Docker Basics I want to remember
5 min read
# Outline: Basics Tips I Want to Remember
As I continue to work with Docker, I find that many useful commands and concepts and overall container management I forget after some period away. This post serves as a comprehensive guide to Docker, organized into sections that cover my main use case needs like image management, container operations, networking, and more. If you're looking to refresh your memory, these insights are meant to be a valuable resource worth remembering.
## Docker Installation and Setup
There is another post where I go through the installation for it. Make sure to check it out.
Setup Docker on Windows with WSL
## Lab vs Production
For real applications, IT users and app teams need more sophisticated tools. Docker supplies two such tools: Docker Compose and Docker Swarm Mode. The two tools have some similarities but some important differences:
Docker containers at runtime
Compose is used to control multiple containers on a single system. Much like the Dockerfile we looked at to build an image, there is a text file that describes the application: which images to use, how many instances, the network connections, etc. But Compose only runs on a single system so while it is useful, we are going to skip Compose1 and go straight to Docker Swarm Mode.
Swarm Mode tells Docker that you will be running many Docker engines and you want to coordinate operations across all of them. Swarm mode combines the ability to not only define the application architecture, like Compose, but to define and maintain high availability levels, scaling, load balancing, and more. With all this functionality, Swarm mode is used more often in production environments than its more simplistic cousin, Compose.
Since I’ll be talking about not-so-robust labs initially, Compose will be our go-to tool.
## Efficient Docker Image Management
Utilizing base image updates
docker build [OPTIONS] PATH | URL
docker build
-f Dockerfile .
-t image_name:tag
Copying images from one server to another
## SAVE IMAGE FILE AS TAR
docker save -o image.tar image:tag
## Load the image on the target server:
docker load -i /path/to/destination/image.tar
## Container Management and Operations
Starting and stopping containers efficiently
Start vs. Run:
docker container <name> ls [-a]
docker container start <name> [-d]
docker container exec -it <name> /bin/sh
docker container stop <name>
docker container rm <name>
Using labels and metadata for organization
Inspecting and debugging running containers
## Networking and Port Configuration
docker network ls
docker network [inspect]
docker info
docker run --name <name> -d -p 8080:80 <image>
Exposing and mapping ports correctly
Understanding Docker networks: bridge, host, and overlay
Customizing network configurations
## Data Persistence and Volumes
Here, we will illustrate the concept of volume. We will see how to use volume
in a Dockerfile
at runtime with the -v option
using the volume API
Data persistence without a volume?
We will first illustrate how data does not persist outside of a container by default.
Defining a volume in a Dockerfile
Create a Dockerfile with the following content
FROM alpine
VOLUME ["/data"]
ENTRYPOINT ["/bin/sh"]
Note: We specify /bin/sh as the ENTRYPOINT so that if no command is provided in interactive mode, we will end up in a shell inside our container.
We will then create an interactive container (using -it flags) from this image and name it c2.
docker container run --name c2 -ti img1
We should then end up in a shell within the container. From there, we will go into /data and create a hello.txt file.
cd /data
touch hello.txt
ls
Let’s build an image from this Dockerfile.
docker image build -t img1 .
Defining a volume at runtime
We have seen volume defined in a Dockerfile, we will see they can also be defined at runtime using the -v flag of the docker container run command.
Let’s create a container from the alpine image. We’ll use the -d option so it runs in the background and also define a volume on /data as we’ve done previously. In order for the PID 1 process to remain active, we use the following command that pings Google DNS and logs the output in a file within the /data folder.
Usage of the Volume API
The volume API introduced in Docker 1.9 enables to perform operations on volume very easily.
First, have a look at the commands available in the volume API.
docker volume --help
We will start with the create command, and create a volume named html.
docker volume create --name html
If we list the existing volume, our HTML volume should be the only one.
docker volume ls
The output should be something like
DRIVER VOLUME NAME
[other previously created volumes]
local html
In the volume API, like for almost all the other Docker APIs, there is an inspect command. Let’s use it against the html volume.
docker volume inspect html
Mount the host’s folder into a container
The last item we will talk about is named bind-mount and consists of mounting a host’s folder into a container’s folder. This is done using the -v option of the docker container run command. Instead of specifying one single path (as we did when defining volumes), we will specify 2 paths separated by a column.
docker container run -v HOST_PATH:CONTAINER_PATH [OPTIONS] IMAGE [CMD]
When to use volumes vs bind mounts
Use volumes for Docker-managed storage that persists even when containers are deleted. Bind mounts are useful when you need control over the specific location on the host.
Bind-mounting is very useful in development as it enables, for instance, to share source code on the host with the container.
## Useful Docker Commands and Tools
Essential Docker CLI commands
docker ps
docker images
docker exec -it -rm
docker inspect
docker system prune
docker stats
docker cp /folder/files
docker run
### Automating routine Docker tasks
### Favorite Containers For random stuff
Kali + Vulnerable Machines
it-tools
DangerZone
linuxserver->Firefox (A webrowser inside a webbrowser) instead of VPN