Docker
Overview
Docker is container software. It is commonly used as a lightweight alternative to a virtual machine.
Running Docker Without sudo
By default, Docker has to be run with sudo commands otherwise you will experience errors such as:
$ dial unix /var/run/docker.sock: connect: permission denied
(this particular error was trying to run docker pull ...)
Create a new docker group:
$ sudo groupadd dockerAdd the current user (you) to the docker group:
$ sudo gpasswd -a ${USER} dockerRestart the docker service:
$ sudo service docker restartApply the changed settings to the current terminal process (logging out and back in would have the same effect):
newgrp docker- All done! You should now be able to use docker commands without
sudo.
What Are Images? What Are Containers?
An image is a file which contains all the information/data about a particular system setup. When you run an image, you create a container of this image. You can create many containers based of the same image.
Images
Getting Images (docker pull)
Images can be downloaded from Docker Hub using the docker pull command.
docker pull image_name
Images can be removed with:
$ docker rmi image_name
Inspecting Local Images
You can view all of the docker images present on the local machine with:
docker images
Building An Image From A Dockerfile
Change the working directory to the one that contains the Dockerfile, and then run:
docker build .
If you want to provide your own name for the image, use the -t option:
docker built -t myimage
Delete All Images
The following command will remove all Docker images from your system:
$ docker rmi $(docker images -q)
Sometimes this won't work because of the error: image is referenced in multiple repositories. To force the delete, add the -f option:
$ docker rmi -f $(docker images -q)
Containers
Inspecting
To show only running containers:
$ docker ps
To show all containers (included those that are not running):
$ docker ps -a
To Start A Container From An Image
docker run
To Start A Container With Mount Points
The -v flag is used in conjunction with docker run to start a new container with mount points. A mount point is when you mount a directory (and all of it's contents) into the container at a certain position within the file system. The -v option must come before the image name.
docker run -v /host/directory:/container/directory <image_name> <cmd>
The path to the host directory must be absolute, docker run does not allow you to specify a relative path.
To Start A New Bash Session Within A Running Container
Enter this on the a shell session running in the host computer to enter a shell session inside the docker container.
$ docker exec -it <container_id> bash
This assumes you already have a container running!
To Exit A Container Without Stopping It
If the container is being run inside a bash shell, you can press Ctrl-P then Ctrl-Q.
How To Stop/Remove All Containers At Once
$ docker stop $(docker ps -a -q)
$ docker rm $(docker ps -a -q)
If there are many docker containers, these commands can take some time (seconds).
Runtime Statistics of Docker Containers (docker stats)
The docker stats command gives you an overview of useful statistics for each running Docker container such as CPU usage, memory usage, network I/O, block I/O and PIDs. You can run this command with:
docker stats
Dockerfiles
Dockerfiles are configuration files which tell Docker how to build an image.
Below is an example Dockerfile:
# Extend base image ubuntu 16.04
FROM ubuntu:16.04
## Update Ubuntu Software repository
RUN apt-get update
## Install git
RUN apt-get install -y git
If you are currently in the directory which has a Dockerfile, you can compile it with the following command:
$ docker build -t my-docker-image .
Docker caches the image after each command in the Dockerfile, this is called a layer. When re-building, Docker will used cached layers to speed up the build process unless it determines that the the cache is invalid.
COPY and ADD are two commands that commonly invalidate cache and slow down rebuild steps.
How To Speed Up "sending build context to docker daemon"
Adding a .dockerignore file and including everything in your project that is not used as part of the Docker build process can greatly speed up the sending build context to docker daemon process. Without a proper dockerignore you could be sending 100's of MiB or GiB of data to Docker, and the build process only uses a tiny fraction of it.