Docker - Documentation

Link to this headingDocker

Get images with only the programs you need

Link to this headingDocker Commands

Download Docker Container:

docker pull rust

Add Credential to docker fetch:

docker login registry-1.docker.io

Copy files out of containers:

docker cp <DOCKER_NAME>:/go/xc.exe ./xc/xc.exe

Link to this headingAttach to Running Container

Running an Interactive Shell:

docker exec -it matrix-postgres /bin/bash

Link to this headingRun new Container

Override entrypoint in a Docker Container:

docker run -v $(pwd):/wd --rm -it --entrypoint=/bin/bash matrixdotorg/synapse:latest

Running an Interactive Shell in a Docker Container with Environment variables:

docker run --rm -v $(pwd):/wd --name rust --env-file ./.env -it rust /bin/bash

Link to this headingBuilding a Container

Build from Docker File with Tag:

docker build . -t agendav

Link to this headingDocker File

Example Docker File:

# select operating system FROM rust:latest # install operating system packages RUN apt-get -y update RUN apt-get -y install cmake docker mcrypt docker-compose libsasl2-dev && apt-get clean && rm -rf /var/lib/apt/lists/* ## add more packages, if necessary #git config --global credential.helper "store --file ~/.git-credentials" #echo -e "url=https://example.com\n\n" | git credential fill | git credential approve #CARGO_NET_GIT_FETCH_WITH_CLI=true cargo test WORKDIR /opt/docker-init ENTRYPOINT ["./entrypoint"]

Multi Stage Docker:

FROM rust:latest as builder RUN cargo build FROM alpine as serve COPY --from=builder ./build ./build CMD ["./build/main"]

Link to this headingCompose

https://github.com/Haxxnet/Compose-Examples

Link to this headingCommands

Run a single Container:

docker-compose -f docker-compose.yml up yourService

Run multiple files:

docker-compose -f docker-compose.yml -f docker-compose-public.yml up

Run multiple files for project:

docker-compose -f ./docker-compose-new.yml -p new_project_name up -d

Link to this headingProfiles

Docker Compose Profiles

Link to this headingDocker Mods

https://tailscale.dev/blog/docker-mod-tailscale

Link to this headingNix Dockers

Link to this headingNetworks

Bridge: Make a virtual switch and assign IP addresses. This makes it easy for info to go out but not connect back from the internet.

Host: Make the container use your network and open ports on your connection.

Macvlan: Connect your container to your internal network switch. Each Container has its own mac address and might not work with your router since there is more than one device on a single port. Need to enable promisc mode.
- You can also do vlans for this

IPVlan: Share MAC Address with host but with different IP

Link to this headingDisable iptables for docker

>>> cat /etc/docker/daemon.json { "iptables": false } >>> service docker restart

Link to this headingFirewall Routing

Docker engine adds two custom chains, DOCKER and DOCKER-USER to the iptables

iptables:

ufw:

Link to this headingDocker Socket

Examples with HTTP Connections to the Docker Sokcet
https://blog.quarkslab.com/why-is-exposing-the-docker-socket-a-really-bad-idea.html