securitywing

Docker Command List with Examples in Linux

by

Spinning up a docker container takes a few seconds with a simple command.Once the containers is up and running you need to customize and manage it to fit for the apps and other requirements. I have put together a number of useful command with examples that a beginner will find handy.

Docker MySQL  container installation commands

docker container run -d -p 3306:3306 --name db -e MYSQL_RAMDOM_ROOT_PASSWORD=true mysql

or run

docker container run -d --name db -p 3306:3306 -e MYSQL_ROOT_PASSWORD=mypass mysql

Next, run the following commands to get the root password of MySQL if you have not set the root password when running the container.

docker container logs db

Apache server installation command in Docker

docker container run -d --name webserver -p 8080:80 httpd

 

Nginx installation command in docker

docker container run -d --name proxy -p 80:80 nginx

 

To check the containers process run the following commands:

docker container top <container-name>

docker contaienr top proxy

To check the configuration of the container named proxy:

docker container inspect proxy

To see live performance data of the containers

docker container stats

docker container stats proxy

 

To stop the containers

docker container ls

docker container stop id id

 

To remove the containers

docker container rm -f  id  id ( or name)

Check if the container has been removed by running docker ps or ls command:

docker container ls  -a

docker  ps -a

Note:  -a shows all containers. To see the latest container created:

docker ps  -l

 

To get inside the container.

docker container run –it ( start a new container interactively)

docker container run –exec  ( run additional command in existing container)

To run a new nginx container and get inside the shell:

docker container run -it --name proxy2 nginx bash

The above command will let you get into the shell

To exit the container shell  type ‘exit’. When you type exit the container will stop running.

To run a full Ubuntu image inside a container run:

docker container run  -it --name ubuntu Ubuntu

Note:when Ubuntu installation gets complete you will be able to get inside the Ubuntu container and be able to install package using apt-get just like the way you install in normal Ubuntu server.

To check all containers:

docker container ls -a

You can exit the Ubuntu container by typing exit command  and whenever you want to start it again type:

docker container start -ai Ubuntu

 

To get inside an already running container called db

docker container exec -it db bash

here, db is the container name.

docker container run  -it –name proxy nginx bash

Instead of running only Nginx container, you can run entire ubuntu distribution and inside it you can install Nginx or can install other packages using apt-get.

 

To check which port is being used by a particular container:

# docker container port     <id/name of container>

To check the IP address of the container named proxy:

docker container inspect –format ‘{{ .NetworkSettings.IPAddress }}’ proxy the above command will show the IP of the virtual network of the container.

You cannot have two containers on the same port on the host level.

Commands  Description
docker network ls Shows a network
docker network inspect Inspect a network
docker network create –driver Create a network
docker network connect Attach a network to container
docker network disconnect Detach a network from container

# docker network inspect bridge

 

To create a new docker network

# docker network create my-app-net

Note: the above command will use the default driver bridge.

# docker network inspect my-app-net

Create a network when creating a container:

# docker container run  -d  - -name nginx1    - - network my-app-net nginx

Check the  my-app-net to see that nginx1 is now using my-app-net

To remove a docker network

docker network rm my-app-net ( or use the id)

To add the existing container to the new network my-app-net:

docker network connect id-of-network id-of-container

To ping from a container named new_nginx to another container my_nignx, use the following command:

#docker container exec –it my_nginx ping new_nginx

Docker image tagging and push it to the image hub

docker image tag - -help

docker image ls

docker pull nginx: mainline

The tags are labels that point to the actual docker image ID. You can create you own docker file and create own custom image. Also, you can retag the existing docker image.

To give a new tag to the existing image:

#docker image tag nginx  securitywing/nginx

Note: here securitywing is the docker user name and nginx is the image name.

#docker image ls

You can now push the new tagged image into the docker hub using the following push command:

# docker image push sixthgalaxy/nginx

Note: to use the push command, you need to login to the docker hub from the Linux machine using the following command.

#docker login

#cd root

root@docker:~# cat .docker/config.json

you will find the docker authentication key on the config.json file located in the home directory of the Linux username.

Note: Everything docker related (images, volumes, containers, etc.) is under /var/lib/docker/

A docker image is created from a single file called a docker file. To build a new image from existing docker file, go to the location of the existing docker file and run the following command:

# docker image build   -t customnginx   .

Note: (.) means running it in the current directory.

 

Docker Volumes and bind mounts

There are two-way docker allows creating persistent data volume in the container. A persistent volume is capable of retaining data when you delete the containers.

  • Volumes: docker makes special location outside of the container’s UFS(unique file system)
  • Bind mount: link container path to host path.

Persistence data volumes– when you create a volume, the docker creates a new directory in the storage area of docker in the host machine and docker is responsible for managing the contents on that volume directory. Unlike bind mount,  the volume outlives the docker container, which means if you delete the container, the volume needs manual deletion because it resides inside the host. For example, the docker file of MySQL image contains VOLUME command telling it to create a persistent volume when running the container. You need to specify the volume inside the docker file as follows:

VOLUME  /var/lib/mysql

 

Pull  a mysql  image running the following command:

# docker pull mysql

Now, inspect the mysql image.

# docker image inspect mysql

Have look at the volume directive that tells the docker container to assign a volume in the /var/lib/mysql path inside the container.

“Volumes”: {

                “/var/lib/mysql”: {}

            },

 

Next, run a mysql container:

# docker container run -d --name mysql -e MYSQL_ALLOW_EMPTY_PASSWORD=True mysql

# docker container ls

# docker container inspect mysql

 

Look at the mounts directive’s source which show where in the host it stores the data. In this case, it is in this host machine’s path-/var/lib/docker/volumes/b3105aab4347f0c3cd968908d7457ee754c04a88adc767debcc870d50406c6aa/_data

“Mounts”: [

            {

                “Type”: “volume”,

                “Name”: “b3105aab4347f0c3cd968908d7457ee754c04a88adc767debcc870d50406c6aa”,

                “Source”: “/var/lib/docker/volumes/b3105aab4347f0c3cd968908d7457ee754c04a88adc767debcc870d50406c6aa/_data”,

                “Destination”: “/var/lib/mysql”,

                “Driver”: “local”,

                “Mode”: “”,

                “RW”: true,

                “Propagation”: “”

            }

        ]

 

When you no longer need the volume after deleting the containers, you need to run the command below to completely remove it from the host machine.

# docker container rm mysql

Now if you run the volume command you will see that the volume still exists even if you deleted the container.

# docker volume ls

Remove the mysql container:

# docker container stop mysql

# docker container rm mysql

By default docker generate a random string to create a volume. To easily identify the volume in the host you can create a named volume. If you use -v  when running the docker container, it will create a named volume in which you can check running “docker volume inspect <volume name>” command.

# docker container run -d --name mysql -e MYSQL_ALLOW_EMPTY_PASSWORD=True -v mysql-db:/var/lib/mysql mysql

Note: the volume name will be mysql-db, which will be in the host machine.

Check the mysql-db volume location in the host machine. You will see that the docker has created a volume named mysql-d instead of  a random string.

# docker volume inspect mysql-db

You will see the following info:

[

    {

        “CreatedAt”: “2017-12-01T01:36:05Z”,

        “Driver”: “local”,

        “Labels”: null,

        “Mountpoint”: “/var/lib/docker/volumes/mysql-db/_data”,

        “Name”: “mysql-db”,

        “Options”: {},

        “Scope”: “local”

    }

]

 

Now, delete the container again:

# docker container rm -f mysql

Create a new mysql container:

# docker container run -d --name mysql2 -e MYSQL_ALLOW_EMPTY_PASSWORD=True -v mysql-db:/var/lib/mysql mysql

# docker volume ls

# docker container inspect mysql2

Check the Mounts directive

 

Bind mounts

Bind mounts maps a host file or a directory to a container file or directory in the docker. It symbolically links the two locations( a specific location inside the container and the host). Bind mount is pretty useful when you create a local development environment on your computer and see the changes made in the website files in the host. Thus, you no longer have to get inside the docker container to modify the web files.

Create a directory in the host machine and then create an index.html file in it. Next, create a Dockerfile with the following contents:

 

FROM nginx:latest

WORKDIR /usr/share/nginx/html

COPY index.html index.html

# you do not have to specify EXPOSE or CMD because they're in the nginx image specified in the "FROM nginx:latest"

 

Run the following docker command from this directory to map the current directory of the host.

docker container run -d --name nginx1 -p 80:80 -v $(pwd):/usr/share/nginx/html nginx

Now get inside the container:

# docker container exec -it nginx1 bash

# cd /usr/share/nginx/html

Note: you cannot use bind mount in the Dockerfile. It must be specified  when running “docker container run” command.

You will see a Dockerfile which has mapped the container’s directory with the host machine’s directory. If you delete a file in the host the file, the container will delete it too.

With the help of bind mount,  you can update site from the host. No need to go inside the container to make changes in the website files.

Database upgrade with named Volumes

Create Postgres container with a named volume psql-data using version 9.6.1. use docker hub to learn volume path and versions needed to run it. Check logs and stop the container. Create a Postgres container with the same-named volume using 9.6.2. check logs to validate.

 Note: The above-mentioned method only works with the patch version. Most SQL databases require manual commands to upgrade to major or minor versions. It’s a database limitation, not a container one.

# docker container run -d - -name  psql -v psql:/var/lib/postgresql/data postgres:9.6.1

# docker container logs -f psql

# docker container stop psql

# docker container run -d --name  psql2 -v psql:/var/lib/postgresql/data postgres:9.6.2

 

# docker ps –a

 

Related posts:

  1. Tips for Foreign Travel Risk Assessment and Management
  2. 9 Advantages and Disadvantages of Cloud Computing for Business
  3. 3 Steps to Setup EC2 EBS Volume Disk Space Monitoring using Cloudwatch
  4. 3 Steps to setup SSH remote Access to EC2 from Cloud9

Filed Under: Off Track Tagged With: