Thursday, July 8, 2021

Docker Command List - Full list

 Management Commands:

  app*        Docker App (Docker Inc., v0.9.1-beta3)

  builder     Manage builds

  buildx*     Build with BuildKit (Docker Inc., v0.5.1-docker)

  compose*    Docker Compose (Docker Inc., 2.0.0-beta.1)

  config      Manage Docker configs

  container   Manage containers

  context     Manage contexts

  image       Manage images

  manifest    Manage Docker image manifests and manifest lists

  network     Manage networks

  node        Manage Swarm nodes

  plugin      Manage plugins

  scan*       Docker Scan (Docker Inc., v0.8.0)

  secret      Manage Docker secrets

  service     Manage services

  stack       Manage Docker stacks

  swarm       Manage Swarm

  system      Manage Docker

  trust       Manage trust on Docker images

  volume      Manage volumes


Commands:

  attach      Attach local standard input, output, and error streams to a running contain

er

  build       Build an image from a Dockerfile

  commit      Create a new image from a container's changes

  cp          Copy files/folders between a container and the local filesystem

  create      Create a new container

  diff        Inspect changes to files or directories on a container's filesystem

  events      Get real time events from the server

  exec        Run a command in a running container

  export      Export a container's filesystem as a tar archive

  history     Show the history of an image

  images      List images

  import      Import the contents from a tarball to create a filesystem image

  info        Display system-wide information

  inspect     Return low-level information on Docker objects

  kill        Kill one or more running containers

  load        Load an image from a tar archive or STDIN

  login       Log in to a Docker registry

  logout      Log out from a Docker registry

  logs        Fetch the logs of a container

  pause       Pause all processes within one or more containers

  port        List port mappings or a specific mapping for the container

  ps          List containers

  pull        Pull an image or a repository from a registry

  push        Push an image or a repository to a registry

  rename      Rename a container

  restart     Restart one or more containers

  rm          Remove one or more containers

  rmi         Remove one or more images

  run         Run a command in a new container

  save        Save one or more images to a tar archive (streamed to STDOUT by default)

  search      Search the Docker Hub for images

  start       Start one or more stopped containers

  stats       Display a live stream of container(s) resource usage statistics

  stop        Stop one or more running containers

  tag         Create a tag TARGET_IMAGE that refers to SOURCE_IMAGE

  top         Display the running processes of a container

  unpause     Unpause all processes within one or more containers

  update      Update configuration of one or more containers

  version     Show the Docker version information

  wait        Block until one or more containers stop, then print their exit codes

at No comments:

Docker-Learn3

 docker container run --detach --rm --publish 80:80 --name webserver nginx

docker container run --detach  --publish 80:80 --name webserver nginx

docker container rm <container_Name|container_Id_First3Digit_SHA>


Use -- flags, its a good practice in docker


docker image ls 


docker container logs webserver


docker container top ContainerID|containerName


docker run -d --name mongo mongo

-------------------------------------

$ docker run -it --rm --privileged --pid=host justincormack/nsenter1

/ #

-------------------------------------

ps aux | { head -1; grep -E 'mysql|mongo' ; }

ps -ef | { head -1; grep bash; }

ps aux | { head -1; grep 999 ; }

-------------------------------------


Docker proces is running on host 

docker top mongo 

//mongo is name of container and this command tells us processes running as a part of mongo docker container - top 10 Processes

ps aux | grep mongod


-------------------------------------

docs.docker.com

--help 

Our friends

-------------------------------------


docker container run -d -p 3306:3306 --name db --env MYSQL_RANDOM_ROOT_PASSWORD=yes mysql


-------------------------------------------------------------------------------------------------

Analyse Outside container

docker container top Container_Name

docker container inspect [OPTIONS] Container_Name

docker container stats [OPTIONS] [CONTAINER...]  //if no container_Name , it means all


-------------------------------------------------------------------------------------------------

Analyse Inside container - To know about whats happening in container

docker container start -ai Container_Name   //a means attach , i means interactive

docker container exec -it Container_Name   //t means tty , i means interactive

docker container run -it ImageName              //t means tty , i means interactive

-------------------------------------------------------------------------------------------------

apt-get update

apt-get install -y procps //Install "ps" in mysql - Its having debian

-------------------------------------------------------------------------------------------------

docker container port nginx


virtual network  ----is having a container's port

host port

only host port is mapped to only 1 Container...mapped


A container can talk to other container if they are on same virtual networks

-------------------------------------------------------------------------------------------------------

• Each Container is by default connected to - private virtual network "Bridge"

• Each PVN routes through NAT Firewall on host IP

• All containers on a virtual network can talk to each other without -p 

For example :

A network has 2 Containers :-> Mysql and httpd

httpd has 8080:80 

While Mysql has nothing

Mysql can talk to httpd

• 2 Different networks cannot talk to each other they have to go via NAT

• 1 host level port is mapped to 1 container only


• Make new virtual networks

• Attach containers to more than 1 virtual network

• Use docker network Drivers.

----------------------------------------------------------------------------------------------

ifconfig en0 // Linux based Actual Host machine

ipconfig // Windows based Actual Host machine

----------------------------------------------------------------------------------------------

docker container port ContainerID

docker container inspect ContainerID 

docker container inspect  --format  "{{ .NetworkSettings.IPAddress}}" nginx

----------------------------------------------------------------------------------------------

Why its called a bridge network ?

Its a type of "Driver"

because this vpn connects our container to outside physical network through  NAT  firewall

----------------------------------------------------------------------------------------------

:::::docker network commands :::::


• docker network ls      // Shows list of all private virtual networks with type of Drivers they possess

//bridge is called "bridge" or "docker0"



• docker network inspect bridge //shows containers attached to this network

Each Container has its own IP Address , although they are attached to same Network SHAid


• Network Type has a Subnet": "172.17.0.0/16" in IPAM Config

has many containers attached to it , Each having its own Ip Addresses

 "IPv4Address": "172.17.0.6/16"

 "IPv4Address": "172.17.0.3/16"

"IPv4Address": "172.17.0.2/16"

----------------------------------------------------------------------------------------------

172.17.0.0 ---- Default IP Address of Bridge Network


----------------------------------------------------------------------------------------------

another network is "host", gives up docker security

attaches directly to host interface

----------------------------------------------------------------------------------------------

docker network inspect bridge

docker network inspect host

docker network inspect none

----------------------------------------------------------------------------------------------

:::: Create a new network

docker network create my_app_net

docker network inspect my_app_net 

"Subnet": "172.18.0.0/16",

"Gateway": "172.18.0.1"

----------------------------------------------------------------------------------------------

docker network create my_app_net 

docker container run --name new_nginx --network my_app_net nginx:alpine //New Container

docker network inspect my_app_net // it has new_nginx attached to it

// --network network   flag on "run" command       Connect a container to a network

----------------------------------------------------------------------------------------------

//docker network 

// docker network connect [OPTIONS] NETWORK CONTAINER

docker network connect --help

docker network  connect  my_app_net nginx          //Attach network to container

docker container inspect nginx      //Inspect container --- It shows connection to 2 networks, now



 "Networks": {

                "bridge": {

                    "IPAMConfig": null,

                    "Gateway": "172.17.0.1",

                    "IPAddress": "172.17.0.6",

                },

                "my_app_net": {

                    "IPAMConfig": {},

                    "Gateway": "172.18.0.1",

                    "IPAddress": "172.18.0.3",


                }

            }

----------------------------------------------------------------------------------------------

docker network disconnect  my_app_net nginx    // Disconnect custom network from ContainerName

----------------------------------------------------------------------------------------------

if apps are on same host, then you should connect both apps to same network 

Explicit -p is very safe because all other ports are blocked!!!! so its very safe.

----------------------------------------------------------------------------------------------

docker network create --driver bridge my_app_net


----------------------------------------------------------------------------------------------

Containers should not rely on IP addresses for communication. DNS Should be used.


Custom Network have DNS Server built into them

default "bridge" network does not has DNS, use --link as workaround.


docker container exec -it my_nginx ping new_nginx


Container Names can be used as - DNS Hostnames , So, if there are 2 containes on same custom Network

They can ping each other using just "Container Names" which are DNS Names

at No comments:

Docker-Learn2

docker version

//Server and client versions specified

//Client can talk to server


docker info

//Detailed Info and configuration


docker

//List of all command


docker management_command subcommand

in 2017 it was revamped

docker container  run    [new]

docker run [old]


docker container run -it --rm alpine:latest '/bin/sh'










at No comments:

Docker-Learn1

https://itnext.io/chroot-cgroups-and-namespaces-an-overview-37124d995e3d

https://www.youtube.com/watch?v=8fi7uSYlOdc

https://www.docker.com/play-with-docker



https://www.docker.com/101-tutorial     [<<<<<<<<<<<<<<<BEGIN Here<<<<<<<<<<<<]

docker run -dp 80:80 docker/getting-started 


docker <command> --help

docker run -d -p --rm -it IMAGE "startupCommand"

-d        detached mode in console

-p       HostPort:DockerPort

-i         make it interactive

-t        make a pseudo tty

--rm   remove once container stopped/exited

docker start containerID

docker stop ContainerID

docker rm containerID

docker ps -a

docker ps 


CONTAINERID          IMAGE           COMMAND             CREATED          STATUS          PORTS             NAMES


docker rm 10c997a681fa


https://towardsdatascience.com/learn-enough-docker-to-be-useful-b0b44222eef5

https://www.freecodecamp.org/news/a-beginner-friendly-introduction-to-containers-vms-and-docker-79a9e3e119b/


https://phoenixnap.com/kb/grep-command-linux-unix-examples


Recall that a Docker container is a Docker image brought to life

A Dockerfile instruction is a capitalized word at the start of a line followed by its arguments. Each line in a Dockerfile can contain an instruction.


Only the instructions FROM, RUN, COPY, and ADD create layers in the final image. 

Other instructions configure things, add metadata, or tell Docker to do something at run time, such as expose a port or run a command



Some docker commands have subcommands

Example

docker image ls

docker image rm 

docker image build

docker image pull


docker pull hello-world

docker rm 057c5b1edd19 2da87d301ae6


An image being referenced by container cannot be removed even if a container is itself "Exited/Stopped"

You have to either rm the container or use -force with image

docker rm CONTAINERID 

docker image rm image1 image2



at No comments:

Docker-Learn

 docker version

docker info

docker command --- In 2017 Introduced "management commands" and  "subcommands"


docker image --help

docker container --help


docker container run --publish 80:80 nginx


docker container ls  //Only shows running containers


docker container ls -a    //All containers including stopped ones


docker container run --publish 80:80 --name webhost --detach nginx     //Container name has to be unique as well

                                                                                                                                           //cannot conflict with stopped container name as well


docker container stop fb7 webhost2                  //I mixed containerId and containerName, Can't stop running container as well


 docker container logs --follow  containerID                         //Tailing Logs

at No comments:

Wednesday, July 7, 2021

Browser : Chrome: Mixed Content, Http/Https

https://developer.mozilla.org/en-US/docs/Web/Security/Mixed_content/How_to_fix_website_with_mixed_content

https://blog.chromium.org/2020/02/protecting-users-from-insecure.html


How to fix your website

The best strategy to avoid mixed content blocking is to serve all the content as HTTPS instead of HTTP.

at No comments:
Labels: , ,

AWS:CloudShell:CLI: aws ec2 describe-instances

https://thehftguy.com/2016/03/10/how-to-export-amazon-ec2-instances-to-a-csv-file/

https://gmusumeci.medium.com/how-to-export-aws-ec2-instances-in-multiple-aws-regions-and-multiple-aws-accounts-to-excel-csv-ce283af0ed90

https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Filtering.html

https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-instances.html

https://docs.aws.amazon.com/cloudshell/latest/userguide/working-with-cloudshell.html


AWS Cloud Shell 

aws ec2 describe-instances --filters "Name=tag:Environment,Values=QA"  --output json

aws ec2 describe-instances --filters "Name=tag:Environment,Values=QA" --output table  >  QA_EC2_Instances.tsv


InstanceId

InstanceType

PrivateIpAddress


aws ec2 describe-instances \

--filters "Name=tag:Environment,Values=QA" \

--query 'Reservations[*].Instances[*].{InstanceId:InstanceId,InstanceType:InstanceType,PrivateIpAddress:PrivateIpAddress}' \

--output json \

>  QA_EC2_Instances.json



aws ec2 describe-instances --filters Name=instance-state-name,Values=running --query "Reservations[*].Instances[*].InstanceId" --output text


aws iam list-access-keys --user-name  john_doe

aws iam list-access-keys --user-name  john_doe

at No comments:
Labels: , , , ,
Subscribe to: Posts (Atom)

Azure - Pipeline - Add Approver for Stage

https://learn.microsoft.com/en-us/azure/devops/pipelines/process/approvals?view=azure-devops&tabs=check-pass