GitBook: [master] one page modified
This commit is contained in:
parent
35e41d4c66
commit
ad3407ed6b
@ -1,6 +1,56 @@
|
||||
# 2375 Pentesting Docker
|
||||
|
||||
## Docker Basics
|
||||
|
||||
### What is
|
||||
|
||||
The Docker Platform is the industry-leading container platform for continuous, high-velocity innovation, enabling organizations to seamlessly build and share any application — from legacy to what comes next — and securely run them anywhere.
|
||||
|
||||
### Basic commands
|
||||
|
||||
```bash
|
||||
docker version #Get version of docker client, API, engine, containerd, runc, docker-init
|
||||
docker info #Get more infomarion about docker settings
|
||||
docker pull registry:5000/alpine #Download the image
|
||||
docker inspect <containerid> #Get info of the contaienr
|
||||
docker network ls #List network info
|
||||
docker exec -it <containerid> /bin/sh #Get shell inside a container
|
||||
docker commit <cotainerid> registry:5000/name-container #Update container
|
||||
docker export -o alpine.tar <containerid> #Export container as tar file
|
||||
docker ps -a #List running and stopped containers
|
||||
docker stop <containedID> #Stop running container
|
||||
docker rm <containerID> #Remove container ID
|
||||
docker image ls #List images
|
||||
docker rmi <imgeID> #Remove image
|
||||
docker system prune -a
|
||||
#This will remove:
|
||||
# - all stopped containers
|
||||
# - all networks not used by at least one container
|
||||
# - all images without at least one container associated to them
|
||||
# - all build cache
|
||||
```
|
||||
|
||||
### Containerd
|
||||
|
||||
Containerd was designed to be used by Docker and Kubernetes as well as any other container platform that wants to **abstract away syscalls or OS specific functionality to run container**s on linux, windows, solaris, or other OSes. With these users in mind, we wanted to make sure that containerd has only what they need and nothing that they don’t. Realistically this is impossible but at least that is what we try for. Things like **networking are out of scope for containerd**. The reason for this is, when you are building a distributed system, networking is a very central aspect. With SDN and service discovery today, networking is way more platform specific than abstracting away netlink calls on linux.
|
||||
|
||||
Note then that **Docker uses Containerd, but it only provides a subet of the features that Docker provides**. So for example ContainerD doesn't have Docker's network management features, nor can you use ContainerD alone to create Docker swarms.
|
||||
|
||||
```bash
|
||||
#Containerd CLI
|
||||
ctr images pull --skip-verify --plain-http registry:5000/alpine:latest #Get image
|
||||
ctr images list #List images
|
||||
ctr container create registry:5000/alpine:latest alpine #Create container called alpine
|
||||
ctr container list #List containers
|
||||
ctr container info <containerName> #Get container info
|
||||
ctr task start <containerName> #You are given a shell inside of it
|
||||
ctr task list #Get status of containers
|
||||
ctr tasks attach <containerName> #Get shell in running container
|
||||
ctr task pause <containerName> #Stop container
|
||||
ctr tasks resume <containerName> #Resume cotainer
|
||||
ctr task kill -s SIGKILL <containerName> #Stop running container
|
||||
ctr container delete <containerName>
|
||||
```
|
||||
|
||||
## 2375 - Pentesting Docker API
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user