Container
All changes that are made to containers or networks are logged under the Docker System Events
Create container
When we create a new container, Docker will create a new directory /var/lib/docker/containers/<id>.json and all the container logs will be stored under that file by default.
docker container create <image>
docker container create ubuntuAfter the container is created, you have to start the container.
List container details
docker container ls # same as docker ps
docker container ls -a # list all containers, including exited containers
docker container ls -q # only display container idStart container
You can get container id from docker container ls.
docker container start <container-id>Run a container
run container = create container + start container
Some options:
-it= interactive terminal (creates and enter the terminal session with the command you specify. This means you can execute commands inside the container while it is still running. Useful for debugging purposes.)-d= detach (Run container in background)--name= container name--rm= remove container after the process is done--hostname= setup container hostname--user- setup container username-p= port mapping--envor-eor--env-file= setup environment variables--health-cmdand--health-interval= check container state--privileged= Login as root user, the Privileged container has full access to all the host's devices and files--restart= Restart policyRestart Options Description no The container will never be restarted on-failure When the container fails, it will restart the container always The container will always be restarted unless-stopped It's very similar to "always" option, but the container will not restart when it was manually stopped and not even when the Docker Daemon restarts
docker container run <image>
docker container run ubuntu # same as docker run ubuntu
# creates and enter the terminal session
docker container run -it ubuntu
# bash is the command that runs inside the container, it will start a new Bash shell within the container
docker container run -it ubuntu bash
# Run in background with container name = myubuntu
docker container run -d --name=myubuntu ubuntu
# remove the container after the process is done
docker container run --rm ubuntu
# set hostname
docker container run --hostname=myubuntu ubuntu
# Security - setup a username instead of root
docker container run --user=1000 ubuntu
# Port mapping
docker container run -p <local_port>:<container_port> <image>
docker container run -p 80:5000 ubuntu
# the application is only available on the network 192.168.1.*
docker container run -p 192.168.1.10:8000:5000 ubuntu
# map the container port to a random port on the host (Ephemeral Port Range 32768 - 60999)
docker container run -p 5000 ubuntu
# Check Health intervals (liveness probe)
# Note: You need to append health-* in front of all parameters and cmd
docker run --health-cmd "curl -f http://localhost:8000" --health-interval=5s web-ubuntu
# Define environment variables
docker run --env <key>=<value> <image>
docker run --env PORT=8000 ubuntu
docker run -e PORT=8000 ubuntu
# Define environment variables using env file
docker run --env-file <filename> <image>
docker run --env-file .env ubuntu
# Privileged container
docker run --privileged ubuntu
# Restart policy
docker run --restart=no ubuntuExpose container port (Capital P)
Normally it will auto-publish the ports of the container on the host, but what port?
- So with the Capital P option, it will expose all the ports configured in the Dockerfile (expose instruction) when the image is being built.
- Docker uses IPTables to map a port on a container to a port on the host and it uses Docker IPTables chains to modify or configure port mapping on a host.
FROM ubuntu:22.04
RUN apt-get update
...
EXPOSE 8000docker run -P ubuntuWebApp
# Add additional ports that were not specific in the Dockerfile
docker run -P --expose=5000 ubuntuWebAppRename container
Use docker ps command to get the current container name.
docekr rename <old-name> <new-name>
docker container rename <old-name> <new-name>Run a new command in a running container
docker exec <container-id> <command>
docker container exec <container-id> <command>
docker container exec -it <container-id> /bin/bashAttach the terminal's I/O to a running container
docker attach <container-id>
docker container attach <container-id>When you attach the terminal's I/O to a running container, you enter the command, it will display the result to all the users who attach back the container. As an example, if you exit the container, all people will leave the container at the same time.
Inspect container
docker inspect <container-id>
docker container inspect <container-id>Display a live stream of containers resource usage statistics
It will list containers with CPU, memory, network, and disk consumption.
docker stats
docker container stats
docker container stats <container-id>
docker container stats <container-id> <container-id>Display running processes of a container
Display the processes and their process IDs on the Docker host.
docker container top <container-id>Container Logs
docker container logs <container-id>
docker container logs -f <container-id> # view live logsPause and Unpause container
docker container pause <container-id>
docker container unpause <container-id>Restart container
docker container restart <container-id>Update container
Reference (opens in a new tab)
docker container update --restart always <container-id>
docker container update --cpus=1.5 <container-id>Stop, remove, and prune the container
SIGTERM -> SIGKILL -> Terminate container process
When executing the docker stop command for Docker containers, Docker initiates the SIGTERM signal to the container initially. If the container does not stop within a grace period, Docker will then send the SIGKILL signal to forcibly terminate the process running within the container.
docker container stop <container-id>
docker container stop $(docker container ls -q) # stop all containers
docker container rm <container-id>
docker container rm $(docker container ls -qa) # remove all containers
docker container prune # remove all stopped containers