbe8a245321812dbdb8ec645fb/work"
},
"Name": "overlay2"
},
"Mounts": [],
"Config": {
"Hostname": "1912d9ff49fd",
"Domainname": "",
"User": "",
"AttachStdin": false,
"AttachStdout": true,
"AttachStderr": true,
"Tty": false,
"OpenStdin": false,
"StdinOnce": false,
"Env": [
"no_proxy=*.local, 169.254/16",
"PATH=/usr/local/rbenv/shims:/usr/local/rbenv/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"LANG=C.UTF-8",
"PYTHON_VERSION=2.7.10",
"PYTHON_PIP_VERSION=7.1.2",
"AWS_DEFAULT_REGION=us-west-2",
"DEBIAN_FRONTEND=noninteractive",
"JAVA_HOME=/usr/lib/jvm/java-7-openjdk-amd64",
"RBENV_ROOT=/usr/local/rbenv",
"R_BASE_VERSION=3.2.3",
"R_LIBS=/usr/local/lib/R/site-library:/usr/local/lib/R/library:/usr/lib/R/library"
],
"Cmd": [
"python2"
],
"Image": "datalab/datalab-analytics",
"Volumes": null,
"WorkingDir": "/",
"Entrypoint": null,
"OnBuild": null,
"Labels": {}
},
"NetworkSettings": {
"Bridge": "",
"SandboxID": "b239153fb86ac3d24185d5fd658a4d4b3d39a37d58abcf038837daa912790181",
"HairpinMode": false,
"LinkLocalIPv6Address": "",
"LinkLocalIPv6PrefixLen": 0,
"Ports": {},
"SandboxKey": "/var/run/docker/netns/b239153fb86a",
"SecondaryIPAddresses": null,
"SecondaryIPv6Addresses": null,
"EndpointID": "",
"Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"IPAddress": "",
"IPPrefixLen": 0,
"IPv6Gateway": "",
"MacAddress": "",
"Networks": {
"bridge": {
"IPAMConfig": null,
"Links": null,
"Aliases": null,
"NetworkID": "1c73c2ed54ce01953cdf07db0e1d8bcd9a26687d22229fcf0214e5a78e88361e",
"EndpointID": "",
"Gateway": "",
"IPAddress": "",
"IPPrefixLen": 0,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "",
"DriverOpts": null
}
}
}
}
]
Flags
 |
docker notes on the virtual microservice container platform
Installing the docker platform: Docker/Installing Docker Hello World: Docker/Hello World
Creating Docker Containers: Getting docker containers from docker hub: Docker/Dockerhub Creating docker containers with dockerfiles: Docker/Dockerfiles Managing Dockerfiles using git: Docker/Dockerfiles/Git Setting up Python virtualenv in container: Docker/Virtualenv
Running docker containers: Docker/Basics Dealing with volumes in Docker images: Docker/Volumes Removing Docker images: Docker/Removing Images Rsync Docker Container: Docker/Rsync
Networking with Docker Containers:
|
|
docker pods pods are groups of docker containers that travel together
Docker pods are collections of Docker containers that are intended to run in concert for various applications.
Wireless Sensor Data Acquisition Pod The wireless sensor data acquisition pod deploys containers This pod uses the following technologies: Stunnel · Rsync · Apache · MongoDB · Python · Jupyter (numerical Python stack)
Deep Learning Pod This pod utilizes the following technologies: Python · Sklearn · Jupyter (numerical Python stack) · Keras · TensorFlow
|
Flags
|
docker notes on the virtual microservice container platform
Installing the docker platform: Docker/Installing Docker Hello World: Docker/Hello World
Creating Docker Containers: Getting docker containers from docker hub: Docker/Dockerhub Creating docker containers with dockerfiles: Docker/Dockerfiles Managing Dockerfiles using git: Docker/Dockerfiles/Git Setting up Python virtualenv in container: Docker/Virtualenv
Running docker containers: Docker/Basics Dealing with volumes in Docker images: Docker/Volumes Removing Docker images: Docker/Removing Images Rsync Docker Container: Docker/Rsync
Networking with Docker Containers:
|
|
docker pods pods are groups of docker containers that travel together
Docker pods are collections of Docker containers that are intended to run in concert for various applications.
Wireless Sensor Data Acquisition Pod The wireless sensor data acquisition pod deploys containers This pod uses the following technologies: Stunnel · Rsync · Apache · MongoDB · Python · Jupyter (numerical Python stack)
Deep Learning Pod This pod utilizes the following technologies: Python · Sklearn · Jupyter (numerical Python stack) · Keras · TensorFlow
|