You may want to add my wechat public account or add my technical blog's RSS feed
This list is meant to record some useful docker commands, it can help docker beginners to solve the problems they met. I'll try to keep this list current and up to date. Please leave your comments if you want to share some useful docker related commands.
How to inspect/debug a failed docker build
Tail the logs of a running container
Container's port is unaccessible from outsider host
Automatically remove the container when it exits
Update 2017-3-25:
Copy file to or from a running container
Update 2017-4-3:
Clean up your docker system
Update 2017-4-8:
Display container resource usage statistics
Update 2017-5-18:
Clear container logs
Find the log location for a container
How to inspect/debug a failed docker build
After docker successfully executes a RUN
command from a Dockerfile, a new layer in the image filesystem is committed. Conveniently you can use those layers's ids as images to start a new container. So when one of the Dockerfile command fails, what you need to do is to look for the id of the preceding layer and run a shell in a container created from that id:
docker run --rm -it <id_last_working_layer> bash -il
Once in the container, you can try the command failed to reproduce the issue, fix and test it. Finally update your Dockerfile with the fixed command.
But what if the failed command takes several hours? Rewinding prior to the failed command and running it again will be frustrating. The solution is running into the container in which the command failed.
First, find the container that failed:
docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
6934ada98de6 42e0228751b3 "/bin/sh -c './utils/" 24 minutes ago Exited (1) About a minute ago sleepy_bell
Second, commit it to an image:
$ docker commit 6934ada98de6
sha256:7015687976a478e0e94b60fa496d319cdf4ec847bcd612aecf869a72336e6b83
And then run the image [if necessary, running bash]:
$ docker run -it 7015687976a4 bash -il
Now you are actually looking at the state of the build at the time that it failed, instead of at the time before running the command that caused the failure.
Tail the logs of a running container
docker logs -f container-id
If the container has too much logs, you can use --tail number
to specify number of lines to show from the end of the logs
SSH into a running container
sudo docker exec -it container-id /bin/bash
-i, --interactive, Keep STDIN open even if not attached
-t, --tty Allocate a pseudo-TTY
NOTE:
docker attach
will let you connect to your Docker container, but this isn't really the same thing as ssh
. If your container is running a web server, for example, docker attach will probably connect you the stdout of the web service process
Change the working dir
RUN cd /tmp
doesn't have any effect on the next instruction, use WORKDIR /tmp
instead, the Docker daemon runs instruction in the Dockerfile one-by-one, committing the result of each instruction to a new image if necessary, so RUN cd /tmp
will not have any effect on the next instructions.
Container's port is unaccessible from outsider host
Already EXPOSE port
on Dockerfile, but port is unaccessible from outsider host.
The EXPOSE
instruction informs Docker that the container listens on the specified network ports at run time. EXPOSE
does not make the ports of the container accessible to the host. To do that, you must use either the -p
flag to publish a range of ports or the -P
flag to publish all of the exposed ports.
No such host
This error occurred:
dial tcp: lookup auth.docker.io on 10.0.2.3:53: no such host
You can solve this by add DNS server
docker-machine ssh
echo "nameserver 8.8.8.8" > /etc/resolv.conf
Remove the old-dated images
Images will take disk spaces, you may want to remove the old dated images:
docker images | grep "weeks" | awk '{print $3}' | xargs --no-run-if-empty docker rmi
I think you can think up the command to remove all untagged images
Automatically remove the container when it exits
The containers that are not running are not taking any system resources besides disk space. It is usually good to clean up the container when the container exits:
docker run --rm ubuntu:14.04
--rm Automatically remove the container when it exits
Too many open files
Change the max open files then restart docker service
ulimit -a
ulimit -n 100000 #change max open files
Debug an stopped container
docker start -ai container-id
-a, --attach=false
-i, --interactive=false
Copy file to or from a running container
Copy file from a running container
docker cp container:src_path dest_path
Copy file to a running container
docker cp src_path container:dest_path
Clean up your docker system
Show docker disk usage:
docker system df
Remove unused data:
docker system prune
Display container resource usage statistics
Display a live stream of continer(s) resource(CPU/Memory/IO) usage statistics
$ docker stats
Clear container logs
$ docker logs -c (clear) <container>
Find the log location for a container
$ docker inspect --format='{{.LogPath}}' $INSTANCE_ID