Docker Cheat Sheet

IMAGES 

Info

show images on host
docker images

get image ID by name
docker images --format="{{.ID}}" myImageName

inspect image
docker inspect image:version | jq .

Remove

remove image by name
docker rmi reponame:tag

remove dangling images (w no names or tags)
docker image prune

remove all images that dont have a child container running
docker image prune -a

remove ALL images
docker rmi $(docker images -qa)

Build

build an image from Dockerfile
docker build -t user/image-name

Dockerfile config:

FROM debian:wheezy  #provide a base image

RUN apt-get update && apt-get install -y cowsay  #run additional commands to build container

ENTRYPOINT /usr/bin/telnet

ADD /host_dir /target_dir #copy contents to container from the host

CMD "echo" "all done!"  #cmd to execute once container is built

ENV PROXY_SERVER http://www.proxy.com #set env vars

EXPOSE 8250  #expose port from service inside container to outside

USER 125  #UID of user running the container

VOLUME ["/tmp"] #enable access from container to dir on the host machine

WORKDIR ~/dev  #where CMD will execute from

COPY file.conf /etc/app/app.conf #copy from host to container

Network

docker network ls

docker network rm <name of network>

Allow non root user to run docker commands

add new docker group

groupadd docker

add user to group

usermod -aG jsmith docker

change permissions of docker socket file

chmod root:docker /var/run/docker.sock

relogin bash run 'docker run hello-world' 

 CONTAINERS 

Info

show all containers and their status

docker ps -a

get just container IDs

docker ps -qa

show diffs made to container

docker diff containerName

see all operations done inside the container

docker logs containerName (or container ID)

get JSON info about a container

docker inspect <containerName or containerID>

Bash into a container

docker exec -ti <container Name> bash

bash into a container, filter by container Name

docker exec -ti $(docker ps -qf "name=worker") bash

Bash into a STOPPED container,

docker run -it --entrypoint /bin/bash <image_id>

Install a package inside a container

docker run -u root -ti <container ID> apt updatedocker run -u root -ti <container ID> apt install vim

get JSON output of all containers
curl -s --unix-socket /var/run/docker.sock http:/containers/json

SSH into existing running container

docker attach $containerID
docker exec -ti $containerID bash

bind container network to the underlying host

docker run --network host -d --rm -e VAULT_DEV_ROOT_TOKEN_ID=abcd -p "8200:8200" artifactory.corp.local/docker.io/vault:0.9.5

will listen on 0.0.0.0:8200

show all dangling volumes

docker volume ls -qf dangling=true

Run / Stop

run a container, and login via terminal
docker run -it imageName 

run a container w specific hostname and name
docker run -it --name myName --hostname myHostname imageName

run container as daemon, bind to a port, give container a name
docker run -d -p 5200:5200 --name myName imageName

Stop a running container

docker ps (get container ID)
docker stop $containerID (or by Name)

Stop all Running containers

docker ps -a --format="{{.ID}}" | xargs docker stop

Start container 

docker start $containerID

exit the container if logged in via terminal

exit

run a container, make a container Volume be available to host, ie, can read Container's application logs directly from Docker host

docker run -p 5100:5100 --volume <path to volume on host>:<path to volume on container>

docker run -p 5100:5100 --volume /host/data/app1:/opt/container/app1

kill zombie containers that restart

docker ps -a --format="{{.ID}}" | xargs docker update --restart=no | xargs docker stop | xargsdocker rmi $(docker images -qa) --force

Remove

remove container by name

docker rm <name>

remove all stopped containers

docker container prune

remove all containers

docker rm $(docker ps -aq)

prune Everything (remove dangling images, containers, networks)

docker system prune -f

remove dangling volumes

docker volume rm $(docker volume ls -qf dangling=true)

Docker Compose

run docker compose up as daemon, 

docker compose -f my-compose-file.yaml up -d

stop container,

docker compose stop

remove stopped containers

docker compose rm -f

remove a container specific to a service

docker compose rm postgres

tail all logs

docker compose -f docker-compose.yaml logs -f

Docker Service

see all running services
docker service ls

inspect service
docker service inspect <service name>

remove service
docker service rm <service name>

see which Swarm nodes are running the service
docker service ps <service ID>

scale out a service to more instances
docker service scale <service name>=5 (or # of instances)






Swarm

start swarm on leader node
docker swarm init

leader node generates token
add node to swarm
docker swarm join \
>     --token <TOKEN> \
>     <IP>:2377

This node joined a swarm as a worker.


start a service from a docker-compose file
docker stack deploy -c docker-compose.yaml myService