User Tools

Site Tools

tools:docker

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
tools:docker [2024/08/27 00:41] Humphrey Boa-Garttools:docker [2024/08/27 07:31] (current) – [Components] Humphrey Boa-Gart
Line 1: Line 1:
 ====== Docker ====== ====== Docker ======
  
-**Docker** is a set of platform as a service (PaaS) products that use OS-level virtualization to deliver software in packages called **containers**. Containers are isolated from one another and bundle their own software, dependencies, libraries and configuration files. Data that is passed to and from the containers is only allowed through well-defined channels. Because all of the containers share the services of a single operating system kernel, they use fewer resources than virtual machines.+**Docker** is a set of platform as a service (PaaS) products that use OS-level virtualization to deliver software in packages called **containers**. Containers are isolated from one another and bundle their own software, dependencies, libraries and configuration files. Data that is passed to and from the containers is only allowed through well-defined channels. Because all of the containers share the services of a single operating system kernel, they use fewer resources than virtual machines. The nature of the virtualization can have many security benefits, when wielded Correctly.
  
-Docker packages are typically distributed as flat inert **images**. These images are used by the Docker engine to generate the aforementioned containers, which is where the package's binaries actually run from. When the container is no longer needed, it can be shut down or destroyed. When the container is needed again, it can be quickly regenerated from the original image. The nature of the virtualization can have many security benefits, when wielded Correctly.+Docker packages are distributed as flat inert **images**. These images are used by the Docker Engine to generate the aforementioned containers, which is where the package's binaries actually run from. When the container is no longer needed, it can be destroyed. When the container is needed again, it can be quickly regenerated from the original image. You can even spawn multiple containers from a single image.
  
-Another summary, from the [[https://docs.docker.com/get-started/docker-overview/|documentation]]:+Another summary, from the [[https://docs.docker.com/get-started/docker-overview/|official documentation]]:
  
 > Docker is an open platform for developing, shipping, and running applications. Docker enables you to separate your applications from your infrastructure so you can deliver software quickly. With Docker, you can manage your infrastructure in the same ways you manage your applications. By taking advantage of Docker's methodologies for shipping, testing, and deploying code, you can significantly reduce the delay between writing code and running it in production. > Docker is an open platform for developing, shipping, and running applications. Docker enables you to separate your applications from your infrastructure so you can deliver software quickly. With Docker, you can manage your infrastructure in the same ways you manage your applications. By taking advantage of Docker's methodologies for shipping, testing, and deploying code, you can significantly reduce the delay between writing code and running it in production.
  
 ===== Components ===== ===== Components =====
 +
 +{{ :tools:dockerlogo.jpg?300|}}
  
 Docker isn't a single piece of software, but rather several components packaged together. We are not going to go in-depth to all the components here, but there are a few basic ones you should have a working knowledge of. Docker isn't a single piece of software, but rather several components packaged together. We are not going to go in-depth to all the components here, but there are a few basic ones you should have a working knowledge of.
Line 15: Line 17:
 First, is the **Docker Engine**, which is the most integral part of the service. It includes: First, is the **Docker Engine**, which is the most integral part of the service. It includes:
  
-  * The **Docker Daemon**, ''dockerd'' which is the service that runs in the background. The daemon handles the deployment of containers. When you first install Docker, you should make sure the daemon is running in [[https://docs.docker.com/engine/security/rootless/|rootless mode]]. +  * The **dockerd** daemon, which is the service that runs in the background. The daemon handles the deployment of containers. When you first install Docker, you should make sure the daemon is running in [[https://docs.docker.com/engine/security/rootless/|rootless mode]] for security purposes
-  * APIs which specify interfaces that programs can use to talk to and instruct the Docker daemon.+  * **APIs** which specify interfaces that programs can use to talk to and instruct the Docker daemon.
   * The [[tools:bash|command-line]] interface ''docker'', which is how you will be controlling Docker and your containers.   * The [[tools:bash|command-line]] interface ''docker'', which is how you will be controlling Docker and your containers.
  
-The most basic way to launch containers from images is with the ''docker run'' command. However, you can make things easier by using [[https://docs.docker.com/compose/|Docker Compose]], which launches containers by reading the settings defined in [[https://docs.docker.com/compose/gettingstarted/#step-2-define-services-in-a-compose-file|preconfigured YAML files]].+The most basic way to launch a container from an image is with the ''docker run'' command. This is fine if you are running a single stock containerbut quickly becomes cumbersome as you start adding flags and more containers. You can make things easier by using [[https://docs.docker.com/compose/|Docker Compose]], which spawns containers from images by reading the settings defined in [[https://docs.docker.com/compose/gettingstarted/#step-2-define-services-in-a-compose-file|preconfigured YAML files]].
  
-To build your own Docker images, you will be using [[https://docs.docker.com/build/|Docker Build]]. ''docker build'' reads instructions from a special type of config file called [[https://docs.docker.com/build/concepts/dockerfile/|Dockerfiles]] to generate images. These images you can then launch with ''docker run'' or ''docker compose''.+To build your own Docker images, you will be using [[https://docs.docker.com/build/|Docker Build]]. ''docker build'' reads instructions from a special type of config file called [[https://docs.docker.com/build/concepts/dockerfile/|Dockerfile]] to generate images. You can then spawn containers from these images with ''docker run'' or ''docker compose''.
  
-Finally there is [[https://hub.docker.com/|Docker Hub]], which is the biggest repository of Docker images, though they are oftentimes distributed on other sites as well, such as GitHub.+Finally there is [[https://hub.docker.com/|Docker Hub]], which is the biggest repository of Docker images. They are oftentimes distributed on other sites as well, such as GitHub. **//Be wary what images you choose to download, as many Docker images are not maintained very well, and are riddled with unpatched security exploits!//**
  
 ===== Essential Commands ===== ===== Essential Commands =====
  
 +There is a desktop app, but skip it. With just a handful of commands, you will master the basics of this software much faster, with less overhead to keep track of. For most casual Docker users, the following commands may very well be the only ones you will ever use.
 +
 +For a complete list of commands, consult the [[https://docs.docker.com/reference/cli/docker/|CLI reference docs]]. You can also run ''docker help'' and ''man docker'' to bring up the documentation in your terminal window, without having to open a web browser.
 +
 +==== Basic Image & Container Management ====
 +
 +List running containers:
 +
 +  $ docker ps
 +
 +  * ''-a'' - Lists all containers
 +  * ''-l'' - Show most recently spawned container
 +
 +Delete a container:
 +
 +  $ docker rm CONTAINERNAME
 +
 +List saved images:
 +
 +  $ docker images -a
 +
 +Delete an image:
 +
 +  $ docker rmi IMAGENAME
 +
 +==== Running & Building Containers ====
 +
 +Spawn a container from an image. If the image does not exist, it will be downloaded automatically from Docker Hub:
 +
 +  $ docker run IMAGENAME
 +
 +Spawn a container from an image defined in a **compose.yaml** file:
 +
 +  $ docker compose -f /path/to/compose.yaml up -d
 +
 +Restart a container:
 +
 +  $ docker restart CONTAINERNAME
 +
 +Stop a container:
 +
 +  $ docker stop CONTAINERNAME
 +
 +Start a stopped container:
 +
 +  $ docker start CONTAINERNAME
 +
 +Kill a container process entirely:
 +
 +  $ docker kill CONTAINERNAME
 +
 +Download a container image from Docker Hub without running it:
 +
 +  $ docker pull IMAGENAME
 +
 +Build a container image from a Dockerfile //(Do not specify the Dockerfile itself like you would with the aforementioned ''docker compose'' command and **compose.yaml**! Only specify the directory the Dockerfile is stored in)//:
 +
 +  $ docker build /path/to/dockerfile/ -t 
 +
 +==== Other Useful Commands ====
 +
 +Execute a command inside a running container:
 +
 +  $ docker exec -d CONTAINERNAME COMMANDSTRING
 +
 +Open an interactive shell session inside a running container:
 +
 +  $ docker exec -it CONTAINERNAME sh
 +
 +List port mappings for a container:
 +
 +  $ docker port CONTAINERNAME
  
-===== Things You Can Do =====+===== More Things You Can Do =====
  
   * You can use [[github>HumphreyBoaGart/vmask]] to deploy [[tactics:compartmentalize|compartmentalized]] browser environments. This package is mainly for sockpuppetry. However, you can also use it to quickly spin up disposable browsers for visiting questionable websites, and impeding the lateral movements of trackers and other scripts.   * You can use [[github>HumphreyBoaGart/vmask]] to deploy [[tactics:compartmentalize|compartmentalized]] browser environments. This package is mainly for sockpuppetry. However, you can also use it to quickly spin up disposable browsers for visiting questionable websites, and impeding the lateral movements of trackers and other scripts.
tools/docker.1724719303.txt.gz · Last modified: 2024/08/27 00:41 by Humphrey Boa-Gart

Find this page online at: https://bestpoint.institute/tools/docker