cheatsheet docker
create docker.json first
nano /etc/docker/daemon.json
{
"data-root": "/mnt/raid/docker",
"default-address-pools":
[
{"base":"172.17.0.0/16","size":24}
]
}
Note
"data-root" can be declared if different default location as /var/lib/docker is desired
"default-address-pools" is recommended to have all subnet created in class b network
install docker for debian
-
set up docker's apt repository
# Add Docker's official GPG key: sudo apt update sudo apt install ca-certificates curl sudo install -m 0755 -d /etc/apt/keyrings sudo curl -fsSL https://download.docker.com/linux/debian/gpg -o /etc/apt/keyrings/docker.asc sudo chmod a+r /etc/apt/keyrings/docker.asc # Add the repository to Apt sources: echo \ "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/debian \ $(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \ sudo tee /etc/apt/sources.list.d/docker.list > /dev/null sudo apt update -
install docker engine
-
verify installation
start container
Warning
for docker compose the command must be executed where compose.yaml is unlike docker run
navigate to dir where compose.yml is
Note
-d stands for detached, means is will be running in backround. if u want to run it in the console and see the output, remove -d. to exit use Ctrl+C and will stop the container immediatly!
if u want to start specific container, use
stop container
to stop all container execute following command
if u want to stop specific container, use
update container
clean system
remove all unused containers, networks, images (both dangling and unreferenced), and optionally, volumes
use random yaml filename
compose template
no need for versioning anymore bc obsolet
version: '3.8'
template
services:
<SERVICENAME>:
image: <IMAGE>:latest
container_name: <CONTAINERNAME>
restart: # unless-stopped # always #
labels:
- "com.centurylinklabs.watchtower.enable=true"
hostname: container-name.internal
user: 1000:1000
networks:
- <NETWORK>
env_file:
- .env
depends_on: (1)
- <SERVICENAME>
volumes:
- ./opt/application/data:/data
- data:/data
- /media:/downloads
ports:
- "27015:27015/tcp"
- "27015:27015/udp"
- 1337:1337 # no definition means its tcp
- 1337:1337/udp
cap_add:
- NET_ADMIN
- SYS_MODULE
sysctls:
- net.ipv4.conf.all.src_valid_mark=1 #
- net.ipv6.conf.all.disable_ipv6=1 #
environment:
<ENV>: /foo/bar
<ENV>: "foo"
<ENV>: 'foo'
- <ENV>
- <ENV>=foo
- <ENV>="foo"
- <ENV>='foo'
network_mode: service:<serivcename> # to route through other container and use their ports under ports:
network_mode: host
deploy:
resources:
limits:
cpus: '3.5'
memory: 50M
stdin_open: true # Add local console for docker attach, docker attach --sig-proxy=false <SERVICENAME>
tty: true # Add local console for docker attach
volumes:
<VOLUME>:
name: <NAME>
<VOLUME>
external: true
<VOLUME>
networks:
<NETWORK>:
external: true
<NETWORK>
{ .annotate }
1. asfasf
Lorem ipsum dolor sit amet, (1) consectetur adipiscing elit.
{ .annotate }
1. :man_raising_hand: I'm an annotation! I can contain `code`, __formatted
text__, images, ... basically anything that can be expressed in Markdown.
!!! note annotate "Phasellus posuere in sem ut cursus (1)"
Lorem ipsum dolor sit amet, (2) consectetur adipiscing elit. Nulla et
euismod nulla. Curabitur feugiat, tortor non consequat finibus, justo
purus auctor massa, nec semper lorem quam in massa.
1. :man_raising_hand: I'm an annotation!
2. :woman_raising_hand: I'm an annotation as well!
getting logs
docker logs -f <container>
docker logs -f <container>
docker logs --follow <container>
docker logs --follow --until=3s <container>
docker logs --follow --until=30m <container>
docker logs --tail 100 <container>
docker compose <command> <server>
Tip
when using compose then possible without container_name and with servicename
checking open ports of other container in same network
use random yaml filename
to get variable of environment
jump into container terminal
there are different ways
force restart of docker engine itself
If container cant be shut down