Docker Cheatsheet


# Linux
$ curl -sSL | sh

# Mac - Install with brew (
$ brew cask install docker

Check Version

# Just show the version
$ docker version --format '{{.Server.Version}}'

# Short version
$ docker --version
Docker version 19.03.8, build afacb8b7f0

# Long version
$ docker version
Client: Docker Engine - Community
 Version:           19.03.8
Server: Docker Engine - Community
  Version:          19.03.8

Registry & Repository

# Login to registry
docker login

# Login to Nvidia NGC registry (
docker login
Username: $oauthtoken
Password: <Login via link and click generate API key>

# Logout from registry
docker logout

# Search docker repository, results returned are ranked by number of stars
docker search <keyword>

# Pulls image from registry to local machine
docker pull <image-name>

# Push image from local machine to registry
docker push <image-name>

Load and Save Image / Container

The difference between save and export is that the exported-imported image has lost all of its history whereas the save-loaded image still have its history and layers. This means that you cannot do any rollback or to a previous layer if you export-import. However, if you use save-load the image, you can go back to previous layer using docker tag <layer-id> <image-name>.

# Save an existing image
docker save --output busybox.tar busybox
docker save -o busybox.tar busybox

# Save an existing image with particular tag
docker save -o busybox:latest

# Load an image from file
docker load -i busybox.tar

# Export an existing container (but without the mounted volume)
docker export --output my_container.tar my_container
docker export -o my_container.tar my_container

# Import a container as an image from file or from URL
docker import my_container.tar
docker import

Running Container

# Run container from image
docker run <container-name>

# Run transient container (removes container after it stops)
docker run --rm <container-name>

# Run container and attach shell (-t = allocate tty, -i keep STDIN open even if not attached)
docker run -it <container-name>

# Start docker in transient and attach shell
docker run --rm -it <container-name>

# Start docker in transient, attach shell and publish port (outside-port:inside-port)
docker run --rm -it -p 8080:80 <container-name>

# Start docker in transient, attach shell and mount volume
# Note: if /path/from/host does not exists, docker will create folder automatically
docker run --rm -it -v /path/from/host:/path/in/container <container-name>


# Kill running containers
docker kill $(docker ps -q)

# Delete all containers by force (including running ones)
docker rm -f $(docker ps -aq)

# Delete stopped container
docker rm -v $(docker ps -a -q -f status=exited)

# Stop all and delete all containers
docker stop $(docker ps -aq) && docker rm -v $(docker ps -aq)

# Delete dangling images
docker rmi $(docker images -q -f dangling=true)

# Delete all images
docker rmi $(docker images -q)

# Remove all stopped containers, all networks not used by at least one container, all dangling images and all dangling build cache
docker system prune

Removal (Advanced)

# Find and remove images based on name
docker rmi $(docker images | grep 'IMAGENAME')

Find / Filter images

# Find all images with LATEST tag
docker images | grep latest

# Find all images based on image name
docker images | grep 'IMAGENAME' | tr -s ' ' | cut -d ' ' -f 3

# Find all image ID with LATEST tag
docker images | grep latest | tr -s ' ' | cut -d ' ' -f 3

Update images

# Update all pulled images with latest tag
docker images --format "{{.Repository}}:{{.Tag}}" | grep ':latest' | xargs -L1 docker pull;


# Show running containers
docker ps

# Get logs from container (-f for follow)
docker logs <my_container>
docker logs -f <my_container>

# Looks at all info in a container
docker inspect <my_container>

# Shows public facing port of container
docker port <my_container>

# Show running processes in container
docker top <my_container>

# Check CPU, memory, network I/O usage of single container
docker stats <container_name>
docker stats --all # shows all containers (default only show running)

# Show changed files in container's filesystem (good for tracing)
docker diff <container_name>

# Summary of space currently used by different docker objects
docker system df


# Creates a container but does not start it
docker create

# Renames container
docker rename

# Updates a container's resource limits
docker update

# Copy files/folders between container and local filesystem
docker cp foo.txt my_container:/foo.txt
docker cp my_container:/foo.txt foo.txt

# Filter images based on name
docker image ls --filter '*'

Other Interesting Commands

# Use --volumes-from to mount volume that was mounted in another container in a new container. Use this to share volume with other containers.
# Note: first command is to create the mount in the dbstore container
# Note: second command is to list the /dbdata volume that is mounted on the new container from the first container
docker run -v /home/user/desktop/data:/data-volume --name dbstore ubuntu
docker run --rm --volumes-from dbstore ubuntu ls /dbdata

# Update all images with "latest"
# Ref:
docker images | grep -v REPOSITORY | awk '{print $1}' | xargs -L1 docker pull

Good Stuff

:whale: A curated list of Docker resources and projects - veggiemonk/awesome-docker
Docker Documentation
Home page for Docker’s documentation


Docker Cheat Sheet. Contribute to wsargent/docker-cheat-sheet development by creating an account on GitHub.
The Ultimate Docker Cheat Sheet
Docker - Beginners Intermediate Advanced