Docker: Difference between revisions
Jump to navigation
Jump to search
| (34 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
< | {|class='wikitable' style='width:100%;margin:-11px 0 6px 0' | ||
|valign='top'| | |||
<syntaxhighlight style='margin:3px 0' lang='bash'> | |||
sudo usermod -aG docker $USER | sudo usermod -aG docker $USER | ||
newgrp docker | newgrp docker | ||
| Line 9: | Line 11: | ||
sudo systemctl daemon-reload | sudo systemctl daemon-reload | ||
sudo systemctl restart docker.service | sudo systemctl restart docker.service | ||
</ | </syntaxhighlight> | ||
|} | |||
==Windows 10 Home== | ==Windows 10 Home== | ||
< | {|class='wikitable mw-collapsible' style='width:100%;margin:3px 0' | ||
!scope='col' style='text-align:left' colspan='2'| | |||
Windows 10 Home | |||
|- | |||
|valign='top' colspan='2'| | |||
<syntaxhighlight style='margin:3px 0' lang='powershell'> | |||
# powershell | # powershell | ||
dism.exe /online /enable-feature /featurename:Microsoft-Windows-Subsystem-Linux /all /norestart | dism.exe /online /enable-feature /featurename:Microsoft-Windows-Subsystem-Linux /all /norestart | ||
dism.exe /online /enable-feature /featurename:VirtualMachinePlatform /all /norestart | dism.exe /online /enable-feature /featurename:VirtualMachinePlatform /all /norestart | ||
wsl --set-default-version 2 | wsl --set-default-version 2 | ||
</ | </syntaxhighlight> | ||
|- | |||
< | |valign='top' style='width:50%'| | ||
<syntaxhighlight style='margin:3px 0' lang='powershell'> | |||
# powershell | # powershell | ||
docker pull hello-world | docker pull hello-world | ||
docker run -it --rm --name hello hello-world:latest | docker run -it --rm --name hello hello-world:latest | ||
</ | </syntaxhighlight> | ||
< | |valign='top' style='width:50%'| | ||
<syntaxhighlight style='margin:3px 0' lang='bash'> | |||
# gitbash | # gitbash | ||
winpty docker pull hello-world | winpty docker pull hello-world | ||
winpty docker run -it --rm --name hello hello-world:latest | winpty docker run -it --rm --name hello hello-world:latest | ||
</ | </syntaxhighlight> | ||
|} | |||
==Networking== | ==Networking== | ||
{| | {|class='wikitable mw-collapsible' style='width:100%;margin:3px 0' | ||
| valign= | !scope='col' style='text-align:left' colspan='2'| | ||
< | Networking | ||
cat <<EOF | |- | ||
|valign='top' style='width:50%'| | |||
<syntaxhighlight style='margin:3px 0' lang='json'> | |||
cat <<'EOF' | \ | |||
sudo tee /etc/docker/daemon.json >/dev/null | |||
{ | { | ||
"bip" : "10.20.13.1/24", | "bip" : "10.20.13.1/24", | ||
"mtu" : 1500, | "mtu" : 1500, | ||
"dns" : [ | "dns" : [ | ||
" | "1.1.1.1", | ||
" | "8.8.8.8", | ||
"192.168.49.2" | |||
], | ], | ||
"debug": true | "debug": true | ||
} | } | ||
EOF | EOF | ||
</ | </syntaxhighlight> | ||
| valign= | |valign='top' style='width:50%'| | ||
< | <syntaxhighlight style='margin:3px 0' lang='json'> | ||
cat <<EOF | cat << EOF | \ | ||
sudo tee /etc/docker/daemon.json >/dev/null | |||
{ | { | ||
"mtu" : 1500, | "mtu" : 1500, | ||
| Line 60: | Line 77: | ||
}] | }] | ||
} | } | ||
EOF | EOF | ||
</ | </syntaxhighlight> | ||
| | |- | ||
|valign='top'| | |||
< | <syntaxhighlight style='margin:3px 0' lang='bash'> | ||
apt install -y iputils | apt install -y iputils | ||
iptables -t nat -S | iptables -t nat -S | ||
| Line 76: | Line 94: | ||
docker run --rm --detach --publish 1983:80 --net=ckn.b00 --ip 10.20.15.10 nginx | docker run --rm --detach --publish 1983:80 --net=ckn.b00 --ip 10.20.15.10 nginx | ||
docker run --rm --detach --publish 1983:80 --net=ckn.b01 --ip 10.20.16.10 nginx | docker run --rm --detach --publish 1983:80 --net=ckn.b01 --ip 10.20.16.10 nginx | ||
</ | </syntaxhighlight> | ||
|valign='top'| | |||
|} | |||
===Bridge=== | ===Bridge=== | ||
< | {|class='wikitable mw-collapsible' style='width:100%;margin:3px 0' | ||
!scope='col' style='text-align:left'| | |||
Bridge | |||
|- | |||
|valign='top'| | |||
<syntaxhighlight style='margin:3px 0' lang='bash'> | |||
docker network create \ | docker network create \ | ||
--driver bridge \ | --driver bridge \ | ||
| Line 89: | Line 115: | ||
--opt com.docker.network.bridge.host_binding_ipv4=0.0.0.0 \ | --opt com.docker.network.bridge.host_binding_ipv4=0.0.0.0 \ | ||
--opt com.docker.network.bridge.name=ckn.b00 ckn.b00 | --opt com.docker.network.bridge.name=ckn.b00 ckn.b00 | ||
</ | </syntaxhighlight> | ||
|} | |||
===MAC VLAN=== | ===MAC VLAN=== | ||
{|class='wikitable mw-collapsible' style='width:100%;margin:3px 0' | |||
!scope='col' style='text-align:left'| | |||
MAC VLAN | |||
|- | |||
|valign='top'| | |||
'''Bridge mode''' | '''Bridge mode''' | ||
< | <syntaxhighlight style='margin:3px 0' lang='bash'> | ||
docker network create \ | docker network create \ | ||
--driver macvlan \ | --driver macvlan \ | ||
| Line 100: | Line 131: | ||
--subnet 10.20.20.0/24 \ | --subnet 10.20.20.0/24 \ | ||
--opt parent=wlan0 ckn.v00 | --opt parent=wlan0 ckn.v00 | ||
</ | </syntaxhighlight> | ||
|- | |||
|valign='top'| | |||
'''802.1q trunk bridge mode''' | '''802.1q trunk bridge mode''' | ||
< | <syntaxhighlight style='margin:3px 0' lang='bash'> | ||
docker network create \ | docker network create \ | ||
--driver macvlan \ | --driver macvlan \ | ||
| Line 110: | Line 142: | ||
--ip-range 10.20.20.240/28 \ | --ip-range 10.20.20.240/28 \ | ||
--opt parent=wlan0.01 ckn.v01 | --opt parent=wlan0.01 ckn.v01 | ||
</ | </syntaxhighlight> | ||
|- | |||
< | |valign='top'| | ||
<syntaxhighlight style='margin:3px 0' lang='bash'> | |||
docker network inspect ckn.v00 | docker network inspect ckn.v00 | ||
docker network connect ckn.v00 nginx | docker network connect ckn.v00 nginx | ||
</ | </syntaxhighlight> | ||
|- | |||
< | |valign='top'| | ||
<syntaxhighlight style='margin:3px 0' lang='bash'> | |||
docker exec -it nginx ls -lah /sys/class/net/ | docker exec -it nginx ls -lah /sys/class/net/ | ||
docker exec -it nginx cat /etc/resolv.conf | docker exec -it nginx cat /etc/resolv.conf | ||
| Line 126: | Line 160: | ||
curl -v http://localhost:1983 | curl -v http://localhost:1983 | ||
curl -v http://10.20.20.240 | curl -v http://10.20.20.240 | ||
</ | </syntaxhighlight> | ||
|- | |||
< | |valign='top'| | ||
<syntaxhighlight style='margin:3px 0' lang='bash'> | |||
docker network disconnect bridge nginx | docker network disconnect bridge nginx | ||
docker network disconnect ckn.v00 nginx | docker network disconnect ckn.v00 nginx | ||
</ | </syntaxhighlight> | ||
|} | |||
===IP VLAN=== | ===IP VLAN=== | ||
< | {|class='wikitable mw-collapsible' style='width:100%;margin:3px 0' | ||
!scope='col' style='text-align:left'| | |||
IP VLAN | |||
|- | |||
|valign='top'| | |||
<syntaxhighlight style='margin:3px 0' lang='bash'> | |||
docker network create -d ipvlan \ | docker network create -d ipvlan \ | ||
--subnet=10.20.1.0/24 \ | --subnet=10.20.1.0/24 \ | ||
| Line 143: | Line 182: | ||
--gateway=10.20.2.254 \ | --gateway=10.20.2.254 \ | ||
--opt ipvlan_mode=l2 ckn.i00 | --opt ipvlan_mode=l2 ckn.i00 | ||
</ | </syntaxhighlight> | ||
|} | |||
==Cache or Mirror== | ==Cache or Mirror== | ||
< | {|class='wikitable mw-collapsible' style='width:100%;margin:3px 0' | ||
!scope='col' style='text-align:left'| | |||
Cache or Mirro | |||
|- | |||
|valign='top'| | |||
<syntaxhighlight style='margin:3px 0' lang='yaml'> | |||
mkdir -p /etc/docker/registry | mkdir -p /etc/docker/registry | ||
cat <<EOF > /etc/docker/registry/config.yml | cat <<EOF > /etc/docker/registry/config.yml | ||
--- | |||
proxy: | proxy: | ||
remoteurl: https://hub.chorke.org | remoteurl: https://hub.chorke.org | ||
| Line 154: | Line 200: | ||
password: sadaqah! | password: sadaqah! | ||
EOF | EOF | ||
</ | </syntaxhighlight> | ||
|} | |||
==Add Tag & Push== | |||
{|class='wikitable mw-collapsible' style='width:100%;margin:3px 0' | |||
!scope='col' style='text-align:left'| | |||
Add Tag & Push | |||
|- | |||
|valign='top'| | |||
<syntaxhighlight style='margin:3px 0' lang='bash'> | |||
RFIND_FILL="s|docker.chorke.com|docker.chorke.org|";\ | |||
OLD_IMAGES="$(docker images --format 'table {{.Repository}}:{{.Tag}}'|grep chorke)";\ | |||
for OLD_IMAGE in ${OLD_IMAGES};do\ | |||
NEW_IMAGE="$(echo ${OLD_IMAGE}|sed ${RFIND_FILL})";\ | |||
docker tag ${OLD_IMAGE} ${NEW_IMAGE} &&\ | |||
docker push ${NEW_IMAGE} &&\ | |||
docker rmi ${NEW_IMAGE} &&\ | |||
docker rmi ${OLD_IMAGE};\ | |||
done | |||
</syntaxhighlight> | |||
|} | |||
==Troubleshoot== | ==Troubleshoot== | ||
{| | {|class='wikitable mw-collapsible' style='width:100%;margin:3px 0' | ||
| valign= | !scope='col' style='text-align:left' colspan='2'| | ||
< | Troubleshoot | ||
|- | |||
|valign='top' style='width:50%'| | |||
<syntaxhighlight style='margin:3px 0' lang='bash'> | |||
docker run --rm --net=host busybox nslookup google.com | docker run --rm --net=host busybox nslookup google.com | ||
docker run --rm --net=host alpine cat /etc/resolv.conf | docker run --rm --net=host alpine cat /etc/resolv.conf | ||
| Line 168: | Line 237: | ||
docker run --rm --net=host alpine ip addr | docker run --rm --net=host alpine ip addr | ||
docker run --rm --net=host alpine route | docker run --rm --net=host alpine route | ||
</ | </syntaxhighlight> | ||
| valign= | |valign='top' style='width:50%'| | ||
< | <syntaxhighlight style='margin:3px 0' lang='bash'> | ||
docker run --rm busybox nslookup google.com | docker run --rm busybox nslookup google.com | ||
docker run --rm alpine cat /etc/resolv.conf | docker run --rm alpine cat /etc/resolv.conf | ||
| Line 180: | Line 249: | ||
docker run --rm alpine ip addr | docker run --rm alpine ip addr | ||
docker run --rm alpine route | docker run --rm alpine route | ||
</ | </syntaxhighlight> | ||
| | |- | ||
|valign='top'| | |||
<syntaxhighlight style='margin:3px 0' lang='bash'> | |||
docker run --add-host=host.docker.internal:host-gateway\ | |||
-it --rm alpine ping host.docker.internal | |||
</syntaxhighlight> | |||
|valign='top'| | |||
<syntaxhighlight style='margin:3px 0' lang='bash'> | |||
docker run --add-host=host.docker.internal:host-gateway\ | |||
-it --rm alpine sh | |||
</syntaxhighlight> | |||
|- | |||
|valign='top'| | |||
<syntaxhighlight style='margin:3px 0' lang='bash'> | |||
docker inspect crawler|grep compose | |||
docker logs crawler | |||
docker logs -f crawler | |||
</syntaxhighlight> | |||
< | |valign='top'| | ||
|- | |||
|valign='top' colspan='2'| | |||
<syntaxhighlight style='margin:3px 0' lang='bash'> | |||
export DOCKER_OPTS="--dns 8.8.8.8 --dns 8.8.4.4 --iptables=false --ip-forward=false" | export DOCKER_OPTS="--dns 8.8.8.8 --dns 8.8.4.4 --iptables=false --ip-forward=false" | ||
firewall-cmd --permanent --zone=trusted --change-interface=docker0 | firewall-cmd --permanent --zone=trusted --change-interface=docker0 | ||
firewall-cmd --reload | firewall-cmd --reload | ||
systemctl restart docker | systemctl restart docker | ||
</ | </syntaxhighlight> | ||
|- | |||
| valign= | |valign='top'| | ||
< | <syntaxhighlight style='margin:3px 0' lang='bash'> | ||
systemctl stop docker | systemctl stop docker | ||
rm -fr /var/lib/docker | rm -fr /var/lib/docker | ||
rm -fr /etc/docker | rm -fr /etc/docker | ||
pkill docker | pkill docker | ||
</ | </syntaxhighlight> | ||
| valign= | |valign='top'| | ||
< | <syntaxhighlight style='margin:3px 0' lang='bash'> | ||
iptables -t nat -F | iptables -t nat -F | ||
ifconfig docker0 down | ifconfig docker0 down | ||
brctl delbr docker0 | brctl delbr docker0 | ||
systemctl start docker | systemctl start docker | ||
</ | </syntaxhighlight> | ||
|- | |||
| valign= | |valign='top'| | ||
< | <syntaxhighlight style='margin:3px 0' lang='bash'> | ||
vim /etc/selinux/config | vim /etc/selinux/config | ||
shutdown -r now | shutdown -r now | ||
setenforce 0 | setenforce 0 | ||
sestatus | sestatus | ||
</ | </syntaxhighlight> | ||
|valign='top'| | |||
<syntaxhighlight style='margin:3px 0' lang='bash'> | |||
#devil most things for docker0 bridge | |||
sudo apt remove netscript-2.4 | |||
sudo apt purge netscript-2.4 | |||
sudo apt autoremove | |||
</syntaxhighlight> | |||
|} | |} | ||
==Ryzen AMD-V== | ==Ryzen AMD-V== | ||
{|class='wikitable mw-collapsible' style='width:100%;margin:3px 0' | |||
!scope='col' style='text-align:left'| | |||
Ryzen AMD-V | |||
|- | |||
|valign='top'| | |||
Yes, AMD Ryzen 9 3900x supports virtualization. Almost every processors released since a long time have Virtualization. For Windows it's Vt-x or SVM(in some AMD motherboard vtx is renamed as SVM). | |||
|} | |||
==Images Path== | ==Images Path== | ||
< | {|class='wikitable mw-collapsible' style='width:100%;margin:3px 0' | ||
!scope='col' style='text-align:left'| | |||
Images Path | |||
|- | |||
|valign='top'| | |||
<syntaxhighlight style='margin:3px 0' lang='properties'> | |||
Ubuntu: /var/lib/docker/ | Ubuntu: /var/lib/docker/ | ||
Fedora: /var/lib/docker/ | Fedora: /var/lib/docker/ | ||
| Line 230: | Line 334: | ||
Windows: C:\ProgramData\DockerDesktop | Windows: C:\ProgramData\DockerDesktop | ||
MacOS: ~/Library/Containers/com.docker.docker/Data/vms/0/ | MacOS: ~/Library/Containers/com.docker.docker/Data/vms/0/ | ||
</ | </syntaxhighlight> | ||
|} | |||
==Backup & Restore== | |||
{|class='wikitable mw-collapsible' style='width:100%;margin:3px 0' | |||
!scope='col' style='text-align:left'| | |||
Backup & Restore | |||
|- | |||
|valign='top'| | |||
<syntaxhighlight style='margin:3px 0' lang='bash'> | |||
docker pull gitea/gitea:1.10.6 | |||
docker pull gitea/gitea:1.16.2 | |||
docker image load -i ~/.config/backup/gitea_gitea_1.10.6.tar | |||
docker image load -i ~/.config/backup/gitea_gitea_1.16.2.tar | |||
docker image save -o ~/.config/backup/gitea_gitea_1.10.6.tar gitea/gitea:1.10.6 | |||
docker image save -o ~/.config/backup/gitea_gitea_1.16.2.tar gitea/gitea:1.16.2 | |||
</syntaxhighlight> | |||
|} | |||
==Reclaim Disk Space== | |||
{|class='wikitable mw-collapsible' style='width:100%;margin:3px 0' | |||
!scope='col' style='text-align:left'| | |||
Reclaim Disk Space | |||
|- | |||
|valign='top'| | |||
<syntaxhighlight style='margin:3px 0' lang='bash'> | |||
cat <<'EXE' | sudo bash | |||
sh -c 'du -sh /var/lib/docker/containers/*' | |||
sh -c 'truncate -s 0 /var/lib/docker/containers/*/*-json.log' 2>/dev/null | |||
docker images -f 'dangling=true' -q | |||
docker rmi $(docker images -f 'dangling=true' -q) 2>/dev/null | |||
docker system prune -f --volumes | |||
docker builder prune -f -a | |||
docker network prune -f | |||
docker volume prune -f | |||
apt-get clean | |||
apt-get autoclean | |||
apt-get autoremove -y | |||
journalctl --disk-usage | |||
journalctl --vacuum-time=90d | |||
find /tmp -type f -mtime +7 | |||
find /tmp -type f -mtime +7 -delete | |||
find /var/log/nginx -type f -mtime +90 | |||
find /var/log/nginx -type f -mtime +90 -delete | |||
EXE | |||
</syntaxhighlight> | |||
|} | |||
==Custom Docker Image== | |||
{|class='wikitable mw-collapsible' style='width:100%;margin:3px 0' | |||
!scope='col' style='text-align:left'| | |||
Custom Docker Image | |||
|- | |||
|valign='top'| | |||
<syntaxhighlight style='margin:3px 0' lang='bash'> | |||
cat <<'INI' | tee ./Dockerfile >/dev/null | |||
FROM eclipse-temurin:17-jre-focal | |||
RUN apt update --fix-missing \ | |||
&& apt install -y nginx apache2-utils | |||
INI | |||
docker build --rm -t 'docker.shahed.biz/tools/eclipse-temurin:17-jre-focal' -f ./Dockerfile . | |||
docker push docker.shahed.biz/tools/eclipse-temurin:17-jre-focal | |||
</syntaxhighlight> | |||
|} | |||
==Recovery Parent Image== | |||
{|class='wikitable mw-collapsible' style='width:100%;margin:3px 0' | |||
!scope='col' style='text-align:left'| | |||
Recovery Parent Image | |||
|- | |||
|valign='top'| | |||
<syntaxhighlight style='margin:3px 0' lang='bash'> | |||
docker pull docker.shahed.biz/shahed-academia-apps:2025-10-10T1010 | |||
docker history docker.shahed.biz/shahed-academia-apps:2025-10-10T1010 | |||
docker inspect docker.shahed.biz/shahed-academia-apps:2025-10-10T1010 | jq '.[0].RootFS.Layers' | |||
docker run -it --name recovery-openjdk-17-slim docker.shahed.biz/shahed-academia-apps:2025-10-10T1010 bash | |||
# executing bash command try to clean up new changes and then commit as below | |||
docker commit recovery-openjdk-17-slim openjdk:17-slim | |||
docker run --rm \ | |||
-v /var/run/docker.sock:/var/run/docker.sock \ | |||
alpine/dfimage:1.2 docker.shahed.biz/shahed-academia-apps:2025-10-10T1010 | |||
docker run --rm -it \ | |||
-v /var/run/docker.sock:/var/run/docker.sock \ | |||
wagoodman/dive:v0.13.1 docker.shahed.biz/shahed-academia-apps:2025-10-10T1010 | |||
docker rmi docker.shahed.biz/shahed-academia-apps:2025-10-10T1010 | |||
docker rm recovery-openjdk-17-slim | |||
docker rmi wagoodman/dive:v0.13.1 | |||
docker rmi alpine/dfimage:1.2 | |||
</syntaxhighlight> | |||
|} | |||
==Knowledge== | ==Knowledge== | ||
< | {|class='wikitable mw-collapsible' style='width:100%;margin:3px 0' | ||
!scope='col' style='text-align:left' colspan='2'| | |||
Knowledge | |||
|- | |||
|valign='top' colspan='2'| | |||
<syntaxhighlight style='margin:3px 0' lang='bash'> | |||
docker network ls | docker network ls | ||
docker network prune | docker network prune | ||
docker network rm ckn.b00 ckn.b01 | docker network rm ckn.b00 ckn.b01 | ||
docker inspect nginx|grep compose | |||
docker inspect nginx|grep "IPAddress" | docker inspect nginx|grep "IPAddress" | ||
docker network inspect bridge|grep "Gateway" | docker network inspect bridge|grep "Gateway" | ||
</ | </syntaxhighlight> | ||
|- | |||
|valign='top' style='width:50%'| | |||
<syntaxhighlight style='margin:3px 0' lang='bash'> | |||
docker rm $(docker ps -a -q) | |||
docker stop $(docker ps -a -q) | |||
</syntaxhighlight> | |||
< | |valign='top' style='width:50%'| | ||
<syntaxhighlight style='margin:3px 0' lang='bash'> | |||
docker inspect nginx | docker inspect nginx | ||
docker update --restart=no nginx | docker update --restart=no nginx | ||
</ | </syntaxhighlight> | ||
|- | |||
< | |valign='top' colspan='2'| | ||
<syntaxhighlight style='margin:3px 0' lang='bash'> | |||
docker run --rm -dit --network \ | docker run --rm -dit --network \ | ||
none --name alpine alpine:latest ash;\ | none --name alpine alpine:latest ash;\ | ||
docker exec -it alpine ip link show | docker exec -it alpine ip link show | ||
</ | </syntaxhighlight> | ||
|- | |||
< | |valign='top' colspan='2'| | ||
<syntaxhighlight style='margin:3px 0' lang='bash'> | |||
docker network create --driver bridge \ | docker network create --driver bridge \ | ||
--opt com.docker.network.bridge.name=ckn.b00 ckn.b00 | --opt com.docker.network.bridge.name=ckn.b00 ckn.b00 | ||
</ | </syntaxhighlight> | ||
|- | |||
< | |valign='top' colspan='2'| | ||
<syntaxhighlight style='margin:3px 0' lang='bash'> | |||
docker network connect ckn.b00 nginx | docker network connect ckn.b00 nginx | ||
docker exec -it nginx cat /etc/hosts | docker exec -it nginx cat /etc/hosts | ||
| Line 269: | Line 489: | ||
docker run --add-host=host.docker.internal:host-gateway\ | docker run --add-host=host.docker.internal:host-gateway\ | ||
--rm alpine ping host.docker.internal | --rm alpine ping host.docker.internal | ||
</ | </syntaxhighlight> | ||
|- | |||
< | |valign='top' colspan='2'| | ||
<syntaxhighlight style='margin:3px 0' lang='bash'> | |||
docker cp ~/.m2/settings.xml alpine:/root/.m2/settings.xml | docker cp ~/.m2/settings.xml alpine:/root/.m2/settings.xml | ||
docker cp alpine:/root/.m2/settings.xml ~/.m2/settings.xml | docker cp alpine:/root/.m2/settings.xml ~/.m2/settings.xml | ||
</ | </syntaxhighlight> | ||
|- | |||
< | |valign='top' colspan='2'| | ||
<syntaxhighlight style='margin:3px 0' lang='bash'> | |||
docker network disconnect bridge nginx | docker network disconnect bridge nginx | ||
docker network disconnect ckn.b00 nginx | docker network disconnect ckn.b00 nginx | ||
docker exec -it nginx ls -lah /sys/class/net/ | docker exec -it nginx ls -lah /sys/class/net/ | ||
</ | </syntaxhighlight> | ||
|- | |||
< | |valign='top' colspan='2'| | ||
<syntaxhighlight style='margin:3px 0' lang='bash'> | |||
docker run -itd --network=ckn.b00 nginx | docker run -itd --network=ckn.b00 nginx | ||
docker network disconnect ckn.b00 nginx | docker network disconnect ckn.b00 nginx | ||
docker network connect --alias db --alias mysql ckn.b00 mysql | docker network connect --alias db --alias mysql ckn.b00 mysql | ||
</ | </syntaxhighlight> | ||
|- | |||
< | |valign='top' colspan='2'| | ||
<syntaxhighlight style='margin:3px 0' lang='bash'> | |||
docker inspect -f '{{.Name}} - {{.NetworkSettings.IPAddress }}' $(docker ps -aq) | docker inspect -f '{{.Name}} - {{.NetworkSettings.IPAddress }}' $(docker ps -aq) | ||
docker ps --filter volume=remote-volume --format "table {{.ID}}\t{{.Mounts}}" | docker ps --filter volume=remote-volume --format "table {{.ID}}\t{{.Mounts}}" | ||
| Line 296: | Line 520: | ||
docker ps --format "{{.ID}}: {{.Command}}" | docker ps --format "{{.ID}}: {{.Command}}" | ||
docker ps --filter publish=80/udp | docker ps --filter publish=80/udp | ||
</ | </syntaxhighlight> | ||
|} | |||
== | ==References== | ||
{| | {|class='wikitable mw-collapsible' style='width:100%;margin:3px 0' | ||
| valign= | !scope='col' style='text-align:left' colspan='3'| | ||
References | |||
|- | |||
|valign='top' style='width:33%'| | |||
* [https://dev.to/rohansawant/installing-docker-and-docker-compose-on-the-raspberry-pi-in-5-simple-steps-3mgl Installing Docker Compose on Raspberry Pi 4] | * [https://dev.to/rohansawant/installing-docker-and-docker-compose-on-the-raspberry-pi-in-5-simple-steps-3mgl Installing Docker Compose on Raspberry Pi 4] | ||
* [https://docs.docker.com/docker-for-windows/install-windows-home Install Docker Desktop on Windows Home] | * [https://docs.docker.com/docker-for-windows/install-windows-home Install Docker Desktop on Windows Home] | ||
| Line 312: | Line 540: | ||
* [[Bitbucket Pipelines]] | * [[Bitbucket Pipelines]] | ||
| valign= | |valign='top' style='width:34%'| | ||
* [[Build Kerberos Docker Image from Ubuntu]] | * [[Build Kerberos Docker Image from Ubuntu]] | ||
* [[Build Apache Docker Image from Alpine]] | * [[Build Apache Docker Image from Alpine]] | ||
| Line 324: | Line 552: | ||
* [[Nexus]] | * [[Nexus]] | ||
| valign= | |valign='top' style='width:33%'| | ||
* [https://stackoverflow.com/questions/48051970 Unable to connect outside from Docker container] | * [https://stackoverflow.com/questions/48051970 Unable to connect outside from Docker container] | ||
* [https://stackoverflow.com/questions/63572071 Docker published ports are not reachable] | * [https://stackoverflow.com/questions/63572071 Docker published ports are not reachable] | ||
| Line 335: | Line 563: | ||
* [https://www.calculator.net/ip-subnet-calculator.html?cclass=any&csubnet=28&cip=10.20.13.1&ctype=ipv4&printit=0&x=81&y=15 <code>10.20.13.0/28</code>] | * [https://www.calculator.net/ip-subnet-calculator.html?cclass=any&csubnet=28&cip=10.20.13.1&ctype=ipv4&printit=0&x=81&y=15 <code>10.20.13.0/28</code>] | ||
* [https://docs.docker.com/engine/reference/commandline/network/ Docker Network] | * [https://docs.docker.com/engine/reference/commandline/network/ Docker Network] | ||
|- | |- | ||
| valign= | |valign='top'| | ||
* [https://www.freecodecamp.org/news/how-to-get-a-docker-container-ip-address-explained-with-examples/ How to Get A Docker Container IP Address] | * [https://www.freecodecamp.org/news/how-to-get-a-docker-container-ip-address-explained-with-examples/ How to Get A Docker Container IP Address] | ||
* [https://www.docker.com/blog/understanding-docker-networking-drivers-use-cases/ Docker Networking Drivers and their usage] | * [https://www.docker.com/blog/understanding-docker-networking-drivers-use-cases/ Docker Networking Drivers and their usage] | ||
| Line 352: | Line 576: | ||
* [https://hicu.be/macvlan-vs-ipvlan Macvlan vs IPvlan] | * [https://hicu.be/macvlan-vs-ipvlan Macvlan vs IPvlan] | ||
| valign= | |valign='top'| | ||
* [https://stackoverflow.com/questions/42158596/can-windows-containers-be-hosted-on-linux#:~:text=solution%20which%20uses%20Vagrant%20and%20Packer%20on%20Mac Can Windows Containers be hosted on Linux?] | * [https://stackoverflow.com/questions/42158596/can-windows-containers-be-hosted-on-linux#:~:text=solution%20which%20uses%20Vagrant%20and%20Packer%20on%20Mac Can Windows Containers be hosted on Linux?] | ||
* [https://forums.docker.com/t/network-bridge-docker0-cant-connect-to-local-network/78175/17#:~:text=default-address-pools <code>Docker0</code> can’t connect to Local Network] | * [https://forums.docker.com/t/network-bridge-docker0-cant-connect-to-local-network/78175/17#:~:text=default-address-pools <code>Docker0</code> can’t connect to Local Network] | ||
| Line 364: | Line 588: | ||
* [https://itnext.io/docker-in-docker-521958d34efd Docker in Docker] | * [https://itnext.io/docker-in-docker-521958d34efd Docker in Docker] | ||
| valign= | |valign='top'| | ||
* [https://github.com/StefanScherer/windows-docker-machine Windows Container using Vagrant & Packer on Mac] | * [https://github.com/StefanScherer/windows-docker-machine Windows Container using Vagrant & Packer on Mac] | ||
* [https://stackoverflow.com/questions/10268583/ Downloading Java JDK on Linux via wget] | * [https://stackoverflow.com/questions/10268583/ Downloading Java JDK on Linux via wget] | ||
| Line 375: | Line 599: | ||
* [https://flume.apache.org/ Apache Flume] | * [https://flume.apache.org/ Apache Flume] | ||
* [https://kafka.apache.org/ Apache Kafka] | * [https://kafka.apache.org/ Apache Kafka] | ||
|- | |- | ||
| valign= | |valign='top'| | ||
* [https://docs.microsoft.com/en-us/virtualization/windowscontainers/manage-docker/configure-docker-daemon Configure Docker <code>daemon.json</code> on Windows] | * [https://docs.microsoft.com/en-us/virtualization/windowscontainers/manage-docker/configure-docker-daemon Configure Docker <code>daemon.json</code> on Windows] | ||
* [https://logging.apache.org/log4j/2.x/manual/cloud.html Using Log4j in Cloud Enabled Applications] | * [https://logging.apache.org/log4j/2.x/manual/cloud.html Using Log4j in Cloud Enabled Applications] | ||
| Line 392: | Line 612: | ||
* [[Podman]] | * [[Podman]] | ||
| valign= | |valign='top'| | ||
* [https://devopscube.com/reduce-docker-image-size/ Reduce Docker Image Size: 6 Optimal Methods] | * [https://devopscube.com/reduce-docker-image-size/ Reduce Docker Image Size: 6 Optimal Methods] | ||
* [https://medium.com/@TimvanBaarsen/how-to-connect-to-the-docker-host-from-inside-a-docker-container-112b4c71bc66 Connect to the Docker host from a Container] | * [https://medium.com/@TimvanBaarsen/how-to-connect-to-the-docker-host-from-inside-a-docker-container-112b4c71bc66 Connect to the Docker host from a Container] | ||
| Line 401: | Line 621: | ||
* [https://vsupalov.com/docker-arg-vs-env/ Docker ARG vs ENV] | * [https://vsupalov.com/docker-arg-vs-env/ Docker ARG vs ENV] | ||
* [[Docker Compose]] | * [[Docker Compose]] | ||
* [[Vagrant]] | |||
* [[Qemu]] | |||
|valign='top'| | |||
* [https://medium.com/@TimvanBaarsen/how-to-connect-to-the-docker-host-from-inside-a-docker-container-112b4c71bc66 Docker » Host » <code>host.docker.internal</code>] | |||
* [https://github.com/pgadmin-org/pgadmin4/blob/master/Dockerfile Alpine » Dockerfile » PgAdmin 4] | |||
* [https://github.com/better/alpine-tensorflow/blob/master/Dockerfile Alpine » Dockerfile » Tensorflow] | |||
* [https://stackoverflow.com/questions/35689628/ Docker » Alpine Shell Access] | |||
* [https://help.ubuntu.com/community/WakeOnLan Setting Up Wake-on-LAN] | |||
* [https://docs.docker.com/engine/reference/commandline/checkpoint/ Docker » Checkpoint] | |||
* [[Java Remote Debug]] | |||
* [[Multipass]] | |||
* [[Proxmox]] | |||
* [[Juju]] | |||
|- | |||
|valign='top'| | |||
* [[Dockerized PostgreSQL|Docker » PostgreSQL]] | |||
|valign='top'| | |||
| valign= | |valign='top'| | ||
|} | |} | ||
Latest revision as of 07:59, 15 January 2026
sudo usermod -aG docker $USER
newgrp docker
mkdir "$HOME/.docker"
sudo chown "$USER":"$USER" "$HOME/.docker" -R
sudo chmod g+rwx "$HOME/.docker" -R
sudo systemctl daemon-reload
sudo systemctl restart docker.service
|
Windows 10 Home
|
Windows 10 Home | |
|---|---|
# powershell
dism.exe /online /enable-feature /featurename:Microsoft-Windows-Subsystem-Linux /all /norestart
dism.exe /online /enable-feature /featurename:VirtualMachinePlatform /all /norestart
wsl --set-default-version 2
| |
# powershell
docker pull hello-world
docker run -it --rm --name hello hello-world:latest
|
# gitbash
winpty docker pull hello-world
winpty docker run -it --rm --name hello hello-world:latest
|
Networking
|
Networking | |
|---|---|
cat <<'EOF' | \
sudo tee /etc/docker/daemon.json >/dev/null
{
"bip" : "10.20.13.1/24",
"mtu" : 1500,
"dns" : [
"1.1.1.1",
"8.8.8.8",
"192.168.49.2"
],
"debug": true
}
EOF
|
cat << EOF | \
sudo tee /etc/docker/daemon.json >/dev/null
{
"mtu" : 1500,
"debug" : true,
"experimental": false,
"default-address-pools" :[{
"base" : "10.20.0.0/16",
"size" : 24
}]
}
EOF
|
apt install -y iputils
iptables -t nat -S
service docker stop
service docker start
docker run --rm --detach --publish 1983:80 nginx
docker run --rm --detach --net=host nginx
docker run --rm --detach --publish 1983:80 --net=ckn.b00 --ip 10.20.15.10 nginx
docker run --rm --detach --publish 1983:80 --net=ckn.b01 --ip 10.20.16.10 nginx
|
|
Bridge
|
Bridge |
|---|
docker network create \
--driver bridge \
--gateway 10.20.15.1 \
--subnet 10.20.15.0/24 \
--opt com.docker.network.driver.mtu=1500 \
--opt com.docker.network.bridge.enable_icc=true \
--opt com.docker.network.bridge.enable_ip_masquerade=true \
--opt com.docker.network.bridge.host_binding_ipv4=0.0.0.0 \
--opt com.docker.network.bridge.name=ckn.b00 ckn.b00
|
MAC VLAN
|
MAC VLAN |
|---|
|
Bridge mode docker network create \
--driver macvlan \
--gateway 10.20.20.1 \
--subnet 10.20.20.0/24 \
--opt parent=wlan0 ckn.v00
|
|
802.1q trunk bridge mode docker network create \
--driver macvlan \
--gateway 10.20.20.1 \
--subnet 10.20.20.0/24 \
--ip-range 10.20.20.240/28 \
--opt parent=wlan0.01 ckn.v01
|
docker network inspect ckn.v00
docker network connect ckn.v00 nginx
|
docker exec -it nginx ls -lah /sys/class/net/
docker exec -it nginx cat /etc/resolv.conf
docker inspect nginx|grep "IPAddress"
docker exec -it nginx cat /etc/hosts
curl -v http://10.20.20.240:1983
curl -v http://localhost:1983
curl -v http://10.20.20.240
|
docker network disconnect bridge nginx
docker network disconnect ckn.v00 nginx
|
IP VLAN
|
IP VLAN |
|---|
docker network create -d ipvlan \
--subnet=10.20.1.0/24 \
--subnet=10.20.2.0/24 \
--gateway=10.20.1.254 \
--gateway=10.20.2.254 \
--opt ipvlan_mode=l2 ckn.i00
|
Cache or Mirror
|
Cache or Mirro |
|---|
mkdir -p /etc/docker/registry
cat <<EOF > /etc/docker/registry/config.yml
---
proxy:
remoteurl: https://hub.chorke.org
username: academia
password: sadaqah!
EOF
|
Add Tag & Push
|
Add Tag & Push |
|---|
RFIND_FILL="s|docker.chorke.com|docker.chorke.org|";\
OLD_IMAGES="$(docker images --format 'table {{.Repository}}:{{.Tag}}'|grep chorke)";\
for OLD_IMAGE in ${OLD_IMAGES};do\
NEW_IMAGE="$(echo ${OLD_IMAGE}|sed ${RFIND_FILL})";\
docker tag ${OLD_IMAGE} ${NEW_IMAGE} &&\
docker push ${NEW_IMAGE} &&\
docker rmi ${NEW_IMAGE} &&\
docker rmi ${OLD_IMAGE};\
done
|
Troubleshoot
|
Troubleshoot | |
|---|---|
docker run --rm --net=host busybox nslookup google.com
docker run --rm --net=host alpine cat /etc/resolv.conf
docker run --rm --net=host alpine nslookup google.com
docker run --rm --net=host alpine ping google.com
docker run --rm --net=host alpine cat /etc/hosts
docker run --rm --net=host alpine ifconfig
docker run --rm --net=host alpine ip addr
docker run --rm --net=host alpine route
|
docker run --rm busybox nslookup google.com
docker run --rm alpine cat /etc/resolv.conf
docker run --rm alpine nslookup google.com
docker run --rm alpine ping google.com
docker run --rm alpine cat /etc/hosts
docker run --rm alpine ifconfig
docker run --rm alpine ip addr
docker run --rm alpine route
|
docker run --add-host=host.docker.internal:host-gateway\
-it --rm alpine ping host.docker.internal
|
docker run --add-host=host.docker.internal:host-gateway\
-it --rm alpine sh
|
docker inspect crawler|grep compose
docker logs crawler
docker logs -f crawler
|
|
export DOCKER_OPTS="--dns 8.8.8.8 --dns 8.8.4.4 --iptables=false --ip-forward=false"
firewall-cmd --permanent --zone=trusted --change-interface=docker0
firewall-cmd --reload
systemctl restart docker
| |
systemctl stop docker
rm -fr /var/lib/docker
rm -fr /etc/docker
pkill docker
|
iptables -t nat -F
ifconfig docker0 down
brctl delbr docker0
systemctl start docker
|
vim /etc/selinux/config
shutdown -r now
setenforce 0
sestatus
|
#devil most things for docker0 bridge
sudo apt remove netscript-2.4
sudo apt purge netscript-2.4
sudo apt autoremove
|
Ryzen AMD-V
|
Ryzen AMD-V |
|---|
|
Yes, AMD Ryzen 9 3900x supports virtualization. Almost every processors released since a long time have Virtualization. For Windows it's Vt-x or SVM(in some AMD motherboard vtx is renamed as SVM). |
Images Path
|
Images Path |
|---|
Ubuntu: /var/lib/docker/
Fedora: /var/lib/docker/
Debian: /var/lib/docker/
Windows: C:\ProgramData\DockerDesktop
MacOS: ~/Library/Containers/com.docker.docker/Data/vms/0/
|
Backup & Restore
|
Backup & Restore |
|---|
docker pull gitea/gitea:1.10.6
docker pull gitea/gitea:1.16.2
docker image load -i ~/.config/backup/gitea_gitea_1.10.6.tar
docker image load -i ~/.config/backup/gitea_gitea_1.16.2.tar
docker image save -o ~/.config/backup/gitea_gitea_1.10.6.tar gitea/gitea:1.10.6
docker image save -o ~/.config/backup/gitea_gitea_1.16.2.tar gitea/gitea:1.16.2
|
Reclaim Disk Space
|
Reclaim Disk Space |
|---|
cat <<'EXE' | sudo bash
sh -c 'du -sh /var/lib/docker/containers/*'
sh -c 'truncate -s 0 /var/lib/docker/containers/*/*-json.log' 2>/dev/null
docker images -f 'dangling=true' -q
docker rmi $(docker images -f 'dangling=true' -q) 2>/dev/null
docker system prune -f --volumes
docker builder prune -f -a
docker network prune -f
docker volume prune -f
apt-get clean
apt-get autoclean
apt-get autoremove -y
journalctl --disk-usage
journalctl --vacuum-time=90d
find /tmp -type f -mtime +7
find /tmp -type f -mtime +7 -delete
find /var/log/nginx -type f -mtime +90
find /var/log/nginx -type f -mtime +90 -delete
EXE
|
Custom Docker Image
|
Custom Docker Image |
|---|
cat <<'INI' | tee ./Dockerfile >/dev/null
FROM eclipse-temurin:17-jre-focal
RUN apt update --fix-missing \
&& apt install -y nginx apache2-utils
INI
docker build --rm -t 'docker.shahed.biz/tools/eclipse-temurin:17-jre-focal' -f ./Dockerfile .
docker push docker.shahed.biz/tools/eclipse-temurin:17-jre-focal
|
Recovery Parent Image
|
Recovery Parent Image |
|---|
docker pull docker.shahed.biz/shahed-academia-apps:2025-10-10T1010
docker history docker.shahed.biz/shahed-academia-apps:2025-10-10T1010
docker inspect docker.shahed.biz/shahed-academia-apps:2025-10-10T1010 | jq '.[0].RootFS.Layers'
docker run -it --name recovery-openjdk-17-slim docker.shahed.biz/shahed-academia-apps:2025-10-10T1010 bash
# executing bash command try to clean up new changes and then commit as below
docker commit recovery-openjdk-17-slim openjdk:17-slim
docker run --rm \
-v /var/run/docker.sock:/var/run/docker.sock \
alpine/dfimage:1.2 docker.shahed.biz/shahed-academia-apps:2025-10-10T1010
docker run --rm -it \
-v /var/run/docker.sock:/var/run/docker.sock \
wagoodman/dive:v0.13.1 docker.shahed.biz/shahed-academia-apps:2025-10-10T1010
docker rmi docker.shahed.biz/shahed-academia-apps:2025-10-10T1010
docker rm recovery-openjdk-17-slim
docker rmi wagoodman/dive:v0.13.1
docker rmi alpine/dfimage:1.2
|
Knowledge
|
Knowledge | |
|---|---|
docker network ls
docker network prune
docker network rm ckn.b00 ckn.b01
docker inspect nginx|grep compose
docker inspect nginx|grep "IPAddress"
docker network inspect bridge|grep "Gateway"
| |
docker rm $(docker ps -a -q)
docker stop $(docker ps -a -q)
|
docker inspect nginx
docker update --restart=no nginx
|
docker run --rm -dit --network \
none --name alpine alpine:latest ash;\
docker exec -it alpine ip link show
| |
docker network create --driver bridge \
--opt com.docker.network.bridge.name=ckn.b00 ckn.b00
| |
docker network connect ckn.b00 nginx
docker exec -it nginx cat /etc/hosts
docker inspect nginx|grep "IPAddress"
docker exec -it nginx cat /etc/resolv.conf
docker exec -it nginx ls -lah /sys/class/net/
docker run --add-host=host.docker.internal:host-gateway\
--rm alpine ping host.docker.internal
| |
docker cp ~/.m2/settings.xml alpine:/root/.m2/settings.xml
docker cp alpine:/root/.m2/settings.xml ~/.m2/settings.xml
| |
docker network disconnect bridge nginx
docker network disconnect ckn.b00 nginx
docker exec -it nginx ls -lah /sys/class/net/
| |
docker run -itd --network=ckn.b00 nginx
docker network disconnect ckn.b00 nginx
docker network connect --alias db --alias mysql ckn.b00 mysql
| |
docker inspect -f '{{.Name}} - {{.NetworkSettings.IPAddress }}' $(docker ps -aq)
docker ps --filter volume=remote-volume --format "table {{.ID}}\t{{.Mounts}}"
docker ps --filter volume=/data --format "table {{.ID}}\t{{.Mounts}}"
docker ps --format "table {{.ID}}\t{{.Labels}}"
docker ps --format '{{.Names}}\t{{.Image}}'
docker ps --format "{{.ID}}: {{.Command}}"
docker ps --filter publish=80/udp
| |