Docker common commands


  • Install
apt-get update
apt-get install sudo usermod -a -G docker $USER 
systemctl start docker
systemctl enable docker

then make a logoff , use groups to check you are in docker group or not:



  • build image:

create a Dockerfile file and then run

docker build -t your_image .

list images and containers

docker images docker images-l
docker container ls --all

run a container and check the port:

docker run -d -p 8800:80 --name your_container your_image
docker port your_container

detached run the image as a container and map the 8800 port of the container to host 80 port

Then we can check that the new container with name  based on ‘nginx_image’ is running, List the running containers:

docker ps

Or check all containers

docker ps -a
docker stop your_container
docker rm your_container
docker rmi your_image
Pull an image from a registry
docker pull alpine:3.4
Retag a local image with a new image name and tag
docker tag alpine:3.4 myrepo/myalpine:3.4
Log in to a registry (the Docker Hub by default)
docker login
Push an image to a registry
docker push myrepo/myalpine:3.4
Stop a running container through SIGTERM
docker stop my_container
Stop a running container through SIGKILL
docker kill my_container
Create an overlay network and specify a subnet
docker network create --subnet --gateway -d overlay mynet
List the networks
docker network ls
Delete all running and stopped containers
docker container prune Or this command in old versions: docker rm -f $(docker ps -aq)
 docker rm 305297d7a235 ff0a5c3750b9
Create a new bash process inside the container and connect it to the terminal
docker exec -it my_container bash
Print the last 100 lines of a container’s logs
docker logs --tail 100 my_container
  • docker run – Runs a command in a new container.
    docker run hello-world
    docker run -it busybox sh


  • docker start – Starts one or more stopped containers
  • docker stop – Stops one or more running containers
  • docker build – Builds an image form a Docker file
  • docker pull – Pulls an image or a repository from a registry
docker pull busybox
docker pull ubuntu:16.04
  • docker push – Pushes an image or a repository to a registry
  • docker export – Exports a container’s filesystem as a tar archive
  • docker exec – Runs a command in a run-time container
  • docker search – Searches the Docker Hub for images
    docker search elasticsearch
    docker search mysql

    docker attach – Attaches to a running container

  • docker commit – Creates a new image from a container’s changes
  • Watch the log
docker container logs my_container

How to do the mount and check the NFS server shared from Linux client

Here is some major commands to mount to NFS server from a client:

sudo apt-get install cifs-utils

sudo mkdir /media/temp

change your /etc/fstab file to let it mount on boot up

//nfsserver/temp /media/temp cifs guest,uid=1000,iocharset=utf8 0 0

then can use

mount -a

to do a manually mount

And here is how to check waht folder avaliable from a server to be mounted? and what address they permitted?

sudo apt install nfs-common
showmount -e

Export list for


Build NAT for Vmware Esxi with pfSense

By default, Vmware Esxi hyper-visor doe not support NAT, it only gives bridge to the guest VMs to get the network address. So when you do not have enough DHCP resources to assign to many VMs in your network, NAT will be a option to let the VMs can share IP resources and also let outside can access VMs.

Here is some links I refereed when I did our Esxi + pfSense servers reconfiguration recently.

And I note down some points you need to pay attention when doing this , my cases are in the 5.1 and 5,5 version Esxi:

1. If you only have one physical NIC running (vmnic0), then you need one IP for VMware Management Interface,  and another IP for pfSense WAN interface, these two IP running at same NIC interface. So two IPs face to outside is minimum for NAT even in one NIC case.

2. vSwitch0 is used by VMs by default, and your new created switch group (not binding to any NIC) will be vSwitch1. So normally pfSense will have two virtual network interface: WAN binding to the vSwitch0 and LAN binding to the vSwitch1 to work as the NAT gateway.

3. After you have the pfSense running, assign some VMs to the LAN and you then can surf from LAN VM to the pfSense LAN interface (LAN gateway)’s http admin UI to manage the pfSense,  with default account admin/pfsense. You need to have basic firewall and LAN gateway knowledge to manage this gateway.

4. To let outside client to access the VM, you need to config the NAT port forwarding at the pfSense WAN interface. And also pay attention to the default check box of the firewall policy to let the 10.****, 198.*****, 172**** can access the your VM if you need it.

4. For the flexibility of the system pfSense WAN MAC can be changed, but not LAN side. you may need a reboot of the pfSense when you change the WAN MAC.

Spring boot actuator – system monitoring and management

I am using the 1.5.10 as the example, detailed docs can see at here:

1. Just add starter-actuator to maven

<!– for logging and minitoring =============================== –>

2. Restart and suppose my app running at the 8080 port, you can see the actuator works at http://localhost:8080/health

  "status" : "UP",
  "diskSpace" : {
    "status" : "UP",
    "total" : 217631211520,
    "free" : 20183724032,
    "threshold" : 10485760
  "rabbit" : {
    "status" : "UP",
    "version" : "3.5.7"
  "db" : {
    "status" : "UP",
    "database" : "MySQL",
    "hello" : 1

actuator gives you a lot data about your system, such as metrics, health, configuration, http trace ….FULL list can see from here ID List

3. Some ID will be blocked by spring security if your system using it. So you have to authenticate and get the token or get the role to access them. But if system is behind a firewall, you can disable the security for actuator. Let us change the actuator to running in a different port and using new path root to access it. Add these into the file:

management.port = 9091
management.address =

So we can access http://localhost:9091/manage/health  now to get data.

4. Based on actuator feature, you can monitor and manage the system performance and health,  logging, and many others.  And use actuator API to process data by your self.

5. There are some GUI feature has been done based on the actuator already. like this one:


Try to use it for your system!








RabbitMQ quick start for Spring Boot

  1. Install the rabbitmq
sudo apt-get update
sudo apt-get install rabbitmq-server
sudo service rabbitmq-server stop
sudo service rabbitmq-server start
sudo service rabbitmq-server status
sudo rabbitmqctl status


The broker always appends to the log files, so a complete log history is retained.

/var/log/rabbitmq directory.
See /etc/logrotate.d/rabbitmq-server to configure logrotate.

The rabbbitMQ will run at port localhost:5672


2. Let us build a Spring Boot project to make MQ work.

2.1  Download the spring boot sample project from

remember to change pom.xml parent as this:

 <relativePath /> <!-- lookup parent from repository -->


2.2 Use eclipse to import this maven project. and use “java -jar” run it, you will see it continuously say hello.

2.3 The code use following tricks:

a. @EnableScheduling and @Scheduled(fixedDelay = 1000L)  will make the app auto start a Schedule task every 1 second and call the send() method to send a msg “hello” to the MQ queue “foo”:

@RabbitListener(queues = "foo")

defines a mq listener to listen to the queue of “foo”.

b. When a msg is in the queue, this method

 public void process(@Payload String foo) { ...}

will be triggered to process the msg got in this queue, code just prints it our in stdout.

c. the method fooQueue must names as the fooQueue as the queue name in this example is “foo”.

public Queue fooQueue() {...}

d. This code:

 private RabbitTemplate rabbitTemplate;

Will auto get a connection from the RabbitMQ so it can do the send later for you.


3. Access RabbitMQ GUI to make simple management

Enable the rabbitmq_management module:

sudo rabbitmq-plugins enable rabbitmq_management

The Web UI is located at: http://server-name:15672/
The user “guest” is created with password “guest” by default.










Start from Vagrant – create your own VM Box

Here I will create a ubuntu 16 64bit server image. for which altas link in fact have issue some times. So we create from ubuntu cloud image directly:

After you get where is the URL for, then we can use this cmd to do things.

vagrant init boxname boxurl

vagrant init ubuntu/xenial64
less Vagrantfile
vagrant up
vagrant ssh

Then you install anything you want to customize your linux VM.
After every thing ready, just exit from your VM.  Shutdown it and pack as a new box.

vagrant halt
vagrant package --output

So you will get a new box named as Now you can release this box to team and they can use init command to create a VM at their local folder.


To make your new box smaller, there are some command you can use. see this article for details:








Start from Vagrant – install and up

This is a simple demo how to install the vagrant in the Ubuntu Linux

Install virtualbox

sudo apt-get install virtualbox

Install vagrant

sudo apt-get update
sudo apt-get install vagrant
vagrant version

Create a Vagrantfile from default category list

mkdir ~/vagrant
cd ~/vagrant
vagrant init hashicorp/precise64
less Vagrantfilevagrant up
vagrant ssh

To turn your VM on, navigate to the directory with your Vagrantfile:

vagrant up

To pause your VM, navigate to the directory with your Vagrantfile:

vagrant suspend

To turn your VM off, navigate to the directory with your Vagrantfile:

vagrant halt

To destroy your VM, navigate to the directory with your Vagrantfile:

vagrant destroy

Linux command check CPU IO and VM info

  • Check the CPU utilize rate and disk IO info
$ iostat
Linux 4.4.0-103-generic (xw-HP-Z420-Workstation) 02/02/2018 _x86_64_ (12 CPU)

avg-cpu: %user %nice %system %iowait %steal %idle
 0.17 0.00 0.03 0.01 0.00 99.78

Device: tps kB_read/s kB_wrtn/s kB_read kB_wrtn
sda 1.73 15.20 18.99 3663865 4578881
sdb 0.00 0.03 0.00 6317 56
  • Virtual memory info
$ vmstat 1 5
procs -----------memory---------- ---swap-- -----io---- -system-- ------cpu-----
 r b swpd free buff cache si so bi bo in cs us sy id wa st
 0 0 0 21497140 917372 3875112 0 0 1 2 5 3 0 0 100 0 0
 0 0 0 21497336 917376 3875112 0 0 0 172 577 2320 2 0 98 0 0
 0 0 0 21497196 917376 3875112 0 0 0 0 553 2380 3 0 97 0 0
 0 0 0 21497336 917376 3875116 0 0 0 8 553 2432 2 0 97 0 0
 0 0 0 21497336 917376 3875112 0 0 0 0 490 2173 2 0 97 0 0
  • check kernel and driver’s log

Some Linux commands about the service and files check up

Here are some commands we common used in Ubuntu linux service and files monitor and check up:

  • Check what service is running in system
service --status-all

Or a GUI tool called bum

sudo apt install bum
sudo bum

Screenshot 2018-02-02 10:44:30

  • List all network interfaces
ifconfig -a


  • How to check max files OS could open ?
sysctl -a | grep fs.file-max
       fs.file-max = 3266932

This number normally is around 10% of your system memory in KB number; Such as for my Linux I can get my RAM by top command:

KiB Mem : 32873324 total,

And by default the max files one process can open is 1024. just use this cmd to check:

ulimit -n


  • How to check one process’ real limit in the the system for the files and others?
 xw@xwi-HP-Z420-Workstation:~$ ps aux | grep mysql
mysql 1189 0.0 0.4 1246964 160748 ? Ssl Jan30 2:20 /usr/sbin/mysqld
 xw@xwi-HP-Z420-Workstation:~$ cat /proc/1189/limits
Limit Soft Limit Hard Limit Units 
Max cpu time unlimited unlimited seconds 
Max file size unlimited unlimited bytes 
Max data size unlimited unlimited bytes 
Max stack size 8388608 unlimited bytes 
Max core file size 0 unlimited bytes 
Max resident set unlimited unlimited bytes 
Max processes 127918 127918 processes 
Max open files 1024 4096 files 
Max locked memory 65536 65536 bytes 
Max address space unlimited unlimited bytes 
Max file locks unlimited unlimited locks 
Max pending signals 127918 127918 signals 
Max msgqueue size 819200 819200 bytes 
Max nice priority 0 0 
Max realtime priority 0 0 
Max realtime timeout unlimited unlimited us


  • How to check one file’s access time stamp info?

xw@xw-HP-Z420-Workstation:~$ stat testFile.txt
File: ‘testFile.txt’
Size: 28 Blocks: 8 IO Block: 4096 regular file
Device: 802h/2050d Inode: 8998339 Links: 1
Access: (0664/-rw-rw-r–) Uid: ( 1000/ xiaowei) Gid: ( 1000/ xiaowei)
Access: 2017-12-05 16:17:42.221584809 -0800
Modify: 2017-04-17 11:35:38.000000000 -0700
Change: 2017-04-17 14:40:44.639165159 -0700
Birth: –

How to solve angular project auto change reload issue?


Sometimes file change in angular TS project does not be auto loaded and compiled in angular cli.


The issue could cause by the Inotify Watches Limit on Linux. You can  increase the watches limit to 512K

echo fs.inotify.max_user_watches=524288 | sudo tee -a /etc/sysctl.conf
sudo sysctl -p