Docker cheat sheet

Docker Handbook

Search…

Docker Handbook

Introduction

Basic Concepts

Containerization History

Docker Containers

Docker Images

Docker Storage and volumes

Docker Compose cheat sheet

Docker cheat sheet

Check Version
 docker version shows which version of docker you have running.
Containers
Lifecycle
​docker create creates a container but does not start it.
​docker rename allows the container to be renamed.
​docker run creates and starts a container in one operation.
​docker rm deletes a container.
​docker update updates a container's resource limits.
Starting and Stopping
​docker start starts a container so it is running.
​docker stop stops a running container.
​docker restart stops and starts a container.
​docker pause pauses a running container, "freezing" it in place.
​docker unpause will unpause a running container.
​docker wait blocks until running container stops.
​docker kill sends a SIGKILL to a running container.
​docker attach will connect to a running container.
​
CPU Constraints
You can limit CPU, either using a percentage of all CPUs, or by using specific cores.
For example, you can tell the cpu-shares setting. The setting is a bit strange -- 1024 means 100% of the CPU, so if you want the container to take 50% of all CPU cores, you should specify 512:
1
docker run -it -c 512 agileek/cpuset-test
Copied!
You can also only use some CPU cores using cpuset-cpus:
1
docker run -it --cpuset-cpus=0,4,6 agileek/cpuset-test
Copied!
Note that Docker can still see all of the CPUs inside the container -- it just isn't using all of them. 
Memory Constraints
You can also set memory constraints on Docker:
1
docker run -it -m 300M ubuntu:14.04 /bin/bash
Copied!
Info
​docker ps shows running containers.
​docker logs gets logs from container.
​docker inspect looks at all the info on a container (including IP address).
​docker events gets events from container.
​docker port shows public facing port of container.
​docker top shows running processes in container.
​docker stats shows containers' resource usage statistics.
​docker diff shows changed files in the container's FS.
Import / Export
​docker cp copies files or folders between a container and the local filesystem.
​docker export turns container filesystem into tarball archive stream to STDOUT.
Import/Export container
Import a container as an image from file:
1
cat my_container.tar.gz | docker import - my_image:my_tag
Copied!
Export an existing container:
1
docker export my_container | gzip > my_container.tar.gz
Copied!
Executing Commands
​docker exec to execute a command in container.
Images
Lifecycle
​docker images shows all images.
​docker import creates an image from a tarball.
​docker build creates image from Dockerfile.
​docker commit creates image from a container, pausing it temporarily if it is running.
​docker rmi removes an image.
​docker load loads an image from a tar archive as STDIN, including images and tags (as of 0.7).
​docker save saves an image to a tar archive stream to STDOUT with all parent layers, tags & versions (as of 0.7).
Info
​docker history shows history of image.
​docker tag tags an image to a name (local or registry).
Load/Save image
Load an image from file:
1
docker load < my_image.tar.gz
Copied!
Save an existing image:
1
docker save my_image:my_tag | gzip > my_image.tar.gz
Copied!
Dockerfile
Instructions
​.dockerignore​
​FROM Sets the Base Image for subsequent instructions.
​MAINTAINER (deprecated - use LABEL instead) Set the Author field of the generated images.
​RUN execute any commands in a new layer on top of the current image and commit the results.
​CMD provide defaults for an executing container.
​EXPOSE informs Docker that the container listens on the specified network ports at runtime. NOTE: does not actually make ports accessible.
​ENV sets environment variable.
​ADD copies new files, directories or remote file to container. Invalidates caches. Avoid ADD and use COPY instead.
​COPY copies new files or directories to container. By default this copies as root regardless of the USER/WORKDIR settings. Use --chown=<user>:<group> to give ownership to another user/group. (Same for ADD.)
​ENTRYPOINT configures a container that will run as an executable.
​VOLUME creates a mount point for externally mounted volumes or other containers.
​USER sets the user name for following RUN / CMD / ENTRYPOINT commands.
​WORKDIR sets the working directory.
​ARG defines a build-time variable.
​ONBUILD adds a trigger instruction when the image is used as the base for another build.
​STOPSIGNAL sets the system call signal that will be sent to the container to exit.
​LABEL apply key/value metadata to your images, containers, or daemons.
​SHELL override default shell is used by docker to run commands.
​HEALTHCHECK tells docker how to test a container to check that it is still working.
Registry & Repository
​docker login to login to a registry.
​docker logout to logout from a registry.
​docker search searches registry for image.
​docker pull pulls an image from registry to local machine.
​docker push pushes an image to the registry from local machine.
Volumes
Lifecycle
​docker volume create​
​docker volume rm​
Info
​docker volume ls​
​docker volume inspect​
Networks
Lifecycle
​docker network create NAME Create a new network (default type: bridge).
​docker network rm NAME Remove one or more networks by name or identifier. No containers can be connected to the network when deleting it.
Info
​docker network ls List networks
​docker network inspect NAME Display detailed information on one or more networks.
Connection
​docker network connect NETWORK CONTAINER Connect a container to a network
​docker network disconnect NETWORK CONTAINER Disconnect a container from a network
.
.
.
------
​https://github.com/wsargent/docker-cheat-sheet#dockerfile​
​