Docker

Reference notes while operating Docker

Warning

These notes are likely stale

Basic Info

don’t run docker commands as root sudo usermod -aG docker callimachus
Docker Hub
Docker Compose

Reference: Docker Commands

docker info
docker inspect
docker exec -it
docker run -d
docker ps -a
docker stop [my_container]
docker rm [my_container]
docker rmi [docker_image]
docker volume rm [my_volume]
docker volume create [my_volume]
docker volume ls
docker volume inspect [my_volume]
docker container ls -aq # list all containers
docker network ls # list them all
docker network prune -a # get rid of them all

Lifecycle Management

Run in detached mode (daemon mode), background

docker run -d --name=nginx nginx:latest

Restart Container

docker restart nginx

Execute a command in a container without affecting the running process

#  Interactive, attach with a shell.
docker exec -it nginx /bin/bash

List processes

docker ps # Running Processes
docker ps -a # Running and Stopped Processes

remove images, when no containers are based upon it

docker rmi centos:centos6

docker image prune # remove all currently unused imaged docker image prune -a # clear everything

Remove containers

docker rm nginx:old
docker system prune # remove all stopped containers, images, unused networks

Stop all containers. Remove all stopped containers, using bash command substitution

docker container stop $(docker container ls -aq) # stop all containers docker container rm $(docker container ls -aq) # remove all stopped containers docker rmi -f $(docker images -aq)

Docker Inspect

get info about container

docker inspect

get ip address of container

docker inspect nginx:latest | grep IPAddr

Ports and Volumes

volumes

docker volume ls docker volume rm docker volume prune

ports

In docker-compose expose -> reveal ports to the docker environment ports -> expose ports to docker and to the host system (i.e. publish the ports)

Bind ports

# docker run -d -p HOSTPORT:CONTAINERPORT
docker run -d -p 8080:80 --name=WebServer nginx:latest

Create a mount point in a container

# docker run -d -p 8080:80 --name=webserver -v HOSTVOLPATH:CONTAINERVOLPATH nginx:latest
docker run -d -p 8080:80 --name=webserver -v /home/user/www:/usr/share/nginx/html nginx:latest

BUILDING, using a Dockerfile

# Execute in directory with dockerfile, or define path
docker build -t dzoladz/ubuntu .

Dockerfile

each step in the build process is a new container
try to combine mulitple RUN commands when possible

RUN * applies to the base images
CMD * applies to the container instantiated on the base image
EXPOSE * expose container ports to host system

Build a container using a Dockerfile and tag it

docker build -t keycloak-proxy .

docker run -d -p 80:80 -p 443:443 --name=keycloak-proxy keycloak-proxy:latest

# Reload Nginx config in running container
docker exec <container name> nginx -s reload

Applications

Metabase

# NOTE: this will run Metabase without any persistent storage for the application.
docker run -d -p 3000:3000 --name metabase metabase/metabase

ownCloud

docker run -d -p 8080:80 --name owncloud --mount source=/Users/Derek/docker/owncloud,target=/var/www/html owncloud:8.1

Keyclock, Docker for Testing

Notes on the installation of Keycloak using official jboss/keycloak Docker image.

Install Git and Docker

Add the GPG key for the official Docker repo

curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -

Add the Docker repository to APT sources

add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"

Update package database

apt-get update

Install from the Docker repo, not the Ubuntu 16.04 distribution package.

apt-cache policy docker-ce

Install Docker Community Edition and Git

apt-get install -y docker-ce git

Add Keycloak User

Run docker as a non-root user

Create the Keycloak user

adduser keycloak

Add keycloak user to the docker group. No sudo for docker commands

usermod -aG docker keycloak

Launch Keycloak w/ Postgres

Create the Keycloak network

docker network create keycloak-network

Deploy a PostGRES container for the Keycloak app

docker run -d --name keycloak-db --net keycloak-network -e POSTGRES_DB=keycloak -e POSTGRES_USER=keycloak -e POSTGRES_PASSWORD=password postgres

Deploy the Keycloak container

docker run -d --name keycloak-app --net keycloak-network -p 8443:8443 -e DB_ADDR=keycloak-db -e KEYCLOAK_USER=admin -e KEYCLOAK_PASSWORD=password jboss/keycloak

Start Keycloak with Proxy Forwarding for use with Nginx

docker run -d --name keycloak-app --net keycloak-network -p 8443:8443 -e DB_ADDR=keycloak-db -e KEYCLOAK_USER=admin -e KEYCLOAK_PASSWORD=password -e PROXY_ADDRESS_FORWARDING=true jboss/keycloak

Last modified May 10, 2021: ADD: front-matter to notebook files (c9fea35)