Docker intro / quick reference ============================== You might come across docker files supplied with web or even binary exploitation challenges. Utilizing them will allow you to recreate a local copy of the remote infrastructure to help troubleshoot an attack. Sections in this doc are for various common situations you might find yourself in. It is not necessary to read the whole thing top-to-bottom. Just start in the section relevant to you and refer to external docs afterward if needed. "Everything in Docker is system-wide - How do I check system status?" --------------------------------------------------------------------- The four main "objects" you might deal with are containers, images, volumes, and networks. docker ps -a docker images -a docker volume ls docker network ls With a blank slate, all these lists should be empty - except for networks, which shows the default "bridge", "host", and "none" networks. To clean up: docker stop # if necessary, for each container docker system prune --all --force # drop unused containers, images, networks docker volume prune --all --force # drop unused volumes Resources still in-use by a running container are not pruned by the above commands. "I have a docker-compose.yml file." (or equivalent) --------------------------------------------------- In this case, you can likely skip most manual steps. Everything should happen automatically when you attempt to run the services. Probably all you need to do is: docker compose up --detach --build To build or pull the image then run a (set of) container(s) in the background. If you omit `--detach`, the process will remain in the foreground and logs are printed to the terminal. To shutdown: docker compose down Docker compose yaml file reference https://docs.docker.com/compose/compose-file/compose-file-v3/ "I have a Dockerfile only." --------------------------- `cd` to the directory with the Dockerfile and run: docker build --tag . will name the image. Names can be suffixed with `:` if desired. Now run a new container from this image in the foreground: docker run --rm -it [arguments...] or the background: docker run --rm -d [arguments...] Useful command-line options (specify before ): -p hostport:containerport # expose port -v hostpath:containerpath # mount fs volume --rm # delete container on exit -i # be interactive -t # create TTY -d # detach, run in background "I have nothing - I want to create a Dockerfile." ------------------------------------------------- The Dockerfile defines the recipe for building images, which themselves are the baseline for spawning containers. Here's a stripped down skeleton for a basic debian-based image: FROM debian:latest ENV DEBIAN_FRONTEND=noninteractive RUN apt install --yes \ package-one \ package-two \ package-three COPY . / CMD ["/bin/bash", "-c", "echo", "Hello world"] When building this sample, files from the current working directory are copied to "/" in the image, the listed packages are installed, and when run "echo Hello world" is executed in bash. Dockerfile reference https://docs.docker.com/engine/reference/builder/ "I want to get a shell / run new command in existing container." ---------------------------------------------------------------- Get the container name or ID with: docker ps -a then: docker exec -it /bin/bash Bash is probably preferred, but some distros don't include it and you'll need to start /bin/sh instead. "I want to copy a file to/from container and my host." ------------------------------------------------------ Get the container ID with: docker ps -a then: docker cp : docker cp :