Mind Dump, Tech And Life Blog
written by Ivan Alenko
published under license Attribution-ShareAlike 4.0 International (CC BY-SA 4.0)copy! share!
posted at 29. Nov '20
last updated at 12. May '21

My Docker Cheatsheet

list containers:

sudo docker ps

run bash in a running container:

sudo docker exec -it dc61cc0ad61d bash

show logs, -f has the same behavior as tail -f has:

sudo docker logs -f dc61cc0ad61d

see mem/cpu statistics

docker stats $(docker ps | awk '{if(NR>1) print $NF}')
sudo docker stats $(sudo docker ps | awk '{if(NR>1) print $NF}')

list volumes

docker inspect --format="{{.Mounts}}" $containerID

stop and remove all

including images and volumes

docker stop $(docker ps -a -q)
docker rm $(docker ps -a -q)

docker system prune -a
docker system prune -a --volumes

get variable in dockerized etcd:

sudo docker run -e ETCDCTL_API=3 quay.io/coreos/etcd etcdctl --endpoints=192.168.0.60:2379 get BASE_HOST

set variable in dockerized etcd:

sudo docker run -e ETCDCTL_API=3 quay.io/coreos/etcd etcdctl --endpoints=192.168.0.60:2379 put BASE_HOST http://localhost

list variables (not possible to list all, needs at least one char in prefix…but can be scripted, right?):

sudo docker run -e ETCDCTL_API=3 quay.io/coreos/etcd etcdctl --endpoints=192.168.0.60:2379 get  / --prefix --keys-only`
sudo docker run -e ETCDCTL_API=3 quay.io/coreos/etcd etcdctl --endpoints=192.168.0.60:2379 get  a --prefix --keys-only`

be sure not to have accessible containers from outside!

By default Docker allows access to containers from the outside! If it has public IP and there is no authentication on Redis, Memcached or Postgres/MySQL, they will be attacked and maybe hacked.

Check with:

iptables -L
iptables -L -t nat
nmap -p 1-10000 YOUR_PUBLIC_IP

More: https://sites.google.com/site/amitsciscozone/home/docker/docker-networking-basics

Add Comment