Commandes Linux : docker container run

DOCKER CONTAINER RUN

Commande : docker container run
Usage:	docker container run [OPTIONS] IMAGE [COMMAND] [ARG...]

Run a command in a new container

Options:
      --add-host list                  Add a custom host-to-IP mapping (host:ip)
  -a, --attach list                    Attach to STDIN, STDOUT or STDERR
      --blkio-weight uint16            Block IO (relative weight), between 10 and 1000, or 0 to disable (default 0)
      --blkio-weight-device list       Block IO weight (relative device weight) (default [])
      --cap-add list                   Add Linux capabilities
      --cap-drop list                  Drop Linux capabilities
      --cgroup-parent string           Optional parent cgroup for the container
      --cidfile string                 Write the container ID to the file
      --cpu-period int                 Limit CPU CFS (Completely Fair Scheduler) period
      --cpu-quota int                  Limit CPU CFS (Completely Fair Scheduler) quota
      --cpu-rt-period int              Limit CPU real-time period in microseconds
      --cpu-rt-runtime int             Limit CPU real-time runtime in microseconds
  -c, --cpu-shares int                 CPU shares (relative weight)
      --cpus decimal                   Number of CPUs
      --cpuset-cpus string             CPUs in which to allow execution (0-3, 0,1)
      --cpuset-mems string             MEMs in which to allow execution (0-3, 0,1)
  -d, --detach                         Run container in background and print container ID
      --detach-keys string             Override the key sequence for detaching a container
      --device list                    Add a host device to the container
      --device-cgroup-rule list        Add a rule to the cgroup allowed devices list
      --device-read-bps list           Limit read rate (bytes per second) from a device (default [])
      --device-read-iops list          Limit read rate (IO per second) from a device (default [])
      --device-write-bps list          Limit write rate (bytes per second) to a device (default [])
      --device-write-iops list         Limit write rate (IO per second) to a device (default [])
      --disable-content-trust          Skip image verification (default true)
      --dns list                       Set custom DNS servers
      --dns-option list                Set DNS options
      --dns-search list                Set custom DNS search domains
      --entrypoint string              Overwrite the default ENTRYPOINT of the image
  -e, --env list                       Set environment variables
      --env-file list                  Read in a file of environment variables
      --expose list                    Expose a port or a range of ports
      --group-add list                 Add additional groups to join
      --health-cmd string              Command to run to check health
      --health-interval duration       Time between running the check (ms|s|m|h) (default 0s)
      --health-retries int             Consecutive failures needed to report unhealthy
      --health-start-period duration   Start period for the container to initialize before starting health-retries countdown (ms|s|m|h) (default 0s)
      --health-timeout duration        Maximum time to allow one check to run (ms|s|m|h) (default 0s)
      --help                           Print usage
  -h, --hostname string                Container host name
      --init                           Run an init inside the container that forwards signals and reaps processes
  -i, --interactive                    Keep STDIN open even if not attached
      --ip string                      IPv4 address (e.g., 172.30.100.104)
      --ip6 string                     IPv6 address (e.g., 2001:db8::33)
      --ipc string                     IPC mode to use
      --isolation string               Container isolation technology
      --kernel-memory bytes            Kernel memory limit
  -l, --label list                     Set meta data on a container
      --label-file list                Read in a line delimited file of labels
      --link list                      Add link to another container
      --link-local-ip list             Container IPv4/IPv6 link-local addresses
      --log-driver string              Logging driver for the container
      --log-opt list                   Log driver options
      --mac-address string             Container MAC address (e.g., 92:d0:c6:0a:29:33)
  -m, --memory bytes                   Memory limit
      --memory-reservation bytes       Memory soft limit
      --memory-swap bytes              Swap limit equal to memory plus swap: '-1' to enable unlimited swap
      --memory-swappiness int          Tune container memory swappiness (0 to 100) (default -1)
      --mount mount                    Attach a filesystem mount to the container
      --name string                    Assign a name to the container
      --network string                 Connect a container to a network (default "default")
      --network-alias list             Add network-scoped alias for the container
      --no-healthcheck                 Disable any container-specified HEALTHCHECK
      --oom-kill-disable               Disable OOM Killer
      --oom-score-adj int              Tune host's OOM preferences (-1000 to 1000)
      --pid string                     PID namespace to use
      --pids-limit int                 Tune container pids limit (set -1 for unlimited)
      --privileged                     Give extended privileges to this container
  -p, --publish list                   Publish a container's port(s) to the host
  -P, --publish-all                    Publish all exposed ports to random ports
      --read-only                      Mount the container's root filesystem as read only
      --restart string                 Restart policy to apply when a container exits (default "no")
      --rm                             Automatically remove the container when it exits
      --runtime string                 Runtime to use for this container
      --security-opt list              Security Options
      --shm-size bytes                 Size of /dev/shm
      --sig-proxy                      Proxy received signals to the process (default true)
      --stop-signal string             Signal to stop a container (default "SIGTERM")
      --stop-timeout int               Timeout (in seconds) to stop a container
      --storage-opt list               Storage driver options for the container
      --sysctl map                     Sysctl options (default map[])
      --tmpfs list                     Mount a tmpfs directory
  -t, --tty                            Allocate a pseudo-TTY
      --ulimit ulimit                  Ulimit options (default [])
  -u, --user string                    Username or UID (format: [:])
      --userns string                  User namespace to use
      --uts string                     UTS namespace to use
  -v, --volume list                    Bind mount a volume
      --volume-driver string           Optional volume driver for the container
      --volumes-from list              Mount volumes from the specified container(s)
  -w, --workdir string                 Working directory inside the container

 

Exécuter un container à partir d’une image :

docker container run [options] image [command] [arg...]

Equivaut à :
docker run [options] image [command] [arg...]
ex :
Lancer la dernière image Ubuntu dans un container nommé test (--name) avec un pseudo-terminal TTY (-t) interactif (-i pour garder le flux d’entrée STDIN ouvert) :

$ docker container run -it --name test ubuntu:latest
Unable to find image 'ubuntu:latest' locally
latest: Pulling from library/ubuntu
6b98dfc16071: Pull complete 
4001a1209541: Pull complete 
6319fc68c576: Pull complete 
b24603670dc3: Pull complete 
97f170c87c6f: Pull complete 
Digest: sha256:5f4bdc3467537cbbe563e80db2c3ec95d548a9145d64453b06939c4592d67b6d
Status: Downloaded newer image for ubuntu:latest
root@e742e2517dac:/#

 

Exécuter un container en arrière-plan et afficher son ID :

docker container run -d [options] image [command] [arg...]

ou

docker container run --detach [options] image [command] [arg...]

 

Mapper manuellement (publier) un port exposé du container vers un port défini de l’hôte Docker :

docker container run -p phost:pguest [options] image [command] [arg...]

ou

docker container run --publish phost:pguest [options] image [command] [arg...]

ex :

$ docker container run -d --name web_server -p 8080:80 nginx

 

Mapper automatiquement (publier) un port exposé du container vers un port aléatoirement déterminé de l’hôte Docker :

docker container run -P [options] image [command] [arg...]

ou

docker container run --publish-all [options] image [command] [arg...]

ex :

$ docker container run -d --name web_server -P nginx

 

Exécuter un container à partir d’une image et le supprimer une fois arrêté :

docker container run --rm [options] image [command] [arg...]

Equivaut à :
docker run --rm [options] image [command] [arg...]
 

Exécuter un container à partir d’une image sur un réseau spécifique :

docker container run --network network [options] image [command] [arg...]

Equivaut à :
docker run --network network [options] image [command] [arg...]
 

Utiliser un volume nommé lors du lancement d’un container :

Rmq : Si le volume n’a pas été créé au préalable avec la commande docker volume create,il sera créé (de type driver local).
Le contenu du dossier destination (donc du container) sera copié dans le dossier source (donc de l’hôte).

docker container run --volume volume:/path/to/container-dir:[ro] [options] image [command] [arg...]

ou

docker container run --mount [type=volume,]source=volume,destination=/path/to/container-dir[,readonly] [options] image [command] [arg...]

Equivaut à :
docker run --volume volume:/path/to/container-dir:[ro] [options] image [command] [arg...]
ou
docker run --mount [type=volume,]source=volume,destination=/path/to/container-dir[,readonly] [options] image [command] [arg...]
ex :

$ docker volume create html
html
$ docker container run -d --name www --volume html:/usr/share/nginx/html nginx
Unable to find image 'nginx:latest' locally
latest: Pulling from library/nginx
f17d81b4b692: Pull complete 
d5c237920c39: Pull complete 
a381f92f36de: Pull complete 
Digest: sha256:5704bcdeec8715eb71c95a425f4c4a14264d8c6f92a0b105c23933a2eb503b63
Status: Downloaded newer image for nginx:latest
3e8631ae4ec938e9773cbd1c2954398cc762774299f365505e05dafa41fd2ad6
$ sudo ls /var/lib/docker/volumes/html/_data
50x.html  index.html
$ docker container exec www mount | grep 'html'
/dev/sda1 on /usr/share/nginx/html type ext4 (rw,relatime,errors=remount-ro,data=ordered)
$ sudo touch /var/lib/docker/volumes/html/_data/fromhost.txt
$ docker container exec www ls -l /usr/share/nginx/html/
total 8
-rw-r--r-- 1 root root 494 Oct  2 14:49 50x.html
-rw-r--r-- 1 root root   0 Oct 16 22:52 fromhost.txt
-rw-r--r-- 1 root root 612 Oct  2 14:49 index.html
$ docker container run -ti --mount source=bin,destination=/hostbin,readonly alpine sh

 

Créer un volume de type volume anonyme à la création du container :

Le mappage du volume peut correspondre aussi bien à un mappage de deux dossiers qu’à un mappage de deux fichiers.
Le contenu du dossier destination (donc du container) sera copié dans le dossier source (donc de l’hôte).

docker container run --volume /path/to/container-dir [options] image [command] [arg...]

ou

docker container run --mount [type=volume,]destination=/path/to/container-dir [options] image [command] [arg...]

Equivaut à :
docker run --volume /path/to/container-dir [options] image [command] [arg...]
ou
docker run --mount [type=volume,]destination=/path/to/container-dir [options] image [command] [arg...]
ex :

$ docker container run -d --volume /usr/share/nginx/html nginx
$ docker container run -ti --mount destination=/hostbin alpine sh

 

Créer un volume de type bind à la création du container :

Le mappage du volume peut correspondre aussi bien à un mappage de deux dossiers qu’à un mappage de deux fichiers.
Le contenu du dossier source (donc de l’hôte) sera copié dans le dossier destination (donc du container).

docker container run --volume /path/to/host-dir:/path/to/container-dir:[ro] [options] image [command] [arg...]

ou

docker container run --mount [type=bind,]source=/path/to/host-dir,destination=/path/to/container-dir[,readonly] [options] image [command] [arg...]

Equivaut à :
docker run --volume /path/to/host-dir:/path/to/container-dir:[ro] [options] image [command] [arg...]
ou
docker run --mount [type=bind,]source=/path/to/host-dir,destination=/path/to/container-dir[,readonly] [options] image [command] [arg...]
ex :

$ docker container run -d --volume /home/adminsys/docker/html:/usr/share/nginx/html nginx
$ docker container run -d --volume /tmp/index.html:/usr/share/nginx/html/index.html -p 8080:80 nginx
$ docker container run -d --volume /var/run/docker.sock:/var/run/docker.sock nginx
$ docker container run -ti --mount type=bind,source=/bin,destination=/hostbin,readonly alpine sh

 

Fermer le menu