Docker notes

Terms and definitions

  • Image – particular set of layers
  • Repository – set if images, fully identified by <host name>/<user name>/<repository name>
  • Tag – particular image name (docker tag command)
  • Index/registry – catalog of repositories

Docker architecture

  • Docker daemon – does all work, has REST interface (can be exposed out from PC)
  • Docker client – connects docker-daemon
  • Each container has its own PIDs’ tree
  • Possible state of container: running, paused, restarting, exited

Create an image

  1. Altering manually some running container and committing the changes
  2. Docker-file
  3. Docker-file and some external configuration tool
  4. Docker-file and TAR-file (that contains all files from existing PC) enrolled over zero-image


  • “docker run” command
    • docker run -it <image name> – run container interactively, with connected console
    • docker run -d <image name> – run detached
    • Giving name to container –name <name>
    • –read-only – filesystem of container can be read only
    • –restart =<policy: always, no, on-failure>
    • –link <imagename:containername> binds containers via exposed port
    • –device – maps hosts devices into container
    • –ipc – shares ipc items between containers
    • –cpuset-cpus – limits CPU cores used by container
    • -c/–cpu-shares – percentage of CPU allowed for container
    • -m/–memory – limits amount of memory, accessible for container
  • Port mapping -p <host port number:container port number> <image name>, or -P – map all exposed ports
    • –icc=false – disables network communication between containers
    • –expose <port number>
    • –hostname <name>
    • –dns <ip addresses’ array>
    • –add-host <host name>:<ip address>
    • –link – connects containers by name, since before container starts, no ip address are known
  • Docker network archetypes:
    • closed (only loopback), –net none
    • bridged (can communicate one to another, but have to be explicitly configured to access external network), –net bridge
    • joined (different containers shares the same network stack), –net container
    • opened (connected directly to external network), –net host
  • Adding environment variable —env/-e <name>=<value>
  • Restarting containers –restart with options: never (default), always, on failure (with optional delay)
  • Volumes mapping – map host file system to container’s file system. Mapped folders are not committed, mapped folders hides existing container’s folder with the same name
    • -v/–volume <host path>:<container path> – for mounted host’s paths, can be mounted as read-only
    • -v/–volume <container path> – for docker-managed volume
    • Data only container (no need to run ever), can map some host folder and other containers can just reference it, to obtain the mapped folder
    • –volumes-from <container name>
  • –rm – removes container after it is exited
  • “docker inspect” – Return metadata about some image, it is JSON formatted, fancy filtering syntax
  • “docker kill” – kills container
  • “docker stop” – stops container (gracefully)
  • “docker build” – creates new image from docker-file, –no-cache – build all commands, otherwise only changed docker file instructions will be built, non-changed will be taken from store cached at previous build
  • “docker tag” – gives a name to particular image
  • “docker commit” – creates an image from running container, only filesystem’s changes are preserved.
  • “docker exec” – execute a command over running container (basic- synchronously, daemon- background, interactive)
  • “docker search” – search image at registry
  • “docker history” – lists commands executed in order to build the image specified
  • “docker help” <command name>
  • “docker ps” – list containers run
  • “docker logs” <container name> – shows an output (stdout stderr), -f option allows autoscroll output logs
  • “docker restart” <container name> – restarts container
  • “docker rename” <new container name> <old container name>
  • “docker ps” (-a) – list of running (and other states) containers
  • “docker create” – creates, but doesn’t starts container (exited state)
  • “docker start” <container name> – start exited container
  • “docker top” <container name> – lists all processes running inside container
  • “docker rm” <container name> – remove exited container
  • “docker login/logout” – access a registry
  • “docker rmi” <repository name> – remove local repository
  • “docker rm” <container name> – remove container, -v – remove/decrement reference on docker managed volumes
  • “docker save” – saves an image as a file
  • “docker load” – loads image from file
  • “docker diff” <container name> – shows filesystem differences between container and its image
  • “docker export” – saves a container as a tar-archive
  • “docker import” – loads a container from a tar-archive
  • Docker machine – turns some PC (virtual or real) into host for running containers, runs instance of “machine” – the process is a platform for running containers. It is command line utility with a several commands: create, ls, stop, start, restart, rm, kill, inspect, config, ip, url, upgrade.

Docker-file – script that adjust an image before running its as a container

  • FROM – existing image tag
  • MAINTAINER – author’s mail
  • ONBUILD – executes a command specified at build step
  • RUN – command to run
  • USER – sets user and group
  • WORKDIR – sets current directory
  • EXPOSE – port erxposed
  • ADD – add files into container from some host, unpacks a tar-file
  • COPY – like ADD, but with no unpacking
  • CMD – commands that executed as container’s main process
  • ENTRYPOINT – like CMD but with no parameters (expected provided via run commnad)

Compose – run an application, represented by a set of containers, represented by yaml-file

  • “docker-compose up” – run a dicker yaml file with definitions
  • “docker-compose ps” – all containers run by yaml-file
  • “docker-compose rm” – remove all containers represented by yaml-file
  • “docker-compose stop/kill” – like “docker”
  • “docker-compose logs” – like “docker”
  • “docker-compose build” – like “docker”
  • “docker-compose scale” – alter a number of instances of containers

Docker-machine – represents driver that allows to run a docker-daemon on different hosts

docker-swarm – cluster of machines to run a container, it can balance on basis of accessible resources (Spread algorithm) as well as on basis of custom filters (affinity, health, constraint, port, dependency), with builtin service discovery


About DmitryKrinitsyn
Software developer

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: