No edit summary |
No edit summary |
||
| (2 intermediate revisions by the same user not shown) | |||
| Line 62: | Line 62: | ||
Enter shell of container<syntaxhighlight lang="bash"> | Enter shell of container<syntaxhighlight lang="bash"> | ||
docker exec -it <containerID> bash | docker exec -it <containerID> bash | ||
</syntaxhighlight> | |||
Show images already pulled by docker and stored locally<syntaxhighlight lang="bash"> | |||
docker images | |||
</syntaxhighlight> | </syntaxhighlight> | ||
| Line 101: | Line 105: | ||
sudo lsns -p ${CONTAINER_PID} #gets all namespaces for the process | sudo lsns -p ${CONTAINER_PID} #gets all namespaces for the process | ||
</syntaxhighlight>Info about the namespaces: | |||
* mnt (''Mount'') - the container has an isolated mount table. | |||
* uts (''UNIX Time-Sharing'') - the container is able to have its own hostname and domain name. | |||
* ipc (''Interprocess Communication'') - processes inside the container can communicate via system-level IPC only to processes inside the same container. | |||
* pid (''Process ID'') - processes inside the container are only able to see other processes inside the same container or inside the same pid namespace. | |||
* net (''Network'') - the container gets its own set of network devices, IP protocol stacks, port numbers, etc. | |||
* cgroup (''Cgroup'') - the container has its own ''virtualized view'' of cgroups (not to be confused with cgroups themselves). | |||
== Copy Files into container == | |||
To copy files into/outof a running container use the docker cp command:<syntaxhighlight lang="bash"> | |||
docker cp [OPTIONS] CONTAINER:SRC_PATH DEST_PATH|- | |||
docker cp [OPTIONS] SRC_PATH|- CONTAINER:DEST_PATH | |||
</syntaxhighlight> | |||
== Export file system of container == | |||
<syntaxhighlight lang="bash"> | |||
CONT_ID=$(docker create nginx:latest) #get container id | |||
docker export ${CONT_ID} -o nginx.tar.gz # export container to tarball | |||
docker export $(docker create nginx:latest) | tar -xC <dest> # oneliner to extract to destinatin folder | |||
</syntaxhighlight> | </syntaxhighlight> | ||
Latest revision as of 18:58, 20 April 2024
Install Docker Official
Uninstall old versions:
for pkg in docker.io docker-doc docker-compose docker-compose-v2 podman-docker containerd runc; do sudo apt-get remove $pkg; done
Install from apt repo:
# Add Docker's official GPG key:
sudo apt-get update
sudo apt-get install ca-certificates curl gnupg
sudo install -m 0755 -d /etc/apt/keyrings
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg
sudo chmod a+r /etc/apt/keyrings/docker.gpg
# Add the repository to Apt sources:
echo \
"deb [arch="$(dpkg --print-architecture)" signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu \
"$(. /etc/os-release && echo "$VERSION_CODENAME")" stable" | \
sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt-get update
Install Docker Packages:
sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
Setup Docker
Enable running docker commands without the use of sudo:
Check Groups for docker group:
cat /etc/group | grep docker
Add if not found:
sudo groupadd docker
Add user to docker group:
sudo usermod -aG docker $USER
Configure to start on boot with systemd:
sudo systemctl enable docker.service
sudo systemctl enable containerd.service
Docker Commands
Docker commands reference can be found here: docker command ref
Stop docker container
docker stop <container name>
remove container
docker rm <container name>
run container
docker run --name <container name>
Stop all the containers
docker stop $(docker ps -a -q)
Remove all the containers
docker rm $(docker ps -a -q)
Enter shell of container
docker exec -it <containerID> bash
Show images already pulled by docker and stored locally
docker images
When running docker containers the run command will require extra options for containers with specific uses. Environment vairables can be added to a document container on startup using a .env file and the switch "--env-file=<path to env file>" in the run command
Docker High CPU usage
See what containers are using system resources:
docker stats --all
docker stats --all --format "table {{.ID}}\t{{.Name}}\t{{.CPUPerc}}\t{{.MemUsage}}"
Check specific container for process:
docker ps | grep <container id>
Check the logs for high cpu use container:
docker logs --tail 100 <container Id>
Follow live logs:
docker logs --follow <container ID>
restart docker container:
docker restart <container name>
Template docker-compose file
Also see some other templates:awesome-compose github
Inspect Container by namespace
get process id of container:
CONTAINER_PID=$(pgrep <containername> | sort | head -n 1) #gets PID of container
sudo lsns -p ${CONTAINER_PID} #gets all namespaces for the process
Info about the namespaces:
- mnt (Mount) - the container has an isolated mount table.
- uts (UNIX Time-Sharing) - the container is able to have its own hostname and domain name.
- ipc (Interprocess Communication) - processes inside the container can communicate via system-level IPC only to processes inside the same container.
- pid (Process ID) - processes inside the container are only able to see other processes inside the same container or inside the same pid namespace.
- net (Network) - the container gets its own set of network devices, IP protocol stacks, port numbers, etc.
- cgroup (Cgroup) - the container has its own virtualized view of cgroups (not to be confused with cgroups themselves).
Copy Files into container
To copy files into/outof a running container use the docker cp command:
docker cp [OPTIONS] CONTAINER:SRC_PATH DEST_PATH|-
docker cp [OPTIONS] SRC_PATH|- CONTAINER:DEST_PATH
Export file system of container
CONT_ID=$(docker create nginx:latest) #get container id
docker export ${CONT_ID} -o nginx.tar.gz # export container to tarball
docker export $(docker create nginx:latest) | tar -xC <dest> # oneliner to extract to destinatin folder