Docker Handbook
Search…
Docker cheat sheet

Check Version

Containers

Lifecycle

Starting and Stopping

​

CPU Constraints
You can limit CPU, either using a percentage of all CPUs, or by using specific cores.
For example, you can tell the cpu-shares setting. The setting is a bit strange -- 1024 means 100% of the CPU, so if you want the container to take 50% of all CPU cores, you should specify 512:
1
docker run -it -c 512 agileek/cpuset-test
Copied!
You can also only use some CPU cores using cpuset-cpus:
1
docker run -it --cpuset-cpus=0,4,6 agileek/cpuset-test
Copied!
Note that Docker can still see all of the CPUs inside the container -- it just isn't using all of them.
Memory Constraints
You can also set memory constraints on Docker:
1
docker run -it -m 300M ubuntu:14.04 /bin/bash
Copied!

Info

  • ​docker ps shows running containers.
  • ​docker logs gets logs from container.
  • ​docker inspect looks at all the info on a container (including IP address).
  • ​docker events gets events from container.
  • ​docker port shows public facing port of container.
  • ​docker top shows running processes in container.
  • ​docker stats shows containers' resource usage statistics.
  • ​docker diff shows changed files in the container's FS.

Import / Export

  • ​docker cp copies files or folders between a container and the local filesystem.
  • ​docker export turns container filesystem into tarball archive stream to STDOUT.

Import/Export container

Import a container as an image from file:
1
cat my_container.tar.gz | docker import - my_image:my_tag
Copied!
Export an existing container:
1
docker export my_container | gzip > my_container.tar.gz
Copied!

Executing Commands

Images

Lifecycle

  • ​docker images shows all images.
  • ​docker import creates an image from a tarball.
  • ​docker build creates image from Dockerfile.
  • ​docker commit creates image from a container, pausing it temporarily if it is running.
  • ​docker rmi removes an image.
  • ​docker load loads an image from a tar archive as STDIN, including images and tags (as of 0.7).
  • ​docker save saves an image to a tar archive stream to STDOUT with all parent layers, tags & versions (as of 0.7).

Info

Load/Save image

Load an image from file:
1
docker load < my_image.tar.gz
Copied!
Save an existing image:
1
docker save my_image:my_tag | gzip > my_image.tar.gz
Copied!

Dockerfile

Instructions

  • ​.dockerignore​
  • ​FROM Sets the Base Image for subsequent instructions.
  • ​MAINTAINER (deprecated - use LABEL instead) Set the Author field of the generated images.
  • ​RUN execute any commands in a new layer on top of the current image and commit the results.
  • ​CMD provide defaults for an executing container.
  • ​EXPOSE informs Docker that the container listens on the specified network ports at runtime. NOTE: does not actually make ports accessible.
  • ​ENV sets environment variable.
  • ​ADD copies new files, directories or remote file to container. Invalidates caches. Avoid ADD and use COPY instead.
  • ​COPY copies new files or directories to container. By default this copies as root regardless of the USER/WORKDIR settings. Use --chown=<user>:<group> to give ownership to another user/group. (Same for ADD.)
  • ​ENTRYPOINT configures a container that will run as an executable.
  • ​VOLUME creates a mount point for externally mounted volumes or other containers.
  • ​USER sets the user name for following RUN / CMD / ENTRYPOINT commands.
  • ​WORKDIR sets the working directory.
  • ​ARG defines a build-time variable.
  • ​ONBUILD adds a trigger instruction when the image is used as the base for another build.
  • ​STOPSIGNAL sets the system call signal that will be sent to the container to exit.
  • ​LABEL apply key/value metadata to your images, containers, or daemons.
  • ​SHELL override default shell is used by docker to run commands.
  • ​HEALTHCHECK tells docker how to test a container to check that it is still working.

Registry & Repository

Volumes

Lifecycle

Info

Networks

Lifecycle

  • ​docker network create NAME Create a new network (default type: bridge).
  • ​docker network rm NAME Remove one or more networks by name or identifier. No containers can be connected to the network when deleting it.

Info

Connection

.
.
.
------
​