Docker cheat sheet
see Docker Cheatsheet for fulllist
Containers
Lifecycle
docker createcreates a container but does not start it.docker renameallows the container to be renamed.docker runcreates and starts a container in one operation.docker run -td container_idrun container in background and print container IDdocker run --log-driver=syslogrun container with custom log driverdocker run --name yourname docker_imagerun container and assign with customed namedocker rmdeletes a container.docker rm -vdeletes a container + volumes associated with the container.docker updateupdates a container’s resource limits.
Starting and Stopping
docker startstarts a container so it is running.docker stopstops a running container.docker restartstops and starts a container.docker pausepauses a running container, “freezing” it in place.docker unpausewill unpause a running container.docker waitblocks until running container stops.docker killsends a SIGKILL to a running container.docker attachwill connect to a running container.
Info
docker psshows running containers.docker logsgets logs from container. (You can use a custom log driver, but logs is only available forjson-fileandjournaldin 1.10).docker inspectlooks at all the info on a container (including IP address).docker eventsgets events from container.docker portshows public facing port of container.docker topshows running processes in container.docker statsshows containers’ resource usage statistics.docker diffshows changed files in the container’s FS.
docker ps -a shows running and stopped containers.
docker stats --all shows a list of all containers, default shows just running.
Import / Export
docker cpcopies files or folders between a container and the local filesystem.docker exportturns container filesystem into tarball archive stream to STDOUT.
Executing Commands
docker execto execute a command in container.
To enter a running container, attach a new shell process to a running container called foo, use: docker exec -it foo /bin/bash.
Images
Images are just templates for docker containers.
Lifecycle
docker imagesshows all images.docker importcreates an image from a tarball.docker buildcreates image from Dockerfile.docker commitcreates image from a container, pausing it temporarily if it is running.docker rmiremoves an image.docker loadloads an image from a tar archive as STDIN, including images and tags (as of 0.7).docker savesaves an image to a tar archive stream to STDOUT with all parent layers, tags & versions (as of 0.7).
Info
docker historyshows history of image.docker tagtags an image to a name (local or registry).
Checking Docker Version
- ‘docker version’ check what version of docker you have running
# Get the server version
docker version --format ''
Load/Save image
Load an image from file:
docker load < my_image.tar.gz
Save an existing image:
docker save my_image:my_tag | gzip > my_image.tar.gz
Import/Export container
Import a container as an image from file:
cat my_container.tar.gz | docker import - my_image:my_tag
Export an existing container:
docker export my_container | gzip > my_container.tar.gz
Difference between loading a saved image and importing an exported container as an image
Loading an image using the load command creates a new image including its history.
Importing a container as an image using the import command creates a new image excluding the history which results in a smaller image size compared to loading an image.
Networks
Lifecycle
Info
Connection
Registry & Repository
docker loginto login to a registry.docker logoutto logout from a registry.docker searchsearches registry for image.docker pullpulls an image from registry to local machine.docker pushpushes an image to the registry from local machine.
Run local registry
You can run a local registry by using the docker distribution project and looking at the local deploy instructions.
Dockerfile
The configuration file. Sets up a Docker container when you run docker build on it. Vastly preferable to docker commit.
Instructions
- .dockerignore
- FROM Sets the Base Image for subsequent instructions.
- MAINTAINER (deprecated - use LABEL instead) Set the Author field of the generated images.
- RUN execute any commands in a new layer on top of the current image and commit the results.
- CMD provide defaults for an executing container.
- EXPOSE informs Docker that the container listens on the specified network ports at runtime. NOTE: does not actually make ports accessible.
- ENV sets environment variable.
- ADD copies new files, directories or remote file to container. Invalidates caches. Avoid
ADDand useCOPYinstead. - COPY copies new files or directories to container. By default this copies as root regardless of the USER/WORKDIR settings. Use
--chown=<user>:<group>to give ownership to another user/group. (Same forADD.) - ENTRYPOINT configures a container that will run as an executable.
- VOLUME creates a mount point for externally mounted volumes or other containers.
- USER sets the user name for following RUN / CMD / ENTRYPOINT commands.
- WORKDIR sets the working directory.
- ARG defines a build-time variable.
- ONBUILD adds a trigger instruction when the image is used as the base for another build.
- STOPSIGNAL sets the system call signal that will be sent to the container to exit.
- LABEL apply key/value metadata to your images, containers, or daemons.
Tutorial
Examples
- Examples
- Best practices for writing Dockerfiles
- Michael Crosby has some more Dockerfiles best practices / take 2.
- Building Good Docker Images / Building Better Docker Images
- Managing Container Configuration with Metadata
- How to write excellent Dockerfiles
Volumes
Lifecycle
Info
Best Practices
This is where general Docker best practices and war stories go:
- The Rabbit Hole of Using Docker in Automated Tests
- Bridget Kromhout has a useful blog post on running Docker in production at Dramafever.
- There’s also a best practices blog post from Lyst.
- Building a Development Environment With Docker
- Discourse in a Docker Container
Tips
Sources:
Leave a comment