Docker Cheatsheet
Installation
# Linux
$ curl -sSL https://get.docker.com/ | sh
# Mac - Install with brew (https://brew.sh/)
$ brew cask install docker
Check Version
# Just show the version
$ docker version --format '{{.Server.Version}}'
19.03.8
# Short version
$ docker --version
Docker version 19.03.8, build afacb8b7f0
# Long version
$ docker version
Client: Docker Engine - Community
Version: 19.03.8
Server: Docker Engine - Community
Engine:
Version: 19.03.8
Registry & Repository
# Login to registry
docker login
# Login to Nvidia NGC registry (https://ngc.nvidia.com/setup/api-key)
docker login nvcr.io
Username: $oauthtoken
Password: <Login via link and click generate API key>
# Logout from registry
docker logout
# Search docker repository, results returned are ranked by number of stars
docker search <keyword>
# Pulls image from registry to local machine
docker pull <image-name>
# Push image from local machine to registry
docker push <image-name>
Load and Save Image / Container
The difference between save and export is that the exported-imported image has lost all of its history whereas the save-loaded image still have its history and layers. This means that you cannot do any rollback or to a previous layer if you export-import. However, if you use save-load the image, you can go back to previous layer using docker tag <layer-id> <image-name>
.
# Save an existing image
docker save --output busybox.tar busybox
docker save -o busybox.tar busybox
# Save an existing image with particular tag
docker save -o busybox:latest
# Load an image from file
docker load -i busybox.tar
# Export an existing container (but without the mounted volume)
docker export --output my_container.tar my_container
docker export -o my_container.tar my_container
# Import a container as an image from file or from URL
docker import my_container.tar
docker import https://example.com/my_container.tar
Running Container
# Run container from image
docker run <container-name>
# Run transient container (removes container after it stops)
docker run --rm <container-name>
# Run container and attach shell (-t = allocate tty, -i keep STDIN open even if not attached)
docker run -it <container-name>
# Start docker in transient and attach shell
docker run --rm -it <container-name>
# Start docker in transient, attach shell and publish port (outside-port:inside-port)
docker run --rm -it -p 8080:80 <container-name>
# Start docker in transient, attach shell and mount volume
# Note: if /path/from/host does not exists, docker will create folder automatically
docker run --rm -it -v /path/from/host:/path/in/container <container-name>
Removal
# Kill running containers
docker kill $(docker ps -q)
# Delete all containers by force (including running ones)
docker rm -f $(docker ps -aq)
# Delete stopped container
docker rm -v $(docker ps -a -q -f status=exited)
# Stop all and delete all containers
docker stop $(docker ps -aq) && docker rm -v $(docker ps -aq)
# Delete dangling images
docker rmi $(docker images -q -f dangling=true)
# Delete all images
docker rmi $(docker images -q)
# Remove all stopped containers, all networks not used by at least one container, all dangling images and all dangling build cache
docker system prune
Removal (Advanced)
# Find and remove images based on name
docker rmi $(docker images | grep 'IMAGENAME')
Find / Filter images
# Find all images with LATEST tag
docker images | grep latest
# Find all images based on image name
docker images | grep 'IMAGENAME' | tr -s ' ' | cut -d ' ' -f 3
# Find all image ID with LATEST tag
docker images | grep latest | tr -s ' ' | cut -d ' ' -f 3
Update images
# Update all pulled images with latest tag
docker images --format "{{.Repository}}:{{.Tag}}" | grep ':latest' | xargs -L1 docker pull;
Monitoring
# Show running containers
docker ps
# Get logs from container (-f for follow)
docker logs <my_container>
docker logs -f <my_container>
# Looks at all info in a container
docker inspect <my_container>
# Shows public facing port of container
docker port <my_container>
# Show running processes in container
docker top <my_container>
# Check CPU, memory, network I/O usage of single container
docker stats <container_name>
docker stats --all # shows all containers (default only show running)
# Show changed files in container's filesystem (good for tracing)
docker diff <container_name>
# Summary of space currently used by different docker objects
docker system df
Utilities
# Creates a container but does not start it
docker create
# Renames container
docker rename
# Updates a container's resource limits
docker update
# Copy files/folders between container and local filesystem
docker cp foo.txt my_container:/foo.txt
docker cp my_container:/foo.txt foo.txt
# Filter images based on name
docker image ls --filter 'reference=nvcr.io/nvidia/*'
Other Interesting Commands
# Use --volumes-from to mount volume that was mounted in another container in a new container. Use this to share volume with other containers.
# Note: first command is to create the mount in the dbstore container
# Note: second command is to list the /dbdata volume that is mounted on the new container from the first container
docker run -v /home/user/desktop/data:/data-volume --name dbstore ubuntu
docker run --rm --volumes-from dbstore ubuntu ls /dbdata
# Update all images with "latest"
# Ref: https://dev.to/goffity/update-all-docker-images-already-pulled-o3l
docker images | grep -v REPOSITORY | awk '{print $1}' | xargs -L1 docker pull
Good Stuff
veggiemonk/awesome-docker
:whale: A curated list of Docker resources and projects - veggiemonk/awesome-docker
Docker Documentation
Home page for Docker’s documentation
References
wsargent/docker-cheat-sheet
Docker Cheat Sheet. Contribute to wsargent/docker-cheat-sheet development by creating an account on GitHub.
The Ultimate Docker Cheat Sheet
Docker - Beginners Intermediate Advanced
