Welcome back to my Docker Bootcamp blog series. Last week, I covered Docker’s background and walked through installing Docker. In this post, I’ll review some common terminology used when talking about Docker and containers. I’ll also show some of the basic commands needed to get you using Docker along with a few of the optional flags for the commands (there are more flags you will learn later). I’ll give you some examples you can try to get a feel for using the commands on your own.
Terminology
- Application Compatibility – Docker can only run applications that are natively supported by the host system.
- Container – (AKA jail) – Contains all the necessary components to run one application in isolation. Limits the impact software can have on the host system. Easily removable. Created from an image. Runs the same from one environment to another.
- Container states – A container can be in one of four states: running, paused, exited, restarting.
- Containerization – Use of operating system level process isolation. Low overhead because a guest operating system is not required.
- Daemon – A process that runs in the background.
- Dockerfile – A script for building an image. Can be distributed through a registry, source control or manual file transfer.
- Host System – The system running the Docker daemon.
- Image – A file that includes all the elements necessary to run an application as a container ie – code, config files, environment variables, layers, and libraries. Can be reused to create multiple containers. Can be used by different operating systems and computers and work the same in every environment. Does not change once built and distributed. Can be distributed through a registry, source control (likely easier to use the dockerfile in this case) or manual file transfer.
- Isolation – Segregating a process from all resources except where explicitly allowed.
- Linux image – An image built to run on a Linux host (or Windows using WSL).
- Orchestration – (AKA Container Orchestration) – Tools to automate the maintenance of containers ie Kubernetes or Swarm. Replace failed containers, restart containers, scale containers in the cloud.
- Registry – An infrastructure for housing repositories and distributing images.
- Repository – A named bucket of images for a user at a registry.
- State: Exited – A newly created container with the create command. A running container that is stopped.
- State: Paused – A running container that is paused.
- State: Restarting – A running container that is in the process of restarting.
- State: Running – A newly created container with the run command. A stopped container that is started. A paused container that is resumed.
- Tag – A way to identify an image within a repository ie – v1, v2, latest (a synonym for v2), localconfig, webconfig. Allows users to pull a specific version of an image. An image can have multiple tags to help the user find the correct image.
- Virtualization – Use of hardware level process isolation (ie virtual machine). High overhead because a full guest operating system is required.
- Windows image – An image built to run on a Windows host.
- WSL – Windows Sub-System for Linux. A full Linux kernel running inside Windows that allows Linux containers to run without emulation.
Commands
- attach – Attach local input and output to a running container
- container prune – Remove all stopped containers
- create – Create a new container in a stopped state
- exec – Run a command in a running container
- help – List available docker commands
- help <cmd> – List syntax and use details for the given command
- images – List locally available images
- info – Display system-wide docker info
- inspect – Display all the metadata about an image or container in JSON format
- login – Log into a registry
- logs – View logs for a container
- logout – Log out of a registry
- port – List port mappings for a container
- ps – List containers
- pull – Download an image from a registry
- rename – Rename a container
- restart – Restart a running container
- rm – Remove a container
- rmi – Remove an image
- run – Create and start a new container
- search – Search the registry for an image
- start – Start a stopped container
- stats – Show resource usage stats for a container
- stop – Stop a running container
- top – List running processes running inside a container
Command Details
You can find a full list of commands and all available flags at https://docs.docker.com/engine/reference/commandline/docker/.
attach
docker attach [options] container
–no-stdin | O | Do not attach stdin |
create
docker create [options] image [command] [args…]
Outputs: ContainerID
–cidfile <string> | O | Write the container id of the newly created container to a known filename | |
–interactive | -i | O | Allow standard input to the container |
–name <string> | O | Give the container a friendly name | |
–publish <list> | -p | O | Map container port to host |
–read-only | O | Create a read only file system | |
–rm | O | Automatically remove the container when it exits | |
–tty | -t | O | Allocate a virtual terminal for the container |
image | R | The name of the image to run. | |
command | O | The command to run inside the image | |
args | O | The arguments to the command |
- Container name
- If the name parameter is not supplied, docker will create the container with a name in the format x_y (ie boring_pike).
- If the named container already exists, you will get a name already in use error.
- Container ID
- 1024 bit number hex encoded as 64 characters
- Often shortened to the first 12 characters
- Can be used to reference a container instead of the name
- Including any commands that take a container name as an argument
- Useful for scripts and automation
- Interactive/TTY
- Required at the time of creation if you want to interact with the container in any way, even if you start detached.
exec
docker exec [options] container command [args…]
–detach | -d | O | Run command in the background |
–env <list> | -e | O | Set environment variables |
–interactive | -i | O | Keep stdin open even if not attached |
–tty | -t | O | Attach a terminal |
–user <string> | -u | O | Username of uid to run the command under |
–workdir <string> | -w | O | Working directory inside the container |
login
docker login [options] [server]
–username | -u | R | Username |
–password | -p | R | Password |
–password-stdin | O | Read the password from stdin | |
server | O | Server name of the registry (default index.docker.io/v1) |
- If you do not provide a password flag, it will ask for it interactively
logs
docker logs [options] container
–follow | -f | O | Follow the log output |
–timestamps | -t | O | Show timestamps |
- Anything the program writes to stdout or stderr will be recorded in the log
- There is no automatic log rotation or truncation
port
docker port container
ps
docker ps [options]
–all | -a | O | Show all containers |
–filter <filter> | -f | O | Filter the list of results |
–last <int> | -n | O | Show the last <int> created containers (default -1) |
–latest | -l | O | Show the latest created container |
–no-trunc | O | Do not truncate output | |
–size | -s | O | Show the total file size |
- Defaults to only showing running containers
- Use the -a flag to show all containers in all states
- Filter takes a parameter in key=value format
- Performs a “like value” search
- Possible keys: name, id, status, ancestor
- Use ancestor as the key to search for a container by image, image:tag, short-id, or full-id
- Using no-trunc will show the full container id
pull
docker pull [options] [registryhost/][username/]name[:tag]
–all-tags | -a | O | Download all tagged images in the named repository |
rename
docker rename container newname
- Renaming does not change the container id
restart
docker restart [options] container
–time <int> | -t | O | Seconds to wait before restarting (default 10) |
rm
docker rm [options] container [container…]
–force | -f | O | Force removal of a running container |
–link | -l | O | Remove the specified link |
rmi
docker rmi [options] image [image…]
–force | -f | O | Force removal of the image |
–no-prune | O | Do not delete untagged parents |
run
docker run [options] image [command] [args…]
–detach | -d | O | Run container in detached mode (no console input/output) |
- See “create” command details for other available options
start
docker start [options] container [container….]
–attach | -a | O | Attach stdout |
–interactive | -i | O | Attach stdin |
stats
docker stats container
stop
docker stop [options] container [container…]
–time <int> | -t | O | Seconds to wait before stopping (default 10) |
top
docker top container
Try These Examples
Interact with Docker
-
- View the list of available commands
- Docker help
- View the details of a command
- Docker help create
- View the details of the docker environment
- Docker info
- Log into docker registry
- Docker login -u <username>
- Enter password when prompted
- View the list of available commands
Busybox Test
-
- Search docker for an image
- Docker search busybox
- Notice the official image provided by docker is marked as [OK] in the official column
- Docker search busybox
- Pull an image from the docker registry
- docker pull busybox:latest
- Create an interactive container
- docker create -it –name bbtest busybox /bin/sh
- Start a container
- docker start bbtest
- Run a command inside a running container
- Docker exec bbtest date
- Docker exec bbtest ps
- Docker exec bbtest ls
- Connect a terminal to a running container
- docker attach bbtest
- Interact with the container using linux command line
- Create a file “touch /home/test.txt”
- Use “exit” to exit the shell and stop the container
- Create a container that is not interactive
- Docker create –name bbtest2 busybox
- Docker start bbtest2
- Container starts and immediately stops
- Create a container that is interactive, but without a terminal
- Docker create -i –name bbtest3 busybox /bin/sh
- Docker start -a bbtest3
- Container starts and attaches to command window, but container does not have a virtual terminal defined
- Create a container that has a read only file system
- Docker create -it –read-only –name rotest busybox /bin/sh
- Interact with the container using linux command line
- Create a file “touch /home/test.txt”
- Cannot write file
- Create a file “touch /home/test.txt”
- Create a container that executes a command and stops
- docker create –name datetest busybox /bin/date
- Run a container that executes a command and stops
- Docker start datetest
- Does not show output on the console
- Docker logs datetest
- Verify the command ran
- Docker start -a datetest
- Show output on the console
- Docker start datetest
- List all containers
- Docker ps -a
- Remove all stopped containers
- Docker container prune
- Search docker for an image
Nginx Test
-
- Pull an image, create and start a detached container that exposes a network port
- docker run -d -p 80:80 –name ngtest nginx
- Open a browser and navigate to http://localhost
- View Nginx welcome page
- View container logs
- Docker logs ngtest
- View port mappings
- Docker port ngtest
- View running processes
- Docker top ngtest
- View container metadata
- Docker inspect ngtest
- View container usage details
- Docker stats ngtest
- Stop a running container
- Docker stop ngtest
- Open a browser and navigate to http://localhost
- Page cannot be found
- Remove a container
- Docker rm ngtest
- Pull an image, create and start a detached container that exposes a network port
Getting the hang of it? In my next post, I’ll dive into the topic of persistent storage. If you have any questions or comments, don’t hesitate to drop a comment below.