useful commands for docker beginner

时间:2022-10-25 16:19:32

You may want to add my wechat public account or add my technical blog's RSS feed

This list is meant to record some useful docker commands, it can help docker beginners to solve the problems they met. I'll try to keep this list current and up to date. Please leave your comments if you want to share some useful docker related commands.

How to inspect/debug a failed docker build

Tail the logs of a running container

SSH into a running container

Change the working dir

Container's port is unaccessible from outsider host

No such host

Remove the old-dated images

Automatically remove the container when it exits

Update 2017-3-25:

Copy file to or from a running container

Update 2017-4-3:

Clean up your docker system

Update 2017-4-8:

Display container resource usage statistics

Update 2017-5-18:

Clear container logs

Find the log location for a container

How to inspect/debug a failed docker build

After docker successfully executes a RUN command from a Dockerfile, a new layer in the image filesystem is committed. Conveniently you can use those layers's ids as images to start a new container. So when one of the Dockerfile command fails, what you need to do is to look for the id of the preceding layer and run a shell in a container created from that id:

docker run --rm -it <id_last_working_layer> bash -il

Once in the container, you can try the command failed to reproduce the issue, fix and test it. Finally update your Dockerfile with the fixed command.

But what if the failed command takes several hours? Rewinding prior to the failed command and running it again will be frustrating. The solution is running into the container in which the command failed.

First, find the container that failed:

docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
6934ada98de6 42e0228751b3 "/bin/sh -c './utils/" 24 minutes ago Exited (1) About a minute ago sleepy_bell

Second, commit it to an image:

$ docker commit 6934ada98de6
sha256:7015687976a478e0e94b60fa496d319cdf4ec847bcd612aecf869a72336e6b83

And then run the image [if necessary, running bash]:

$ docker run -it 7015687976a4 bash -il

Now you are actually looking at the state of the build at the time that it failed, instead of at the time before running the command that caused the failure.

Tail the logs of a running container

	docker logs -f container-id

If the container has too much logs, you can use --tail number to specify number of lines to show from the end of the logs

SSH into a running container

	sudo docker exec -it container-id /bin/bash

-i, --interactive, Keep STDIN open even if not attached

-t, --tty Allocate a pseudo-TTY

NOTE:

docker attach will let you connect to your Docker container, but this isn't really the same thing as ssh. If your container is running a web server, for example, docker attach will probably connect you the stdout of the web service process

Change the working dir

RUN cd /tmp doesn't have any effect on the next instruction, use WORKDIR /tmp instead, the Docker daemon runs instruction in the Dockerfile one-by-one, committing the result of each instruction to a new image if necessary, so RUN cd /tmp will not have any effect on the next instructions.

Container's port is unaccessible from outsider host

Already EXPOSE port on Dockerfile, but port is unaccessible from outsider host.

The EXPOSE instruction informs Docker that the container listens on the specified network ports at run time. EXPOSE does not make the ports of the container accessible to the host. To do that, you must use either the -p flag to publish a range of ports or the -P flag to publish all of the exposed ports.

No such host

This error occurred:

dial tcp: lookup auth.docker.io on 10.0.2.3:53: no such host

You can solve this by add DNS server

	docker-machine ssh
echo "nameserver 8.8.8.8" > /etc/resolv.conf

Remove the old-dated images

Images will take disk spaces, you may want to remove the old dated images:

docker images | grep "weeks" | awk '{print $3}' | xargs --no-run-if-empty docker rmi

I think you can think up the command to remove all untagged images

Automatically remove the container when it exits

The containers that are not running are not taking any system resources besides disk space. It is usually good to clean up the container when the container exits:

docker run --rm ubuntu:14.04
--rm  Automatically remove the container when it exits

Too many open files

Change the max open files then restart docker service

ulimit -a
ulimit -n 100000 #change max open files

Debug an stopped container

docker start -ai container-id

-a, --attach=false

-i, --interactive=false

Copy file to or from a running container

Copy file from a running container

docker cp container:src_path dest_path

Copy file to a running container

docker cp src_path container:dest_path

Clean up your docker system

Show docker disk usage:

docker system df

Remove unused data:

docker system prune

Display container resource usage statistics

Display a live stream of continer(s) resource(CPU/Memory/IO) usage statistics

$ docker stats

Clear container logs

$ docker logs -c (clear) <container>

Find the log location for a container

$ docker inspect --format='{{.LogPath}}' $INSTANCE_ID

Other Resources You Should Know

Dockerfile best practices