- Docker enables you to separate your applications from your infrastructure so you can deliver software quickly
- ps: see a list of running containers
- version: get version of docker
- info: get a lot of info about docker engine
- build: build a docker image from a docker file
- -f: specify a docker file rather than Dockerfile
- -t: tag the image with a name and version
- login: log into docker hub using username and password
- tag: tag a image with ${username}/${imagename}:${tag}
- push: push a docker image to a docker hub
- FROM: define which image does this one inherit from
- WORKDIR: set working directory in container
- COPY: copy files from host to container
- RUN: execute bash command in container
- EXPOSE: expose a port to host
- ENV: set system environment variable
- CMD: run commands when the container lunch
- run IMAGE : run a command in a new container
- --publish <host_port>:<container_port>: Publish a container’s port(s) to the host
- --detach: Run container in background and print container ID
- --name: give a name to the new container
- --env: pass environment variable to the new container
- --volume: attach a volume to container
- --network: attach container to a specific network
- --network-alias: give container an additional DNS name to respond to
- --rm: automatically remove the container when exit
- -it: run the new container in an interactive mode
- start: start a stopped container
- -ia: start a stopped container in an interactive mode
- exec: execute a command in a running container
- -it: in an interactive mode
- ls: list all running containers
- --all: list all containers including the stopped ones
- logs: fetch logs of a container
- top: display the running processes of a container
- port: list which ports are available of a container
- inspect: get details of a container config
- stats: get performance stats for all containers
- stop: stop a running container
- An image is a read-only template with instructions for creating a Docker container.
- contains app binaries, dependencies, meta data and how to run it
- each image has a version like a tag
- a container is just a single read/write layer on top of an image
- keep layers change less on the top and layers change more at the bottom
- history: show changes in docker image layers
- inspect: show meta data of an image
- tag: assign one or more names to an image
- push: upload image layers to a docker registry
- Each container connected to a private virtual network called ”bridge”
- All containers on a virtual network can talk to each other without --publish
- Best practice is to create a new virtual network for each app
- containers could be attached to more than one virtual networks
- docker use container name as its default DNS name
- ls: list all networks
- inspect: get detail config of a network
- create <network_name>: create a new network
- --driver: specify a driver of the new network
- --driver overlay: create a swarm wide bridge network
- connect <network_id> <container_id>: attach a network to a container
- disconnect <network_id> <container_id>: detach a network from container
- make special location outside container UFS
- need manual deletion
- managed by docker engine
- create: create a volume, need to do this before “docker run” to use custom drivers and labels
- a mapping from a host file dir to container file dir
- not a UFS, not managed by docker engine
- host files overwrite any in container
- can’t use in Docker file, must be at “docker run” command as a -v option like “/location/on/host:/location/on/container”
- it’s not a production grade tool
- used to configure relationships between containers
- save docker container run settings in easy-to-read file
- create one-liner developer environment startups
- based on a YAML formatted file that describes our solutions options for services, networks and volumes
- --help: to show help info for docker-compose
- -d: run containers in a detached mode
- build: build a customized image (if compose yaml file has a build section in a service)
- logs: show logs of all the containers
- up: to start all the containers in the yaml file
- down: to close all the containers created by the up command
- -f to specify a yaml file for docker-compose, default is docker-compose.yaml, a yam file looks like:
version: ‘3’
services:
container1:
image: tsuxia/hello-world
ports:
- “80:8080”
- “443:27017”
environment:
- variable1=hello
- variable2=world
volumes:
- /root/home:/var/lib
depends_on:
- container2
container2:
image: hanSolutions/han-sql
- A swarm is a group of machines that are running Docker and joined into a cluster.
- With swarm, docker could not only run on one host machine but on a cluster consist of several machines
- A swarm is consist of a swarm manager and several workers
- init: will create a docker swarm and join as a manager docker node
- join: other nodes could use this command to join the swarm
- join-token (worker|manager): generate token related to this warm
- leave: delete a swarm
- Each manager and worker in a swarm is called a node
- You can only execute docker node command from a manager node
- ls: list out all the nodes in a swarm
- A service is a group of containers of the same image:tag
- Services make it simple to scale your application
- Scaling a service changes the number of container instances running that piece of software
- Services could talk to each other within the same network by service names
- Service contains stateless load balancing
- It’s very easy to define, run, and scale services with a docker-compose.yml file.
- A single container running in a service is called a task
- The true implementation of a container in production is running it as a service
- create: create a service
- --replicas [number]: create a service with # of replicas
- A stack is a group of interrelated services that share dependencies, and can be orchestrated and scaled together
- A single stack is capable of defining and coordinating the functionality of an entire application
- deploy: deploy a stack into a swarm
- rm: delete a stack
docker secret
- create: