• run

  docker run --rm -it --name=name -p <host>:<container> -v <host>:<container> <image> <cmd>

  Options:

  • —rm : delete when finished running
  • -it : interactive and allocate tty (needed when running interactive commands like bash)
  • -d : run in background
  • -p : expose port inside container to host e.g. -p 3333:80 exposes port 80 inside the container as port 3333 in the host
  • -v : mount a host directory inside the container e.g. -v $(pwd)/..:/opt/script:ro
    • ro stands for read-only; can also be rw for read-write
  • --privileged=true : run as root

  Notes:

  • —rm and -it are often used to run ad-hoc commands
  • -d is used for running long-lived containers (e.g. a database). those can be stopped with docker stop <container>

• start

  docker start ${containerId} : start a container that exited/is stopped

• stop

  docker stop ${containerId} : stops a container

• exec

  docker exec -it <container> /bin/bash

  • -t : allocate tty (needed for interactive programs like bash)
  • -i : interactive mode

• images

  docker images : list images

  • -a : include intermediary containers

• build

  docker build : build an image from Dockerfile description

  • -f : name of docker file (Dockerfile by default)
  • -t : tag with ${repository}:${tag}, ${tag} is optional

• ps

  docker ps : list containers

  • -a : list exited containers

• rm

  docker rm ${containerId} : remove a container

• rmi

  docker rmi ${image} : remove an image

• inspect

  docker inspect ${containerId} : list info about a container as json

• image

  • is built from description in Dockerfile, e.g.: docker build -t ${imageTag} -f Dockerfile .
  • if specified by name and not present locally, will be downloaded from docker store e.g. docker run ubuntu:18:04 will download ubuntu image from https://store.docker.com/images/ubuntu
  • list local images: docker images
  • delete with docker rmi ${imageTag}
  • delete untagged (likely stale) images: docker rmi $(docker images | grep none | awk '{print $3}')

  • interesting images

    • golang:1.4.2 : for building go programs, https://store.docker.com/images/golang
    • ubuntu:16:04
    • debian:latest
    • buildpack-deps :https://store.docker.com/images/buildpack-deps

• container

  • an image that is running

# build stage
FROM golang:alpine AS build-env
ADD . /src
RUN cd /src && go build -o goapp

# final stage
FROM alpine
WORKDIR /app
COPY --from=build-env /src/goapp /app/
EXPOSE 80
ENTRYPOINT ./goapp

• https://github.com/docker-slim/docker-slim : tool to take a docker image and drastically reduce its size
• To keep docker running if desired process goes into background, add && tail -f /dev/null. That will keep container alive
• my docker store account: kjksf, https://store.docker.com/profiles/kjksf/content

• container-1: expose its port to host with -p ${port}:${port}
• container-2: docker run --network="host" which shares
• http://www.dasblinkenlichten.com/docker-networking-101-host-mode/

• container-1: expose the port with --expose ${port}
• container-2: docker run --link="container-1" . This adds /etc/hosts entry for container-1 with the right ip address so that container-2 can use container1:${port} as ip address

• container-1: docker run --expose ${port} --net-alias="container-1". This exposes container ip under name container-1 in the network so container-2 can use it. Only valid in