docker version shows which version of docker you have running.
docker create creates a container but does not start it.
docker rename allows the container to be renamed.
docker run creates and starts a container in one operation.
docker rm deletes a container.
docker update updates a container's resource limits.
docker start starts a container so it is running.
docker stop stops a running container.
docker restart stops and starts a container.
docker pause pauses a running container, "freezing" it in place.
docker unpause will unpause a running container.
docker wait blocks until running container stops.
docker kill sends a SIGKILL to a running container.
docker attach will connect to a running container.
You can limit CPU, either using a percentage of all CPUs, or by using specific cores.
For example, you can tell the
cpu-shares setting. The setting is a bit strange -- 1024 means 100% of the CPU, so if you want the container to take 50% of all CPU cores, you should specify 512:
docker run -it -c 512 agileek/cpuset-test
You can also only use some CPU cores using
docker run -it --cpuset-cpus=0,4,6 agileek/cpuset-test
Note that Docker can still see all of the CPUs inside the container -- it just isn't using all of them.
You can also set memory constraints on Docker:
docker run -it -m 300M ubuntu:14.04 /bin/bash
docker ps shows running containers.
docker logs gets logs from container.
docker inspect looks at all the info on a container (including IP address).
docker events gets events from container.
docker port shows public facing port of container.
docker top shows running processes in container.
docker stats shows containers' resource usage statistics.
docker diff shows changed files in the container's FS.
docker cp copies files or folders between a container and the local filesystem.
docker export turns container filesystem into tarball archive stream to STDOUT.
Import a container as an image from file:
cat my_container.tar.gz | docker import - my_image:my_tag
Export an existing container:
docker export my_container | gzip > my_container.tar.gz
docker exec to execute a command in container.
docker images shows all images.
docker import creates an image from a tarball.
docker build creates image from Dockerfile.
docker commit creates image from a container, pausing it temporarily if it is running.
docker rmi removes an image.
docker load loads an image from a tar archive as STDIN, including images and tags (as of 0.7).
docker save saves an image to a tar archive stream to STDOUT with all parent layers, tags & versions (as of 0.7).
Load an image from file:
docker load < my_image.tar.gz
Save an existing image:
docker save my_image:my_tag | gzip > my_image.tar.gz
FROM Sets the Base Image for subsequent instructions.
MAINTAINER (deprecated - use LABEL instead) Set the Author field of the generated images.
RUN execute any commands in a new layer on top of the current image and commit the results.
CMD provide defaults for an executing container.
EXPOSE informs Docker that the container listens on the specified network ports at runtime. NOTE: does not actually make ports accessible.
ENV sets environment variable.
ADD copies new files, directories or remote file to container. Invalidates caches. Avoid
ADD and use
COPY copies new files or directories to container. By default this copies as root regardless of the USER/WORKDIR settings. Use
--chown=<user>:<group> to give ownership to another user/group. (Same for
ENTRYPOINT configures a container that will run as an executable.
VOLUME creates a mount point for externally mounted volumes or other containers.
USER sets the user name for following RUN / CMD / ENTRYPOINT commands.
WORKDIR sets the working directory.
ARG defines a build-time variable.
ONBUILD adds a trigger instruction when the image is used as the base for another build.
STOPSIGNAL sets the system call signal that will be sent to the container to exit.
LABEL apply key/value metadata to your images, containers, or daemons.
SHELL override default shell is used by docker to run commands.
HEALTHCHECK tells docker how to test a container to check that it is still working.
docker login to login to a registry.
docker logout to logout from a registry.
docker search searches registry for image.
docker pull pulls an image from registry to local machine.
docker push pushes an image to the registry from local machine.
docker network create NAME Create a new network (default type: bridge).
docker network rm NAME Remove one or more networks by name or identifier. No containers can be connected to the network when deleting it.
docker network ls List networks
docker network inspect NAME Display detailed information on one or more networks.
docker network connect NETWORK CONTAINER Connect a container to a network
docker network disconnect NETWORK CONTAINER Disconnect a container from a network