☠️
smadi0x86 Playground
  • 💀Welcome to smadi0x86 Playground
    • 🍷Resources
    • 🚬Projects
    • 🎓Certifications
    • 📌Pinned
    • ❓Questions
    • 📞Contact
  • 🏞️Cloud Native
    • Docker
      • Quick Reference
      • Introduction
      • Containers
      • Images
      • Storage & Volumes
      • Security
      • Cheatsheet
    • Git
    • Serverless Framework
    • YAML
  • 🔨Software Engineering
    • System Design
    • Environment Variables
    • JSON Web Tokens
  • 👾Architecture
    • C Language
      • Introduction
      • Calling Conventions
      • GCC Compilation
      • Libraries & Linking
      • I/O
      • Files
      • Pointers
      • Dynamic Memory Allocation
      • Data Types
      • Strings Manipulation
      • Bit Manipulation
      • Pre-processors
      • Macros
      • Type Qualifiers
    • C/C++ Build Systems
      • Fundamentals for Linking
      • Symbolic Linking
      • Cross-Platform Compilation
      • CMake for Building and Linking
      • Shared Libraries
      • Dynamic Linking and Dependency Management
    • Operating Systems
      • OS & Architecture
      • Processes
      • CPU Scheduling
      • Memory Management
  • 🛩️Cyber Warfare
    • Flight Physics
    • Communication
      • PWM & PPM
      • MAVLink
  • 🏴‍☠️Offensive Security
    • Active Directory
      • Introduction
    • Web Attacks
      • Server Side
        • OS Command Injection
        • Information Disclosure
        • Directory Traversal
        • Business Logic
        • Authentication
        • File Upload
        • SSRF
      • Client Side
        • CSRF
        • XSS
    • Recon
      • Active
        • Host discovery
        • Nmap
        • Mass Scan
      • Passive
        • Metadata
      • Web Applications
        • Discovery
        • Subdomains & Directories
        • SSL Certs
        • CMS
        • WAF Detection
      • Firewall Evasion
  • Binary Exploitation
    • Stack Smashing
      • x86
      • x86_64
    • pwntools
      • Processes and Communication
      • Logging and Context
      • Cyclic
      • Packing
      • ELF
      • ROP
  • 😈Advanced Persistent Threat
    • C2
      • Sliver
    • Malware
      • Windows Internals
        • PEB
      • Academy
        • Basics
      • Sektor7
        • Essentials
  • 💌Certifications
    • AWS Certified Cloud Practitioner (CLF-C01)
      • Cloud Foundations
      • Domain 1: Cloud Concepts
      • Domain 2: Security and Compliance
      • Domain 3: Technology
      • Domain 4: Billing and Pricing
    • AWS Certified Solutions Architect - Associate (SAA-C03)
      • Foundation
    • Certified Kubernetes Administrator (CKA)
      • Core Concepts
      • Scheduling
      • Logging & Monitoring
      • Application Lifecycle Management
      • Cluster Maintenance
      • Security
      • Storage
      • Networking
      • Design Kubernetes Cluster
      • Kubernetes The Kubeadm Way
      • Troubleshooting
      • JSONPATH
      • Lightning Lab
      • Mock Exams
      • Killer Shell
    • Certified Kubernetes Security (CKS)
      • Foundation
      • Cluster Setup
      • Cluster Hardening
      • Supply Chain Security
      • Runtime Security
      • System Hardening
      • Killer Shell
    • (KGAC-101) Kong Gateway Foundations
      • Introduction to APIs and API Management
      • Introduction to Kong Gateway
      • Getting Started with Kong Enterprise
      • Getting Started with Kong Konnect
      • Introduction to Kong Plugins
  • 📜Blog Posts
    • Modern Solutions For Preventing Ransomware Attacks
Powered by GitBook
On this page
  • Check Version
  • Containers
  • Lifecycle
  • Starting and Stopping
  • Info
  • Import / Export
  • Import/Export container
  • Executing Commands
  • Images
  • Lifecycle
  • Info
  • Load/Save image
  • Dockerfile
  • Instructions
  • Registry & Repository
  • Volumes
  • Lifecycle
  • Info
  • Networks
  • Lifecycle
  • Info
  • Connection
  1. Cloud Native
  2. Docker

Cheatsheet

PreviousSecurityNextGit

Last updated 1 year ago

Check Version

  • shows which version of docker you have running.

Containers

Lifecycle

  • ​ creates a container but does not start it.

  • ​ allows the container to be renamed.

  • ​ creates and starts a container in one operation.

  • ​ deletes a container.

  • ​ updates a container's resource limits.

Starting and Stopping

  • ​ starts a container so it is running.

  • ​ stops a running container.

  • ​ stops and starts a container.

  • ​ pauses a running container, "freezing" it in place.

  • ​ will unpause a running container.

  • ​ blocks until running container stops.

  • ​ sends a SIGKILL to a running container.

  • ​ will connect to a running container.

​

The setting is a bit strange -- 1024 means 100% of the CPU, so if you want the container to take 50% of all CPU cores, you should specify 512:docker run -it -c 512 agileek/cpuset-test

Note that Docker can still see all of the CPUs inside the container -- it just isn't using all of them.

Info

Import / Export

Import/Export container

Import a container as an image from file:cat my_container.tar.gz | docker import - my_image:my_tagExport an existing container:docker export my_container | gzip > my_container.tar.gz

Executing Commands

Images

Lifecycle

Info

Load/Save image

Load an image from file:

docker load < my_image.tar.gz

Save an existing image:

docker save my_image:my_tag | gzip > my_image.tar.gz

Dockerfile

Instructions

Registry & Repository

Volumes

Lifecycle

Info

Networks

Lifecycle

Info

Connection

CPU Constraints You can limit CPU, either using a percentage of all CPUs, or by using specific cores.For example, you can tell the setting.

You can also only use some CPU cores using :docker run -it --cpuset-cpus=0,4,6 agileek/cpuset-test

Memory Constraints: You can also set on Docker:docker run -it -m 300M ubuntu:14.04 /bin/bash

​ shows running containers.

​ gets logs from container.

​ looks at all the info on a container (including IP address).

​ gets events from container.

​ shows public facing port of container.

​ shows running processes in container.

​ shows containers' resource usage statistics.

​ shows changed files in the container's FS.

​ copies files or folders between a container and the local filesystem.

​ turns container filesystem into tarball archive stream to STDOUT.

​ to execute a command in container.

​ shows all images.

​ creates an image from a tarball.

​ creates image from Dockerfile.

​ creates image from a container, pausing it temporarily if it is running.

​ removes an image.

​ loads an image from a tar archive as STDIN, including images and tags (as of 0.7).

​ saves an image to a tar archive stream to STDOUT with all parent layers, tags & versions (as of 0.7).

​ shows history of image.

​ tags an image to a name (local or registry).

​​

​ Sets the Base Image for subsequent instructions.

​ Set the Author field of the generated images.

​ execute any commands in a new layer on top of the current image and commit the results.

​ provide defaults for an executing container.

​ informs Docker that the container listens on the specified network ports at runtime. NOTE: does not actually make ports accessible.

​ sets environment variable.

​ copies new files, directories or remote file to container. Invalidates caches. Avoid ADD and use COPY instead.

​ copies new files or directories to container. By default this copies as root regardless of the USER/WORKDIR settings. Use --chown=<user>:<group> to give ownership to another user/group. (Same for ADD.)

​ configures a container that will run as an executable.

​ creates a mount point for externally mounted volumes or other containers.

​ sets the user name for following RUN / CMD / ENTRYPOINT commands.

​ sets the working directory.

​ defines a build-time variable.

​ adds a trigger instruction when the image is used as the base for another build.

​ sets the system call signal that will be sent to the container to exit.

​ apply key/value metadata to your images, containers, or daemons.

​ override default shell is used by docker to run commands.

​ tells docker how to test a container to check that it is still working.

​ to login to a registry.

​ to logout from a registry.

​ searches registry for image.

​ pulls an image from registry to local machine.

​ pushes an image to the registry from local machine.

​​

​​

​​

​​

​ NAME Create a new network (default type: bridge).

​ NAME Remove one or more networks by name or identifier. No containers can be connected to the network when deleting it.

​ List networks

​ NAME Display detailed information on one or more networks.

​ NETWORK CONTAINER Connect a container to a network

​ NETWORK CONTAINER Disconnect a container from a network.

​

docker version
docker create
docker rename
docker run
docker rm
docker update
docker start
docker stop
docker restart
docker pause
docker unpause
docker wait
docker kill
docker attach
cpu-shares
cpuset-cpus
memory constraints
docker ps
docker logs
docker inspect
docker events
docker port
docker top
docker stats
docker diff
docker cp
docker export
docker exec
docker images
docker import
docker build
docker commit
docker rmi
docker load
docker save
docker history
docker tag
.dockerignore
FROM
MAINTAINER (deprecated - use LABEL instead)
RUN
CMD
EXPOSE
ENV
ADD
COPY
ENTRYPOINT
VOLUME
USER
WORKDIR
ARG
ONBUILD
STOPSIGNAL
LABEL
SHELL
HEALTHCHECK
docker login
docker logout
docker search
docker pull
docker push
docker volume create
docker volume rm
docker volume ls
docker volume inspect
docker network create
docker network rm
docker network ls
docker network inspect
docker network connect
docker network disconnect
https://github.com/wsargent/docker-cheat-sheet#dockerfile
🏞️
Page cover image