Docker cheat sheet

Check Version

docker version shows which version of docker you have running.

Containers

Lifecycle

docker create creates a container but does not start it.
docker rename allows the container to be renamed.
docker run creates and starts a container in one operation.
docker rm deletes a container.
docker update updates a container's resource limits.

Starting and Stopping

docker start starts a container so it is running.
docker stop stops a running container.
docker restart stops and starts a container.
docker pause pauses a running container, "freezing" it in place.
docker unpause will unpause a running container.
docker wait blocks until running container stops.
docker kill sends a SIGKILL to a running container.
docker attach will connect to a running container.

CPU Constraints

You can limit CPU, either using a percentage of all CPUs, or by using specific cores.

For example, you can tell the cpu-shares setting. The setting is a bit strange -- 1024 means 100% of the CPU, so if you want the container to take 50% of all CPU cores, you should specify 512:

docker run -it -c 512 agileek/cpuset-test

You can also only use some CPU cores using cpuset-cpus:

docker run -it --cpuset-cpus=0,4,6 agileek/cpuset-test

Note that Docker can still see all of the CPUs inside the container -- it just isn't using all of them.

Memory Constraints

You can also set memory constraints on Docker:

docker run -it -m 300M ubuntu:14.04 /bin/bash

Info

docker ps shows running containers.
docker logs gets logs from container.
docker inspect looks at all the info on a container (including IP address).
docker events gets events from container.
docker port shows public facing port of container.
docker top shows running processes in container.
docker stats shows containers' resource usage statistics.
docker diff shows changed files in the container's FS.

Import / Export

docker cp copies files or folders between a container and the local filesystem.
docker export turns container filesystem into tarball archive stream to STDOUT.

Import/Export container

Import a container as an image from file:

cat my_container.tar.gz | docker import - my_image:my_tag

Export an existing container:

docker export my_container | gzip > my_container.tar.gz

Executing Commands

docker exec to execute a command in container.

Images

Lifecycle

docker images shows all images.
docker import creates an image from a tarball.
docker build creates image from Dockerfile.
docker commit creates image from a container, pausing it temporarily if it is running.
docker rmi removes an image.
docker load loads an image from a tar archive as STDIN, including images and tags (as of 0.7).
docker save saves an image to a tar archive stream to STDOUT with all parent layers, tags & versions (as of 0.7).

Info

docker history shows history of image.
docker tag tags an image to a name (local or registry).

Load/Save image

Load an image from file:

docker load < my_image.tar.gz

Save an existing image:

docker save my_image:my_tag | gzip > my_image.tar.gz

Dockerfile

Instructions

.dockerignore
FROM Sets the Base Image for subsequent instructions.
MAINTAINER (deprecated - use LABEL instead) Set the Author field of the generated images.
RUN execute any commands in a new layer on top of the current image and commit the results.
CMD provide defaults for an executing container.
EXPOSE informs Docker that the container listens on the specified network ports at runtime. NOTE: does not actually make ports accessible.
ENV sets environment variable.
ADD copies new files, directories or remote file to container. Invalidates caches. Avoid ADD and use COPY instead.
COPY copies new files or directories to container. By default this copies as root regardless of the USER/WORKDIR settings. Use --chown=<user>:<group> to give ownership to another user/group. (Same for ADD.)
ENTRYPOINT configures a container that will run as an executable.
VOLUME creates a mount point for externally mounted volumes or other containers.
USER sets the user name for following RUN / CMD / ENTRYPOINT commands.
WORKDIR sets the working directory.
ARG defines a build-time variable.
ONBUILD adds a trigger instruction when the image is used as the base for another build.
STOPSIGNAL sets the system call signal that will be sent to the container to exit.
LABEL apply key/value metadata to your images, containers, or daemons.
SHELL override default shell is used by docker to run commands.
HEALTHCHECK tells docker how to test a container to check that it is still working.

Registry & Repository

docker login to login to a registry.
docker logout to logout from a registry.
docker search searches registry for image.
docker pull pulls an image from registry to local machine.
docker push pushes an image to the registry from local machine.

Volumes

Lifecycle

Info

Networks

Lifecycle

docker network create NAME Create a new network (default type: bridge).
docker network rm NAME Remove one or more networks by name or identifier. No containers can be connected to the network when deleting it.

Info

docker network ls List networks
docker network inspect NAME Display detailed information on one or more networks.

Connection

docker network connect NETWORK CONTAINER Connect a container to a network
docker network disconnect NETWORK CONTAINER Disconnect a container from a network

------

https://github.com/wsargent/docker-cheat-sheet#dockerfile

PreviousDocker Compose NextDocker Compose cheat sheet

Last updated 5 years ago

Was this helpful?