AntMarras · April 17, 2021 07:25
diff --git a/docker command cheat sheet b/docker command cheat sheet
 #=====================================================================
 #The default CPU CFS (Completely Fair Scheduler) period is 100ms, usually --cpu-period should work with --cpu-quota
 #By default, a container can use all available CPU resources, which corresponds to a --cpu-quota value of -1
 docker run -it --cpu-quota=-1 ubuntu:20.04 /bin/bash
 #If there is 1 CPU, this means the container can get 50% CPU worth of run-time every 50ms.
 docker run -it --cpu-period=50000 --cpu-quota=25000 ubuntu:20.04 /bin/bash 
 #If there is 1 CPU, As the default value of --cpu-period is 100000, setting the value of --cpu-quota to 25000 limits a container to 25% of the CPU resources
 docker run -it --cpu-quota=25000 ubuntu:20.04 /bin/bash
 #On a 2-CPU system `--cpus 1.5` means the container will take 75% (1.5/2) of the CPU share.
 docker run -it --cpus 1.5 ubuntu:20.04 /bin/bash
 #=====================================================================
 docker create --name container_name image_name:tag #instantiate the container from the image
 docker create --name app_redis_1 --expose 6379 redis:3.0.2
 #=====================================================================
 "docker build -t myimage:1.0 ."
 #Run a container from the Alpine version 3.9 image, name the running container “web” and expose port 5000 externally, mapped to port 80 inside the container. 
 "docker container run --name web -p 5000:80 alpine:3.9"
 "docker container logs --tail 100 web" #Print the last 100  lines of a container’s logs 

 "docker container stop web" #Stop a running container through SIGTERM 
 "docker container kill web" #Stop a running container through SIGKILL 

 "docker pull myimage:1.0" #Pull an image from a registry  
 "docker tag myimage:1.0 myrepo/myimage:2.0" #Retag a local image with a new image name and tag
 "docker push myrepo/myimage:2.0" #Push an image to a registry
 #=====================================================================
 docker stats --format "{{.Container}}: {{.CPUPerc}}"
 docker stats --format "table {{.Container}}\t{{.CPUPerc}}\t{{.MemUsage}}"
 docker stats #Verifying Resources Usage
 docker run -m 512m --memory-reservation=256m --cpus=2 --cpu-shares=2000 web #container named as web
 #=====================================================================
    Option 1: RUN export PYTHONPATH="$PYTHONPATH:/app"
    Option 2: ENV PYTHONPATH="$PYTHONPATH:/app"

 docker run image env | grep PATH # see the PATH variables in the container 
 docker run image env
 #=====================================================================
 Best practices for writing Dockerfiles
 https://docs.docker.com/develop/develop-images/dockerfile_best-practices/

 Dockerfile reference
 https://docs.docker.com/engine/reference/builder/#usage
 #=====================================================================

 ls -l /usr/share/docker-ce/contrib/ ->  Create images from scratch, custom docker images  scripts
 #=====================================================================
 docker system df -v -> docker system df -v
                    SHARED SIZE is the amount of space that an image shares with another one (i.e. their common data)
                    UNIQUE SIZE is the amount of space that is only used by a given image
                    SIZE is the virtual size of the image, it is the sum of SHARED SIZE and UNIQUE SIZE


 docker system prune #Remove Unused or Dangling Images, Containers, Volumes, and Networks
 docker system prune -a #remove any stopped containers and all unused images (not just dangling images)
 docker system prune --volumes #prune volumes, simply add the --volumes
 #=====================================================================		    
 remove all untagged images
 docker images | grep "none"
 docker rmi -f $(docker images | grep "<none>" | awk "{print \$3}")

 docker images
 docker rmi $(docker images --filter "dangling=true" -q --no-trunc)
 docker images -a | grep "pattern" | awk '{print $3}' | xargs docker rmi # find all the images that match a pattern,delete them by using awk to pass the IDs to docker rmi

 $ docker image	        #list the most recently created images
 docker images -a -> list images
 $ docker images -f dangling=true


 $ docker rmi $(docker images -q -f dangling=true)

 $ docker rmi d65c4d6a3580 				#remove a single image
 $ docker rmi 612866ff4869 e19e33310e49 abe0cd4b2ebc	#remove multiple images

 docker image prune -a -f #remove all not associated with any container
 docker image prune -a --filter "until=12h" -f # remove all images that are created more than 12 hours ago
 docker image prune #interactively remove dangling images, Remove unused images

 docker image ls -> Remove unused images
 docker image rm nginx:xenial -> remove an image



 #=====================================================================
 #remove docker containers
 $ docker rm 0fd99ee0cb61		#remove a single container
 $ docker rm 0fd99ee0cb61 0fd99ee0cb61   #remove multiple containers
 sudo docker ps -a | grep -v CONTAINER | awk '{print $1}' | xargs --no-run-if-empty sudo docker rm -f

 docker ps
 docker ps -a
 docker rm $(docker ps -qa --no-trunc --filter "status=exited")

 #stop and remove all containers
 $ docker stop $(docker ps -a -q)	#stop all containers
 $ sudo docker ps -a -q | xargs sudo docker stop

 $ docker container prune		#interactively remove all stopped containers
 $ docker rm $(docker ps -qa)

 #remove all exited containers
 docker rm $(docker ps -qa --filter "status=exited")
 docker rm $(docker ps -a -f status=exited -q)

 docker ps -l -> List containers
 "docker ps --last 1" 
 docker container kill -> Kill one or more running containers
 docker container ls -> List containers (default shows just running)
 docker container ls -a ->  Show all containers (default shows just running)
 docker container ls -a --filter status=exited --filter status=created ->  list of all non-running (stopped) 
 docker container ls -aq ->   list of all Docker containers

 docker container prune -> Remove all stopped containers
 docker container prune --filter "until=12h" -> remove all images that are created more than 12 hours ago

 docker container stop CONTAINERID -> Stop container
 docker container rm CONTAINERID -> Remove one or more containers

 docker container stop $(docker container ls -aq) -> stop all running containers
 docker container rm $(docker container ls -aq) -> Once all containers are stopped, remove all containers

 docker container rename 9328ba729dfb initiator
 docker container top CONTAINERID -> Display the running processes of a container
 #=====================================================================
 delete networks
 docker network ls | grep "bridge"  
 docker network rm $(docker network ls | grep "bridge" | awk '/ / { print $1 }')

 docker network ls -> List networks
 docker network create --driver overlay proxy
 docker network ls -f "driver=overlay"
 docker network create mynetwork #Run a detached container in a previously created container netwo
 docker run --name mywildfly-net -d --net mynetwork \ -p 8080:8080 jboss/wildfly
 #=====================================================================
 #delete volumes
 $ docker volume ls
 $ docker volume rm volume_ID 	           #remove a single volume 
 $ docker volume rm volume_ID1 volume_ID2   #remove multiple volumes

 #remove dangling volumes
 docker volume rm $(docker volume ls  -q --filter dangling=true)
 docker volume rm $(docker volume ls -qf dangling=true)
 docker volume ls -qf dangling=true | xargs -r docker volume rm
 #remove all unused local volumes
 docker volume prune	
 #=====================================================================
 docker version -> check version
 docker load -> Load an image from a tar archive or STDIN
 docker load -i xenial.tar ->  Read from tar archive file, instead of STDIN
 sudo docker tag de915e2c17db dockerfuhrer/ubuntu-ansible:1.0
 #=====================================================================
 # first decide if you want to run the container in the background in a “detached” mode, -d=true or -d option
 # or in the default foreground mode
 # input/output with a detached container use network connections or shared volumes
 # container is no longer listening to the command line where docker run was run
 # reattach to a detached container
 docker attach
 #=====================================================================

 # fails the detached container paradigm
 # root process (service nginx start) returns and the detached container stops as designed
 # the nginx service is started but could not be used
 docker run -d -p 80:80 my_image service nginx start
 #=====================================================================

 # foreground mode
 # the default when -d is not specified

 # when running in detached mode (the most common -d option), designed to shut down immediately after the initial entry point command
 # start the process in the container
 # attach the console to the process’s standard input, output, and standard error
 # pretend to be a TTY , stands for TeleTYpewriter.
 docker run
 CMD tail -f /dev/null


 # keep container running in detached mode, run something in the foreground
 # tail the /dev/null device as the CMD or ENTRYPOINT command of Docker image


 sudo docker run --net=host --device=/dev/infiniband/uverbs0 --device=/dev/infiniband/rdma_cm  -t -i centos /bin/bash
 sudo docker run -it --cap-add=IPC_LOCK --device=/dev/infiniband/uverbs1 --name=mnlx-verbs-nonprvlg mellanox/mofed421_docker:latest bash
    -i Keep STDIN open even if not attached.
    -t Allocate a pseudo-TTY.
    the default entrypoint /bin/sh -c, running /bin/bash
    exit immediately in daemon mode (-d). 
    If you want this container to run an interactive shell, use -it instead of -d.
 docker run -it -d ubuntu:18.04 bin/bash
 docker exec -it CONTAINER_ID /bin/bash
 docker exec -ti container_name "command.sh" #run a command inside the container namespace

 # Ctrl+P+Q command to exit out of the container.
 # the container still exists even after we exit from the container
 sudo docker run –it centos /bin/bash

 docker run -it --rm ubuntu:16.04 /bin/bash -> destroyed afterwards (use --rm )
 docker run --rm -p 80:80 nginx:1.10 ->specific Nginx version

 #privileged mode
 sudo docker run -it --privileged --name=mnlx-verbs-prvlg mellanox/mofed421_docker:latest bash
 #non privileged mode
 docker run -it --cap-add=IPC_LOCK --device=/dev/infiniband/uverbs1 --name=my-verbs-nonprvlg myofed421image bash
 #=====================================================================

 #run locally container from existing image in non privileged mode
 sudo docker run -i -t --cap-add=IPC_LOCK --device=/dev/infiniband/uverbs1 --device=/dev/zd0 --name=target-nonprvlg-zd0 myofed4212ubuntu16:1.0 /bin/bash
 #=====================================================================

 #Moving Images from Host to Host
 docker ps -a -> Find the ID of the container that you would like to move
 docker commit 02b0710b7f6b mynewimage -> Commit your changes and save the container to an image called mynewimage
 docker save mynewimage > /tmp/mynewimage.tar -> Save the mynewimage image to a tar file
 docker load < /tmp/mynewimage.tar -> Copy the mynewimage.tar file to your new Docker instance and load image tar

 docker commit -m "commit message" -a "author" container_id username/imagename:tag #Modify the container from the inside and then commit the changes to the image

 docker export -> saves a container’s running or paused instance to a file
 docker save -> saves a non-running container image to a file

 #=====================================================================

 "sudo docker build -t ubuntu-ansible ."
 "sudo docker build -t myofed4212ubuntu16:1.0 ." ->build image locally with a preferred tag name  from Dockerfile
 docker build -t nginx:xenial /vagrant/dockerfiles/nginx -> build docker image based on Dockerfile (/vagrant/dockerfiles/nginx/Dockerfile)
 "docker build -t nginx1:xenial --file Dockerfilenginx10 ." -> Different file name from Dockerfile

 docker run -i -t xenial  /bin/bash -> run the image and install your application manually to figure out what is needed in the docker file
                                      Install,configure and test. When you are done build your dockerfile.

 docker run trusty:latest cat /etc/lsb-release -> test docker image
 docker run -p 80:80 --name nginx1.0 -d nginx:xenial -> container runs as a daemon in the background

 docker events --since '2017-01-05' -> filter the output by an absolute timestamp or relative time on the host machine 
 docker events --filter 'image=alpine' -> get real-time events from the server
 docker history trusty:latest
 docker diff CONTAINERID ->Inspect changes to files or directories on a container’s filesystem
 docker logs CONTAINERID -> Fetch the logs of a container
 docker logs -f mywildfly #Follow the logs of a specific container
 docker stats CONTAINERID -> Display a live stream of container(s) resource usage statistics
 docker top nagios # processes of container nagios
 docker port nagios # show all mapped ports of container nagi
 #=====================================================================
 docker run -it --rm quay.io/gluster/gluster-fedora
 #=====================================================================
 docker-compose ps
 docker-compose -f docker-compose-dev.yml up -d app1
 docker-compose -f docker-compose-test-local.yml run --rm unit
 docker-compose -f docker-compose-test-local.yml build app -> as an alternative, define build arguments inside a Docker Compose file
 docker-compose build
 docker-compose logs
 docker-compose -f docker-compose-test-local.yml up -d staging-dep
 docker-compose -f docker-compose-test-local.yml ps
 docker-compose -f docker-compose-test-local.yml run --rm staging
 docker-compose -f docker-compose-test-local.yml down
 docker-compose -f docker-compose-local.yml up -d registry
 #=====================================================================
 #registry dry-test
 docker pull alpine
 docker tag alpine localhost:5000/alpine
 docker push localhost:5000/alpine
 ls -1 docker/registry/v2/repositories/alpine/

 #  private repositories
 sudo docker run –d –p 5000:5000 –-name registry registry:2
 # inspect command , section of "ExposedPorts" 
 #=====================================================================
 sudo docker pull jenkins
 # The left-hand side of the port number mapping is the Docker host port to map to 
 # and the right-hand side is the Docker container port number.
 sudo docker run -p 8080:8080 -p 50000:50000 jenkins
 #=====================================================================
 docker tag go-demo localhost:5000/go-demo:1.0
 docker push localhost:5000/go-demo:1.0

 #=====================================================================
 docker-machine create -d virtualbox go-demo -> outputs environment variables required for the local engine to find the server
 docker-machine env go-demo -> the remote engine is inside the VM
 docker-machine ls
 eval $(docker-machine env node-1) -->set environment variables so that the local Docker Engine is pointing to the node-1
 docker swarm init --advertise-addr $(docker-machine ip node-1) -->  --advertise-addr is the address that this node will expose to other nodes for internal communication

 #setup swarm cluster
 for i in 1 2 3; do
 docker-machine create -d virtualbox --virtualbox-memory "1024" --virtualbox-disk-size "20000" --virtualbox-cpu-count "1" monnode-$i
 done
 eval $(docker-machine env monnode-1)
 docker info
 docker swarm init --advertise-addr $(docker-machine ip monnode-1)
 TOKEN=$(docker swarm join-token -q worker)
 for i in 2 3; do
 eval $(docker-machine env monnode-$i)
 docker swarm join --token $TOKEN --advertise-addr $(docker-machine ip monnode-$i) $(docker-machine ip monnode-1):2377
 done
 eval $(docker-machine env monnode-1)
 docker node ls

 #tokens
 docker swarm join-token -q manager
 docker swarm join-token -q worker

 docker network create --driver overlay go-demo
 docker network ls
 docker service create --name go-demo-db --network go-demo mongo:3.2.10
 docker service rm go-demo-db
 docker service inspect go-demo-db
 docker service inspect --pretty go-demo-db
 docker service scale go-demo=5

 #failover test
 docker-machine rm -f node-3
 docker service ps go-demo

 docker service ls
 docker-machine rm -f node-1 node-2

 docker service create --name go-demo -e DB=go-demo-db --network go-demo --network proxy vfarcic/go-demo:1.0
 docker service create --name util --network go-demo --mode global alpine sleep 1000000000
 docker service ps util

 #=====================================================================
 ID=$(docker ps -q --filter label=com.docker.swarm.service.name=util)
 docker exec -it $ID apk add --update drill
 docker exec -it $ID drill go-demo-db
 # execute an interactive bash shell on the container.
 docker exec -it $CONTAINERID bash
 # execute a command on the container.
 docker exec -d $CONTAINERID touch test.txt
 #=====================================================================

 #foreground job
 $ sudo docker build -t myhtop . --file=/vagrant/dockerfiles/DockerFile-htop
 sudo docker run -it --rm --pid=host myhtop
 sudo docker images
 sudo docker ps
 #=====================================================================
 #background job
 $ sudo docker build -t myhtop . --file=/vagrant/dockerfiles/DockerFile-htop
 sudo docker run -it --pid=host myhtop
 sudo docker images
 sudo docker ps
 #=====================================================================
 #docker cp command
 SRC_PATH does not end with /. (that is: slash followed by dot)
 			the source directory is copied into this directory
 		SRC_PATH does end with /. (that is: slash followed by dot)
 			the content of the source directory is copied into this directory
 # mycontainer is a container ID, not an image ID
 docker cp foo.txt mycontainer:/foo.txt
 docker cp mycontainer:/foo.txt foo.txt
 - sudo docker cp "${PWD}/." "$(cat ${container_id})":/etc/ansible/roles/${role_name}
 #=====================================================================	
 #docker run is actually a sequence of two commands: "create" and "start".
 #-i, --interactive=false Keep STDIN open even if not attached
 #-t, --tty=false Allocate a pseudo-TTY
 docker run -it debian:stable bash
 #you can start it again
 docker start 1329c99a831b
 docker attach 1329c99a831b
 #=====================================================================  
 #Install from Docker hub
 $ sudo docker pull centos
 $ sudo docker run -i -t centos /bin/bash
 # yum update
 # yum install infiniband-diags

 #=====================================================================
 #Dockerfile
 FROM ubuntu:16.04
 RUN apt-get -yq update
 RUN apt-get install -yq dnsutils curl netcat

 #Usage
 docker run -it --rm utils curl -I google.com
 docker run -it --rm utils dig +short  google.com
 docker run -it --rm utils nc -v google.com 80
 #=====================================================================
 # To disable setuid rights, add the following to the Dockerfile of your image
 RUN find / -perm +6000 -type f -exec chmod a-s {} \;\||true
 
 # add/remove capabilities with docker run/create 
 docker run --cap-drop=ALL --cap-add=CAP_NET_ADMIN
 # No capabilities
 docker run --user
 # Restricted capabilities with root
 docker run --cap-drop ALL --cap-add $CAP
 #=====================================================================
 $ docker --version
 Docker version 19.03.2, build 6a30dfc

 $ docker inspect --format='{{.Name}} - {{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' $(docker ps -aq) | sed 's/ \// /'
 /hello_world_web_1 - 172.17.0.3
 /hello_world_redis_1 - 172.17.0.2
 $ docker inspect 9db33d0960bc | grep IPAddress | grep -v null| cut -d '"' -f 4 | head -1
 172.17.0.3
 $ docker inspect --format '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' "$@" hello_world_web_1
 172.17.0.3
 $ docker inspect hello_world_web_1 | grep IPAddress
 $ docker inspect --format "{{ .NetworkSettings.IPAddress }}" 9db33d0960bc
 172.17.0.3
 $ docker inspect --format "{{ .NetworkSettings.IPAddress }}" hello_world_web_1
 172.17.0.3
 $ docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' hello_world_web_1
 172.17.0.3
 #=====================================================================
	#=====================================================================
	#The default CPU CFS (Completely Fair Scheduler) period is 100ms, usually --cpu-period should work with --cpu-quota
	#By default, a container can use all available CPU resources, which corresponds to a --cpu-quota value of -1
	docker run -it --cpu-quota=-1 ubuntu:20.04 /bin/bash
	#If there is 1 CPU, this means the container can get 50% CPU worth of run-time every 50ms.
	docker run -it --cpu-period=50000 --cpu-quota=25000 ubuntu:20.04 /bin/bash
	#If there is 1 CPU, As the default value of --cpu-period is 100000, setting the value of --cpu-quota to 25000 limits a container to 25% of the CPU resources
	docker run -it --cpu-quota=25000 ubuntu:20.04 /bin/bash
	#On a 2-CPU system `--cpus 1.5` means the container will take 75% (1.5/2) of the CPU share.
	docker run -it --cpus 1.5 ubuntu:20.04 /bin/bash
	#=====================================================================
	docker create --name container_name image_name:tag #instantiate the container from the image
	docker create --name app_redis_1 --expose 6379 redis:3.0.2
	#=====================================================================
	"docker build -t myimage:1.0 ."
	#Run a container from the Alpine version 3.9 image, name the running container “web” and expose port 5000 externally, mapped to port 80 inside the container.
	"docker container run --name web -p 5000:80 alpine:3.9"
	"docker container logs --tail 100 web" #Print the last 100 lines of a container’s logs

	"docker container stop web" #Stop a running container through SIGTERM
	"docker container kill web" #Stop a running container through SIGKILL

	"docker pull myimage:1.0" #Pull an image from a registry
	"docker tag myimage:1.0 myrepo/myimage:2.0" #Retag a local image with a new image name and tag
	"docker push myrepo/myimage:2.0" #Push an image to a registry
	#=====================================================================
	docker stats --format "{{.Container}}: {{.CPUPerc}}"
	docker stats --format "table {{.Container}}\t{{.CPUPerc}}\t{{.MemUsage}}"
	docker stats #Verifying Resources Usage
	docker run -m 512m --memory-reservation=256m --cpus=2 --cpu-shares=2000 web #container named as web
	#=====================================================================
	Option 1: RUN export PYTHONPATH="$PYTHONPATH:/app"
	Option 2: ENV PYTHONPATH="$PYTHONPATH:/app"

	docker run image env \| grep PATH # see the PATH variables in the container
	docker run image env
	#=====================================================================
	Best practices for writing Dockerfiles
	https://docs.docker.com/develop/develop-images/dockerfile_best-practices/

	Dockerfile reference
	https://docs.docker.com/engine/reference/builder/#usage
	#=====================================================================

	ls -l /usr/share/docker-ce/contrib/ -> Create images from scratch, custom docker images scripts
	#=====================================================================
	docker system df -v -> docker system df -v
	SHARED SIZE is the amount of space that an image shares with another one (i.e. their common data)
	UNIQUE SIZE is the amount of space that is only used by a given image
	SIZE is the virtual size of the image, it is the sum of SHARED SIZE and UNIQUE SIZE


	docker system prune #Remove Unused or Dangling Images, Containers, Volumes, and Networks
	docker system prune -a #remove any stopped containers and all unused images (not just dangling images)
	docker system prune --volumes #prune volumes, simply add the --volumes
	#=====================================================================
	remove all untagged images
	docker images \| grep "none"
	docker rmi -f $(docker images \| grep "<none>" \| awk "{print \$3}")

	docker images
	docker rmi $(docker images --filter "dangling=true" -q --no-trunc)
	docker images -a \| grep "pattern" \| awk '{print $3}' \| xargs docker rmi # find all the images that match a pattern,delete them by using awk to pass the IDs to docker rmi

	$ docker image #list the most recently created images
	docker images -a -> list images
	$ docker images -f dangling=true


	$ docker rmi $(docker images -q -f dangling=true)

	$ docker rmi d65c4d6a3580 #remove a single image
	$ docker rmi 612866ff4869 e19e33310e49 abe0cd4b2ebc #remove multiple images

	docker image prune -a -f #remove all not associated with any container
	docker image prune -a --filter "until=12h" -f # remove all images that are created more than 12 hours ago
	docker image prune #interactively remove dangling images, Remove unused images

	docker image ls -> Remove unused images
	docker image rm nginx:xenial -> remove an image



	#=====================================================================
	#remove docker containers
	$ docker rm 0fd99ee0cb61 #remove a single container
	$ docker rm 0fd99ee0cb61 0fd99ee0cb61 #remove multiple containers
	sudo docker ps -a \| grep -v CONTAINER \| awk '{print $1}' \| xargs --no-run-if-empty sudo docker rm -f

	docker ps
	docker ps -a
	docker rm $(docker ps -qa --no-trunc --filter "status=exited")

	#stop and remove all containers
	$ docker stop $(docker ps -a -q) #stop all containers
	$ sudo docker ps -a -q \| xargs sudo docker stop

	$ docker container prune #interactively remove all stopped containers
	$ docker rm $(docker ps -qa)

	#remove all exited containers
	docker rm $(docker ps -qa --filter "status=exited")
	docker rm $(docker ps -a -f status=exited -q)

	docker ps -l -> List containers
	"docker ps --last 1"
	docker container kill -> Kill one or more running containers
	docker container ls -> List containers (default shows just running)
	docker container ls -a -> Show all containers (default shows just running)
	docker container ls -a --filter status=exited --filter status=created -> list of all non-running (stopped)
	docker container ls -aq -> list of all Docker containers

	docker container prune -> Remove all stopped containers
	docker container prune --filter "until=12h" -> remove all images that are created more than 12 hours ago

	docker container stop CONTAINERID -> Stop container
	docker container rm CONTAINERID -> Remove one or more containers

	docker container stop $(docker container ls -aq) -> stop all running containers
	docker container rm $(docker container ls -aq) -> Once all containers are stopped, remove all containers

	docker container rename 9328ba729dfb initiator
	docker container top CONTAINERID -> Display the running processes of a container
	#=====================================================================
	delete networks
	docker network ls \| grep "bridge"
	docker network rm $(docker network ls \| grep "bridge" \| awk '/ / { print $1 }')

	docker network ls -> List networks
	docker network create --driver overlay proxy
	docker network ls -f "driver=overlay"
	docker network create mynetwork #Run a detached container in a previously created container netwo
	docker run --name mywildfly-net -d --net mynetwork \ -p 8080:8080 jboss/wildfly
	#=====================================================================
	#delete volumes
	$ docker volume ls
	$ docker volume rm volume_ID #remove a single volume
	$ docker volume rm volume_ID1 volume_ID2 #remove multiple volumes

	#remove dangling volumes
	docker volume rm $(docker volume ls -q --filter dangling=true)
	docker volume rm $(docker volume ls -qf dangling=true)
	docker volume ls -qf dangling=true \| xargs -r docker volume rm
	#remove all unused local volumes
	docker volume prune
	#=====================================================================
	docker version -> check version
	docker load -> Load an image from a tar archive or STDIN
	docker load -i xenial.tar -> Read from tar archive file, instead of STDIN
	sudo docker tag de915e2c17db dockerfuhrer/ubuntu-ansible:1.0
	#=====================================================================
	# first decide if you want to run the container in the background in a “detached” mode, -d=true or -d option
	# or in the default foreground mode
	# input/output with a detached container use network connections or shared volumes
	# container is no longer listening to the command line where docker run was run
	# reattach to a detached container
	docker attach
	#=====================================================================

	# fails the detached container paradigm
	# root process (service nginx start) returns and the detached container stops as designed
	# the nginx service is started but could not be used
	docker run -d -p 80:80 my_image service nginx start
	#=====================================================================

	# foreground mode
	# the default when -d is not specified

	# when running in detached mode (the most common -d option), designed to shut down immediately after the initial entry point command
	# start the process in the container
	# attach the console to the process’s standard input, output, and standard error
	# pretend to be a TTY , stands for TeleTYpewriter.
	docker run
	CMD tail -f /dev/null


	# keep container running in detached mode, run something in the foreground
	# tail the /dev/null device as the CMD or ENTRYPOINT command of Docker image


	sudo docker run --net=host --device=/dev/infiniband/uverbs0 --device=/dev/infiniband/rdma_cm -t -i centos /bin/bash
	sudo docker run -it --cap-add=IPC_LOCK --device=/dev/infiniband/uverbs1 --name=mnlx-verbs-nonprvlg mellanox/mofed421_docker:latest bash
	-i Keep STDIN open even if not attached.
	-t Allocate a pseudo-TTY.
	the default entrypoint /bin/sh -c, running /bin/bash
	exit immediately in daemon mode (-d).
	If you want this container to run an interactive shell, use -it instead of -d.
	docker run -it -d ubuntu:18.04 bin/bash
	docker exec -it CONTAINER_ID /bin/bash
	docker exec -ti container_name "command.sh" #run a command inside the container namespace

	# Ctrl+P+Q command to exit out of the container.
	# the container still exists even after we exit from the container
	sudo docker run –it centos /bin/bash

	docker run -it --rm ubuntu:16.04 /bin/bash -> destroyed afterwards (use --rm )
	docker run --rm -p 80:80 nginx:1.10 ->specific Nginx version

	#privileged mode
	sudo docker run -it --privileged --name=mnlx-verbs-prvlg mellanox/mofed421_docker:latest bash
	#non privileged mode
	docker run -it --cap-add=IPC_LOCK --device=/dev/infiniband/uverbs1 --name=my-verbs-nonprvlg myofed421image bash
	#=====================================================================

	#run locally container from existing image in non privileged mode
	sudo docker run -i -t --cap-add=IPC_LOCK --device=/dev/infiniband/uverbs1 --device=/dev/zd0 --name=target-nonprvlg-zd0 myofed4212ubuntu16:1.0 /bin/bash
	#=====================================================================

	#Moving Images from Host to Host
	docker ps -a -> Find the ID of the container that you would like to move
	docker commit 02b0710b7f6b mynewimage -> Commit your changes and save the container to an image called mynewimage
	docker save mynewimage > /tmp/mynewimage.tar -> Save the mynewimage image to a tar file
	docker load < /tmp/mynewimage.tar -> Copy the mynewimage.tar file to your new Docker instance and load image tar

	docker commit -m "commit message" -a "author" container_id username/imagename:tag #Modify the container from the inside and then commit the changes to the image

	docker export -> saves a container’s running or paused instance to a file
	docker save -> saves a non-running container image to a file

	#=====================================================================

	"sudo docker build -t ubuntu-ansible ."
	"sudo docker build -t myofed4212ubuntu16:1.0 ." ->build image locally with a preferred tag name from Dockerfile
	docker build -t nginx:xenial /vagrant/dockerfiles/nginx -> build docker image based on Dockerfile (/vagrant/dockerfiles/nginx/Dockerfile)
	"docker build -t nginx1:xenial --file Dockerfilenginx10 ." -> Different file name from Dockerfile

	docker run -i -t xenial /bin/bash -> run the image and install your application manually to figure out what is needed in the docker file
	Install,configure and test. When you are done build your dockerfile.

	docker run trusty:latest cat /etc/lsb-release -> test docker image
	docker run -p 80:80 --name nginx1.0 -d nginx:xenial -> container runs as a daemon in the background

	docker events --since '2017-01-05' -> filter the output by an absolute timestamp or relative time on the host machine
	docker events --filter 'image=alpine' -> get real-time events from the server
	docker history trusty:latest
	docker diff CONTAINERID ->Inspect changes to files or directories on a container’s filesystem
	docker logs CONTAINERID -> Fetch the logs of a container
	docker logs -f mywildfly #Follow the logs of a specific container
	docker stats CONTAINERID -> Display a live stream of container(s) resource usage statistics
	docker top nagios # processes of container nagios
	docker port nagios # show all mapped ports of container nagi
	#=====================================================================
	docker run -it --rm quay.io/gluster/gluster-fedora
	#=====================================================================
	docker-compose ps
	docker-compose -f docker-compose-dev.yml up -d app1
	docker-compose -f docker-compose-test-local.yml run --rm unit
	docker-compose -f docker-compose-test-local.yml build app -> as an alternative, define build arguments inside a Docker Compose file
	docker-compose build
	docker-compose logs
	docker-compose -f docker-compose-test-local.yml up -d staging-dep
	docker-compose -f docker-compose-test-local.yml ps
	docker-compose -f docker-compose-test-local.yml run --rm staging
	docker-compose -f docker-compose-test-local.yml down
	docker-compose -f docker-compose-local.yml up -d registry
	#=====================================================================
	#registry dry-test
	docker pull alpine
	docker tag alpine localhost:5000/alpine
	docker push localhost:5000/alpine
	ls -1 docker/registry/v2/repositories/alpine/

	# private repositories
	sudo docker run –d –p 5000:5000 –-name registry registry:2
	# inspect command , section of "ExposedPorts"
	#=====================================================================
	sudo docker pull jenkins
	# The left-hand side of the port number mapping is the Docker host port to map to
	# and the right-hand side is the Docker container port number.
	sudo docker run -p 8080:8080 -p 50000:50000 jenkins
	#=====================================================================
	docker tag go-demo localhost:5000/go-demo:1.0
	docker push localhost:5000/go-demo:1.0

	#=====================================================================
	docker-machine create -d virtualbox go-demo -> outputs environment variables required for the local engine to find the server
	docker-machine env go-demo -> the remote engine is inside the VM
	docker-machine ls
	eval $(docker-machine env node-1) -->set environment variables so that the local Docker Engine is pointing to the node-1
	docker swarm init --advertise-addr $(docker-machine ip node-1) --> --advertise-addr is the address that this node will expose to other nodes for internal communication

	#setup swarm cluster
	for i in 1 2 3; do
	docker-machine create -d virtualbox --virtualbox-memory "1024" --virtualbox-disk-size "20000" --virtualbox-cpu-count "1" monnode-$i
	done
	eval $(docker-machine env monnode-1)
	docker info
	docker swarm init --advertise-addr $(docker-machine ip monnode-1)
	TOKEN=$(docker swarm join-token -q worker)
	for i in 2 3; do
	eval $(docker-machine env monnode-$i)
	docker swarm join --token $TOKEN --advertise-addr $(docker-machine ip monnode-$i) $(docker-machine ip monnode-1):2377
	done
	eval $(docker-machine env monnode-1)
	docker node ls

	#tokens
	docker swarm join-token -q manager
	docker swarm join-token -q worker

	docker network create --driver overlay go-demo
	docker network ls
	docker service create --name go-demo-db --network go-demo mongo:3.2.10
	docker service rm go-demo-db
	docker service inspect go-demo-db
	docker service inspect --pretty go-demo-db
	docker service scale go-demo=5

	#failover test
	docker-machine rm -f node-3
	docker service ps go-demo

	docker service ls
	docker-machine rm -f node-1 node-2

	docker service create --name go-demo -e DB=go-demo-db --network go-demo --network proxy vfarcic/go-demo:1.0
	docker service create --name util --network go-demo --mode global alpine sleep 1000000000
	docker service ps util

	#=====================================================================
	ID=$(docker ps -q --filter label=com.docker.swarm.service.name=util)
	docker exec -it $ID apk add --update drill
	docker exec -it $ID drill go-demo-db
	# execute an interactive bash shell on the container.
	docker exec -it $CONTAINERID bash
	# execute a command on the container.
	docker exec -d $CONTAINERID touch test.txt
	#=====================================================================

	#foreground job
	$ sudo docker build -t myhtop . --file=/vagrant/dockerfiles/DockerFile-htop
	sudo docker run -it --rm --pid=host myhtop
	sudo docker images
	sudo docker ps
	#=====================================================================
	#background job
	$ sudo docker build -t myhtop . --file=/vagrant/dockerfiles/DockerFile-htop
	sudo docker run -it --pid=host myhtop
	sudo docker images
	sudo docker ps
	#=====================================================================
	#docker cp command
	SRC_PATH does not end with /. (that is: slash followed by dot)
	the source directory is copied into this directory
	SRC_PATH does end with /. (that is: slash followed by dot)
	the content of the source directory is copied into this directory
	# mycontainer is a container ID, not an image ID
	docker cp foo.txt mycontainer:/foo.txt
	docker cp mycontainer:/foo.txt foo.txt
	- sudo docker cp "${PWD}/." "$(cat ${container_id})":/etc/ansible/roles/${role_name}
	#=====================================================================
	#docker run is actually a sequence of two commands: "create" and "start".
	#-i, --interactive=false Keep STDIN open even if not attached
	#-t, --tty=false Allocate a pseudo-TTY
	docker run -it debian:stable bash
	#you can start it again
	docker start 1329c99a831b
	docker attach 1329c99a831b
	#=====================================================================
	#Install from Docker hub
	$ sudo docker pull centos
	$ sudo docker run -i -t centos /bin/bash
	# yum update
	# yum install infiniband-diags

	#=====================================================================
	#Dockerfile
	FROM ubuntu:16.04
	RUN apt-get -yq update
	RUN apt-get install -yq dnsutils curl netcat

	#Usage
	docker run -it --rm utils curl -I google.com
	docker run -it --rm utils dig +short google.com
	docker run -it --rm utils nc -v google.com 80
	#=====================================================================
	# To disable setuid rights, add the following to the Dockerfile of your image
	RUN find / -perm +6000 -type f -exec chmod a-s {} \;\\|\|true

	# add/remove capabilities with docker run/create
	docker run --cap-drop=ALL --cap-add=CAP_NET_ADMIN
	# No capabilities
	docker run --user
	# Restricted capabilities with root
	docker run --cap-drop ALL --cap-add $CAP
	#=====================================================================
	$ docker --version
	Docker version 19.03.2, build 6a30dfc

	$ docker inspect --format='{{.Name}} - {{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' $(docker ps -aq) \| sed 's/ \// /'
	/hello_world_web_1 - 172.17.0.3
	/hello_world_redis_1 - 172.17.0.2
	$ docker inspect 9db33d0960bc \| grep IPAddress \| grep -v null\| cut -d '"' -f 4 \| head -1
	172.17.0.3
	$ docker inspect --format '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' "$@" hello_world_web_1
	172.17.0.3
	$ docker inspect hello_world_web_1 \| grep IPAddress
	$ docker inspect --format "{{ .NetworkSettings.IPAddress }}" 9db33d0960bc
	172.17.0.3
	$ docker inspect --format "{{ .NetworkSettings.IPAddress }}" hello_world_web_1
	172.17.0.3
	$ docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' hello_world_web_1
	172.17.0.3
	#=====================================================================
No results found