Docker Cheatsheet

Installation

# Linux
$ curl -sSL https://get.docker.com/ | sh

# Mac - Install with brew (https://brew.sh/)
$ brew cask install docker

Check Version

# Just show the version
$ docker version --format '{{.Server.Version}}'
19.03.8

# Short version
$ docker --version
Docker version 19.03.8, build afacb8b7f0

# Long version
$ docker version
Client: Docker Engine - Community
 Version:           19.03.8
Server: Docker Engine - Community
 Engine:
  Version:          19.03.8

Registry & Repository

# Login to registry
docker login

# Login to Nvidia NGC registry (https://ngc.nvidia.com/setup/api-key)
docker login nvcr.io
Username: $oauthtoken
Password: <Login via link and click generate API key>

# Logout from registry
docker logout

# Search docker repository, results returned are ranked by number of stars
docker search <keyword>

# Pulls image from registry to local machine
docker pull <image-name>

# Push image from local machine to registry
docker push <image-name>

Load and Save Image / Container

The difference between save and export is that the exported-imported image has lost all of its history whereas the save-loaded image still have its history and layers. This means that you cannot do any rollback or to a previous layer if you export-import. However, if you use save-load the image, you can go back to previous layer using docker tag <layer-id> <image-name>.

# Save an existing image
docker save --output busybox.tar busybox
docker save -o busybox.tar busybox

# Save an existing image with particular tag
docker save -o busybox:latest

# Load an image from file
docker load -i busybox.tar

# Export an existing container (but without the mounted volume)
docker export --output my_container.tar my_container
docker export -o my_container.tar my_container

# Import a container as an image from file or from URL
docker import my_container.tar
docker import https://example.com/my_container.tar

Running Container

# Run container from image
docker run <container-name>

# Run transient container (removes container after it stops)
docker run --rm <container-name>

# Run container and attach shell (-t = allocate tty, -i keep STDIN open even if not attached)
docker run -it <container-name>

# Start docker in transient and attach shell
docker run --rm -it <container-name>

# Start docker in transient, attach shell and publish port (outside-port:inside-port)
docker run --rm -it -p 8080:80 <container-name>

# Start docker in transient, attach shell and mount volume
# Note: if /path/from/host does not exists, docker will create folder automatically
docker run --rm -it -v /path/from/host:/path/in/container <container-name>

Removal

# Kill running containers
docker kill $(docker ps -q)

# Delete all containers by force (including running ones)
docker rm -f $(docker ps -aq)

# Delete stopped container
docker rm -v $(docker ps -a -q -f status=exited)

# Stop all and delete all containers
docker stop $(docker ps -aq) && docker rm -v $(docker ps -aq)

# Delete dangling images
docker rmi $(docker images -q -f dangling=true)

# Delete all images
docker rmi $(docker images -q)

# Remove all stopped containers, all networks not used by at least one container, all dangling images and all dangling build cache
docker system prune

Monitoring

# Show running containers
docker ps

# Get logs from container (-f for follow)
docker logs <my_container>
docker logs -f <my_container>

# Looks at all info in a container
docker inspect <my_container>

# Shows public facing port of container
docker port <my_container>

# Show running processes in container
docker top <my_container>

# Check CPU, memory, network I/O usage of single container
docker stats <container_name>
docker stats --all # shows all containers (default only show running)

# Show changed files in container's filesystem (good for tracing)
docker diff <container_name>

# Summary of space currently used by different docker objects
docker system df

Utilities

# Creates a container but does not start it
docker create

# Renames container
docker rename

# Updates a container's resource limits
docker update

# Copy files/folders between container and local filesystem
docker cp foo.txt my_container:/foo.txt
docker cp my_container:/foo.txt foo.txt

# Filter images based on name
docker image ls --filter 'reference=nvcr.io/nvidia/*'

Other Interesting Commands

# Use --volumes-from to mount volume that was mounted in another container in a new container. Use this to share volume with other containers.
# Note: first command is to create the mount in the dbstore container
# Note: second command is to list the /dbdata volume that is mounted on the new container from the first container
docker run -v /home/user/desktop/data:/data-volume --name dbstore ubuntu
docker run --rm --volumes-from dbstore ubuntu ls /dbdata

# Update all images with "latest"
# Ref: https://dev.to/goffity/update-all-docker-images-already-pulled-o3l
docker images | grep -v ^REPO | sed 's/ \+/:/g' | cut -d: -f1,2 | xargs -L1 docker pull

Good Stuff

veggiemonk/awesome-docker

:whale: A curated list of Docker resources and projects - veggiemonk/awesome-docker

GitHubveggiemonk

Docker Documentation

Home page for Docker’s documentation

Docker Documentation

References

wsargent/docker-cheat-sheet

Docker Cheat Sheet. Contribute to wsargent/docker-cheat-sheet development by creating an account on GitHub.

GitHubwsargent

The Ultimate Docker Cheat Sheet

Docker - Beginners Intermediate Advanced

dockerlabs