Docker cheat sheet
see Docker Cheatsheet for fulllist
Containers
Lifecycle
docker create
creates a container but does not start it.docker rename
allows the container to be renamed.docker run
creates and starts a container in one operation.docker run -td container_id
run container in background and print container IDdocker run --log-driver=syslog
run container with custom log driverdocker run --name yourname docker_image
run container and assign with customed namedocker rm
deletes a container.docker rm -v
deletes a container + volumes associated with the container.docker update
updates a container’s resource limits.
Starting and Stopping
docker start
starts a container so it is running.docker stop
stops a running container.docker restart
stops and starts a container.docker pause
pauses a running container, “freezing” it in place.docker unpause
will unpause a running container.docker wait
blocks until running container stops.docker kill
sends a SIGKILL to a running container.docker attach
will connect to a running container.
Info
docker ps
shows running containers.docker logs
gets logs from container. (You can use a custom log driver, but logs is only available forjson-file
andjournald
in 1.10).docker inspect
looks at all the info on a container (including IP address).docker events
gets events from container.docker port
shows public facing port of container.docker top
shows running processes in container.docker stats
shows containers’ resource usage statistics.docker diff
shows changed files in the container’s FS.
docker ps -a
shows running and stopped containers.
docker stats --all
shows a list of all containers, default shows just running.
Import / Export
docker cp
copies files or folders between a container and the local filesystem.docker export
turns container filesystem into tarball archive stream to STDOUT.
Executing Commands
docker exec
to execute a command in container.
To enter a running container, attach a new shell process to a running container called foo, use: docker exec -it foo /bin/bash
.
Images
Images are just templates for docker containers.
Lifecycle
docker images
shows all images.docker import
creates an image from a tarball.docker build
creates image from Dockerfile.docker commit
creates image from a container, pausing it temporarily if it is running.docker rmi
removes an image.docker load
loads an image from a tar archive as STDIN, including images and tags (as of 0.7).docker save
saves an image to a tar archive stream to STDOUT with all parent layers, tags & versions (as of 0.7).
Info
docker history
shows history of image.docker tag
tags an image to a name (local or registry).
Checking Docker Version
- ‘docker version’ check what version of docker you have running
# Get the server version
docker version --format ''
Load/Save image
Load an image from file:
docker load < my_image.tar.gz
Save an existing image:
docker save my_image:my_tag | gzip > my_image.tar.gz
Import/Export container
Import a container as an image from file:
cat my_container.tar.gz | docker import - my_image:my_tag
Export an existing container:
docker export my_container | gzip > my_container.tar.gz
Difference between loading a saved image and importing an exported container as an image
Loading an image using the load
command creates a new image including its history.
Importing a container as an image using the import
command creates a new image excluding the history which results in a smaller image size compared to loading an image.
Networks
Lifecycle
Info
Connection
Registry & Repository
docker login
to login to a registry.docker logout
to logout from a registry.docker search
searches registry for image.docker pull
pulls an image from registry to local machine.docker push
pushes an image to the registry from local machine.
Run local registry
You can run a local registry by using the docker distribution project and looking at the local deploy instructions.
Dockerfile
The configuration file. Sets up a Docker container when you run docker build
on it. Vastly preferable to docker commit
.
Instructions
- .dockerignore
- FROM Sets the Base Image for subsequent instructions.
- MAINTAINER (deprecated - use LABEL instead) Set the Author field of the generated images.
- RUN execute any commands in a new layer on top of the current image and commit the results.
- CMD provide defaults for an executing container.
- EXPOSE informs Docker that the container listens on the specified network ports at runtime. NOTE: does not actually make ports accessible.
- ENV sets environment variable.
- ADD copies new files, directories or remote file to container. Invalidates caches. Avoid
ADD
and useCOPY
instead. - COPY copies new files or directories to container. By default this copies as root regardless of the USER/WORKDIR settings. Use
--chown=<user>:<group>
to give ownership to another user/group. (Same forADD
.) - ENTRYPOINT configures a container that will run as an executable.
- VOLUME creates a mount point for externally mounted volumes or other containers.
- USER sets the user name for following RUN / CMD / ENTRYPOINT commands.
- WORKDIR sets the working directory.
- ARG defines a build-time variable.
- ONBUILD adds a trigger instruction when the image is used as the base for another build.
- STOPSIGNAL sets the system call signal that will be sent to the container to exit.
- LABEL apply key/value metadata to your images, containers, or daemons.
Tutorial
Examples
- Examples
- Best practices for writing Dockerfiles
- Michael Crosby has some more Dockerfiles best practices / take 2.
- Building Good Docker Images / Building Better Docker Images
- Managing Container Configuration with Metadata
- How to write excellent Dockerfiles
Volumes
Lifecycle
Info
Best Practices
This is where general Docker best practices and war stories go:
- The Rabbit Hole of Using Docker in Automated Tests
- Bridget Kromhout has a useful blog post on running Docker in production at Dramafever.
- There’s also a best practices blog post from Lyst.
- Building a Development Environment With Docker
- Discourse in a Docker Container
Tips
Sources:
Leave a comment