alias d=docker
alias dc=docker-compose
docker stats --all
docker-compose --env-file ./config/.env.dev up
d ps --format 'table {{.ID}}\t{{.State}}\t{{.Names}}\t{{.Ports}}'
d ps --format '{{ .Names }}'
docker-compose -f local.yml down --volumes --rmi all
docker image prune -a -f
environment:
- PUID=1000
- PGID=1000
- TZ=Etc/UTC
# local registry
docker run -d --restart always -p "127.0.0.1:5000:5000" \
--name local-registry registry:2
# run with volumes
VOLUMES_FROM=mailer dc run --rm mailer bash
# run with different entry point
docker run --entrypoint bash ...
docker info | grep Storage
docker network create --subnet '172.22.22.0/24' x-net
alias dps='docker ps --format "table {{.ID}}\t{{.State}}\t{{.Names}}\t{{.Ports}}"'
# create backup
docker run --volumes-from rancher-data \
-v "$PWD:/backup" --rm \
busybox tar zcvf /backup/rancher-data-backup-<RANCHER_VERSION>-<DATE>.tar.gz /var/lib/rancher
COMPOSE_FILE=./local-config.yml
# how much memory inside
docker run --rm "debian:bookworm-slim" \
bash -c \
'numfmt --to iec $(echo $(($(getconf _PHYS_PAGES) * $(getconf PAGE_SIZE))))'
d exec -it <container> bash # login to running container
d run --rm -it <image> bash # Run image in image. Use 'd ps -a' to see last failed build
---------------------------------------
watch -n2 docker-compose ps
---------------------------------------
# docker stats
docker stats --no-stream $(docker ps --format )
# runs once. Remove --no-stream to run continuously
---------------------------------------
# check resources
docker system df
# List
docker ps -q -f 'status=exited'
docker images -q -f "dangling=true"
docker volume ls -qf dangling=true
# cleanup
docker rm $(docker ps -q -f 'status=exited')
docker rmi $(docker images -q -f "dangling=true")
docker volume rm $(docker volume ls -qf dangling=true)
# remove none images https://www.projectatomic.io/blog/2015/07/what-are-docker-none-none-images/
docker image prune --filter "dangling=true"
# dead process remover
docker images |grep ' ' |awk '{print $3}' |sort -u |xargs -n 1 docker rmi
docker images |egrep '^7' |awk '{print $3}' |sort -u |xargs docker rmi # remove ECR images
docker images |egrep '^7' |grep -v 1.2.0.36 |awk '{print $3}'|sort -u |xargs docker rmi
docker images |egrep '^7' |egrep -v '1.2.0.36|1.3.0-SNAPSHOT|latest' |awk '{print $3}'|sort -u |xargs docker rmi
docker images |egrep '^7' |awk '{print $2}' |sort -u
docker images |egrep '^7' |grep 1.2.0.36 |awk '{print $3}'|sort -u |xargs docker rmi
# ecr tokens in ~/.docker/config.json
# health
docker inspect --format='' $(dc ps -q svcname) |jq .
Docker Compose alias dc=docker-compose
dc build
dc create
dc up # foreground
dc up -d # background
dc create --force-recreate --build [service-name]
dc logs -f --no-color |grep x|lessTools for inspection and reducing size Example of docker configurator for semaphore , is there a tool behind this? Cleaning root filesystem apt-get clean autoclean
apt-get autoremove --yes
apt-get purge -y --auto-remove \
-o APT::AutoRemove::RecommendsImportant=false;
# only install what ya need
apt-get install -y --no-install-recommends --no-install-suggests xxx
RUN pip install --no-cache-dir --requirement /app/requirements.txt
rm -rf /var/lib/apt/lists/*
Config docker setup example {
"bip": "172.22.23.1/24",
"iptables": true,
"userns-remap": "default"
}Use env_file to load env for a container Security and Scanners Also see Docker Namespaces below Networks docker network create --subnet '172.22.22.0/24' myname-net
docker network ls
docker network inspect \
di-backend_default \
| jq -c '.[]|.Containers|.[]|{name:.Name,addr:.IPv4Address}'
# https://docs.docker.com/desktop/networking/
# internal
host.docker.internal
gateway.docker.internal
kubernetes.docker.internal
# in compose file
networks:
# docker network create --subnet '172.22.22.0/24' myname-net
myname-net:
external: true
services:
nameone:
networks: [ "myname-net" ]
...
Container Utils Unpreviledged Google kaniko Logging Driver docker info --format '{{.LoggingDriver}}'
docker ps -q |xargs -n 1 docker inspect -f '{{.HostConfig.LogConfig.Type}}'Docker Context (remote connect) Docker Desktop Alternates Compose Profiles Use profiles to not start everything as default Run container with volumes VOLUMES_FROM=mailer dc run --rm mailer bashDocker test containers brew install atomicjar/tap/testcontainers-desktop
# to update later:
brew update && brew upgrade testcontainers-desktopReload on cp-prod # uninstall
for pkg in docker.io docker-doc docker-compose docker-compose-v2 podman-docker containerd runc; do apt-get remove $pkg; done
# Add Docker's official GPG key:
apt-get update
apt-get install ca-certificates curl
install -m 0755 -d /etc/apt/keyrings
curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc
chmod a+r /etc/apt/keyrings/docker.asc
# Add the repository to Apt sources:
echo \
"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu \
$(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \
tee /etc/apt/sources.list.d/docker.list > /dev/null
apt-get update
apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-pluginDocker logging to elastic
Accessing Docker VM screen ~/Library/Containers/com.docker.docker/Data/com.docker.driver.amd64-linux/tty
docker run --rm -it --privileged --pid=host walkerlee/nsenter -t 1 -m -u -i -n sh
docker run -it --rm --privileged --pid=host justincormack/nsenter1
# 2020-12-16
socat -d -d ~/Library/Containers/com.docker.docker/Data/debug-shell.sock pty,rawer
screen <tty returned>Elastic Doc hasscreen ~/Library/Containers/com.docker.docker/Data/vms/0/tty
# ctrl-a+d to exit
Setup grep vm.max_map_count /etc/sysctl.conf
vm.max_map_count=262144
sysctl -w vm.max_map_count=262144 # tmp. Set in /etc/sysctl.conf file.
disk usage inside container docker run --rm alpine df -h
Service IP docker inspect --format '' c1