Tips & Tricks from Docker Captain

Łukasz Lach, Docker Captain | 2022

https://lach.dev/ | https://github.com/lukaszlach/

Docker Masters | http://dockermasters.pl/

Build-time

Code everywhere

docker run -it \
    -p 8080:8080 \
    -v "$HOME/.config:/home/coder/.config" \
    -v "$PWD:/home/coder/project" \
    -u "$(id -u):$(id -g)" \
    codercom/code-server

https://github.com/cdr/code-server

Remote build cache

export DOCKER_BUILDKIT=1
docker build \
  --cache-from \
      registry-gitlab.gog.com/project/image:latest \
  -t image \
  .

Perfect Docker image

docker run -i hadolint/hadolint < Dockerfile

docker run -v /var/run/docker.sock:/var/run/docker.sock goodwithtech/dockle alpine:3

Mangle build context

RUN --mount=type=bind,target=/context \
    cp -a /context/. /app/ && \
    find /app -type d -name ".git" | xargs rm -rf

Run-time

Command on-demand

docker run -d --name nginx nginx

docker run -it --net container:nginx cmd.cat/curl/ab/ngrep/tcpdump/ip/nmap/netstat
docker run -it --pid container:nginx cmd.cat/htop/ps/strace

docker run -it --pid container:nginx cmd.cat/rsync/tar/zip/find find /proc/1/root/etc/nginx

https://github.com/lukaszlach/commando

Container filesystem

Get the process ID of ANY process running inside the container:

ps aux | grep nginx
docker top nginx

Explore the container filesystem without using Docker:

sudo ls -lach /proc/27090/root/

Explore the container filesystem using other Docker container:

docker run --rm -it \
  --pid container:nginx -v $PWD:/host \
  cmd.cat/bash/tar/zip/rsync/scp/curl/wget bash

Come get some!

docker build -t duke-nukem-3d http://lach.dev/duke-nukem-3d

docker run -v $(pwd)/wine:/root/.wine -p 5900:5900 duke-nukem-3d

Access on port 5900 with any VNC client.

lukaszlach/docker-infoshare-2022.md

Tips & Tricks from Docker Captain

Build-time

Run-time