medusa/the_information_nexus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
54015a85356e32ee6254315283a81956a8409064
the_information_nexus/tech_docs/docker_primer.md
medusa 19bc3ed47c Add tech_docs/docker_primer.md
2025-06-19 05:42:06 +00:00

8.8 KiB
Raw Blame History

Heres a no-nonsense Docker CLI guide focused on the 20% of commands that deliver 80% of the value for senior engineers, with real-world examples and troubleshooting tips:

Docker CLI: The Senior Engineers Cheat Sheet

Goal: Master Dockers command-line interface for debugging, optimization, and orchestration.

1. Core Commands (The Essentials)

Command What It Does Key Flags
docker run Start a container -d (detached), -p 80:80 (port map)
docker ps List running containers -a (show stopped)
docker exec -it Run a command in a running container -it (interactive TTY)
docker logs View container logs -f (follow), --tail 100
docker stop / docker rm Stop or remove a container -f (force remove running)

Pro Tip:

  • Use docker run --rm to auto-remove containers after they exit (great for testing).

2. Image Management

Command What It Does Key Flags
docker build Build an image from a Dockerfile -t my-image:tag (tag image)
docker images List local images -q (quiet, just IDs)
docker pull Download an image from a registry --platform linux/amd64
docker push Upload an image to a registry
docker image prune Delete unused images -a (remove all dangling)

Critical Knowledge:

  • Image Layers: Each RUN, COPY, etc., in a Dockerfile creates a layer (cacheable).
  • Multi-Platform Builds: 
    docker buildx build --platform linux/amd64,linux/arm64 -t my-image:multiarch .

3. Networking & Ports

Command What It Does Example
docker network ls List networks
docker network inspect Show network details (IPs, gateways) docker network inspect bridge
docker port List port mappings docker port my-container
docker run --network Attach to a specific network --network host (host mode)

Key Concepts:

  • Bridge Network: Default (NATd containers).
  • Host Network: Bypasses Docker networking (faster, less secure).
  • Overlay Network: For multi-host Swarm/Kubernetes.

4. Storage & Volumes

Command What It Does Example
docker volume ls List volumes
docker volume create Create a named volume docker volume create my-vol
docker run -v Mount a volume or bind mount -v /data:/app/data
docker cp Copy files between host/container docker cp my-container:/file .

Pro Tips:

  • Named Volumes: Managed by Docker (best for databases).
  • Bind Mounts: Link to host dir (great for development): 
    docker run -v $(pwd):/app my-image

5. Debugging & Troubleshooting

Command What It Does When to Use
docker stats Live resource usage (CPU/mem/IO) Identify resource hogs
docker top View processes inside a container Debug hung processes
docker inspect Low-level container/image details Find IPs, volumes, configs
docker events Real-time Docker daemon events Audit container lifecycles
docker system df Show disk usage (images, containers, volumes) Cleanup decisions

Critical Flags for docker inspect:

docker inspect -f '{{.NetworkSettings.IPAddress}}' my-container  # Get container IP
docker inspect -f '{{.LogPath}}' my-container                   # Find log file path

6. Cleanup & Maintenance

Command What It Does Nuclear Option
docker container prune Remove stopped containers
docker image prune Remove dangling images -a (remove all unused)
docker system prune Remove everything unused --volumes (include volumes)

Warning:

  • docker system prune --all --volumes deletes all unused images, containers, and volumes (use with caution!).

7. Docker Compose (Bonus)

Command What It Does
docker-compose up Start services defined in docker-compose.yml
docker-compose down Stop and remove services
docker-compose logs View aggregated logs
docker-compose exec Run a command in a service container

Pro Tip:

  • Use docker-compose --profile to enable/disable services (e.g., dev vs. prod): 
    services:
  redis:
    profiles: ["prod"]

8. Real-World Scenarios

1. Debug a Crashing Container

docker logs -f my-container       # Check logs
docker exec -it my-container sh  # Shell into it
docker inspect my-container      # Check exit code

2. Simulate Out-of-Memory (OOM) Killer

docker run -m 100m --rm alpine tail /dev/zero  # Trigger OOM
dmesg | grep -i kill                           # Find OOM event

3. Optimize Builds

# Bad (creates huge layers):
RUN apt-get update && apt-get install -y python
RUN pip install -r requirements.txt

# Good (single layer):
RUN apt-get update && apt-get install -y python && \
    pip install -r requirements.txt && \
    apt-get clean

9. Interview Questions

  1. How do you reduce Docker image size?

    • Use multi-stage builds, Alpine-based images, and clean up temp files in the same RUN layer.

  2. Whats the difference between CMD and ENTRYPOINT?

    • ENTRYPOINT defines the executable; CMD provides default args (can be overridden by docker run).

  3. How do you persist data in Docker?

    • Volumes (-v my-vol:/data) or bind mounts (-v /host/path:/data).

10. Cheat Sheet

# Start a container with a shell
docker run -it --rm alpine sh

# Build and tag an image
docker build -t my-app:1.0 .

# Clean up everything unused
docker system prune -a --volumes

Next Steps:

  • Learn Docker Swarm (docker swarm init).
  • Dive into Kubernetes (kubectl).
  • Master eBPF for container tracing (bpftrace).

Need a deep dive on Docker security or multi-host networking? Let me know! 🐳