yum install dockersystemctl enable docker
systemctl start dockerdocker run hello-worlddocker image ls
# or just
docker imagesdocker container ls --all
# or just
docker ps -aAdd --size to see how much space each container is taking.
docker container rm <container_id>docker image rm <image_id>After creating a Dockerfile, you can build an image like this:
docker build --tag=myapp .
# or
docker build --tag=myapp:v0.0.1 .For example:
Temporary failure resolving 'security.debian.org'
Quick fix:
docker build --network=host ...
docker run --network=host ...Permanent fix:
cat >> /etc/docker/daemon.json << !
{
"dns": ["1.1.1.1", "8.8.8.8"]
}
!
service docker restartCleans up unused caches and stopped containers.
docker system prune -fFirst (optional but recommended) remove any containers which are not running:
docker rm $(docker ps --filter "status=exited" -q --no-trunc)Now clear intermediate images from partial builds (caches):
docker rmi $(docker images --filter "dangling=true" -q --no-trunc)But this might be a better way to clean only intermediate images:
docker builder pruneWARNING: This will destroy everything apart from running containers and their images
docker system prune --allWARNING: This will destroy absolutely everything, including running containers!
docker stop $(docker ps -q)
docker kill $(docker ps -q)
docker container rm $(docker ps -a -q)
docker image rm -f $(docker images -a -q)Actually it might not destroy all volumes. Check:
du -sh /var/lib/docker/volumesIf you give your container a name when you start it, it will be easier to find it later.
docker run --detach --name <container_name> <image_name>If you want to interact with the process that the image starts up with.
docker run -it <image_name>docker run --rm -it <image_id> /bin/bashIn this case we have used --rm (optional) to automatically remove the container when it stops.
Note that the above may not work if the Docker image has specified an entrypoint. In such cases, we may need to override the entrypoint like so:
docker run --rm -it --entrypoint /bin/bash <image_id>
If your container has stopped, you must first restart it.
docker restart <container_name>Now you can open a shell inside the container, to debug it:
docker exec -it <container_name> /bin/bashSome images set a default user. If you want to enter the container as the root user, add -u root
# For Alpine Linux
apk add bash procps findutils bind-tools nmap man vim curl
# For Debian
apt-get update && apt-get -y install procps findutils inetutils-ping dnsutils nmap man vim curl net-tools
alias l='ls -lartFh --color'docker stop <container_name>docker cp <container_id>:/path /path
docker cp /path <container_id>:/pathThis even works with containers which are not running!
We can also remove files:
docker rm -fv /unwanted/fileWe can even copy from an image without starting it.
docker create --name temp <image_name>
docker cp temp:/path /pathDocker can have trouble copying symlinks:
invalid symlink "/foo/bar" -> "../baz"
We can work around that by copying to stdout and then extracting:
docker cp <container_id>:/path - | tar x
# Or safer:
mkdir dest
docker cp <container_id>:/path - | tar -C dest -xWe can also export an entire container (running or stopped):
docker export <container_name> > container.tar
docker export <container_name> | gzip -c > container.tgzand import it again later as a new image:
docker import container.tgz <image_repository_name>but note that in this case the image is not layered, so it will take the full size.
-
nsenter - Easy way to start a shell inside a container (although
docker exechas now taken its place). Includesdocker-enter. -
baseimage - A Docker image designed to run a full Linux system, rather than just one process. (syslog, cron, ssh, logrotate, ...)
- Recommendations for creating images: https://developers.redhat.com/blog/2016/02/24/10-things-to-avoid-in-docker-containers/