• docker

linux docker notes

• 2021 - replaced single use container with podman

• Links https://www.docker.com/blog/containers-are-not-vms/ , docker/Dockerfile , docker-compose , Docker&Oracle-java , Containers , Azure , https://medium.com/@betz.mark/ten-tips-for-debugging-docker-containers-cde4da841a1d , No ssh needed

  • 2019-Multi-Container-Docker-Build

  • 2020 smaller docker images - alpine - google distroless

== Docker login ===

Azure cli

 az acr login -n <name> 

Azure ACR SP

• Azure ACR - Docker login with service principal

  • https://docs.microsoft.com/en-us/azure/container-registry/container-registry-auth-service-principal

    #!/bin/bash
    ACR_NAME=<container-registry-name>
    SERVICE_PRINCIPAL_NAME=acr-service-principal
    ACR_SUBSCRIPTION="<subscription>"
    #
    ACR_REGISTRY_ID=$(az acr show --subscription $ACR_SUBSCRIPTION --name $ACR_NAME --query id --output tsv)
    SP_PASSWD=$(az ad sp create-for-rbac --name http://$SERVICE_PRINCIPAL_NAME --scopes $ACR_REGISTRY_ID --role acrpull --query password --output tsv)
    SP_APP_ID=$(az ad sp show --id http://$SERVICE_PRINCIPAL_NAME --query appId --output tsv)
    echo "Service principal ID: $SP_APP_ID"
    echo "Service principal password: $SP_PASSWD"
    echo "#  docker login $ACR_NAME.azurecr.io -u $SP_APP_ID -p $SP_PASSWD"

  • $ $ docker login <acr>.azurecr.io -u <SP-ID> -p <SP-P>

  • Or directly using Microsoft credentials with $ az acr login --name <container-registry-name (no azurecr.io>

• On Ubuntu
  • install docker
  • add user to docker group, logout and log in again

    •  adduser Me docker 

  • Flags
    • -t pseudo-TTY
    • -i --interactive

    • --name "NameContainer"

    • --publish=[] format ip:hostPort:containerPort | ip::containerPort | hostPort:containerPort | containerPort
    • -e, --env=[] Set environment variables
    • --add-host=[] Add a custom host-to-IP mapping (host:ip)
    • --rm Automatically remove the container when it exits

Docker scratch/empty image

• Very small, usually used with go apps(self contained)

• View content with docker save -o tar e.g. https://www.mgasch.com/post/scratch/

Cleanup old docker images

• docker rmi $(docker images | grep "none" | awk '/ / { print $3 }')
• docker search ubuntu:14.04

  •  $ docker search ubuntu:14.04   $ docker search --no-trunc --stars=1 etcd 

• downloaded images

  •  docker images 

• run interactively

  •  $ docker run -it ubuntu:14.04 

     $ docker run -it -v ~/docker:/docker ubuntu:14.04 

     $ docker run -it -v ~/docker:/docker -v /dev/log:/dev/log ubuntu:14.04 

• view running images and historic

  •  $ docker ps -a 

• connect to a running docker attache to main terminal. (attach or exec new app)

  •  docker exec -it <<docker ps #id>> /bin/bash 

• Find docker details e.g. ip

  •  docker inspect <container id>  

• set default resolve.conf dns servers.
  • create/edit $ sudo gvim /etc/docker/daemon.json

    •        {
              "dns": ["8.8.8.8", "8.8.4.4"]
             }

• commit a new image
  1. run and make changes.
  2. exit
  3. commit and save as new image

     •        $ docker commit -m "My Image Test01" -a "My Name" 37bf99224fce myimg01
              sha256:4b439bc2347b744a405ae6a60862906442e461eddd33d0496dff322060fe837b

  4. run new image. $ docker run -it -v ~/docker:/docker myimg01

• re-run exited image.
  • docker start xxxxxx
  • docker exec xxxxxx /bin/bash

• Get logs from container

  docker logs --tail=50 <container id>