Docker is fantastic tool for building out your infrastructure, however it does have a fairly steep learning curve. That’s why I created this Docker Cheat Sheet. I was constantly looking up what docker commands I needed to run to build an image from a dockerfile, run a container, mount a volume, etc.

Table of Contents

  1. What is docker?
  2. Why docker?
  3. Installation
    1. Windows
    2. Mac
    3. Linux
  4. Registries and Repositories
    1. Registry:
    2. Repository:
    3. Login
    4. Logout
    5. Search image
    6. Pull image
    7. Push image
  5. Create,Run,Update and Delete containers
    1. Create
    2. Rename
    3. Run
    4. Update
    5. Remove
  6. Start and stop containers
    1. Start
    2. Stop
    3. Restart
    4. Pause
    5. Unpause/Resume
    6. Kill
    7. Wait
  7. Networks
    1. List networks
    2. Connect a container to network
    3. Disconnect a container from a network
    4. Remove one or more networks
    5. Create network
    6. Inspect network
  8. Cleanup commands
    1. Remove all unused resources
    2. Images
    3. Containers
    4. Volumes
    5. Networks
  9. Docker Hub
  10. Dockerfile
  11. Other Commands
    1. From
    2. RUN
    3. ENTRYPOINT
    4. CMD
    5. COPY
    6. ADD
    7. ENV
    8. EXPOSE
    9. WORKDIR
    10. LABEL
    11. MAINTAINER
    12. VOLUME
  12. Docker Compose
  13. Docker Swarm

What is docker?

Docker is a tool designed to make it easier to create, deploy, and run applications by using containers.

Why docker?

Docker is useful to automate the deployment of applications inside a software containers, which makes the applications easy to ship and run virtually anywhere (i.e, platform independent). The Docker container processes run on the host kernel, unlike VM which runs processes in guest kernel.

Installation

The docker desktop downloads are available for windows, mac and linux distributions.

Windows

It supports for Windows 10 64-bit: Pro, Enterprise, or Education (Build 15063 or later) editions. You need to follow the below steps for installation.

  1. Download docker desktop for windows from https://docs.docker.com/docker-for-windows/install/
  2. Double-click Docker Desktop Installer.exe to run the installer.
  3. Make sure Enable Hyper-V Windows Features option is selected

Mac

  1. Download docker desktop for mac from https://docs.docker.com/docker-for-mac/install/
  2. Double-click Docker.dmg to open the installer and drag it to the Applications folder.
  3. Double-click Docker.app in the Applications folder to start Docker.

Linux

You can install from a package easily

  1. Go to https://download.docker.com/linux/ubuntu/dists/, choose your Ubuntu version and then go to pool/stable/ to get .deb file

  2. Install Docker Engine by referring the downloaded location of the Docker package.

    1
    $ sudo dpkg -i /path/to/package.deb
  3. Verify the Docker Engine by running the hello-world image to check correct installation.

    1
    $ sudo docker run hello-world

Registries and Repositories

Registry:

Docker Registry is a service that stores your docker images. It could be hosted by a third party, as public or private registry. Some of the examples are,

  • Docker Hub,
  • Quay,
  • Google Container Registry,
  • AWS Container Registry

Repository:

A Docker Repository is a collection of related images with same name which have different tags. These tags are an alphanumeric identifiers(like 1.0 or latest) attached to images within a repository.

For example, if you want to pull golang image using docker pull golang:latest command, it will download the image tagged latest within the golang repository from the Docker Hub registry. The tags appeared on dockerhub as below,

Login

Login to a registry

1
2
3
4
5
6
7
8
9
10
> docker login [OPTIONS] [SERVER]

[OPTIONS]:
-u/--username username
-p/--password password

Example:

1. docker login localhost:8080 // Login to a registry on your localhost
2. docker login

Logout

Logout from a registry

1
2
3
4
5
> docker logout [SERVER]

Example:

docker logout localhost:8080 // Logout from a registry on your localhost

Search image

Search for an image in registry

1
2
3
4
5
docker search [OPTIONS] TERM

Example:
docker search golang
docker search --filter stars=3 --no-trunc golang

Pull image

This command pulls an image or a repository from a registry to local machine

1
2
3
4
docker image pull [OPTIONS] NAME[:TAG|@DIGEST]

Example:
docker image pull golang:latest

Push image

This command pushes an image to the registry from local machine.

1
2
docker image push [OPTIONS] NAME[:TAG]
docker image push golang:latest

Create,Run,Update and Delete containers

Create

Create a new container

1
2
3
4
docker container create [OPTIONS] IMAGE [COMMAND] [ARG...]

Example:
docker container create -t -i sudheerj/golang --name golang

Rename

Rename a container

1
2
3
4
5
docker container rename CONTAINER NEW_NAME

Example:
docker container rename golang golanguage
docker container rename golanguage golang

Run

1
2
3
4
docker container run [OPTIONS] IMAGE [COMMAND] [ARG...]

Example:
docker container run -it --name golang -d sudheerj/golang

You can also run a command inside container

1
2
3
4
docker exec [OPTIONS] CONTAINER COMMAND [ARG...]

Example:
docker exec -it golang sh // Or use bash command if sh is failed

Update

Update configuration of one or more containers

1
2
3
4
docker container update [OPTIONS] CONTAINER [CONTAINER...]

Example:
docker container update --memory "1g" --cpuset-cpu "1" golang // update the golang to use 1g of memory and only use cpu core 1

Remove

Remove one or more containers

1
2
3
4
5
docker container rm [OPTIONS] CONTAINER [CONTAINER...]

Example:
docker container rm golang
docker rm $(docker ps -q -f status=exited) // Remove all the stopped containers

Start and stop containers

Start

Start one or more stopped containers

1
2
3
4
docker container start [OPTIONS] CONTAINER [CONTAINER...]

Example:
docker container start golang

Stop

Stop one or more running containers

1
2
3
4
5
docker container stop [OPTIONS] CONTAINER [CONTAINER...]

Example:
docker container stop golang
docker stop $(docker ps -a -q) // To stop all the containers

Restart

Restart one or more containers and processes running inside the container/containers.

1
2
3
4
docker container restart [OPTIONS] CONTAINER [CONTAINER...]

Example:
docker container restart golang

Pause

Pause all processes within one or more containers

1
2
3
4
docker container pause CONTAINER [CONTAINER...]

Example:
docker container pause golang

Unpause/Resume

Unpause all processes within one or more containers

1
2
3
4
docker container unpause CONTAINER [CONTAINER...]

Example:
docker container unpause golang

Kill

Kill one or more running containers

1
2
3
4
docker container kill [OPTIONS] CONTAINER [CONTAINER...]

Example:
docker container kill golang

Wait

Block until one or more containers stop and print their exit codes after that

1
2
3
4
docker container wait CONTAINER [CONTAINER...]

Example:
docker container wait golang

Networks

Docker provides network commands connect containers to each other and to other non-Docker workloads. The usage of network commands would be docker network COMMAND

List networks

List down available networks

1
docker network ls

Connect a container to network

You can connect a container by name or by ID to any network. Once it connected, the container can communicate with other containers in the same network.

1
2
3
4
docker network connect [OPTIONS] NETWORK CONTAINER

Example:
docker network connect multi-host-network container1

Disconnect a container from a network

You can disconnect a container by name or by ID from any network.

1
2
3
4
docker network disconnect [OPTIONS] NETWORK CONTAINER

Example:
docker network disconnect multi-host-network container1

Remove one or more networks

Removes one or more networks by name or identifier. Remember, you must first disconnect any containers connected to it before removing it.

1
2
3
4
docker network rm NETWORK [NETWORK...]

Example:
docker network rm my-network

Create network

It is possible to create a network in Docker before launching containers

1
2
3
4
docker network create [OPTIONS] NETWORK

Example:
sudo docker network create –-driver bridge some_network

The above command will output the long ID for the new network.

Inspect network

You can see more details on the network associated with Docker using network inspect command.

1
2
3
4
docker network inspect networkname

Example:
docker network inspect bridge

Cleanup commands

You may need to cleanup resources (containers, volumes, images, networks) regularly.

Remove all unused resources

1
docker system prune

Images

1
2
3
4
5
$ docker images
$ docker rmi $(docker images --filter "dangling=true" -q --no-trunc)

$ docker images | grep "none"
$ docker rmi $(docker images | grep "none" | awk '/ / { print $3 }')

Containers

1
2
3
$ docker ps
$ docker ps -a
$ docker rm $(docker ps -qa --no-trunc --filter "status=exited")

Volumes

1
2
$ docker volume rm $(docker volume ls -qf dangling=true)
$ docker volume ls -qf dangling=true | xargs -r docker volume rm

Networks

1
2
3
$ docker network ls
$ docker network ls | grep "bridge"
$ docker network rm $(docker network ls | grep "bridge" | awk '/ / { print $1 }')

Docker Hub

Docker Hub is a cloud-based repository provided by Docker to test, store and distribute container images which can be accessed either privately or publicly.

Dockerfile

Dockerfile is a text document that contains set of commands and instructions which will be executed in a sequence in the docker environment for building a new docker image.

Other Commands

From

It initializes a new image and sets the Base Image for subsequent instructions. It must be a first non-comment instruction in the Dockerfile.

1
2
3
4
5
FROM 
FROM :
FROM @
Example:
FROM ubuntu:18.04

Note: Both tag and digest are optional. If you omit either of them, the builder assumes a latest by default.

RUN

RUN instruction allows you to install your application and packages required for it. It executes any commands on top of the current image and creates a new layer by committing the results. It is quite common to have multiple RUN instructions in a Dockerfile.

It has two forms

  1. Shell Form: RUN

    1
    RUN npm start
  2. Exec form RUN [““, ““, ““]

    1
    RUN [ "npm", "start" ]

ENTRYPOINT

An ENTRYPOINT allows you to configure a container that will run as an executable. It is used to run when container starts.

1
2
3
4
5
6
7
8
Exec Form:
ENTRYPOINT ["executable", "param1", "param2"]
Shell Form:
ENTRYPOINT command param1 param2

Example:
FROM alpine:3.5
ENTRYPOINT ["/bin/echo", "Print ENTRYPOINT instruction of Exec Form"]

If an image has an ENTRYPOINT and pass an argument to it while running the container, it wont override the existing entrypoint but it just appends what you passed with the entrypoint. To override the existing ENTRYPOINT. you should user –entrypoint flag for the running container.

Let’s see the behavior with the above dockerfile,

1
2
3
4
5
6
7
8
Build image:
docker build -t entrypointImage .

Run the image:
docker container run entrypointImage // Print ENTRYPOINT instruction of Exec Form

Override entrypoint:
docker run --entrypoint "/bin/echo" entrypointImage "Override ENTRYPOINT instruction" // Override ENTRYPOINT instruction

CMD

CMD instruction is used to set a default command, which will be executed only when you run a container without specifying a command. But if the docker container runs with a command, the default command will be ignored.

The CMD instruction has three forms,

1
2
3
4
5
6
1. Exec form:
CMD ["executable","param1","param2"]
2. Default params to ENTRYPOINT:
CMD ["param1","param2"]
3. Shell form:
CMD command param1 param2

The main purpose of the CMD command is to launch the required software in a container. For example, running an executable .exe file or a Bash terminal as soon as the container starts.

Remember, if docker runs with executable and parameters then CMD instruction will be overridden(Unlike ENTRYPOINT).

1
docker run executable parameters

Note: There should only be one CMD command in your Dockerfile. Otherwise only the last instance of CMD will be executed.

COPY

The COPY instruction copies new files or directories from source and adds them to the destination filesystem of the container.

1
2
3
4
5
6
COPY [--chown=:] ... 
COPY [--chown=:] ["",... ""]

Example:
COPY test.txt /absoluteDir/
COPY tes? /absoluteDir/ // Copies all files or directories starting with test to destination container

The path must be relative to the source directory that is being built. Whereas is an absolute path, or a path relative to WORKDIR.

ADD

The ADD instruction copies new files, directories or remote file URLs from source and adds them to the filesystem of the image at the destination path. The functionality is similar to COPY command and supports two forms of usage,

1
2
3
4
5
6
ADD [--chown=:] ... 
ADD [--chown=:] ["",... ""]

Example:
ADD test.txt /absoluteDir/
ADD tes? /absoluteDir/ // Copies all files or directories starting with test to destination container

ADD commands provides additional features such as downloading remote resources, extracting TAR files etc.

1
2
3
4
5
1. Download an external file and copy to the destination
ADD http://source.file/url /destination/path

2. Copies compressed files and extract the content in the destination
ADD source.file.tar.gz /temp

ENV

The ENV instruction sets the environment variable to the value . It has two forms,

  1. The first form, ENV , will set a single variable to a value.
  2. The second form, ENV = ..., allows for multiple variables to be set at one time.
1
2
3
4
5
6
7
ENV  
ENV = [= ...]

Example:
ENV name="John Doe" age=40
ENV name John Doe
ENV age 40

EXPOSE

The EXPOSE instruction informs Docker that the container listens on the specified network ports at runtime. i.e, It helps in inter-container communication. You can specify whether the port listens on TCP or UDP, and the default is TCP.

1
2
3
4
5
EXPOSE  [/...]

Example:
EXPOSE 80/udp
EXPOSE 80/tcp

But if you want to bind the port of the container with the host machine on which the container is running, use -p option of docker run command.

1
2
3
4
docker run -p : IMAGE_NAME

Example:
docker run -p 80:80/udp myDocker

WORKDIR

The WORKDIR command is used to define the working directory of a Docker container at any given time for any RUN, CMD, ENTRYPOINT, COPY and ADD instructions that follow it in the Dockerfile.

1
2
3
4
5
6
7
WORKDIR /path/to/workdir

Example:
WORKDIR /c
WORKDIR d
WORKDIR e
RUN pwd // /c/d/e

LABEL

The LABEL instruction adds metadata as key-value pairs to an image. Labels included in base or parent images (images in the FROM line) are inherited by your image.

1
2
3
4
5
6
7
LABEL = = = ...

Example:
LABEL version="1.0"
LABEL multi.label1="value1" \
multi.label2="value2" \
other="value3"

You can view an image’s labels using the docker image inspect --format='' myimage command. The output would be as below,

1
2
3
4
5
6
{
"version": "1.0",
"multi.label1": "value1",
"multi.label2": "value2",
"other": "value3"
}

MAINTAINER

The MAINTAINER instruction sets the Author field of the generated images.

1
2
3
4
MAINTAINER 

Example:
MAINTAINER John

This command is deprecated status now and the recommended usage is with LABEL command

1
LABEL maintainer="John"

VOLUME

The VOLUME instruction creates a mount point with the specified name and mounted volumes from native host or other containers.

1
2
3
4
5
6
VOLUME ["/data"]

Example:
FROM ubuntu
RUN mkdir /test
VOLUME /test

Docker Compose

Docker compose(or compose) is a tool for defining and running multi-container Docker applications.

Docker Swarm

Docker Swarm(or swarm) is an open-source tool used to cluster and orchestrate Docker containers.