docker - nimrody/knowledgebase GitHub Wiki

Show stats with container names:

docker stats $(docker ps --format '{{.Names}}') docker stats --format "table {{.Name}}\t{{.Container}}\t{{.CPUPerc}}\t{{.MemUsage}}" # in docker 1.13

Debugging a container from another container
Expose port on a running container (danger!)
Standard daemon docker run command:

docker run --restart=always --log-opt max-size=50m --log-opt max-file=3 -d $registry/crawler

(Sets log rotation, automatic restart and daemon mode -d)
Search for container with a known parent image

sudo docker ps -f "ancestor=172.31.20.212:5000/admin"
Remove all containers (running or not)

docker ps -a -q | xargs --no-run-if-empty docker rm -f
Remove all images

docker images -a -q | xargs --no-run-if-empty docker rmi -f
Run image with different entry point

sudo docker run -it --rm --entrypoint /bin/bash fe8355e3e11e
More cleanup
- Delete 'exited' containers
docker rm -v $(docker ps -a -q -f status=exited)
- Delete 'dangling' images
  
  docker rmi $(docker images -f "dangling=true" -q)
- Delete 'dangling' volumes
  
  docker volume rm $(docker volume ls -qf dangling=true)

Change docker directory - in /etc/sysconfig/docker

OPTIONS="--default-ulimit nofile=1024:4096 -g /vol/b/data/docker"

Add to /etc/sysconfig/docker the line OPTIONS="--default-ulimit nofile=1024:4096 --insecure-registry 172.31.20.212:5000" (or for Fedora edit the INSECURE_REGISTRY env variable)
On AWS use the local VPC addresses.
use the following to get list of "repositories"

http://localhost:5000/v2/_catalog

then for each repository get the list of tags

http://localhost:5000/v2/crawler/tags/list

and data for specific tag using:

http://localhost:5000/v2/crawler/manifests/
Run local registry on a specified directory (/vol/b/registry)

docker run -d -p 5000:5000 --restart=always --name registry
-v /vol/b/registry:/var/lib/registry
registry:2
Docker images live in /var/lib/docker/image/devicemapper/imagedb/content/sha256

ELK docker
Tinyproxy. Run like

sudo docker run -d --name='tinyproxy' -p 6666:8888 dannydirect/tinyproxy:latest ANY

and open the port 6666 using AWS console

Switching from devicemapper to overlayFS in ECS

Add the following to /etc/sysconfig/docker-storage:

DOCKER_STORAGE_OPTIONS="--storage-driver overlay2"
For AWS logs need to add the following to /etc/sysconfig/docker

export AWS_ACCESS_KEY_ID=aaaaaaaaaaaaa export AWS_SECRET_ACCESS_KEY=kkkkk export AWS_REGION=us-west-2

This file is sourced by /etc/init.d/docker (sysv init script). Must sudo service docker restart to make docker find these environment variables.

Furthermore, docker run needs the following parameters:

--log-driver=awslogs --log-opt awslogs-region=us-west-2 --log-opt awslogs-group=prod --log-opt awslogs-stream=$module
Enable live reload (restart docker without taking down containers)

cat /etc/docker/daemon.json { "live-restore": true }