Docker Cheat Sheet

Docker & Docker Compose Overview

Quick List

  • docker-compose build
  • docker-compose up -d
  • docker-compose logs -f
  • docker exec -it <container> bash
  • docker run -it centos
  • docker ps -aq --no-trunc | xargs docker rm
  • docker images -q --filter dangling=true | xargs docker rmi

NOTE: Configure Direct-LVM Mode for Production

Misc

Can’t connect to your Container?  It Exists immediately and  you want to see why?

# docker commit <container-id> my-hosed-container &&
# docker run -it my-hosed-container /bin/sh

Push images to your Registry (GCP)

# gcloud docker -- push us.gcr.io/sysops7/varnish5:dev

List gcloud container Images

# gcloud container images list --repository=us.gcr.io/sysops7 

NAME
us.gcr.io/sysops7/varnish5

# gcloud container images list-tags us.gcr.io/sysops7/varnish5
DIGEST       TAGS TIMESTAMP
244bf0d4ffc6 dev  2017-12-01T15:44:01

Remove images from Registry (GCP)

# gcloud container images delete us.gcr.io/sysops7/varnish5:dev
Digests:
- us.gcr.io/sysops7/varnish5@sha256:244bf0d4ffc6936f561adf68364fa56ce43b0574ca0db350f7352b466ab3d7ff
  Associated tags:
 - dev
Tags:
- us.gcr.io/sysops7/varnish5:dev
This operation will delete the tags and images identified by the 
digests above.

Do you want to continue (Y/n)?  y

Deleted [us.gcr.io/sysops7/varnish5:dev].
Deleted [us.gcr.io/sysops7/varnish5@sha256:244bf0d4ffc6936f561adf68364fa56ce43b0574ca0db350f7352b466ab3d7ff].

Pull images from Registry (GCP)

# gcloud docker -- pull us.gcr.io/my-project/my-image

To pull a specific image, append the image’s tag or digest:

# gcloud docker -- pull us.gcr.io/my-project/my-image:test
# gcloud docker -- pull us.gcr.io/my-project/my-image@sha256:44bde...

Docker Swarm Init

# docker swarm init --advertise-addr 192.168.1.33

Swarm initialized: current node (3ww6m5jr6df24sgg0hj8i1d7) is now a manager.

To add a worker to this swarm, run the following command:

# docker swarm join \
--token SWMTKN-1-1ygehettvmj02Fakeasd4thedfFake8aql26o7jd9u8h6oFakej5u-1f01w77gxtanFakezmnck3jve \
192.168.1.33:2377

To add a manager to this swarm, run docker swarm join-token manager and follow the instructions.

Docker Lifecycle Commands

Starting and Stopping Docker

Removing Docker containers and images

Playing with Docker can leave you with several stopped containers and unneeded, intermediary images. This may waste substantial disk space. This article shows how to efficiently remove such containers and images.

List all exited containers

# docker ps -aq -f status=exited

Remove stopped containers

# docker ps -aq --no-trunc | xargs docker rm

This command will not remove running containers, only an error message will be printed out for each of them.

Remove containers

# docker rm $(docker ps -qa --no-trunc --filter "status=exited")

Removing Unused Volumes

# docker volume rm $(docker volume ls -qf dangling=true
# docker volume ls -qf dangling=true | xargs -r docker volume rm

Removing Networks

# docker network ls
# docker network ls | grep "bridge"
# docker network rm $(docker network ls | grep "bridge" | awk '/ / { print $1 }')

Remove dangling/untagged images

# docker images -q --filter dangling=true | xargs docker rmi

Remove containers created after a specific container

# docker ps --since a1bz3768ez7g -q | xargs docker rm

Remove containers created before a specific container

# docker ps --before a1bz3768ez7g -q | xargs docker rm

Use --rm for docker build

Use --rm together with docker build to remove intermediary images during the build process.

Searching for Images in the Docker Hub

You can search for images available on Docker Hub by using the docker command with the searchsubcommand. For example, to search for the CentOS image, type:

docker search centos

The script will crawl Docker Hub and return a listing of all images whose name match the search string. In this case, the output will be similar to this:

Output
NAME                            DESCRIPTION                                     STARS     OFFICIAL   AUTOMATED
centos                          The official build of CentOS.                   2224      [OK]       
jdeathe/centos-ssh              CentOS-6 6.7 x86_64 / CentOS-7 7.2.1511 x8...   22                   [OK]
jdeathe/centos-ssh-apache-php   CentOS-6 6.7 x86_64 / Apache / PHP / PHP M...   17                   [OK]
million12/centos-supervisor     Base CentOS-7 with supervisord launcher, h...   11                   [OK]
nimmis/java-centos              This is docker images of CentOS 7 with dif...   10                   [OK]
torusware/speedus-centos        Always updated official CentOS docker imag...   8                    [OK]
nickistre/centos-lamp           LAMP on centos setup                            3                    [OK]

...

In the OFFICIAL column, OK indicates an image built and supported by the company behind the project. Once you’ve identifed the image that you would like to use, you can download it to your computer using the pull subcommand, like so:

docker pull centos

After an image has been downloaded, you may then run a container using the downloaded image with the run subcommand. If an image has not been downloaded when docker is executed with the runsubcommand, the Docker client will first download the image, then run a container using it:

  • docker run centos

To see the images that have been downloaded to your computer, type:

  • docker images

The output should look similar to the following:

[secondary_lable Output]
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
centos              latest              778a53015523        5 weeks ago         196.7 MB
hello-world         latest              94df4f0ce8a4        2 weeks ago         967 B

As you’ll see later in this tutorial, images that you use to run containers can be modified and used to generate new images, which may then be uploaded (pushed is the technical term) to Docker Hub or other Docker registries.

Running a Docker Container

The hello-world container you ran in the previous step is an example of a container that runs and exits, after emitting a test message. Containers, however, can be much more useful than that, and they can be interactive. After all, they are similar to virtual machines, only more resource-friendly.

As an example, let’s run a container using the latest image of CentOS. The combination of the -i and -t switches gives you interactive shell access into the container:

  • docker run -it centos

Your command prompt should change to reflect the fact that you’re now working inside the container and should take this form:

Output
[root@59839a1b7de2 /]#

Important: Note the container id in the command prompt. In the above example, it is 59839a1b7de2.

Now you may run any command inside the container. For example, let’s install MariaDB server in the running container. No need to prefix any command with sudo, because you’re operating inside the container with root privileges:

  • yum install mariadb-server

Committing Changes in a Container to a Docker Image

When you start up a Docker image, you can create, modify, and delete files just like you can with a virtual machine. The changes that you make will only apply to that container. You can start and stop it, but once you destroy it with the docker rm command, the changes will be lost for good.

This section shows you how to save the state of a container as a new Docker image.

After installing MariaDB server inside the CentOS container, you now have a container running off an image, but the container is different from the image you used to create it.

To save the state of the container as a new image, first exit from it:

  • exit

Then commit the changes to a new Docker image instance using the following command. The -m switch is for the commit message that helps you and others know what changes you made, while -a is used to specify the author. The container ID is the one you noted earlier in the tutorial when you started the interactive docker session. Unless you created additional repositories on Docker Hub, the repository is usually your Docker Hub username:

  • docker commit -m “What did you do to the image” -a “Author Name” container-id repository/new_image_name

For example:

  • docker commit -m “added mariadb-server” -a “Sunday Ogwu-Chinuwa” 59839a1b7de2 finid/centos-mariadb

Note: When you commit an image, the new image is saved locally, that is, on your computer. Later in this tutorial, you’ll learn how to push an image to a Docker registry like Docker Hub so that it may be assessed and used by you and others.

After that operation has completed, listing the Docker images now on your computer should show the new image, as well as the old one that it was derived from:

  • docker images

The output should be of this sort:

Output
REPOSITORY             TAG                 IMAGE ID            CREATED             SIZE
finid/centos-mariadb   latest              23390430ec73        6 seconds ago       424.6 MB
centos                 latest              778a53015523        5 weeks ago         196.7 MB
hello-world            latest              94df4f0ce8a4        2 weeks ago         967 B

In the above example, centos-mariadb is the new image, which was derived from the existing CentOS image from Docker Hub. The size difference reflects the changes that were made. And in this example, the change was that MariaDB server was installed. So next time you need to run a container using CentOS with MariaDB server pre-installed, you can just use the new image. Images may also be built from what’s called a Dockerfile. But that’s a very involved process that’s well outside the scope of this article. We’ll explore that in a future article.

Listing Docker Containers

After using Docker for a while, you’ll have many active (running) and inactive containers on your computer. To view the active ones, use:

  • docker ps

You will see output similar to the following:

Output
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES
f7c79cc556dd        centos              "/bin/bash"         3 hours ago         Up 3 hours                              silly_spence

To view all containers — active and inactive, pass it the -a switch:

  • docker ps -a

To view the latest container you created, pass it the -l switch:

  • docker ps -l

Stopping a running or active container is as simple as typing:

  • docker stop container-id

The container-id can be found in the output from the docker ps command.

Pushing Docker Images to a Docker Repository

The next logical step after creating a new image from an existing image is to share it with a select few of your friends, the whole world on Docker Hub, or other Docker registry that you have access to. To push an image to Docker Hub or any other Docker registry, you must have an account there.

This section shows you how to push a Docker image to Docker Hub.

To create an account on Docker Hub, register at Docker Hub. Afterwards, to push your image, first log into Docker Hub. You’ll be prompted to authenticate:

  • docker login -u docker-registry-username

If you specified the correct password, authentication should succeed. Then you may push your own image using:

  • docker push docker-registry-username/docker-image-name

It will take sometime to complete, and when completed, the output will be of this sort:

Output
The push refers to a repository [docker.io/finid/centos-mariadb]
670194edfaf5: Pushed 
5f70bf18a086: Mounted from library/centos 
6a6c96337be1: Mounted from library/centos

...

After pushing an image to a registry, it should be listed on your account’s dashboard.

If a push attempt results in an error of this sort, then you likely did not log in first:

Output
The push refers to a repository [docker.io/finid/centos-mariadb]
e3fbbfb44187: Preparing
5f70bf18a086: Preparing
a3b5c80a4eba: Preparing
7f18b442972b: Preparing
3ce512daaf78: Preparing
7aae4540b42d: Waiting
unauthorized: authentication required

Log in, then repeat the push attempt.