.

3 files changed, 1393 insertions, 0 deletions

diff --git a/notes/cheat-sheets/bash-cheat-sheet.sh b/notes/cheat-sheets/bash-cheat-sheet.sh
new file mode 100644
index 00000000..dee67440
--- /dev/null
+++ b/notes/cheat-sheets/bash-cheat-sheet.sh
@@ -0,0 +1,410 @@
+# bash cheat sheet
+
+#!/bin/bash
+#####################################################
+# Name: Bash CheatSheet for Mac OSX
+# 
+# A little overlook of the Bash basics
+#
+# Usage:
+#
+# Author: J. Le Coupanec
+# Date: 2014/11/04
+#####################################################
+
+
+# 0. Shortcuts.
+
+
+CTRL+A  # move to beginning of line
+CTRL+B  # moves backward one character
+CTRL+C  # halts the current command
+CTRL+D  # deletes one character backward or logs out of current session, similar to exit
+CTRL+E  # moves to end of line
+CTRL+F  # moves forward one character
+CTRL+G  # aborts the current editing command and ring the terminal bell
+CTRL+J  # same as RETURN
+CTRL+K  # deletes (kill) forward to end of line
+CTRL+L  # clears screen and redisplay the line
+CTRL+M  # same as RETURN
+CTRL+N  # next line in command history
+CTRL+O  # same as RETURN, then displays next line in history file
+CTRL+P  # previous line in command history
+CTRL+R  # searches backward
+CTRL+S  # searches forward
+CTRL+T  # transposes two characters
+CTRL+U  # kills backward from point to the beginning of line
+CTRL+V  # makes the next character typed verbatim
+CTRL+W  # kills the word behind the cursor
+CTRL+X  # lists the possible filename completefions of the current word
+CTRL+Y  # retrieves (yank) last item killed
+CTRL+Z  # stops the current command, resume with fg in the foreground or bg in the background
+
+DELETE  # deletes one character backward
+!!      # repeats the last command
+exit    # logs out of current session
+
+
+# 1. Bash Basics.
+
+
+export              # displays all environment variables
+
+echo $SHELL         # displays the shell you're using
+echo $BASH_VERSION  # displays bash version
+
+bash                # if you want to use bash (type exit to go back to your normal shell)
+whereis bash        # finds out where bash is on your system
+
+clear               # clears content on window (hide displayed lines)
+
+
+# 1.1. File Commands.
+
+
+ls                            # lists your files
+ls -l                         # lists your files in 'long format', which contains the exact size of the file, who owns the file and who has the right to look at it, and when it was last modified
+ls -a                         # lists all files, including hidden files
+ln -s <filename> <link>       # creates symbolic link to file
+touch <filename>              # creates or updates your file
+cat > <filename>              # places standard input into file
+more <filename>               # shows the first part of a file (move with space and type q to quit)
+head <filename>               # outputs the first 10 lines of file
+tail <filename>               # outputs the last 10 lines of file (useful with -f option)
+emacs <filename>              # lets you create and edit a file
+mv <filename1> <filename2>    # moves a file
+cp <filename1> <filename2>    # copies a file
+rm <filename>                 # removes a file
+diff <filename1> <filename2>  # compares files, and shows where they differ
+wc <filename>                 # tells you how many lines, words and characters there are in a file
+chmod -options <filename>     # lets you change the read, write, and execute permissions on your files
+gzip <filename>               # compresses files
+gunzip <filename>             # uncompresses files compressed by gzip
+gzcat <filename>              # lets you look at gzipped file without actually having to gunzip it
+lpr <filename>                # print the file
+lpq                           # check out the printer queue
+lprm <jobnumber>              # remove something from the printer queue
+genscript                     # converts plain text files into postscript for printing and gives you some options for formatting
+dvips <filename>              # print .dvi files (i.e. files produced by LaTeX)
+grep <pattern> <filenames>    # looks for the string in the files
+grep -r <pattern> <dir>       # search recursively for pattern in directory
+
+
+# 1.2. Directory Commands.
+
+
+mkdir <dirname>  # makes a new directory
+cd               # changes to home
+cd <dirname>     # changes directory
+pwd              # tells you where you currently are
+
+
+# 1.3. SSH, System Info & Network Commands.
+
+
+ssh user@host            # connects to host as user
+ssh -p <port> user@host  # connects to host on specified port as user
+ssh-copy-id user@host    # adds your ssh key to host for user to enable a keyed or passwordless login
+
+whoami                   # returns your username
+passwd                   # lets you change your password
+quota -v                 # shows what your disk quota is
+date                     # shows the current date and time
+cal                      # shows the month's calendar
+uptime                   # shows current uptime
+w                        # displays whois online
+finger <user>            # displays information about user
+uname -a                 # shows kernel information
+man <command>            # shows the manual for specified command
+df                       # shows disk usage
+du <filename>            # shows the disk usage of the files and directories in filename (du -s give only a total)
+last <yourUsername>      # lists your last logins
+ps -u yourusername       # lists your processes
+kill <PID>               # kills (ends) the processes with the ID you gave
+killall <processname>    # kill all processes with the name
+top                      # displays your currently active processes
+bg                       # lists stopped or background jobs ; resume a stopped job in the background
+fg                       # brings the most recent job in the foreground
+fg <job>                 # brings job to the foreground
+
+ping <host>              # pings host and outputs results
+whois <domain>           # gets whois information for domain
+dig <domain>             # gets DNS information for domain
+dig -x <host>            # reverses lookup host
+wget <file>              # downloads file
+
+
+# 2. Basic Shell Programming.
+
+
+# 2.1. Variables.
+
+
+varname=value                # defines a variable
+varname=value command        # defines a variable to be in the environment of a particular subprocess
+echo $varname                # checks a variable's value
+echo $$                      # prints process ID of the current shell
+echo $!                      # prints process ID of the most recently invoked background job
+echo $?                      # displays the exit status of the last command
+export VARNAME=value         # defines an environment variable (will be available in subprocesses)
+
+array[0] = val               # several ways to define an array
+array[1] = val
+array[2] = val
+array=([2]=val [0]=val [1]=val)
+array(val val val)
+
+${array[i]}                  # displays array's value for this index. If no index is supplied, array element 0 is assumed
+${#array[i]}                 # to find out the length of any element in the array
+${#array[@]}                 # to find out how many values there are in the array
+
+declare -a                   # the variables are treaded as arrays
+declare -f                   # uses funtion names only
+declare -F                   # displays function names without definitions
+declare -i                   # the variables are treaded as integers
+declare -r                   # makes the variables read-only
+declare -x                   # marks the variables for export via the environment
+
+${varname:-word}             # if varname exists and isn't null, return its value; otherwise return word
+${varname:=word}             # if varname exists and isn't null, return its value; otherwise set it word and then return its value
+${varname:?message}          # if varname exists and isn't null, return its value; otherwise print varname, followed by message and abort the current command or script
+${varname:+word}             # if varname exists and isn't null, return word; otherwise return null
+${varname:offset:length}     # performs substring expansion. It returns the substring of $varname starting at offset and up to length characters
+
+${variable#pattern}          # if the pattern matches the beginning of the variable's value, delete the shortest part that matches and return the rest
+${variable##pattern}         # if the pattern matches the beginning of the variable's value, delete the longest part that matches and return the rest
+${variable%pattern}          # if the pattern matches the end of the variable's value, delete the shortest part that matches and return the rest
+${variable%%pattern}         # if the pattern matches the end of the variable's value, delete the longest part that matches and return the rest
+${variable/pattern/string}   # the longest match to pattern in variable is replaced by string. Only the first match is replaced
+${variable//pattern/string}  # the longest match to pattern in variable is replaced by string. All matches are replaced
+
+${#varname}                  # returns the length of the value of the variable as a character string
+
+*(patternlist)               # matches zero or more occurences of the given patterns
++(patternlist)               # matches one or more occurences of the given patterns
+?(patternlist)               # matches zero or one occurence of the given patterns
+@(patternlist)               # matches exactly one of the given patterns
+!(patternlist)               # matches anything except one of the given patterns
+
+$(UNIX command)              # command substitution: runs the command and returns standard output
+
+
+# 2.2. Functions.
+# The function refers to passed arguments by position (as if they were positional parameters), that is, $1, $2, and so forth.
+# $@ is equal to "$1" "$2"... "$N", where N is the number of positional parameters. $# holds the number of positional parameters.
+
+
+functname() {
+  shell commands
+}
+
+unset -f functname  # deletes a function definition
+declare -f          # displays all defined functions in your login session
+
+
+# 2.3. Flow Control.
+
+
+statement1 && statement2  # and operator
+statement1 || statement2  # or operator
+
+-a                        # and operator inside a test conditional expression
+-o                        # or operator inside a test conditional expression
+
+str1=str2                 # str1 matches str2
+str1!=str2                # str1 does not match str2
+str1<str2                 # str1 is less than str2
+str1>str2                 # str1 is greater than str2
+-n str1                   # str1 is not null (has length greater than 0)
+-z str1                   # str1 is null (has length 0)
+
+-a file                   # file exists
+-d file                   # file exists and is a directory
+-e file                   # file exists; same -a
+-f file                   # file exists and is a regular file (i.e., not a directory or other special type of file)
+-r file                   # you have read permission
+-r file                   # file exists and is not empty
+-w file                   # your have write permission
+-x file                   # you have execute permission on file, or directory search permission if it is a directory
+-N file                   # file was modified since it was last read
+-O file                   # you own file
+-G file                   # file's group ID matches yours (or one of yours, if you are in multiple groups)
+file1 -nt file2           # file1 is newer than file2
+file1 -ot file2           # file1 is older than file2
+
+-lt                       # less than
+-le                       # less than or equal
+-eq                       # equal
+-ge                       # greater than or equal
+-gt                       # greater than
+-ne                       # not equal
+
+if condition
+then
+  statements
+[elif condition
+  then statements...]
+[else
+  statements]
+fi
+
+for x := 1 to 10 do
+begin
+  statements
+end
+
+for name [in list]
+do
+  statements that can use $name
+done
+
+for (( initialisation ; ending condition ; update ))
+do
+  statements...
+done
+
+case expression in
+  pattern1 )
+    statements ;;
+  pattern2 )
+    statements ;;
+  ...
+esac
+
+select name [in list]
+do
+  statements that can use $name
+done
+
+while condition; do
+  statements
+done
+
+until condition; do
+  statements
+done
+
+
+# 3. Command-Line Processing Cycle.
+
+
+# The default order for command lookup is functions, followed by built-ins, with scripts and executables last.
+# There are three built-ins that you can use to override this order: `command`, `builtin` and `enable`.
+
+command  # removes alias and function lookup. Only built-ins and commands found in the search path are executed
+builtin  # looks up only built-in commands, ignoring functions and commands found in PATH
+enable   # enables and disables shell built-ins
+
+eval     # takes arguments and run them through the command-line processing steps all over again
+
+
+# 4. Input/Output Redirectors.
+
+
+cmd1|cmd2  # pipe; takes standard output of cmd1 as standard input to cmd2
+> file     # directs standard output to file
+< file     # takes standard input from file
+>> file    # directs standard output to file; append to file if it already exists
+>|file     # forces standard output to file even if noclobber is set
+n>|file    # forces output to file from file descriptor n even if noclobber is set
+<> file    # uses file as both standard input and standard output
+n<>file    # uses file as both input and output for file descriptor n
+<<label    # here-document
+n>file     # directs file descriptor n to file
+n<file     # takes file descriptor n from file
+n>>file    # directs file description n to file; append to file if it already exists
+n>&        # duplicates standard output to file descriptor n
+n<&        # duplicates standard input from file descriptor n
+n>&m       # file descriptor n is made to be a copy of the output file descriptor
+n<&m       # file descriptor n is made to be a copy of the input file descriptor
+&>file     # directs standard output and standard error to file
+<&-        # closes the standard input
+>&-        # closes the standard output
+n>&-       # closes the ouput from file descriptor n
+n<&-       # closes the input from file descripor n
+
+
+# 5. Process Handling.
+
+
+# To suspend a job, type CTRL+Z while it is running. You can also suspend a job with CTRL+Y.
+# This is slightly different from CTRL+Z in that the process is only stopped when it attempts to read input from terminal.
+# Of course, to interupt a job, type CTRL+C.
+
+myCommand &  # runs job in the background and prompts back the shell
+
+jobs         # lists all jobs (use with -l to see associated PID)
+
+fg           # brings a background job into the foreground
+fg %+        # brings most recently invoked background job
+fg %-        # brings second most recently invoked background job
+fg %N        # brings job number N
+fg %string   # brings job whose command begins with string
+fg %?string  # brings job whose command contains string
+
+kill -l      # returns a list of all signals on the system, by name and number
+kill PID     # terminates process with specified PID
+
+ps           # prints a line of information about the current running login shell and any processes running under it
+ps -a        # selects all processes with a tty except session leaders
+
+trap cmd sig1 sig2  # executes a command when a signal is received by the script
+trap "" sig1 sig2   # ignores that signals
+trap - sig1 sig2    # resets the action taken when the signal is received to the default
+
+disown <PID|JID>    # removes the process from the list of jobs
+
+wait                # waits until all background jobs have finished
+
+
+# 6. Tips and Tricks.
+
+
+# set an alias
+cd; nano .bash_profile
+> alias gentlenode='ssh admin@gentlenode.com -p 3404'  # add your alias in .bash_profile
+
+# to quickly go to a specific directory
+cd; nano .bashrc
+> shopt -s cdable_vars
+> export websites="/Users/mac/Documents/websites"
+
+source .bashrc
+cd websites
+
+
+# 7. Debugging Shell Programs.
+
+
+bash -n scriptname  # don't run commands; check for syntax errors only
+set -o noexec       # alternative (set option in script)
+
+bash -v scriptname  # echo commands before running them
+set -o verbose      # alternative (set option in script)
+
+bash -x scriptname  # echo commands after command-line processing
+set -o xtrace       # alternative (set option in script)
+
+trap 'echo $varname' EXIT  # useful when you want to print out the values of variables at the point that your script exits
+
+function errtrap {
+  es=$?
+  echo "ERROR line $1: Command exited with status $es."
+}
+
+trap 'errtrap $LINENO' ERR  # is run whenever a command in the surrounding script or function exists with non-zero status 
+
+function dbgtrap {
+  echo "badvar is $badvar"
+}
+
+trap dbgtrap DEBUG  # causes the trap code to be executed before every statement in a function or script
+# ...section of code in which the problem occurs...
+trap - DEBUG  # turn off the DEBUG trap
+
+function returntrap {
+  echo "A return occured"
+}
+
+trap returntrap RETURN  # is executed each time a shell function or a script executed with the . or source commands finishes executing
+
diff --git a/notes/cheat-sheets/docker-cheat-sheet.md b/notes/cheat-sheets/docker-cheat-sheet.md
new file mode 100644
index 00000000..4e11e24f
--- /dev/null
+++ b/notes/cheat-sheets/docker-cheat-sheet.md
@@ -0,0 +1,795 @@
+# Docker Cheat Sheet
+
+Source: <https://github.com/wsargent/docker-cheat-sheet/blob/master/README.md>
+
+
+## Table of Contents
+
+* [Why Docker](#why-docker)
+* [Prerequisites](#prerequisites)
+* [Installation](#installation)
+* [Containers](#containers)
+* [Images](#images)
+* [Networks](#networks)
+* [Registry and Repository](#registry--repository)
+* [Dockerfile](#dockerfile)
+* [Layers](#layers)
+* [Links](#links)
+* [Volumes](#volumes)
+* [Exposing Ports](#exposing-ports)
+* [Best Practices](#best-practices)
+* [Security](#security)
+* [Tips](#tips)
+* [Contributing](#contributing)
+
+## Why Docker
+
+"With Docker, developers can build any app in any language using any toolchain. “Dockerized” apps are completely portable and can run anywhere - colleagues’ OS X and Windows laptops, QA servers running Ubuntu in the cloud, and production data center VMs running Red Hat.
+
+Developers can get going quickly by starting with one of the 13,000+ apps available on Docker Hub. Docker manages and tracks changes and dependencies, making it easier for sysadmins to understand how the apps that developers build work. And with Docker Hub, developers can automate their build pipeline and share artifacts with collaborators through public or private repositories.
+
+Docker helps developers build and ship higher-quality applications, faster." -- [What is Docker](https://www.docker.com/what-docker#copy1)
+
+## Prerequisites
+
+I use [Oh My Zsh](https://github.com/robbyrussell/oh-my-zsh) with the [Docker plugin](https://github.com/robbyrussell/oh-my-zsh/wiki/Plugins#docker) for autocompletion of docker commands. YMMV.
+
+### Linux
+
+The 3.10.x kernel is [the minimum requirement](https://docs.docker.com/engine/installation/binaries/#check-kernel-dependencies) for Docker.
+
+### MacOS
+
+ 10.8 “Mountain Lion” or newer is required.
+
+## Installation
+
+### Linux
+
+Quick and easy install script provided by Docker:
+
+```
+curl -sSL https://get.docker.com/ | sh
+```
+
+If you're not willing to run a random shell script, please see the [installation](https://docs.docker.com/engine/installation/linux/) instructions for your distribution.
+
+If you are a complete Docker newbie, you should follow the [series of tutorials](https://docs.docker.com/engine/getstarted/) now.
+
+### macOS
+Download and install [Docker Community Edition](https://www.docker.com/community-edition). if you have Homebrew-Cask, just type `brew cask install docker`. Or Download and install [Docker Toolbox](https://docs.docker.com/toolbox/overview/).  [Docker For Mac](https://docs.docker.com/docker-for-mac/) is nice, but it's not quite as finished as the VirtualBox install.  [See the comparison](https://docs.docker.com/docker-for-mac/docker-toolbox/).
+
+> **NOTE** Docker Toolbox is legacy. you should to use Docker Community Edition, See (Docker Toolbox)[https://docs.docker.com/toolbox/overview/]
+
+Once you've installed Docker Community Edition, click the docker icon in Launchpad. Then start up a container:
+
+```
+docker run hello-world
+```
+
+That's it, you have a running Docker container.
+
+If you are a complete Docker newbie, you should probably follow the [series of tutorials](https://docs.docker.com/engine/getstarted/) now.
+
+## Containers
+
+[Your basic isolated Docker process](http://etherealmind.com/basics-docker-containers-hypervisors-coreos/). Containers are to Virtual Machines as threads are to processes. Or you can think of them as chroots on steroids.
+
+### Lifecycle
+
+* [`docker create`](https://docs.docker.com/engine/reference/commandline/create) creates a container but does not start it.
+* [`docker rename`](https://docs.docker.com/engine/reference/commandline/rename/) allows the container to be renamed.
+* [`docker run`](https://docs.docker.com/engine/reference/commandline/run) creates and starts a container in one operation.
+* [`docker rm`](https://docs.docker.com/engine/reference/commandline/rm) deletes a container.
+* [`docker update`](https://docs.docker.com/engine/reference/commandline/update/) updates a container's resource limits.
+
+Normally if you run a container without options it will start and stop immediately, if you want keep it running you can use the command, `docker run -td container_id` this will use the option `-t` that will allocate a pseudo-TTY session and `-d` that will detach automatically the container (run container in background and print container ID).
+
+If you want a transient container, `docker run --rm` will remove the container after it stops.
+
+If you want to map a directory on the host to a docker container, `docker run -v $HOSTDIR:$DOCKERDIR`. Also see [Volumes](https://github.com/wsargent/docker-cheat-sheet/#volumes).
+
+If you want to remove also the volumes associated with the container, the deletion of the container must include the `-v` switch like in `docker rm -v`.
+
+There's also a [logging driver](https://docs.docker.com/engine/admin/logging/overview/) available for individual containers in docker 1.10. To run docker with a custom log driver (i.e., to syslog), use `docker run --log-driver=syslog`.
+
+Another useful option is `docker run --name yourname docker_image` because when you specify the `--name` inside the run command this will allow you to start and stop a container by calling it with the name the you specified when you created it.
+
+### Starting and Stopping
+
+* [`docker start`](https://docs.docker.com/engine/reference/commandline/start) starts a container so it is running.
+* [`docker stop`](https://docs.docker.com/engine/reference/commandline/stop) stops a running container.
+* [`docker restart`](https://docs.docker.com/engine/reference/commandline/restart) stops and starts a container.
+* [`docker pause`](https://docs.docker.com/engine/reference/commandline/pause/) pauses a running container, "freezing" it in place.
+* [`docker unpause`](https://docs.docker.com/engine/reference/commandline/unpause/) will unpause a running container.
+* [`docker wait`](https://docs.docker.com/engine/reference/commandline/wait) blocks until running container stops.
+* [`docker kill`](https://docs.docker.com/engine/reference/commandline/kill) sends a SIGKILL to a running container.
+* [`docker attach`](https://docs.docker.com/engine/reference/commandline/attach) will connect to a running container.
+
+If you want to integrate a container with a [host process manager](https://docs.docker.com/engine/admin/host_integration/), start the daemon with `-r=false` then use `docker start -a`.
+
+If you want to expose container ports through the host, see the [exposing ports](#exposing-ports) section.
+
+Restart policies on crashed docker instances are [covered here](http://container42.com/2014/09/30/docker-restart-policies/).
+
+#### CPU Constraints
+
+You can limit CPU, either using a percentage of all CPUs, or by using specific cores.  
+
+For example, you can tell the [`cpu-shares`](https://docs.docker.com/engine/reference/run/#/cpu-share-constraint) setting.  The setting is a bit strange -- 1024 means 100% of the CPU, so if you want the container to take 50% of all CPU cores, you should specify 512.  See https://goldmann.pl/blog/2014/09/11/resource-management-in-docker/#_cpu for more:
+
+```
+docker run -ti --c 512 agileek/cpuset-test
+```
+
+You can also only use some CPU cores using [`cpuset-cpus`](https://docs.docker.com/engine/reference/run/#/cpuset-constraint).  See https://agileek.github.io/docker/2014/08/06/docker-cpuset/ for details and some nice videos:
+
+```
+docker run -ti --cpuset-cpus=0,4,6 agileek/cpuset-test
+```
+
+Note that Docker can still **see** all of the CPUs inside the container -- it just isn't using all of them.  See https://github.com/docker/docker/issues/20770 for more details.
+
+#### Memory Constraints
+
+You can also set [memory constraints](https://docs.docker.com/engine/reference/run/#/user-memory-constraints) on Docker:
+
+```
+docker run -it -m 300M ubuntu:14.04 /bin/bash
+```
+
+#### Capabilities
+
+Linux capabilities can be set by using `cap-add` and `cap-drop`.  See https://docs.docker.com/engine/reference/run/#/runtime-privilege-and-linux-capabilities for details.  This should be used for greater security.
+
+To mount a FUSE based filesystem, you need to combine both --cap-add and --device:
+
+```
+docker run --rm -it --cap-add SYS_ADMIN --device /dev/fuse sshfs
+```
+
+Give access to a single device:
+
+```
+docker run -it --device=/dev/ttyUSB0 debian bash
+```
+
+Give access to all devices:
+
+```
+docker run -it --privileged -v /dev/bus/usb:/dev/bus/usb debian bash
+```
+
+more info about privileged containers [here](
+https://docs.docker.com/engine/reference/run/#/runtime-privilege-and-linux-capabilities)
+
+
+### Info
+
+* [`docker ps`](https://docs.docker.com/engine/reference/commandline/ps) shows running containers.
+* [`docker logs`](https://docs.docker.com/engine/reference/commandline/logs) gets logs from container.  (You can use a custom log driver, but logs is only available for `json-file` and `journald` in 1.10).
+* [`docker inspect`](https://docs.docker.com/engine/reference/commandline/inspect) looks at all the info on a container (including IP address).
+* [`docker events`](https://docs.docker.com/engine/reference/commandline/events) gets events from container.
+* [`docker port`](https://docs.docker.com/engine/reference/commandline/port) shows public facing port of container.
+* [`docker top`](https://docs.docker.com/engine/reference/commandline/top) shows running processes in container.
+* [`docker stats`](https://docs.docker.com/engine/reference/commandline/stats) shows containers' resource usage statistics.
+* [`docker diff`](https://docs.docker.com/engine/reference/commandline/diff) shows changed files in the container's FS.
+
+`docker ps -a` shows running and stopped containers.
+
+`docker stats --all` shows a running list of containers.
+
+### Import / Export
+
+* [`docker cp`](https://docs.docker.com/engine/reference/commandline/cp) copies files or folders between a container and the local filesystem.
+* [`docker export`](https://docs.docker.com/engine/reference/commandline/export) turns container filesystem into tarball archive stream to STDOUT.
+
+### Executing Commands
+
+* [`docker exec`](https://docs.docker.com/engine/reference/commandline/exec) to execute a command in container.
+
+To enter a running container, attach a new shell process to a running container called foo, use: `docker exec -it foo /bin/bash`.
+
+## Images
+
+Images are just [templates for docker containers](https://docs.docker.com/engine/understanding-docker/#how-does-a-docker-image-work).
+
+### Lifecycle
+
+* [`docker images`](https://docs.docker.com/engine/reference/commandline/images) shows all images.
+* [`docker import`](https://docs.docker.com/engine/reference/commandline/import) creates an image from a tarball.
+* [`docker build`](https://docs.docker.com/engine/reference/commandline/build) creates image from Dockerfile.
+* [`docker commit`](https://docs.docker.com/engine/reference/commandline/commit) creates image from a container, pausing it temporarily if it is running.
+* [`docker rmi`](https://docs.docker.com/engine/reference/commandline/rmi) removes an image.
+* [`docker load`](https://docs.docker.com/engine/reference/commandline/load) loads an image from a tar archive as STDIN, including images and tags (as of 0.7).
+* [`docker save`](https://docs.docker.com/engine/reference/commandline/save) saves an image to a tar archive stream to STDOUT with all parent layers, tags & versions (as of 0.7).
+
+### Info
+
+* [`docker history`](https://docs.docker.com/engine/reference/commandline/history) shows history of image.
+* [`docker tag`](https://docs.docker.com/engine/reference/commandline/tag) tags an image to a name (local or registry).
+
+## Checking Docker Version 
+
+It is very important that you always know the current version of Docker you are currently running on at any point in time.This is very helpful because you get to know what features are compatible with what you have running. This is also important because you know what containers to run from the docker store when you are trying to get template containers. That said let see how to know what version of docker we have running currently
+
+* ['docker version'](https://docs.docker.com/engine/reference/commandline/version/)   check what version of docker you have running 
+* [docker version [OPTIONS]]
+
+Get the server version
+$ docker version --format '{{.Server.Version}}'
+
+1.8.0
+Dump raw JSON data
+$ docker version --format '{{json .}}'
+
+{"Client":{"Version":"1.8.0","ApiVersion":"1.20","GitCommit":"f5bae0a","GoVersion":"go1.4.2","Os":"linux","Arch":"am"}
+
+### Cleaning up
+
+While you can use the `docker rmi` command to remove specific images, there's a tool called [docker-gc](https://github.com/spotify/docker-gc) that will safely clean up images that are no longer used by any containers.
+
+### Load/Save image
+
+Load an image from file:
+```
+docker load < my_image.tar.gz
+```
+
+Save an existing image:
+```
+docker save my_image:my_tag | gzip > my_image.tar.gz
+```
+
+### Import/Export container
+
+Import a container as an image from file:
+```
+cat my_container.tar.gz | docker import - my_image:my_tag
+```
+
+Export an existing container:
+```
+docker export my_container | gzip > my_container.tar.gz
+```
+
+### Difference between loading a saved image and importing an exported container as an image
+
+Loading an image using the `load` command creates a new image including its history.  
+Importing a container as an image using the `import` command creates a new image excluding the history which results in a smaller image size compared to loading an image.
+
+## Networks
+
+Docker has a [networks](https://docs.docker.com/engine/userguide/networking/) feature. Not much is known about it, so this is a good place to expand the cheat sheet. There is a note saying that it's a good way to configure docker containers to talk to each other without using ports. See [working with networks](https://docs.docker.com/engine/userguide/networking/work-with-networks/) for more details.
+
+### Lifecycle
+
+* [`docker network create`](https://docs.docker.com/engine/reference/commandline/network_create/)
+* [`docker network rm`](https://docs.docker.com/engine/reference/commandline/network_rm/)
+
+### Info
+
+* [`docker network ls`](https://docs.docker.com/engine/reference/commandline/network_ls/)
+* [`docker network inspect`](https://docs.docker.com/engine/reference/commandline/network_inspect/)
+
+### Connection
+
+* [`docker network connect`](https://docs.docker.com/engine/reference/commandline/network_connect/)
+* [`docker network disconnect`](https://docs.docker.com/engine/reference/commandline/network_disconnect/)
+
+You can specify a [specific IP address for a container](https://blog.jessfraz.com/post/ips-for-all-the-things/):
+
+```
+# create a new bridge network with your subnet and gateway for your ip block
+docker network create --subnet 203.0.113.0/24 --gateway 203.0.113.254 iptastic
+
+# run a nginx container with a specific ip in that block
+$ docker run --rm -it --net iptastic --ip 203.0.113.2 nginx
+
+# curl the ip from any other place (assuming this is a public ip block duh)
+$ curl 203.0.113.2
+```
+
+## Registry & Repository
+
+A repository is a *hosted* collection of tagged images that together create the file system for a container.
+
+A registry is a *host* -- a server that stores repositories and provides an HTTP API for [managing the uploading and downloading of repositories](https://docs.docker.com/engine/tutorials/dockerrepos/).
+
+Docker.com hosts its own [index](https://hub.docker.com/) to a central registry which contains a large number of repositories.  Having said that, the central docker registry [does not do a good job of verifying images](https://titanous.com/posts/docker-insecurity) and should be avoided if you're worried about security.
+
+* [`docker login`](https://docs.docker.com/engine/reference/commandline/login) to login to a registry.
+* [`docker logout`](https://docs.docker.com/engine/reference/commandline/logout) to logout from a registry.
+* [`docker search`](https://docs.docker.com/engine/reference/commandline/search) searches registry for image.
+* [`docker pull`](https://docs.docker.com/engine/reference/commandline/pull) pulls an image from registry to local machine.
+* [`docker push`](https://docs.docker.com/engine/reference/commandline/push) pushes an image to the registry from local machine.
+
+### Run local registry
+
+You can run a local registry by using the [docker distribution](https://github.com/docker/distribution) project and looking at the [local deploy](https://github.com/docker/docker.github.io/blob/master/registry/deploying.md) instructions.
+
+Also see the [mailing list](https://groups.google.com/a/dockerproject.org/forum/#!forum/distribution).
+
+## Dockerfile
+
+[The configuration file](https://docs.docker.com/engine/reference/builder/). Sets up a Docker container when you run `docker build` on it. Vastly preferable to `docker commit`.  
+
+Here are some common text editors and their syntax highlighting modules you could use to create Dockerfiles:
+* If you use [jEdit](http://jedit.org), I've put up a syntax highlighting module for [Dockerfile](https://github.com/wsargent/jedit-docker-mode) you can use.
+* [Sublime Text 2](https://packagecontrol.io/packages/Dockerfile%20Syntax%20Highlighting)
+* [Atom](https://atom.io/packages/language-docker)
+* [Vim](https://github.com/ekalinin/Dockerfile.vim)
+* [Emacs](https://github.com/spotify/dockerfile-mode)
+* [TextMate](https://github.com/docker/docker/tree/master/contrib/syntax/textmate)
+* [VS Code](https://github.com/Microsoft/vscode-docker)
+* Also see [Docker meets the IDE](https://domeide.github.io/)
+
+### Instructions
+
+* [.dockerignore](https://docs.docker.com/engine/reference/builder/#dockerignore-file)
+* [FROM](https://docs.docker.com/engine/reference/builder/#from) Sets the Base Image for subsequent instructions.
+* [MAINTAINER (deprecated - use LABEL instead)](https://docs.docker.com/engine/reference/builder/#maintainer-deprecated) Set the Author field of the generated images.
+* [RUN](https://docs.docker.com/engine/reference/builder/#run) execute any commands in a new layer on top of the current image and commit the results.
+* [CMD](https://docs.docker.com/engine/reference/builder/#cmd) provide defaults for an executing container.
+* [EXPOSE](https://docs.docker.com/engine/reference/builder/#expose) informs Docker that the container listens on the specified network ports at runtime.  NOTE: does not actually make ports accessible.
+* [ENV](https://docs.docker.com/engine/reference/builder/#env) sets environment variable.
+* [ADD](https://docs.docker.com/engine/reference/builder/#add) copies new files, directories or remote file to container.  Invalidates caches. Avoid `ADD` and use `COPY` instead.
+* [COPY](https://docs.docker.com/engine/reference/builder/#copy) copies new files or directories to container.  Note that this only copies as root, so you have to chown manually regardless of your USER / WORKDIR setting.  See https://github.com/moby/moby/issues/30110
+* [ENTRYPOINT](https://docs.docker.com/engine/reference/builder/#entrypoint) configures a container that will run as an executable.
+* [VOLUME](https://docs.docker.com/engine/reference/builder/#volume) creates a mount point for externally mounted volumes or other containers.
+* [USER](https://docs.docker.com/engine/reference/builder/#user) sets the user name for following RUN / CMD / ENTRYPOINT commands.
+* [WORKDIR](https://docs.docker.com/engine/reference/builder/#workdir) sets the working directory.
+* [ARG](https://docs.docker.com/engine/reference/builder/#arg) defines a build-time variable.
+* [ONBUILD](https://docs.docker.com/engine/reference/builder/#onbuild) adds a trigger instruction when the image is used as the base for another build.
+* [STOPSIGNAL](https://docs.docker.com/engine/reference/builder/#stopsignal) sets the system call signal that will be sent to the container to exit.
+* [LABEL](https://docs.docker.com/engine/userguide/labels-custom-metadata/) apply key/value metadata to your images, containers, or daemons.
+
+### Tutorial
+
+* [Flux7's Dockerfile Tutorial](http://flux7.com/blogs/docker/docker-tutorial-series-part-3-automation-is-the-word-using-dockerfile/)
+
+### Examples
+
+* [Examples](https://docs.docker.com/engine/reference/builder/#dockerfile-examples)
+* [Best practices for writing Dockerfiles](https://docs.docker.com/engine/userguide/eng-image/dockerfile_best-practices/)
+* [Michael Crosby](http://crosbymichael.com/) has some more [Dockerfiles best practices](http://crosbymichael.com/dockerfile-best-practices.html) / [take 2](http://crosbymichael.com/dockerfile-best-practices-take-2.html).
+* [Building Good Docker Images](http://jonathan.bergknoff.com/journal/building-good-docker-images) / [Building Better Docker Images](http://jonathan.bergknoff.com/journal/building-better-docker-images)
+* [Managing Container Configuration with Metadata](https://speakerdeck.com/garethr/managing-container-configuration-with-metadata)
+* [How to write excellent Dockerfiles](https://rock-it.pl/how-to-write-excellent-dockerfiles/)
+
+## Layers
+
+The versioned filesystem in Docker is based on layers. They're like [git commits or changesets for filesystems](https://docs.docker.com/engine/userguide/storagedriver/imagesandcontainers/).
+
+## Links
+
+Links are how Docker containers talk to each other [through TCP/IP ports](https://docs.docker.com/engine/userguide/networking/default_network/dockerlinks/). [Linking into Redis](https://docs.docker.com/engine/examples/running_redis_service/) and [Atlassian](https://blogs.atlassian.com/2013/11/docker-all-the-things-at-atlassian-automation-and-wiring/) show worked examples. You can also resolve [links by hostname](https://docs.docker.com/engine/userguide/networking/default_network/dockerlinks/#/updating-the-etchosts-file).
+
+This has been deprected to some extent by [user-defined networks](https://docs.docker.com/engine/userguide/networking/#user-defined-networks).
+
+NOTE: If you want containers to ONLY communicate with each other through links, start the docker daemon with `-icc=false` to disable inter process communication.
+
+If you have a container with the name CONTAINER (specified by `docker run --name CONTAINER`) and in the Dockerfile, it has an exposed port:
+
+```
+EXPOSE 1337
+```
+
+Then if we create another container called LINKED like so:
+
+```
+docker run -d --link CONTAINER:ALIAS --name LINKED user/wordpress
+```
+
+Then the exposed ports and aliases of CONTAINER will show up in LINKED with the following environment variables:
+
+```
+$ALIAS_PORT_1337_TCP_PORT
+$ALIAS_PORT_1337_TCP_ADDR
+```
+
+And you can connect to it that way.
+
+To delete links, use `docker rm --link`.
+
+Generally, linking between docker services is a subset of "service discovery", a big problem if you're planning to use Docker at scale in production.  Please read [The Docker Ecosystem: Service Discovery and Distributed Configuration Stores](https://www.digitalocean.com/community/tutorials/the-docker-ecosystem-service-discovery-and-distributed-configuration-stores) for more info.
+
+## Volumes
+
+Docker volumes are [free-floating filesystems](https://docs.docker.com/engine/tutorials/dockervolumes/). They don't have to be connected to a particular container. You should use volumes mounted from [data-only containers](https://medium.com/@ramangupta/why-docker-data-containers-are-good-589b3c6c749e) for portability.  
+
+### Lifecycle
+
+* [`docker volume create`](https://docs.docker.com/engine/reference/commandline/volume_create/)
+* [`docker volume rm`](https://docs.docker.com/engine/reference/commandline/volume_rm/)
+
+### Info
+
+* [`docker volume ls`](https://docs.docker.com/engine/reference/commandline/volume_ls/)
+* [`docker volume inspect`](https://docs.docker.com/engine/reference/commandline/volume_inspect/)
+
+Volumes are useful in situations where you can't use links (which are TCP/IP only). For instance, if you need to have two docker instances communicate by leaving stuff on the filesystem.
+
+You can mount them in several docker containers at once, using `docker run --volumes-from`.
+
+Because volumes are isolated filesystems, they are often used to store state from computations between transient containers. That is, you can have a stateless and transient container run from a recipe, blow it away, and then have a second instance of the transient container pick up from where the last one left off.
+
+See [advanced volumes](http://crosbymichael.com/advanced-docker-volumes.html) for more details. Container42 is [also helpful](http://container42.com/2014/11/03/docker-indepth-volumes/).
+
+You can [map MacOS host directories as docker volumes](https://docs.docker.com/engine/tutorials/dockervolumes/#mount-a-host-directory-as-a-data-volume):
+
+```
+docker run -v /Users/wsargent/myapp/src:/src
+```
+
+You can use remote NFS volumes if you're [feeling brave](https://docs.docker.com/engine/tutorials/dockervolumes/#/mount-a-shared-storage-volume-as-a-data-volume).
+
+You may also consider running data-only containers as described [here](http://container42.com/2013/12/16/persistent-volumes-with-docker-container-as-volume-pattern/) to provide some data portability.
+
+[Be aware that you can mount files as volumes.](#volumes-can-be-files)
+
+## Exposing ports
+
+Exposing incoming ports through the host container is [fiddly but doable](https://docs.docker.com/engine/reference/run/#expose-incoming-ports).
+
+This is done by mapping the container port to the host port (only using localhost interface) using `-p`:
+
+```
+docker run -p 127.0.0.1:$HOSTPORT:$CONTAINERPORT --name CONTAINER -t someimage
+```
+
+You can tell Docker that the container listens on the specified network ports at runtime by using [EXPOSE](https://docs.docker.com/engine/reference/builder/#expose):
+
+```
+EXPOSE <CONTAINERPORT>
+```
+
+Note that EXPOSE does not expose the port itself -- only `-p` will do that. To expose the container's port on your localhost's port:
+
+```
+iptables -t nat -A DOCKER -p tcp --dport <LOCALHOSTPORT> -j DNAT --to-destination <CONTAINERIP>:<PORT>
+```
+
+If you're running Docker in Virtualbox, you then need to forward the port there as well, using [forwarded_port](https://docs.vagrantup.com/v2/networking/forwarded_ports.html). Define a range of ports in your Vagrantfile like this so you can dynamically map them:
+
+```
+Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
+  ...
+
+  (49000..49900).each do |port|
+    config.vm.network :forwarded_port, :host => port, :guest => port
+  end
+
+  ...
+end
+```
+
+If you forget what you mapped the port to on the host container, use `docker port` to show it:
+
+```
+docker port CONTAINER $CONTAINERPORT
+```
+
+## Best Practices
+
+This is where general Docker best practices and war stories go:
+
+* [The Rabbit Hole of Using Docker in Automated Tests](http://gregoryszorc.com/blog/2014/10/16/the-rabbit-hole-of-using-docker-in-automated-tests/)
+* [Bridget Kromhout](https://twitter.com/bridgetkromhout) has a useful blog post on [running Docker in production](http://sysadvent.blogspot.co.uk/2014/12/day-1-docker-in-production-reality-not.html) at Dramafever.
+* There's also a best practices [blog post](http://developers.lyst.com/devops/2014/12/08/docker/) from Lyst.
+* [Building a Development Environment With Docker](https://tersesystems.com/2013/11/20/building-a-development-environment-with-docker/)
+* [Discourse in a Docker Container](https://samsaffron.com/archive/2013/11/07/discourse-in-a-docker-container)
+
+## Security
+
+This is where security tips about Docker go. The Docker [security](https://docs.docker.com/engine/security/security/) page goes into more detail.
+
+First things first: Docker runs as root. If you are in the `docker` group, you effectively [have root access](http://reventlov.com/advisories/using-the-docker-command-to-root-the-host). If you expose the docker unix socket to a container, you are giving the container [root access to the host](https://www.lvh.io/posts/dont-expose-the-docker-socket-not-even-to-a-container.html).  
+
+Docker should not be your only defense. You should secure and harden it.
+
+For an understanding of what containers leave exposed, you should read [Understanding and Hardening Linux Containers](https://www.nccgroup.trust/globalassets/our-research/us/whitepapers/2016/april/ncc_group_understanding_hardening_linux_containers-1-1.pdf) by [Aaron Grattafiori](https://twitter.com/dyn___). This is a complete and comprehensive guide to the issues involved with containers, with a plethora of links and footnotes leading on to yet more useful content. The security tips following are useful if you've already hardened containers in the past, but are not a substitute for understanding.
+
+### Security Tips
+
+For greatest security, you want to run Docker inside a virtual machine. This is straight from the Docker Security Team Lead -- [slides](http://www.slideshare.net/jpetazzo/linux-containers-lxc-docker-and-security) / [notes](http://www.projectatomic.io/blog/2014/08/is-it-safe-a-look-at-docker-and-security-from-linuxcon/). Then, run with AppArmor / seccomp / SELinux / grsec etc to [limit the container permissions](http://linux-audit.com/docker-security-best-practices-for-your-vessel-and-containers/). See the [Docker 1.10 security features](https://blog.docker.com/2016/02/docker-engine-1-10-security/) for more details.
+
+Docker image ids are [sensitive information](https://medium.com/@quayio/your-docker-image-ids-are-secrets-and-its-time-you-treated-them-that-way-f55e9f14c1a4) and should not be exposed to the outside world. Treat them like passwords.
+
+See the [Docker Security Cheat Sheet](https://github.com/konstruktoid/Docker/blob/master/Security/CheatSheet.adoc) by [Thomas Sjögren](https://github.com/konstruktoid): some good stuff about container hardening in there.
+
+Check out the [docker bench security script](https://github.com/docker/docker-bench-security), download the [white papers](https://blog.docker.com/2015/05/understanding-docker-security-and-best-practices/) and subscribe to the [mailing lists](https://www.docker.com/docker-security) (unfortunately Docker does not have a unique mailing list, only dev / user).
+
+You should start off by using a kernel with unstable patches for grsecurity / pax compiled in, such as [Alpine Linux](https://en.wikipedia.org/wiki/Alpine_Linux). If you are using grsecurity in production, you should spring for [commercial support](https://grsecurity.net/business_support.php) for the [stable patches](https://grsecurity.net/announce.php), same as you would do for RedHat. It's $200 a month, which is nothing to your devops budget.
+
+Since docker 1.11 you can easily limit the number of active processes running inside a container to prevent fork bombs. This requires a linux kernel >= 4.3 with CGROUP_PIDS=y to be in the kernel configuration.
+
+```
+docker run --pids-limit=64
+```
+
+Also available since docker 1.11 is the ability to prevent processes from gaining new privileges. This feature have been in the linux kernel since version 3.5. You can read more about it in [this](http://www.projectatomic.io/blog/2016/03/no-new-privs-docker/) blog post.
+
+```
+docker run --security-opt=no-new-privileges
+```
+
+From the [Docker Security Cheat Sheet](http://container-solutions.com/content/uploads/2015/06/15.06.15_DockerCheatSheet_A2.pdf) (it's in PDF which makes it hard to use, so copying below) by [Container Solutions](http://container-solutions.com/is-docker-safe-for-production/):
+
+Turn off interprocess communication with:
+
+```
+docker -d --icc=false --iptables
+```
+
+Set the container to be read-only:
+
+```
+docker run --read-only
+```
+
+Verify images with a hashsum:
+
+```
+docker pull debian@sha256:a25306f3850e1bd44541976aa7b5fd0a29be
+```
+
+Set volumes to be read only:
+
+```
+docker run -v $(pwd)/secrets:/secrets:ro debian
+```
+
+Define and run a user in your Dockerfile so you don't run as root inside the container:
+
+```
+RUN groupadd -r user && useradd -r -g user user
+USER user
+```
+
+### User Namespaces
+
+There's also work on [user namespaces](https://s3hh.wordpress.com/2013/07/19/creating-and-using-containers-without-privilege/) -- it is in 1.10 but is not enabled by default.
+
+To enable user namespaces ("remap the userns") in Ubuntu 15.10, [follow the blog example](https://raesene.github.io/blog/2016/02/04/Docker-User-Namespaces/).
+
+### Security Videos
+
+* [Using Docker Safely](https://youtu.be/04LOuMgNj9U)
+* [Securing your applications using Docker](https://youtu.be/KmxOXmPhZbk)
+* [Container security: Do containers actually contain?](https://youtu.be/a9lE9Urr6AQ)
+* [Linux Containers: Future or Fantasy?](https://www.youtube.com/watch?v=iN6QbszB1R8)
+
+### Security Roadmap
+
+The Docker roadmap talks about [seccomp support](https://github.com/docker/docker/blob/master/ROADMAP.md#11-security).
+There is an AppArmor policy generator called [bane](https://github.com/jfrazelle/bane), and they're working on [security profiles](https://github.com/docker/docker/issues/17142).
+
+## Tips
+
+Sources:
+
+* [15 Docker Tips in 5 minutes](http://sssslide.com/speakerdeck.com/bmorearty/15-docker-tips-in-5-minutes)
+* [CodeFresh Everyday Hacks Docker](https://codefresh.io/blog/everyday-hacks-docker/)
+
+### Prune
+
+The new [Data Management Commands](https://github.com/docker/docker/pull/26108) have landed as of Docker 1.13:
+
+* `docker system prune`
+* `docker volume prune`
+* `docker network prune`
+* `docker container prune`
+* `docker image prune`
+
+### df 
+
+`docker system df` presents a summary of the space currently used by different docker objects.
+
+### Heredoc Docker Container
+
+```
+docker build -t htop - << EOF
+FROM alpine
+RUN apk --no-cache add htop
+EOF
+```
+
+### Last Ids
+
+```
+alias dl='docker ps -l -q'
+docker run ubuntu echo hello world
+docker commit $(dl) helloworld
+```
+
+### Commit with command (needs Dockerfile)
+
+```
+docker commit -run='{"Cmd":["postgres", "-too -many -opts"]}' $(dl) postgres
+```
+
+### Get IP address
+
+```
+docker inspect $(dl) | grep -wm1 IPAddress | cut -d '"' -f 4
+```
+
+or install [jq](https://stedolan.github.io/jq/):
+
+```
+docker inspect $(dl) | jq -r '.[0].NetworkSettings.IPAddress'
+```
+
+or using a [go template](https://docs.docker.com/engine/reference/commandline/inspect):
+
+```
+docker inspect -f '{{ .NetworkSettings.IPAddress }}' <container_name>
+```
+
+or when building an image from Dockerfile, when you want to pass in a build argument:
+
+```
+DOCKER_HOST_IP=`ifconfig | grep -E "([0-9]{1,3}\.){3}[0-9]{1,3}" | grep -v 127.0.0.1 | awk '{ print $2 }' | cut -f2 -d: | head -n1`
+echo DOCKER_HOST_IP = $DOCKER_HOST_IP
+docker build \
+  --build-arg ARTIFACTORY_ADDRESS=$DOCKER_HOST_IP 
+  -t sometag \
+  some-directory/
+ ```
+
+### Get port mapping
+
+```
+docker inspect -f '{{range $p, $conf := .NetworkSettings.Ports}} {{$p}} -> {{(index $conf 0).HostPort}} {{end}}' <containername>
+```
+
+### Find containers by regular expression
+
+```
+for i in $(docker ps -a | grep "REGEXP_PATTERN" | cut -f1 -d" "); do echo $i; done
+```
+
+### Get Environment Settings
+
+```
+docker run --rm ubuntu env
+```
+
+### Kill running containers
+
+```
+docker kill $(docker ps -q)
+```
+
+### Delete all containers (force!! running or stopped containers)
+
+```
+docker rm -f $(docker ps -qa)
+```
+
+### Delete old containers
+
+```
+docker ps -a | grep 'weeks ago' | awk '{print $1}' | xargs docker rm
+```
+
+### Delete stopped containers
+
+```
+docker rm -v $(docker ps -a -q -f status=exited)
+```
+
+### Delete containers after stopping
+
+```
+docker stop $(docker ps -aq) && docker rm -v $(docker ps -aq)
+```
+
+### Delete dangling images
+
+```
+docker rmi $(docker images -q -f dangling=true)
+```
+
+### Delete all images
+
+```
+docker rmi $(docker images -q)
+```
+
+### Delete dangling volumes
+
+As of Docker 1.9:
+
+```
+docker volume rm $(docker volume ls -q -f dangling=true)
+```
+
+In 1.9.0, the filter `dangling=false` does _not_ work - it is ignored and will list all volumes.
+
+### Show image dependencies
+
+```
+docker images -viz | dot -Tpng -o docker.png
+```
+
+### Slimming down Docker containers
+
+- Cleaning APT in a RUN layer
+
+This should be done in the same layer as other apt commands.
+Otherwise, the previous layers still persist the original information and your images will still be fat.
+
+```
+RUN {apt commands} \
+ && apt-get clean \
+ && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
+```
+
+- Flatten an image
+```
+ID=$(docker run -d image-name /bin/bash)
+docker export $ID | docker import – flat-image-name
+```
+
+- For backup
+```
+ID=$(docker run -d image-name /bin/bash)
+(docker export $ID | gzip -c > image.tgz)
+gzip -dc image.tgz | docker import - flat-image-name
+```
+
+### Monitor system resource utilization for running containers
+
+To check the CPU, memory, and network I/O usage of a single container, you can use:
+
+```
+docker stats <container>
+```
+
+For all containers listed by id:
+
+```
+docker stats $(docker ps -q)
+```
+
+For all containers listed by name:
+
+```
+docker stats $(docker ps --format '{{.Names}}')
+```
+
+For all containers listed by image:
+
+```
+docker ps -a -f ancestor=ubuntu
+```
+
+Remove all untagged images
+```
+docker rmi $(docker images | grep “^” | awk '{split($0,a," "); print a[3]}')
+```
+
+Remove container by a regular expression
+```
+docker ps -a | grep wildfly | awk '{print $1}' | xargs docker rm -f
+```
+Remove all exited containers
+```
+docker rm -f $(docker ps -a | grep Exit | awk '{ print $1 }')
+```
+
+### Volumes can be files
+
+Be aware that you can mount files as volumes. For example you can inject a configuration file like this:
+
+``` bash
+# copy file from container
+docker run --rm httpd cat /usr/local/apache2/conf/httpd.conf > httpd.conf
+
+# edit file
+vim httpd.conf
+
+# start container with modified configuration
+docker run --rm -ti -v "$PWD/httpd.conf:/usr/local/apache2/conf/httpd.conf:ro" -p "80:80" httpd
diff --git a/notes/cheat-sheets/tmux-cheat-sheet.md b/notes/cheat-sheets/tmux-cheat-sheet.md
new file mode 100644
index 00000000..6738f584
--- /dev/null
+++ b/notes/cheat-sheets/tmux-cheat-sheet.md
@@ -0,0 +1,188 @@
+# tmux shortcuts & cheatsheet
+
+source: <https://gist.githubusercontent.com/MohamedAlaa/2961058/raw/ddf157a0d7b1674a2190a80e126f2e6aec54f369/tmux-cheatsheet.markdown>
+
+start new:
+
+    tmux
+
+start new with session name:
+
+    tmux new -s myname
+
+attach:
+
+    tmux a  #  (or at, or attach)
+
+attach to named:
+
+    tmux a -t myname
+
+list sessions:
+
+    tmux ls
+
+<a name="killSessions"></a>kill session:
+
+    tmux kill-session -t myname
+
+<a name="killAllSessions"></a>Kill all the tmux sessions:
+
+    tmux ls | grep : | cut -d. -f1 | awk '{print substr($1, 0, length($1)-1)}' | xargs kill
+
+In tmux, hit the prefix `ctrl+b` (my modified prefix is ctrl+a) and then:
+
+## Sessions
+
+    :new<CR>  new session
+    s  list sessions
+    $  name session
+
+## <a name="WindowsTabs"></a>Windows (tabs)
+
+    c  create window
+    w  list windows
+    n  next window
+    p  previous window
+    f  find window
+    ,  name window
+    &  kill window
+
+## <a name="PanesSplits"></a>Panes (splits) 
+
+    %  vertical split
+    "  horizontal split
+    
+    o  swap panes
+    q  show pane numbers
+    x  kill pane
+    +  break pane into window (e.g. to select text by mouse to copy)
+    -  restore pane from window
+    ⍽  space - toggle between layouts
+    <prefix> q (Show pane numbers, when the numbers show up type the key to goto that pane)
+    <prefix> { (Move the current pane left)
+    <prefix> } (Move the current pane right)
+    <prefix> z toggle pane zoom
+
+## <a name="syncPanes"></a>Sync Panes 
+
+You can do this by switching to the appropriate window, typing your Tmux prefix (commonly Ctrl-B or Ctrl-A) and then a colon to bring up a Tmux command line, and typing:
+
+```
+:setw synchronize-panes
+```
+
+You can optionally add on or off to specify which state you want; otherwise the option is simply toggled. This option is specific to one window, so it won’t change the way your other sessions or windows operate. When you’re done, toggle it off again by repeating the command. [tip source](http://blog.sanctum.geek.nz/sync-tmux-panes/)
+
+
+## Resizing Panes
+
+You can also resize panes if you don’t like the layout defaults. I personally rarely need to do this, though it’s handy to know how. Here is the basic syntax to resize panes:
+
+    PREFIX : resize-pane -D (Resizes the current pane down)
+    PREFIX : resize-pane -U (Resizes the current pane upward)
+    PREFIX : resize-pane -L (Resizes the current pane left)
+    PREFIX : resize-pane -R (Resizes the current pane right)
+    PREFIX : resize-pane -D 20 (Resizes the current pane down by 20 cells)
+    PREFIX : resize-pane -U 20 (Resizes the current pane upward by 20 cells)
+    PREFIX : resize-pane -L 20 (Resizes the current pane left by 20 cells)
+    PREFIX : resize-pane -R 20 (Resizes the current pane right by 20 cells)
+    PREFIX : resize-pane -t 2 20 (Resizes the pane with the id of 2 down by 20 cells)
+    PREFIX : resize-pane -t -L 20 (Resizes the pane with the id of 2 left by 20 cells)
+    
+    
+## Copy mode:
+
+Pressing PREFIX [ places us in Copy mode. We can then use our movement keys to move our cursor around the screen. By default, the arrow keys work. we set our configuration file to use Vim keys for moving between windows and resizing panes so we wouldn’t have to take our hands off the home row. tmux has a vi mode for working with the buffer as well. To enable it, add this line to .tmux.conf:
+
+    setw -g mode-keys vi
+
+With this option set, we can use h, j, k, and l to move around our buffer.
+
+To get out of Copy mode, we just press the ENTER key. Moving around one character at a time isn’t very efficient. Since we enabled vi mode, we can also use some other visible shortcuts to move around the buffer.
+
+For example, we can use "w" to jump to the next word and "b" to jump back one word. And we can use "f", followed by any character, to jump to that character on the same line, and "F" to jump backwards on the line.
+
+       Function                vi             emacs
+       Back to indentation     ^              M-m
+       Clear selection         Escape         C-g
+       Copy selection          Enter          M-w
+       Cursor down             j              Down
+       Cursor left             h              Left
+       Cursor right            l              Right
+       Cursor to bottom line   L
+       Cursor to middle line   M              M-r
+       Cursor to top line      H              M-R
+       Cursor up               k              Up
+       Delete entire line      d              C-u
+       Delete to end of line   D              C-k
+       End of line             $              C-e
+       Goto line               :              g
+       Half page down          C-d            M-Down
+       Half page up            C-u            M-Up
+       Next page               C-f            Page down
+       Next word               w              M-f
+       Paste buffer            p              C-y
+       Previous page           C-b            Page up
+       Previous word           b              M-b
+       Quit mode               q              Escape
+       Scroll down             C-Down or J    C-Down
+       Scroll up               C-Up or K      C-Up
+       Search again            n              n
+       Search backward         ?              C-r
+       Search forward          /              C-s
+       Start of line           0              C-a
+       Start selection         Space          C-Space
+       Transpose chars                        C-t
+
+## Misc
+
+    d  detach
+    t  big clock
+    ?  list shortcuts
+    :  prompt
+
+## Configurations Options:
+
+    # Mouse support - set to on if you want to use the mouse
+    * setw -g mode-mouse off
+    * set -g mouse-select-pane off
+    * set -g mouse-resize-pane off
+    * set -g mouse-select-window off
+
+    # Set the default terminal mode to 256color mode
+    set -g default-terminal "screen-256color"
+
+    # enable activity alerts
+    setw -g monitor-activity on
+    set -g visual-activity on
+
+    # Center the window list
+    set -g status-justify centre
+
+    # Maximize and restore a pane
+    unbind Up bind Up new-window -d -n tmp \; swap-pane -s tmp.1 \; select-window -t tmp
+    unbind Down
+    bind Down last-window \; swap-pane -s tmp.1 \; kill-window -t tmp
+
+## Resources:
+
+* [tmux: Productive Mouse-Free Development](http://pragprog.com/book/bhtmux/tmux)
+* [How to reorder windows](http://superuser.com/questions/343572/tmux-how-do-i-reorder-my-windows)
+
+## Notes:
+
+* 
+
+## Changelog:
+
+* 1411143833002 - Added [toggle zoom](#PanesSplits) under Panes (splits) section.
+* 1411143833002 - [Added Sync Panes](#syncPanes)
+* 1414276652677 - [Added Kill all tmux sessions ](#killAllSessions)
+* 1438585211173 - [corrected create and add next and previus thanks to @justinjhendrick](#WindowsTabs)
+ 
+## Request an Update:
+
+We Noticed that our Cheatsheet is growing and people are coloberating to add new tips and tricks, so please tweet to me what would you like to add and let's make it better!
+
+* Twitter: [@MohammedAlaa](http://twitter.com/MohammedAlaa)