I will use 7dd6d89ffda8 as container ID, a294gh092j34 as image ID and festive_edison:latest as image name in my examples.

image

1. list all local images

   # with trunc SHA256 hash
   docker images
   # with entire SHA256 hash
   docker images --no-trunc
   

2. delete image

   docker rmi a294gh092j34
   

container

1. start from an image

   # create a container for image "ubuntu", start this container and step in it on command-line mode
   # -i: interactive
   # -t: command-line
   # ubuntu: name of image
   # /bin/bash：放在镜像名后的是命令，这里我们希望有个交互式 Shell，因此用的是 /bin/bash。
   docker run -it ubuntu /bin/bash
   

2. list all local constainers

   docker ps -a
   

3. get in a running container

   docker attach 7dd6d89ffda8
   

4. import and export containers

# export container to file
docker export 7dd6d89ffda8 > ubuntu.tar

# import file as image "test/ubuntu:v1"
cat docker/ubuntu.tar | docker import - test/ubuntu:v1

1. find out which image a Docker container originated from

   docker inspect 7dd6d89ffda8 | grep Image
   # or
   docker inspect 7dd6d89ffda8 --format=''
   

2. start a container

   docker start 7dd6d89ffda8
   

3. CMD The CMD is defined at the time of container creation. To change it, you must create a new container based on the existing one, overriding the CMD.

4. export container to image

   docker commit 7dd6d89ffda8 festive_edison
   

   7dd6d89ffda8 is container’s name. Name of new image is festive_edison.

5. delete a container

Docker Image Cross-Platform Usage

A Docker image or container exported on Ubuntu can generally be used on Windows, vice versa.

other

1.

Configuration file of docker is /etc/docker/daemon.json. You can add code below to reset registry. It will be activated when docker is restarted.

{
    "registry-mirrors": [
        "http://hub-mirror.c.163.com",
        "https://docker.mirrors.ustc.edu.cn",
        "https://registry.docker-cn.com"
    ]
}

2. why need sudo

It’s normal to require sudo when running Docker commands on Ubuntu by default. This happens because the Docker daemon (the service that manages Docker containers) runs with root privileges, and users who are not in the docker group must use sudo to access it.

3. sudo and privileged

Using sudo affects only the host-side permissions to execute Docker commands, while --privileged changes the security model and capabilities within the container itself. They are separate and have different implications for container security and isolation.

4.

You won’t be able to modify the bind mount directly because Docker doesn’t support changing mount options (like read-only) on an existing container, which means you have create a new container with a bind mount like command below:

# -v path on host : path on container
docker run -it -v /home/user/project:/usr/src/app festive_edison /bin/bash

Q&A

1.

net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)
# 或
net/http: TLS handshake timeout
# 或
request canceled (Client.Timeout exceeded while awaiting headers)

or

Error response from daemon: Get "https://registry-1.docker.io/v2/": net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)

or

Error response from daemon: Get "https://registry-1.docker.io/v2/": dial tcp ip: connect: connection refused

reference

solution using VPN:

1. prepare a valid VPN
2. run sudo mkdir -p /etc/systemd/system/docker.service.d to create a folder
3. run sudo touch /etc/systemd/system/docker.service.d/http-proxy.conf to create a configuration file.
4. run sudo vim /etc/systemd/system/docker.service.d/http-proxy.conf to open it.
5. add configuration like below into it. Note that use your own proxy link.

   [Service]
   Environment="HTTP_PROXY=http://localhost:8889/"
   Environment="HTTPS_PROXY=http://localhost:8889/"
   

6. restart docker using commands below

   sudo systemctl daemon-reload
   sudo systemctl restart docker
   

   2.

   problem: Got error when I used Dockerfile to create a docker image. solution: perform every command in Dockerfile step by step manually.

3.

An error when run a image:

Failed to run image. (HTTP code 400) bad parameter - no command specified

reason: I created this image from a container and didn’t to add default cmd into this image.

solution: create a new Dockerfile based on the existing image. If this image is linux-based:

FROM myimage:latest
CMD ["/bin/bash"]

If this image is Windows-based:

FROM myimage:latest
CMD ["cmd.exe"]

4.

container exit with code 0 at once when I start a container. </br> reason: the container doesn’t start with interactive mode and step in it on command-line mode.</br> solution: I run docker rum -it festive_edison:latest. Note that command /bin/sh will be run automatically after a container start in this instance.

5. KVM

I got KVM is not enabled on host when I started docker desktop. Docker Desktop on Linux relies on a virtual machine as its backend. If KVM is not available, the default VM backend won’t work. Use command egrep -c '(vmx|svm)' /proc/cpuinfo to check whether a CPU supports virtualization. If the output is 0, this CPU does not support virtualization, or it is disabled in the BIOS/UEFI.