Docker === ###### tags: `arch linux` windows docker:https://www.youtube.com/watch?v=YozfiLI1ogY https://www.youtube.com/watch?v=eGz9DS-aIeY COPY url : https://yeasy.gitbook.io/docker_practice/image/dockerfile/copy Arch wiki docker: https://wiki.archlinux.org/title/docker # Docker permissions https://quietbo.com/2022/06/06/docker-%E5%BB%BA%E7%AB%8B%E7%BE%A4%E7%B5%84-got-permission-denied-while-trying-to-connect-to-the-docker-daemon-socket-at-unix%E8%A7%A3%E6%B1%BA/ # make group ``` sudo groupadd docker ``` this will make a docker group but you may see this also ``` groupadd: group 'docker' already exists ``` because its already there # add user into docker group ``` sudo gpasswd -a $USER docker ``` this auto makes your user into docker group $USER stands for USER variable you could also change it to any name you want there should be a message like below ``` Adding user admins to group docker ``` # At last ``` newgrp docker sudo systemctl restart docker ``` you will no longer need to add sudo before your docker # RUN = create + start ``` sudo docker run -itd --name <insert_name> <insert_image> ``` this runs a a detached container in the back ground for example ``` docker run -td --name test archlinux ``` # exec ``` sudo docker exec -it <insert_name> bash ``` this will make you enter the docker conatiner # create ``` sudo docker create -itd --name <name> <image> ``` only creating a docker container d stands for detach which means it stays in the background # stop container ``` sudo docker stop <container_name> ``` # start docker again with: ``` docker start <insert_container> ``` # how to copy a file to a container ``` docker cp index.html nginx_base:/usr/share/nginx/html/index.html ``` # docker rm ``` docker rm <insert_conatiner_name> ``` command to rmove container # stop running container ``` docker kill <CONTAINER ID> ``` # docker prune ``` docker prune ``` https://docs.docker.com/engine/reference/commandline/container_prune/ kills all stopped containers # create image from a container ``` docker commit <insert_name> ``` https://www.dataset.com/blog/create-docker-image/ # docker commands ``` -d #detach works in the back -it # interactive terminal --rm # removes itself after stop command --name #name --gpus #how many gpus if specified need another name for the gpu -p # 80:80 as an example is porting your 80 port to the conatiners 80 port ``` # docker cheat sheet  https://dockerlabs.collabnix.com/docker/cheatsheet/ # docker gpu document :https://docs.nvidia.com/datacenter/cloud-native/container-toolkit/user-guide.html install the ==nvidia-container-toolkit==AUR package. Next, restart docker. You can now run containers that make use of NVIDIA GPUs using the --gpus option: ``` docker run -itd --gpus all --name <insert_name> <insert_image> ``` ### specify how many gpus: if you try to specify the gpu you have to give a devive parameter ``` docker run --rm --runtime=nvidia \ -e NVIDIA_VISIBLE_DEVICES=all nvidia/cuda nvidia-smi ``` ### specify which gpu ``` docker run --rm --gpus 2 nvidia/cuda nvidia-smi ``` or ``` docker run --gpus '"device=UUID-ABCDEF,1"' nvidia/cuda:11.3.0-runtime-ubuntu20.04 nvidia-smi ``` another Query the GPU UUID using nvidia-smi and then specify that to the container ``` $ nvidia-smi -i 3 --query-gpu=uuid --format=csv ``` ``` uuid GPU-18a3e86f-4c0e-cd9f-59c3-55488c4b0c24 ``` ``` $docker run --gpus device=GPU-18a3e86f-4c0e-cd9f-59c3-55488c4b0c24 \ nvidia/cuda nvidia-smi ``` # docker networking https://www.youtube.com/watch?v=bKFMS5C4CG0&t=98s with ``` ip link ``` or ``` ip address show ``` you can see your ips # for docker ips and then ``` docker network ls ``` # bridge on default the container is pushed into the bridge network via virtual ethernet ``` bridge link ``` ``` docker inspect bridge ``` ``` docker inspect <name> ``` however you cant access through this method you have to maunally open the port # manually open port run your container with -p example ``` docker run -itd --rm -p 80:80 --name <name> <image> ``` you can access it via url internal ip address + port ``` ip:80 ``` # create a network ``` docker network create <name> ``` you can check with ``` docker network ls ``` if it is working next time you run a container you do the following ``` docker run -itd --rm --network <name_of_network> --name <name> <image> ``` this method derives from the port exposed #### note: you can do all the following to check: ``` ip address show bridge link docker inspect <name> ``` you can access it now through network ``` # you can ping them by ping <name> ``` # connect to host network ``` docker run -itd --rm --network host --name <name> <image> ``` # The mac VLan network ``` docker network create -d macvlan \ --subnet <homenetwork> \ --gateway <router> \ -o parent=<hostnetworkinterface> / <name> ```  <homenetwork> 填 192.168.0.102/24 <hostnetworkinterface> 填(enp112s0) <router> 填 192.168.0.1 get router from command: ``` ip route show | grep -i 'default via'| awk '{print $3 }' ``` or ``` ip route show default ``` and the ``` docker network create -d macvlan \ > --subnet 192.168.0.102/24 \ > --gateway 192.168.0.1 \ > -o parent=enp112s0 \ > testnetwork ``` check via ``` docker network ls ``` # DHCP range network, 192.168.1.0 - 192.168.1.254 to check if its there now assign it like this: ``` docker run -itd --rm \ --network <name_of_network> \ --ip <DHCP_range> --name <name> <image> ``` # promisuous mode enable ``` sudo ip link set enp112s0 promisc on ```` # new docker run --name netshoot -it --network custombridge --rm nicolaka/netshoot /bin/bash https://www.youtube.com/watch?v=5grbXvV_DSk&t=183s docker network create -d macvlan --subnet 192.168.0.0/24 --gateway 192.168.0.1 \ > --ip-range 192.168.0.253/32 -o parent=enp112s0 custommacvlan https://blog.oddbit.com/post/2018-03-12-using-docker-macvlan-networks/ https://collabnix.com/2-minutes-to-docker-macvlan-networking-a-beginners-guide/ https://www.reddit.com/r/docker/comments/o26zi5/comment/h24wfvl/