DOCKER CONTAINER RUN
Usage: docker container run [OPTIONS] IMAGE [COMMAND] [ARG...] Run a command in a new container Options: --add-host list Add a custom host-to-IP mapping (host:ip) -a, --attach list Attach to STDIN, STDOUT or STDERR --blkio-weight uint16 Block IO (relative weight), between 10 and 1000, or 0 to disable (default 0) --blkio-weight-device list Block IO weight (relative device weight) (default []) --cap-add list Add Linux capabilities --cap-drop list Drop Linux capabilities --cgroup-parent string Optional parent cgroup for the container --cidfile string Write the container ID to the file --cpu-period int Limit CPU CFS (Completely Fair Scheduler) period --cpu-quota int Limit CPU CFS (Completely Fair Scheduler) quota --cpu-rt-period int Limit CPU real-time period in microseconds --cpu-rt-runtime int Limit CPU real-time runtime in microseconds -c, --cpu-shares int CPU shares (relative weight) --cpus decimal Number of CPUs --cpuset-cpus string CPUs in which to allow execution (0-3, 0,1) --cpuset-mems string MEMs in which to allow execution (0-3, 0,1) -d, --detach Run container in background and print container ID --detach-keys string Override the key sequence for detaching a container --device list Add a host device to the container --device-cgroup-rule list Add a rule to the cgroup allowed devices list --device-read-bps list Limit read rate (bytes per second) from a device (default []) --device-read-iops list Limit read rate (IO per second) from a device (default []) --device-write-bps list Limit write rate (bytes per second) to a device (default []) --device-write-iops list Limit write rate (IO per second) to a device (default []) --disable-content-trust Skip image verification (default true) --dns list Set custom DNS servers --dns-option list Set DNS options --dns-search list Set custom DNS search domains --entrypoint string Overwrite the default ENTRYPOINT of the image -e, --env list Set environment variables --env-file list Read in a file of environment variables --expose list Expose a port or a range of ports --group-add list Add additional groups to join --health-cmd string Command to run to check health --health-interval duration Time between running the check (ms|s|m|h) (default 0s) --health-retries int Consecutive failures needed to report unhealthy --health-start-period duration Start period for the container to initialize before starting health-retries countdown (ms|s|m|h) (default 0s) --health-timeout duration Maximum time to allow one check to run (ms|s|m|h) (default 0s) --help Print usage -h, --hostname string Container host name --init Run an init inside the container that forwards signals and reaps processes -i, --interactive Keep STDIN open even if not attached --ip string IPv4 address (e.g., 172.30.100.104) --ip6 string IPv6 address (e.g., 2001:db8::33) --ipc string IPC mode to use --isolation string Container isolation technology --kernel-memory bytes Kernel memory limit -l, --label list Set meta data on a container --label-file list Read in a line delimited file of labels --link list Add link to another container --link-local-ip list Container IPv4/IPv6 link-local addresses --log-driver string Logging driver for the container --log-opt list Log driver options --mac-address string Container MAC address (e.g., 92:d0:c6:0a:29:33) -m, --memory bytes Memory limit --memory-reservation bytes Memory soft limit --memory-swap bytes Swap limit equal to memory plus swap: '-1' to enable unlimited swap --memory-swappiness int Tune container memory swappiness (0 to 100) (default -1) --mount mount Attach a filesystem mount to the container --name string Assign a name to the container --network string Connect a container to a network (default "default") --network-alias list Add network-scoped alias for the container --no-healthcheck Disable any container-specified HEALTHCHECK --oom-kill-disable Disable OOM Killer --oom-score-adj int Tune host's OOM preferences (-1000 to 1000) --pid string PID namespace to use --pids-limit int Tune container pids limit (set -1 for unlimited) --privileged Give extended privileges to this container -p, --publish list Publish a container's port(s) to the host -P, --publish-all Publish all exposed ports to random ports --read-only Mount the container's root filesystem as read only --restart string Restart policy to apply when a container exits (default "no") --rm Automatically remove the container when it exits --runtime string Runtime to use for this container --security-opt list Security Options --shm-size bytes Size of /dev/shm --sig-proxy Proxy received signals to the process (default true) --stop-signal string Signal to stop a container (default "SIGTERM") --stop-timeout int Timeout (in seconds) to stop a container --storage-opt list Storage driver options for the container --sysctl map Sysctl options (default map[]) --tmpfs list Mount a tmpfs directory -t, --tty Allocate a pseudo-TTY --ulimit ulimit Ulimit options (default []) -u, --user string Username or UID (format:[: ]) --userns string User namespace to use --uts string UTS namespace to use -v, --volume list Bind mount a volume --volume-driver string Optional volume driver for the container --volumes-from list Mount volumes from the specified container(s) -w, --workdir string Working directory inside the container
Exécuter un container à partir d’une image :
docker container run [options] image [command] [arg...]
Equivaut à :
docker run [options] image [command] [arg...]
ex :
Lancer la dernière image Ubuntu dans un container nommé test (--name) avec un pseudo-terminal TTY (-t) interactif (-i pour garder le flux d’entrée STDIN ouvert) :
$ docker container run -it --name test ubuntu:latest Unable to find image 'ubuntu:latest' locally latest: Pulling from library/ubuntu 6b98dfc16071: Pull complete 4001a1209541: Pull complete 6319fc68c576: Pull complete b24603670dc3: Pull complete 97f170c87c6f: Pull complete Digest: sha256:5f4bdc3467537cbbe563e80db2c3ec95d548a9145d64453b06939c4592d67b6d Status: Downloaded newer image for ubuntu:latest root@e742e2517dac:/#
Exécuter un container en arrière-plan et afficher son ID :
docker container run -d [options] image [command] [arg...]
ou
docker container run --detach [options] image [command] [arg...]
Mapper manuellement (publier) un port exposé du container vers un port défini de l’hôte Docker :
docker container run -p phost:pguest [options] image [command] [arg...]
ou
docker container run --publish phost:pguest [options] image [command] [arg...]
ex :
$ docker container run -d --name web_server -p 8080:80 nginx
Mapper automatiquement (publier) un port exposé du container vers un port aléatoirement déterminé de l’hôte Docker :
docker container run -P [options] image [command] [arg...]
ou
docker container run --publish-all [options] image [command] [arg...]
ex :
$ docker container run -d --name web_server -P nginx
Exécuter un container à partir d’une image et le supprimer une fois arrêté :
docker container run --rm [options] image [command] [arg...]
Equivaut à :
docker run --rm [options] image [command] [arg...]
Exécuter un container à partir d’une image sur un réseau spécifique :
docker container run --network network [options] image [command] [arg...]
Equivaut à :
docker run --network network [options] image [command] [arg...]
Utiliser un volume nommé lors du lancement d’un container :
Rmq : Si le volume n’a pas été créé au préalable avec la commande docker volume create,il sera créé (de type driver local).
Le contenu du dossier destination (donc du container) sera copié dans le dossier source (donc de l’hôte).
docker container run --volume volume:/path/to/container-dir:[ro] [options] image [command] [arg...]
ou
docker container run --mount [type=volume,]source=volume,destination=/path/to/container-dir[,readonly] [options] image [command] [arg...]
Equivaut à :
docker run --volume volume:/path/to/container-dir:[ro] [options] image [command] [arg...]
ou
docker run --mount [type=volume,]source=volume,destination=/path/to/container-dir[,readonly] [options] image [command] [arg...]
ex :
$ docker volume create html html $ docker container run -d --name www --volume html:/usr/share/nginx/html nginx Unable to find image 'nginx:latest' locally latest: Pulling from library/nginx f17d81b4b692: Pull complete d5c237920c39: Pull complete a381f92f36de: Pull complete Digest: sha256:5704bcdeec8715eb71c95a425f4c4a14264d8c6f92a0b105c23933a2eb503b63 Status: Downloaded newer image for nginx:latest 3e8631ae4ec938e9773cbd1c2954398cc762774299f365505e05dafa41fd2ad6 $ sudo ls /var/lib/docker/volumes/html/_data 50x.html index.html $ docker container exec www mount | grep 'html' /dev/sda1 on /usr/share/nginx/html type ext4 (rw,relatime,errors=remount-ro,data=ordered) $ sudo touch /var/lib/docker/volumes/html/_data/fromhost.txt $ docker container exec www ls -l /usr/share/nginx/html/ total 8 -rw-r--r-- 1 root root 494 Oct 2 14:49 50x.html -rw-r--r-- 1 root root 0 Oct 16 22:52 fromhost.txt -rw-r--r-- 1 root root 612 Oct 2 14:49 index.html
$ docker container run -ti --mount source=bin,destination=/hostbin,readonly alpine sh
Créer un volume de type volume anonyme à la création du container :
Le mappage du volume peut correspondre aussi bien à un mappage de deux dossiers qu’à un mappage de deux fichiers.
Le contenu du dossier destination (donc du container) sera copié dans le dossier source (donc de l’hôte).
docker container run --volume /path/to/container-dir [options] image [command] [arg...]
ou
docker container run --mount [type=volume,]destination=/path/to/container-dir [options] image [command] [arg...]
Equivaut à :
docker run --volume /path/to/container-dir [options] image [command] [arg...]
ou
docker run --mount [type=volume,]destination=/path/to/container-dir [options] image [command] [arg...]
ex :
$ docker container run -d --volume /usr/share/nginx/html nginx
$ docker container run -ti --mount destination=/hostbin alpine sh
Créer un volume de type bind à la création du container :
Le mappage du volume peut correspondre aussi bien à un mappage de deux dossiers qu’à un mappage de deux fichiers.
Le contenu du dossier source (donc de l’hôte) sera copié dans le dossier destination (donc du container).
docker container run --volume /path/to/host-dir:/path/to/container-dir:[ro] [options] image [command] [arg...]
ou
docker container run --mount [type=bind,]source=/path/to/host-dir,destination=/path/to/container-dir[,readonly] [options] image [command] [arg...]
Equivaut à :
docker run --volume /path/to/host-dir:/path/to/container-dir:[ro] [options] image [command] [arg...]
ou
docker run --mount [type=bind,]source=/path/to/host-dir,destination=/path/to/container-dir[,readonly] [options] image [command] [arg...]
ex :
$ docker container run -d --volume /home/adminsys/docker/html:/usr/share/nginx/html nginx
$ docker container run -d --volume /tmp/index.html:/usr/share/nginx/html/index.html -p 8080:80 nginx
$ docker container run -d --volume /var/run/docker.sock:/var/run/docker.sock nginx
$ docker container run -ti --mount type=bind,source=/bin,destination=/hostbin,readonly alpine sh