Docker Run Cheat Sheet



docker daemon

Enable buildkit

  1. Docker is an open-source platform that can be used to build, ship, and run applications by packaging software in containers. Docker has a lot of commands and options, and it is very difficult to remember every command. This article provides a cheat sheet of the most commonly used Docker commands.
  2. Docker cheat sheet Introduction. Docker is a tool for bundling together applications and their dependencies into images that can than be run as containers on many different types of computers. Docker and other containerization tools are useful to scientists because.
  3. Docker Cheat Sheet Process Management # Show all running docker containers docker ps # Show all docker containers docker ps -a # Run a container docker run: # Run a container and connect to it docker run -it: # Run a container in the background docker run -d: # Stop a container docker stop.
Cheat

Run containers Docker command: docker run options image-name command arg Example: Running a container from the image alpine. Docker run image-name docker run image-name command docker run image-name command arg docker run alpine docker run alpine ls docker run alpine ping 192.168.3.1 Common options: Remove the container when it exits Give the container a name Allocate a terminal for the. $ docker run -it ubuntu bash Export port from a container $ docker run -p 80:80 -d nginx Start a named container $ docker run -name mydb redis. Docker Cheat Sheet Keywords: Docker Meetup Luxembourg, docker, refcard, cheat sheet, dockerlux.github.io Created Date.

Add to /etc/docker/daemon.json:

docker-compose

Docker Compose Command Cheat Sheet

Devices

Docker cheat sheet pdf

Labels

External Network

Dockerfile

Docker Stop Signal

imagemagick

vim

path update

Docker run cheat sheet pdf

download & extract tar.gz

gpg dirmgr explained

purge

list what exposed ports do

cassandra

gosu

debian

Docker Run Cheat Sheet

copy with proper permissions

su-exec

setgid

npm

gosu

tini

node

redis

docker

google cloud sdk

kubectl

pip

locale

tomcat

https://github.com/Unidata/tomcat-docker/blob/master/Dockerfile

gosu tomcat

Secure repository setup

create application folder structure

Download and clean up in one layer

Package Manager tricks

Metadata

Make sure to add ARG statements as late as possible to not invalidate the layer cache needlessly.Each ARG will be prepended to all subsequent RUN statements, i.e. building an image with the following Dockerfile docker --pull --tag foo:latest --build-arg GIT_COMMIT=46e24af6 --build-arg USERNAME=flask .

Effectively results in the following calls:

Since the git commit hash will typically change with each build the build will not make good use of Docker’s layer cache

Python

Golang

Reference-Best Practices

Instructions

Usage:

  • FROM <image>
  • FROM <image>:<tag>
  • FROM <image>@<digest>

Information:

  • FROM must be the first non-comment instruction in the Dockerfile.
  • FROM can appear multiple times within a single Dockerfile in order to create multiple images. Simply make a note of the last image ID output by the commit before each new FROM command.
  • The tag or digest values are optional. If you omit either of them, the builder assumes a latest by default. The builder returns an error if it cannot match the tag value.

Reference-Best Practices

Usage:

  • MAINTAINER <name>

The MAINTAINER instruction allows you to set the Author field of the generated images.

Usage:

  • RUN <command> (shell form, the command is run in a shell, which by default is /bin/sh -c on Linux or cmd /S /C on Windows)
  • RUN ['<executable>', '<param1>', '<param2>'] (exec form)

Information:

  • The exec form makes it possible to avoid shell string munging, and to RUN commands using a base image that does not contain the specified shell executable.
  • The default shell for the shell form can be changed using the SHELL command.
  • Normal shell processing does not occur when using the exec form. For example, RUN ['echo', '$HOME'] will not do variable substitution on $HOME.

Reference-Best Practices

Usage:

  • CMD ['<executable>','<param1>','<param2>'] (exec form, this is the preferred form)
  • CMD ['<param1>','<param2>'] (as default parameters to ENTRYPOINT)
  • CMD <command> <param1> <param2> (shell form)

Information:

  • The main purpose of a CMD is to provide defaults for an executing container. These defaults can include an executable, or they can omit the executable, in which case you must specify an ENTRYPOINT instruction as well.
  • There can only be one CMD instruction in a Dockerfile. If you list more than one CMD then only the last CMD will take effect.
  • If CMD is used to provide default arguments for the ENTRYPOINT instruction, both the CMD and ENTRYPOINT instructions should be specified with the JSON array format.
  • If the user specifies arguments to docker run then they will override the default specified in CMD.
  • Normal shell processing does not occur when using the exec form. For example, CMD ['echo', '$HOME'] will not do variable substitution on $HOME.

Reference-Best Practices

Usage:

  • LABEL <key>=<value> [<key>=<value> ...]

Information:

  • The LABEL instruction adds metadata to an image.
  • To include spaces within a LABEL value, use quotes and backslashes as you would in command-line parsing.
  • Labels are additive including LABELs in FROM images.
  • If Docker encounters a label/key that already exists, the new value overrides any previous labels with identical keys.
  • To view an image’s labels, use the docker inspect command. They will be under the 'Labels' JSON attribute.

Reference-Best Practices

Usage:

  • EXPOSE <port> [<port> ...]

Information:

  • Informs Docker that the container listens on the specified network port(s) at runtime.
  • EXPOSE does not make the ports of the container accessible to the host.

Reference-Best Practices

Usage:

  • ENV <key> <value>
  • ENV <key>=<value> [<key>=<value> ...]

Information:

  • The ENV instruction sets the environment variable <key> to the value <value>.
  • The value will be in the environment of all “descendant” Dockerfile commands and can be replaced inline as well.
  • The environment variables set using ENV will persist when a container is run from the resulting image.
  • The first form will set a single variable to a value with the entire string after the first space being treated as the <value> - including characters such as spaces and quotes.

Reference-Best Practices

Usage:

  • ADD <src> [<src> ...] <dest>
  • ADD ['<src>', ... '<dest>'] (this form is required for paths containing whitespace)

Information:

  • Copies new files, directories, or remote file URLs from <src> and adds them to the filesystem of the image at the path <dest>.
  • <src> may contain wildcards and matching will be done using Go’s filepath.Match rules.
  • If <src> is a file or directory, then they must be relative to the source directory that is being built (the context of the build).
  • <dest> is an absolute path, or a path relative to WORKDIR.
  • If <dest> doesn’t exist, it is created along with all missing directories in its path.

Reference-Best Practices

Usage:

  • COPY <src> [<src> ...] <dest>
  • COPY ['<src>', ... '<dest>'] (this form is required for paths containing whitespace)

Information:

  • Copies new files or directories from <src> and adds them to the filesystem of the image at the path <dest>.
  • <src> may contain wildcards and matching will be done using Go’s filepath.Match rules.
  • <src> must be relative to the source directory that is being built (the context of the build).
  • <dest> is an absolute path, or a path relative to WORKDIR.
  • If <dest> doesn’t exist, it is created along with all missing directories in its path.

Reference-Best Practices

Usage:

  • ENTRYPOINT ['<executable>', '<param1>', '<param2>'] (exec form, preferred)
  • ENTRYPOINT <command> <param1> <param2> (shell form)

Information:

  • Allows you to configure a container that will run as an executable.
  • Command line arguments to docker run <image> will be appended after all elements in an exec form ENTRYPOINT and will override all elements specified using CMD.
  • The shell form prevents any CMD or run command line arguments from being used, but the ENTRYPOINT will start via the shell. This means the executable will not be PID 1 nor will it receive UNIX signals. Prepend exec to get around this drawback.
  • Only the last ENTRYPOINT instruction in the Dockerfile will have an effect.

Reference-Best Practices

Usage:

  • VOLUME ['<path>', ...]
  • VOLUME <path> [<path> ...]

Creates a mount point with the specified name and marks it as holding externally mounted volumes from native host or other containers.

Reference-Best Practices

Usage:

  • USER <username | UID>

The USER instruction sets the user name or UID to use when running the image and for any RUN, CMD and ENTRYPOINT instructions that follow it in the Dockerfile.

Reference-Best Practices

Usage:

  • WORKDIR </path/to/workdir>

Information:

  • Sets the working directory for any RUN, CMD, ENTRYPOINT, COPY, and ADD instructions that follow it.
  • It can be used multiple times in the one Dockerfile. If a relative path is provided, it will be relative to the path of the previous WORKDIR instruction.

Reference-Best Practices

Usage:

  • ARG <name>[=<default value>]

Information:

  • Defines a variable that users can pass at build-time to the builder with the docker build command using the --build-arg <varname>=<value> flag.
  • Multiple variables may be defined by specifying ARG multiple times.
  • It is not recommended to use build-time variables for passing secrets like github keys, user credentials, etc. Build-time variable values are visible to any user of the image with the docker history command.
  • Environment variables defined using the ENV instruction always override an ARG instruction of the same name.
  • Docker has a set of predefined ARG variables that you can use without a corresponding ARG instruction in the Dockerfile.
    • HTTP_PROXY and http_proxy
    • HTTPS_PROXY and https_proxy
    • FTP_PROXY and ftp_proxy
    • NO_PROXY and no_proxy

Usage:

  • ONBUILD <Dockerfile INSTRUCTION>

Information:

  • Adds to the image a trigger instruction to be executed at a later time, when the image is used as the base for another build. The trigger will be executed in the context of the downstream build, as if it had been inserted immediately after the FROM instruction in the downstream Dockerfile.
  • Any build instruction can be registered as a trigger.
  • Triggers are inherited by the 'child' build only. In other words, they are not inherited by 'grand-children' builds.
  • The ONBUILD instruction may not trigger FROM, MAINTAINER, or ONBUILD instructions.

Reference-Best Practices

Usage:

  • STOPSIGNAL <signal>

The STOPSIGNAL instruction sets the system call signal that will be sent to the container to exit. This signal can be a valid unsigned number that matches a position in the kernel’s syscall table, for instance 9, or a signal name in the format SIGNAME, for instance SIGKILL.

Usage:

  • HEALTHCHECK [<options>] CMD <command> (check container health by running a command inside the container)
  • HEALTHCHECK NONE (disable any healthcheck inherited from the base image)

Information:

  • Tells Docker how to test a container to check that it is still working
  • Whenever a health check passes, it becomes healthy. After a certain number of consecutive failures, it becomes unhealthy.
  • The <options> that can appear are...
    • --interval=<duration> (default: 30s)
    • --timeout=<duration> (default: 30s)
    • --retries=<number> (default: 3)
  • The health check will first run interval seconds after the container is started, and then again interval seconds after each previous check completes. If a single run of the check takes longer than timeout seconds then the check is considered to have failed. It takes retries consecutive failures of the health check for the container to be considered unhealthy.
  • There can only be one HEALTHCHECK instruction in a Dockerfile. If you list more than one then only the last HEALTHCHECK will take effect.
  • <command> can be either a shell command or an exec JSON array.
  • The command's exit status indicates the health status of the container.
    • 0: success - the container is healthy and ready for use
    • 1: unhealthy - the container is not working correctly
    • 2: reserved - do not use this exit code
  • The first 4096 bytes of stdout and stderr from the <command> are stored and can be queried with docker inspect.
  • When the health status of a container changes, a health_status event is generated with the new status.

Usage:

  • SHELL ['<executable>', '<param1>', '<param2>']

Information:

  • Allows the default shell used for the shell form of commands to be overridden.
  • Each SHELL instruction overrides all previous SHELL instructions, and affects all subsequent instructions.
  • Allows an alternate shell be used such as zsh, csh, tcsh, powershell, and others.

Docker Compose Cheat Sheet

Notes

Docker Run Cheat Sheet Excel

  • Based on the information from Dockerfile reference and Docker file best practices.
  • Converted by halprin.