tricky

Previousdockerd Nexttroubleshooting

Last updated 22 days ago

Was this helpful?

tricky

configure files

docker desktop

[!TIP|label:references:]

FILE

MACOS

WINDOWS

LINUX

settings-store.json settings.json(<=v4.34)

~/Library/Group Containers/group.com.docker/settings-store.json

%APPDATA%\Docker\settings-store.json

~/.docker/settings-store.json

.com.apple.containermanagerd.metadata.plist

~/Library/Containers/com.docker.docker/.com.apple.containermanagerd.metadata.plist

{
  "AcceptCanaryUpdates": false,
  "ActiveOrganizationName": "",
  "AllowBetaFeatures": true,
  "AllowExperimentalFeatures": true,
  "AnalyticsEnabled": true,
  "AutoDownloadUpdates": false,
  "AutoPauseTimedActivitySeconds": 30,
  "AutoPauseTimeoutSeconds": 300,
  "AutoStart": false,
  "BackupData": false,
  "BlockDockerLoad": false,
  "ContainerTerminal": "integrated",
  "ContainersOverrideProxyExclude": "",
  "ContainersOverrideProxyHTTP": "",
  "ContainersOverrideProxyHTTPS": "",
  "ContainersOverrideProxyPAC": "",
  "ContainersOverrideProxyTCP": "",
  "ContainersOverrideProxyTransparentPorts": "80,443",
  "ContainersProxyHTTPMode": "",
  "Cpus": 12,
  "CredentialHelper": "docker-credential-osxkeychain",
  "CustomWslDistroDir": "",
  "DataFolder": "/Users/marslo/Library/Containers/com.docker.docker/Data/vms/0/data",
  "DefaultSnapshotter": "overlayfs",
  "DeprecatedCgroupv1": false,
  "DesktopTerminalEnabled": false,
  "DevEnvironmentsEnabled": false,
  "DisableHardwareAcceleration": false,
  "DisableUpdate": false,
  "DiskFlush": "os",
  "DiskSizeMiB": 61035,
  "DiskStats": "",
  "DiskTRIM": true,
  "DisplayRestartDialog": true,
  "DisplaySwitchWinLinContainers": false,
  "Displayed18362Deprecation": false,
  "DisplayedElectronPopup": [],
  "DisplayedOnboarding": true,
  "DockerAppLaunchPath": "/Applications/Docker.app",
  "DockerBinInstallPath": "system",
  "DockerDebugDefaultEnabled": false,
  "DogfoodFeatureFlagsEnabled": false,
  "ECIDockerSocketAllowDerivedImages": true,
  "ECIDockerSocketCmdList": [],
  "ECIDockerSocketCmdListType": "deny",
  "ECIDockerSocketImgList": [],
  "EnableDefaultDockerSocket": true,
  "EnableIntegrationWithDefaultWslDistro": false,
  "EnableIntegrityCheck": true,
  "EnableSegmentDebug": false,
  "EnableWasmShims": false,
  "EnhancedContainerIsolation": false,
  "ExposeDockerAPIOnTCP2375": false,
  "ExtensionsEnabled": true,
  "ExtensionsPrivateMarketplace": false,
  "ExtensionsPrivateMarketplaceAdminContactURL": "",
  "FilesharingDirectories": [
    "/Users",
    "/Volumes",
    "/private",
    "/tmp",
    "/var/folders"
  ],
  "HostNetworkingEnabled": false,
  "IPv4Only": false,
  "IPv6Only": false,
  "KernelForUDP": false,
  "KubernetesEnabled": false,
  "KubernetesImagesRepository": "",
  "KubernetesMode": "",
  "KubernetesNodesCount": 0,
  "LastContainerdSnapshotterEnable": 1730830362,
  "LastLoginDate": 0,
  "LatestBannerKey": "",
  "LicenseTermsVersion": 2,
  "LifecycleTimeoutSeconds": 600,
  "MemoryMiB": 8092,
  "NetworkType": "gvisor",
  "OnlyMarketplaceExtensions": true,
  "OpenUIOnStartupDisabled": false,
  "OverrideProxyExclude": "",
  "OverrideProxyHTTP": "",
  "OverrideProxyHTTPS": "",
  "OverrideProxyPAC": "",
  "OverrideProxyTCP": "",
  "OverrideWindowsDockerdPort": -1,
  "ProxyEnableKerberosNTLM": false,
  "ProxyHTTPMode": "system",
  "ProxyLocalhostPort": 0,
  "RequireVmnetd": true,
  "RunWinServiceInWslMode": false,
  "SbomIndexing": true,
  "ScoutNotificationPopupsEnabled": true,
  "ScoutOsNotificationsEnabled": false,
  "SettingsVersion": 40,
  "ShowAnnouncementNotifications": true,
  "ShowExtensionsSystemContainers": false,
  "ShowGeneralNotifications": true,
  "ShowInstallScreen": false,
  "ShowKubernetesSystemContainers": false,
  "ShowPromotionalNotifications": true,
  "ShowSurveyNotifications": true,
  "SkipUpdateToWSLPrompt": false,
  "SkipWSLMountPerfWarning": false,
  "SocksProxyPort": 0,
  "SwapMiB": 1024,
  "SynchronizedDirectories": [],
  "ThemeSource": "system",
  "UpdateAvailableTime": 0,
  "UpdateHostsFile": false,
  "UpdateInstallTime": 0,
  "UseBackgroundIndexing": false,
  "UseContainerdSnapshotter": true,
  "UseCredentialHelper": true,
  "UseGrpcfuse": true,
  "UseLibkrun": false,
  "UseNightlyBuildUpdates": false,
  "UseResourceSaver": true,
  "UseVirtualizationFramework": true,
  "UseVirtualizationFrameworkRosetta": true,
  "UseVirtualizationFrameworkVirtioFS": true,
  "UseVpnkit": true,
  "UseWindowsContainers": false,
  "VpnKitAllowedBindAddresses": "0.0.0.0",
  "VpnKitMTU": 1500,
  "VpnKitMaxConnections": 2000,
  "VpnKitMaxPortIdleTime": 300,
  "VpnKitTransparentProxy": true,
  "VpnkitCIDR": "192.168.65.0/24",
  "WslDiskCompactionThresholdGb": 0,
  "WslEnableGrpcfuse": false,
  "WslEngineEnabled": false,
  "WslInstallMode": "installLatestWsl",
  "WslUpdateRequired": false
}

$ defaults read ~/Library/Containers/com.docker.docker/.com.apple.containermanagerd.metadata.plist
{
    MCMMetadataActiveDPClass = "-1";
    MCMMetadataContentClass = 2;
    MCMMetadataIdentifier = "com.docker.docker";
    MCMMetadataSchemaVersion = 0;
    MCMMetadataUUID = "386F734E-BD40-4755-87A2-DDF4ABD17A64";
    MCMMetadataUserIdentity =     {
        personaUniqueString = "2EDCF936-1321-4383-A54D-3784F660E452";
        posixGID = 20;
        posixUID = 503;
        type = 0;
        version = 2;
    };
    MCMMetadataVersion = 7;
}

check docker layer

[!NOTE|label:references:]

install

$ DOWNLOAD_URL="$(curl -fsSL https://api.github.com/repos/wagoodman/dive/releases/latest |
   jq -r '.assets[] | select(.name | endswith("_linux_amd64.deb")) | .browser_download_url')"
$ curl -OL "${DOWNLOAD_URL}"

$ DIVE_VERSION="$(curl -fsSL https://api.github.com/repos/wagoodman/dive/releases/latest | jq -r .tag_name)"
# or
$ DIVE_VERSION=$(curl -sL "https://api.github.com/repos/wagoodman/dive/releases/latest" | grep '"tag_name":' | sed -E 's/.*"v([^"]+)".*/\1/')
$ curl -OL https://github.com/wagoodman/dive/releases/download/v${DIVE_VERSION}/dive_${DIVE_VERSION}_linux_amd64.deb

$ sudo apt install ./dive_${DIVE_VERSION}_linux_amd64.deb

docker with proxy

[!NOTE|label:references:]

$ sudo mkdir -p /etc/systemd/system/docker.service.d
$ cat /etc/systemd/system/docker.service.d/http-proxy.conf
[Service]
Environment="HTTPS_PROXY=http://sample.proxy.com:80"
Environment="HTTP_PROXY=http://sample.proxy.com:80"
Environment="ALL_PROXY=http://sample.proxy.com:80"
systemctl daemon-reload;systemctl start docker

$ sudo systemctl daemon-reload
$ sudo systemctl restart docker

# verify
$ systemctl show docker --property Environment
Environment=HTTPS_PROXY=http://sample.proxy.com:80 HTTP_PROXY=http://sample.proxy.com:80 ALL_PROXY=http://sample.proxy.com:80

for socks5

$ [ ! -d /etc/systemd/system/docker.service.d ] && sudo mkdir -p /etc/systemd/system/docker.service.d
$ sudo bash -c "cat > /etc/systemd/system/docker.service.d/socks5-proxy.conf" << EOF
[Service]
Environment="ALL_PROXY=socks5://sample.proxy.com:80"
Environment="NO_PROXY=localhost,127.0.0.1,130.147.0.0/16,130.145.0.0/16"
EOF

$ sudo systemctl daemon-reload
$ sudo systemctl enable docker.service
$ sudo systemctl restart docker.service

# for rootless mode
$ mkdir -p ~/.config/systemd/user/docker.service.d/
# or regular mode
$ sudo mkdir -p /etc/systemd/system/docker.service.d

$ sudo bash -c "cat > /etc/systemd/system/docker.service.d" << EOF
[Service]
Environment="HTTP_PROXY=http://sample.proxy.com:80"
Environment="HTTPS_PROXY=https://sample.proxy.com:443"
Environment="NO_PROXY=localhost,127.0.0.1,sample.docker-registry.com,.corp"
EOF

$ sudo systemctl daemon-reload
$ sudo systemctl restart docker

# verify
$ systemctl show docker --property Environment
Environment=HTTP_PROXY=http://sample.proxy.com:80 HTTPS_PROXY=http://sample.proxy.com:443 NO_PROXY=localhost,127.0.0.1,sample.docker-registry.com,.corp

$ mkdir -p ~/.docker
$ cat > ~/.docker/config.json << EFO
{
 "proxies":
 {
   "default":
   {
     "httpProxy": "http://sample.proxy.com:80",
     "httpsProxy": "http://sample.proxy.com:80",
     "allProxy": "http://sample.proxy.com:80",
     "noProxy": "*.sample.domain1.com,.domain2.com,127.0.0.0/8"
   }
 }
}
EOF

$ docker build \
         --build-arg http_proxy=http://sample.proxy.com:80 \
         --build-arg https_proxy=http://sample.proxy.com:443 \
        .

details
VARIABLE
DOCKERFILE EXAMPLE
DOCKER RUN EXAMPLE
HTTP_PROXY
ENV HTTP_PROXY="http://sample.proxy.com:80"
--env HTTP_PROXY="http://sample.proxy.com:80"
HTTPS_PROXY
ENV HTTPS_PROXY="https://sample.proxy.com:80"
--env HTTPS_PROXY="https://sample.proxy.com:80"
FTP_PROXY
ENV FTP_PROXY="ftp://sample.proxy.com:80"
--env FTP_PROXY="ftp://sample.proxy.com:80"
NO_PROXY
ENV NO_PROXY="*.sample.domain1.com,.domain2.com"
--env NO_PROXY="*.sample.domain1.com,.domain2.com,127.0.0.0/8"

via `daemon.json`

[!TIP]

$ cat /etc/docker/daemon.json
{
  "proxies": {
    "http-proxy": "http://proxy.example.com:80",
    "https-proxy": "https://proxy.example.com:443",
    "no-proxy": "*.test.example.com,.example.org"
  }
}

docker build with GPG key proxy

without proxy

...
gpg --batch \
    --keyserver https://keyserver.ubuntu.com:80 \
    --recv-keys 3FA7E0328081BFF6A14DA29AA6A19B38D3D831E
...

# result
gpg: keyserver receive failed: Connection timed out

GPG with proxy

...
apt-key adv --keyserver-options http-proxy=http://sample.proxy.com:80 \
            --keyserver hkp://keyserver.ubuntu.com:80 \
            --recv-keys 3FA7E0328081BFF6A14DA29AA6A19B38D3D831EF \
...

# result
Executing: /tmp/apt-key-gpghome.uegAG54mKu/gpg.1.sh --keyserver-options http-proxy=http://sample.proxy.com:80 --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 3FA7E0328081BFF6A14DA29AA6A19B38D3D831EF
gpg: key A6A19B38D3D831EF: 2 signatures not checked due to missing keys
gpg: key A6A19B38D3D831EF: public key "Xamarin Public Jenkins (auto-signing) <releng@xamarin.com>" imported
gpg: Total number processed: 1
gpg:               imported: 1
gpg: keybox '/tmp/tmp.jad0qVCQ6v/pubring.kbx' created
gpg: WARNING: nothing exported
Warning: apt-key output should not be parsed (stdout is not a terminal)

docker for osx

[!TIP|label:references:]

`docker: command cannot be found`

using user
```
$ export $HOME/.docker/bin:$PATH
```

using system

$ ln -sf $HOME/.docker/bin/docker /usr/local/bin/docker
# or
$ ln -s /Applications/Docker.app/Contents/Resources/bin/docker /usr/local/bin/docker

$ sudo ln -s -f $HOME/.docker/run/docker.sock /var/run/docker.sock

modify ~/.docker/config.json if necessary

{
        "auths": {},
-        "credsStore": "desktop",
+        "credStore": "desktop",
        "currentContext": "desktop-linux"
}

command-line auto completion

[!TIP] reference:

Linux

$ dpkg -L docker-ce-cli | grep completion
/usr/share/bash-completion
/usr/share/bash-completion/completions
/usr/share/bash-completion/completions/docker
/usr/share/fish/vendor_completions.d
/usr/share/fish/vendor_completions.d/docker.fish
/usr/share/zsh/vendor-completions
/usr/share/zsh/vendor-completions/_docker

rpm

$ rpm -ql docker-ce | grep completion
/usr/share/bash-completion/completions/docker
/usr/share/fish/vendor_completions.d/docker.fish
/usr/share/zsh/vendor-completions/_docker

setup in bashrc

source /usr/share/bash-completion/completions/docker
alias d='docker'
alias dp='docker ps'

while read -r _i; do
  complete -F _docker "${_i}"
done < <(alias | grep docker | sed '/^alias /!d;s/^alias //;s/=.*$//')

more info

$ source /usr/share/bash-completion/completions/docker
$ type _docker | head
_docker is a function
_docker ()
{
  local previous_extglob_setting=$(shopt -p extglob);
  shopt -s extglob;
}

$ la '/Applications/Docker.app/Contents/Resources/etc'
total 332K
-rwxr-xr-x 1 marslo admin 124K Nov  9 21:50 docker.zsh-completion
-rwxr-xr-x 1 marslo admin  51K Nov  9 21:50 docker.fish-completion
-rwxr-xr-x 1 marslo admin 114K Nov  9 21:50 docker.bash-completion
-rw-r--r-- 1 marslo admin  18K Nov  9 21:50 docker-compose.zsh-completion
-rw-r--r-- 1 marslo admin 1.7K Nov  9 21:50 docker-compose.fish-completion
-rwxr-xr-x 1 marslo admin  13K Nov  9 21:50 docker-compose.bash-completion

$ ln -sf '/Applications/Docker.app/Contents/Resources/etc/docker.bash-completion' $(brew --prefix)/etc/bash_completion.d/docker
$ ln -sf '/Applications/Docker.app/Contents/Resources/etc/docker-compose.bash-completion' $(brew --prefix)/etc/bash_completion.d/docker-compose

setup in bashrc

dockerComp="$(brew --prefix)/etc/bash_completion.d/docker"
dockerComposeComp="$(brew --prefix)/etc/bash_completion.d/docker-compose"
[ -f "${dockerComp}" ] && source "${dockerComp}"
[ -f "${dockerComposeComp}" ] && source "${dockerComposeComp}"

alias d='docker'
alias dp='docker ps'
alias dls='docker ps -l -q'
alias dps='docker ps -l -a'
alias di='docker images'
alias dip="docker inspect --format '{{ .NetworkSettings.IPAddress }}'"

while read -r _i; do
  complete -F _docker "${_i}"
done < <(alias | grep docker | sed '/^alias /!d;s/^alias //;s/=.*$//')

_completion_loader

_completion_loader()
{
  . "/etc/bash_completion.d/$1.sh" >/dev/null 2>&1 && return 124
}
complete -D -F _completion_loader

# for Linux
$ sudo curl -sSLg https://raw.githubusercontent.com/cykerway/complete-alias/master/complete_alias \
            -o /etc/bash_completion.d/complete_alias

# for osx
$ sudo curl -sSLg https://raw.githubusercontent.com/cykerway/complete-alias/master/complete_alias \
            -o $(brew --prefix)/etc/bash_completion.d/complete_alias

setup in bash

source /etc/bash_completion.d/complete_alias
#
source $(brew --prefix)/etc/bash_completion.d/complete_alias

while read -r _i; do
  complete -F _complete_alias "${_i}"
done < <(alias | grep -E 'docker|kubectl' | sed '/^alias /!d;s/^alias //;s/=.*$//')

get tags

example: the docker registry in artifactory named docker

$ curl -sS https://artifactory.sample.com/v2/docker/_catalog |
       jq -r .repositories[]

$ curl -sS -X GET https://artifactory.sample.com/artifactory/api/docker/docker/v2/_catalog |
       jq -r .repositories[]

example: get tags from repo devops/ubuntu

$ curl -sS https://artifactory.sample.com/artifactory/v2/docker/devops/ubuntu/tags/list [ | jq -r .tags[] ]

$ curl -sS -X GET https://artifactory.sample.com/artifactory/api/docker/docker/v2/devops/ubuntu/tags/list

get image:tag via jf cli

$ jf rt search docker/devops/kwciagent/kw23.4-4.0.1** |
  jq -r '.[].props | select(."docker.manifest" != null) | [ ."docker.manifest"[0], ."docker.repoName"[0] ] | "\(.[1]):\(.[0])"'
devops/kwciagent:kw23.4-4.0.1-py310-jammy-dind
devops/kwciagent:kw23.4-4.0.1-py310-jammy-dind-v96-906236c7d

from docker hub

$ curl -sS 'https://hub.docker.com/v2/repositories/jenkins/jenkins/tags' |
       jq --raw-output .results[].name

jdk8-openj9-windowsservercore-1809
jdk11-hotspot-windowsservercore-1809
jdk11-openj9-windowsservercore-1809
windowsservercore-1809
jdk8-hotspot-windowsservercore-1809
2.249.3-lts-centos7
lts-centos7
centos7
2.249.3-lts-centos
lts-centos

$ curl -sS 'https://hub.docker.com/v2/repositories/jenkins/jenkins/tags?page_size=100&ordering=last_updated' |
       jq --raw-output .results[].name |
       sort

$ curl -sS https://hub.docker.com/v2/repositories/jenkins/jenkins/tags?page=2 |
       jq '."results"[]["name"]' |
       sort

get multiple pages

$ while read -r _i; do
    curl -sSgk "https://registry.hub.docker.com/v2/repositories/jenkins/jenkins/tags?&page=${_i}&page_size=100" |
         jq -r '.results[] | select( .name | contains("-lts-") ) | .name';
  done < <(echo {1..10} | fmt -1)

[!NOTE|label:references:]
samples:

$ cat > docker-tags.sh << EOF
#!/usr/bin/env bash
set -eu -o pipefail
docker_tags() {
  item="$1"
  case "$item" in
      */*) :                    ;; # namespace/repository syntax, leave as is
        *) item="library/$item" ;; # bare repository name (docker official image); must convert to namespace/repository syntax
  esac
  authUrl="https://auth.docker.io/token?service=registry.docker.io&scope=repository:$item:pull"
  token="$(curl -fsSL "$authUrl" | jq --raw-output '.token')"
  tagsUrl="https://registry-1.docker.io/v2/$item/tags/list"
  curl -fsSL -H "Accept: application/json" -H "Authorization: Bearer $token" "$tagsUrl" | jq --raw-output '.tags[]'
}
docker_tags "$@"
EOF

$ bash docker-tags.sh jenkins/jenkins | sort -r | grep --color=never -- '-lts-jdk11' | head -3
2.440.2-lts-jdk11
2.440.1-lts-jdk11
2.426.3-lts-jdk11

simple script for get tags

#!/bin/sh
#
# Simple script that will display docker repository tags.
#
# Usage:
#   $ docker-show-repo-tags.sh ubuntu centos

for _r in $* ; do
  curl -sS "https://registry.hub.docker.com/v2/repositories/library/$_r/tags/" |
       sed -e 's/,/,\n/g' -e 's/\[/\[\n/g' |
       grep '"name"' |
       awk -F\" '{print $4;}' |
       sort -fu |
       sed -e "s/^/${_r}:/"
done

get current container ID

$ basename $(cat /proc/self/cpuset)
ab8c1732f1a3fdb46b9f9a477f0fbcc1d23c6787d7532648242a76d6eb1e8b84

or
```
$ hostname
ab8c1732f1a3
```

$ docker inspect -f '{{ .Mounts }}' <container ID>

$ docker inspect <container ID> |
         grep volume

$ docker ps -a --no-trunc --format "{{.ID}}\t{{.Names}}\t{{.Mounts}}"

$ docker inspect <container ID> |
         jq --raw-output .[].Mounts

$ docker ps -q |
         xargs docker container inspect -f '{{ .Name }} {{ .HostConfig.Binds }}'

mount volume in DinD

reference:

$ cid=$(basename $(cat /proc/self/cpuset))
$ VOLUME_OPTION="--volumes-from ${cid}:rw"
$ docker run <...> ${VOLUME_OPTION}

run inside windows docker image

add contents

> docker exec [-w 'C:\workspace'] <docker-id> powershell "Set-Content -Path '_cmd.ps1' -Value 'python --version'"

for multiple line contents

> docker exec [-w 'C:\workspace'] <docker-id>' powershell "Set-Content -Path .\test.py -Value '# content of test_sample.py
>> def func(x):
>>     return x + 1
>>
>>
>> def test_answer():
>>     assert func(4) == 5'"

get contents

> docker exec [-w 'C:\workspace'] <docker-id> powershell "Get-Content '_cmd.ps1'"

equivalent tail -f

> docker exec [-w 'C:\workspace'] <docker-id> powershell "Get-Content '_cmd.ps1' -Wait"

equivalent tail -10

> docker exec [-w 'C:\workspace'] <docker-id> powershell "Get-Content '_cmd.ps1' -Tail 10"

list item

> docker exec [-w 'C:\workspace'] <docker-id> powershell Get-ChildItem .
> docker exec [-w 'C:\workspace'] <docker-id> powershell Get-ChildItem ..\

execute

> docker exec [-w 'C:\workspace'] <docker-id> powershell .\_cmd.ps1

# or
> docker exec [-w 'C:\workspace'] <docker-id> powershell "Invoke-Expression '.\_cmd.ps1' > log.txt"

# or redirect via `Out-File`
> docker exec [-w 'C:\workspace'] <docker-id> powershell "Invoke-Expression '.\_cmd.ps1' | Out-File -FilePath log.txt"

Previousdockerd Nexttroubleshooting

Last updated 22 days ago

Was this helpful?

configure files

docker desktop

check docker layer

install

docker with proxy

via daemon.json

docker build with GPG key proxy

docker for osx

docker: command cannot be found

command-line auto completion

Linux

get tags

from docker hub

run inside windows docker image

add contents

get contents

list item

execute

configure files

docker desktop

check docker layer

install

docker with proxy

via daemon.json

docker build with GPG key proxy

docker for osx

docker: command cannot be found

command-line auto completion

Linux

get tags

from docker hub

run inside windows docker image

add contents

get contents

list item

execute

via `daemon.json`

`docker: command cannot be found`

via `daemon.json`

`docker: command cannot be found`