help Usage: docker-machine help [arg...] Shows a list of commands or help for one command Usage: docker-machine help subcommand For example: $ docker-machine help config Usage: docker-machine config [OPTIONS] [arg...] Print the connection config for machine Description: Argument is a machine name. Options: --swarm Display the Swarm config instead of the Docker daemon

Docker default bridge network With the introduction of the Docker networks feature, you can create your own user-defined networks. The Docker default bridge is created when you install Docker Engine. It is a bridge network and is also named bridge. The topics in this section are related to interacting with that default bridge network. Understand container communication Legacy container links Binding container ports to the host Build your own bridge Configure container DNS Customize the docker0

Digital Ocean Create Docker machines on Digital Ocean. You need to create a personal access token under “Apps & API” in the Digital Ocean Control Panel and pass that to docker-machine create with the --digitalocean-access-token option. $ docker-machine create --driver digitalocean --digitalocean-access-token=aa9399a2175a93b17b1c86c807e08d3fc4b79876545432a629602f61cf6ccd6b test-this Options: --digitalocean-access-token: required Your personal access token for the Digital Ocean API. --digi

network create Usage: docker network create [OPTIONS] NETWORK-NAME Creates a new network with a name specified by the user --aux-address=map[] Auxiliary ipv4 or ipv6 addresses used by network driver -d --driver=DRIVER Driver to manage the Network bridge or overlay. The default is bridge. --gateway=[] ipv4 or ipv6 Gateway for the master subnet --help Print usage --internal Restricts external access to the network --ip-range=[]

Work with network commands This article provides examples of the network subcommands you can use to interact with Docker networks and the containers in them. The commands are available through the Docker Engine CLI. These commands are: docker network create docker network connect docker network ls docker network rm docker network disconnect docker network inspect While not required, it is a good idea to read Understanding Docker network before trying the examples in this section. The examples

Docker security There are three major areas to consider when reviewing Docker security: the intrinsic security of the kernel and its support for namespaces and cgroups; the attack surface of the Docker daemon itself; loopholes in the container configuration profile, either by default, or when customized by users. the “hardening” security features of the kernel and how they interact with containers. Kernel namespaces Docker containers are very similar to LXC containers, and they have similar s

Overview of Docker Compose Compose is a tool for defining and running multi-container Docker applications. With Compose, you use a Compose file to configure your application’s services. Then, using a single command, you create and start all the services from your configuration. To learn more about all the features of Compose see the list of features. Compose is great for development, testing, and staging environments, as well as CI workflows. You can learn more about each case in Common Use Cas

Use the Docker command line To list available commands, either run docker with no parameters or execute docker help: $ docker Usage: docker [OPTIONS] COMMAND [arg...] docker daemon [ --help | ... ] docker [ --help | -v | --version ] -H, --host=[]: The socket(s) to talk to the Docker daemon in the format of tcp://host:port/path, unix:///path/to/socket, fd://* or fd://socketfd. A self-sufficient runtime for Linux containers. ... Depending on your Docker system conf

Docker Swarm Discovery Docker Swarm comes with multiple discovery backends. You use a hosted discovery service with Docker Swarm. The service maintains a list of IPs in your cluster. This page describes the different types of hosted discovery available to you. These are: Using a distributed key/value store The recommended way to do node discovery in Swarm is Docker’s libkv project. The libkv project is an abstraction layer over existing distributed key/value stores. As of this writing, the proj

Docker Swarm strategies The Docker Swarm scheduler features multiple strategies for ranking nodes. The strategy you choose determines how Swarm computes ranking. When you run a new container, Swarm chooses to place it on the node with the highest computed ranking for your chosen strategy. To choose a ranking strategy, pass the --strategy flag and a strategy value to the swarm manage command. Swarm currently supports these values: spread binpack random The spread and binpack strategies compute