Validate Docker service health, pull a known image, run a test web container with port mapping, verify it responds, inspect logs, exec into the container for inspection, then cleanly remove the container and image.
Ops ticket: “Validate Docker is running, launch a test web
container, verify it works, inspect logs, exec into it, then
clean up all resources.” You will use a known image
(nginx:latest) to keep the workflow reproducible.
Treat this like a production smoke test. Prove daemon health first, then prove client-to-daemon connectivity, then prove the workload is reachable and observable before cleanup.
systemctl is-active.
docker version.
nginx:latest to ensure the image is present.
web1 and publish
8080:80.
http://localhost:8080.
-p host:container) exposes a
container service to the host network namespace.
systemctl is-active docker
This confirms the daemon is running. If this returns anything
other than active, fix service health before
attempting container operations.
activedocker versionThis provides a quick client/server connectivity check. It also gives you version evidence that helps when debugging API mismatches or expected feature behavior.
# Example output (condensed):
Client: Docker Engine - Community
Version: 24.0.7
API version: 1.43
Server: Docker Engine - Community
Engine:
Version: 24.0.7
API version: 1.43 (minimum version 1.12)docker pull nginx:latestPulling explicitly avoids “it worked on my box” issues and provides evidence that the image exists locally. It also proves network access to the configured registry.
# Example output (condensed):
latest: Pulling from library/nginx
Digest: sha256:...
Status: Downloaded newer image for nginx:latest
docker.io/library/nginx:latestdocker run -d --name web1 -p 8080:80 nginx:latest
-d runs the container in the background,
--name gives a stable handle for logs and exec,
and -p 8080:80 publishes container port 80 on
host port 8080.
# Container ID returned:
9f2c3b0a1d2e3f4a5b6c7d8e9f00112233445566778899aabbccddeeff0011docker psThis is the basic ops check. Confirm name, status, and that the port mapping exists as expected.
CONTAINER ID IMAGE COMMAND STATUS PORTS NAMES
9f2c3b0a1d2e nginx:latest "/docker-entrypoint…" Up 5 seconds 0.0.0.0:8080->80/tcp web1curl -I http://localhost:8080A successful HTTP response proves the container is reachable through the published port and the process inside is serving traffic.
HTTP/1.1 200 OK
Server: nginx/1.25.x
Content-Type: text/htmldocker logs --tail 5 web1Logs confirm the request hit the container. This is often enough to distinguish “network path problem” from “service inside container problem.”
127.0.0.1 - - [10/Feb/2026:23:00:00 +0000] "HEAD / HTTP/1.1" 200 0 "-" "curl/7.88.1"docker exec -it web1 ls -l /etc/nginx
docker exec runs a command inside the container
context. This is the fastest way to validate filesystem and
config state without building a new image.
total 12
-rw-r--r-- 1 root root 1007 Feb 10 22:59 nginx.conf
drwxr-xr-x 2 root root 4096 Feb 10 22:59 conf.d
drwxr-xr-x 2 root root 4096 Feb 10 22:59 modulesdocker rm -f web1
This is the cleanup step for runtime resources.
-f stops the container if needed, then removes
it.
web1docker rmi nginx:latestRemoving the image prevents disk bloat on training hosts and resets the lab back to a clean baseline.
Untagged: nginx:latest
Deleted: sha256:...
Fix service health first. Check
systemctl status docker and logs before assuming
the CLI is the problem.
The daemon is not running, socket permissions are wrong, or you are targeting the wrong context. Confirm service state and ensure you have the required privileges.
Confirm container is running and the port mapping exists via
docker ps. Also confirm no host firewall rules
or port conflicts are blocking 8080.
One or more containers still reference the image. Remove containers first, then retry image removal.
This lab includes cleanup as part of the workflow. Confirm the container is removed and the image no longer exists locally.
docker ps
docker images | grep nginx || true
web1 is gone from running containers and
nginx:latest is not present in local images.
systemctl is-active docker
: Check Docker service state.
docker version
: Confirm client and daemon connectivity and versions.
docker pull <image:tag>
: Download an image to the local host.
docker run -d --name <name> -p <host>:<container> <image>
: Run a container in detached mode with a name and port mapping.
docker ps
: List running containers.
docker logs --tail <n> <container>
: Show the last N log lines for a container.
docker exec -it <container> <cmd>
: Run a command inside a running container.
docker rm -f <container>
: Stop and remove a container.
-f
: Force stop then remove.
docker rmi <image:tag>
: Remove a local image.
curl -I <url>
: Fetch HTTP headers to validate service response.