docker image prune -a -f 删除none镜像
如一个正在运行的ubuntu容器ID为39bc60e016a7,想要进入ubuntu操作,只需输入一下命令:
docker exec -it 39 /bin/bash
将容器保存为一个新的镜像
docker commit -m '注释' 容器CONTAINER ID 镜像名称:镜像版本
导出某个容器,非常简单,使用docker export命令,语法:docker export $container_id > 容器快照名
导入快照使用docker import命令。
例如我们可以使用cat centos.tar | docker import - my/centos:v888 导入容器快照作为镜像
镜像保存/载入:docker load/docker save;将一个镜像导出为文件,再使用docker load命令将文件导入为一个镜像,会保存该镜像的的所有历史记录。比docker export命令导出的文件大,很好理解,因为会保存镜像的所有历史记录。
容器导入/导出:docker import/docker export;将一个容器导出为文件,再使用docker import命令将容器导入成为一个新的镜像,但是相比docker save命令,容器文件会丢失所有元数据和历史记录,仅保存容器当时的状态,相当于虚拟机快照。
可以使用"docker rm 容器id"来删除一个终止状态的容器;若要删除一个运行中的容器,需要加-f参数。
docker rm container-id 删除指定容器
docker start container-name/container-id 启动容器
将所有pwn题目放入bin目录(注意名字不带特殊字符,因为会将文件名作为linux用户名)
python initialize.py
docker-compose up --build -d
docker-compose up --build -d
以 Struts2 S2-037 漏洞环境为例:
通过 S2-037漏洞环境的 README文件 得知 tag 为 s_struts2_s2-037
获取镜像:
docker pull medicean/vulapps:s_struts2_s2-037
如果获取速度慢,推荐使用 中科大 Docker Mirrors 或者使用 阿里云 Mirrors(加速器)
创建并启动容器
docker run -d -p 80:8080 medicean/vulapps:s_struts2_s2-037
访问 http://127.0.0.1/ 即可访问启动好的 s2-037 环境
docker-compose --help
Define and run multi-container applications with Docker.
Usage:
docker-compose [-f <arg>...] [options] [COMMAND] [ARGS...]
docker-compose -h|--help
Options:
-f, --file FILE Specify an alternate compose file
(default: docker-compose.yml)
-p, --project-name NAME Specify an alternate project name
(default: directory name)
--verbose Show more output
--log-level LEVEL Set log level (DEBUG, INFO, WARNING, ERROR, CRITICAL)
--no-ansi Do not print ANSI control characters
-v, --version Print version and exit
-H, --host HOST Daemon socket to connect to
--tls Use TLS; implied by --tlsverify
--tlscacert CA_PATH Trust certs signed only by this CA
--tlscert CLIENT_CERT_PATH Path to TLS certificate file
--tlskey TLS_KEY_PATH Path to TLS key file
--tlsverify Use TLS and verify the remote
--skip-hostname-check Don't check the daemon's hostname against the
name specified in the client certificate
--project-directory PATH Specify an alternate working directory
(default: the path of the Compose file)
--compatibility If set, Compose will attempt to convert deploy
keys in v3 files to their non-Swarm equivalent
Commands:
build Build or rebuild services
bundle Generate a Docker bundle from the Compose file
config Validate and view the Compose file
create Create services
down Stop and remove containers, networks, images, and volumes
events Receive real time events from containers
exec Execute a command in a running container
help Get help on a command
images List images
kill Kill containers
logs View output from containers
pause Pause services
port Print the public port for a port binding
ps List containers
pull Pull service images
push Push service images
restart Restart services
rm Remove stopped containers
run Run a one-off command
scale Set number of containers for a service
start Start services
stop Stop services
top Display the running processes
unpause Unpause services
up Create and start containers
version Show the Docker-Compose version information