Post

My Docker Cheat Sheet

Posted Updated
By Dede
4 min read
My Docker Cheat Sheet

Docker has revolutionized software development and deployment by providing a streamlined approach to containerization. This cheat sheet enhance my Docker workflow with some advanced commands, best practices, and troubleshooting tips.

Image Management

  • Build an image from a Dockerfile in the current directory.

    1

     docker build -t <image_name>:<tag> .

  • Build without using the cache.

    1

    docker build --no-cache -t <image_name>:<tag> .

  • Pass build arguments.

    1

    docker build --build-arg <ARG_NAME>=<value> -t <image_name>:<tag> .

  • Build a specific stage in a multi-stage Dockerfile.

    1

    docker build --target <stage> -t <image_name>:<tag> .

Listing and Inspecting Images:

  • List local images: list all images, including intermediate.

    1

    docker images -a

  • Inspect an image’s details.

    1

    docker inspect <image_id|image_name>

  • Show the history of an image.

    1

      docker history <image_id|image_name>

Managing Images:

  • Remove an image.
    1

    docker rmi <image_id|image_name>
  • Remove dangling images.
    1

    docker rmi $(docker images -aq --filter "dangling=true")
  • Remove all unused images.
    1

    docker image prune -a
  • Tagging Images.
    1

    docker tag <image_id|image_name> <new_image_name>:<tag>

Pushing and Pulling Images:

  • Log in to a Docker registry.

    1

    docker login -u <username> -p <password>

  • Push an image to a registry.

    1

    docker push <image_name>:<tag>

  • Pull an image from a registry.

    1

    docker pull <image_name>:<tag>

  • Search Docker Hub for an image.

    1

    docker search <image_name>

Container Management

  • Run a container in detached mode and map ports.
    1

    docker run -d -p <host_port>:<container_port> --name <container_name> <image_name>:<tag>
  • Run an interactive container and remove it when exited.
    1

    docker run -it --rm <image_name>:<tag> /bin/bash
  • Run a container with a restart policy.
    1

    docker run --name <container_name> --restart unless-stopped <image_name>:<tag>
  • Mount a host directory as a volume.
    1

    docker run --mount type=bind,source=<host_path>,target=<container_path> <image_name>:<tag>
  • Set environment variables.
    1

    docker run --env <VAR>=<value> <image_name>:<tag>

Managing Running Containers:

  • List running containers.
    1

    docker ps
  • List all containers.
    1

    docker ps -a
  • View container logs.
    1

    docker logs <container_name|container_id>
  • Follow container logs.
    1

    docker logs -f <container_name|container_id>
  • Execute a command in a running container.
    1

    docker exec -it <container_name|container_id> /bin/bash
  • Stop a container.
    1

    docker stop <container_name|container_id>
  • Start a container.
    1

    docker start <container_name|container_id>
  • Restart a container.
    1

    docker restart <container_name|container_id>
  • Remove a stopped container.
    1

    docker rm <container_name|container_id>
  • Force remove a running container.
    1

    docker rm -f <container_name|container_id>
  • Rename a container.
    1

    docker rename <container_name> <new_container_name>
  • Update resource limits.
    1

    docker update --memory=<limit> --cpus=<limit> <container_name|container_id>
  • Show resource usage statistics.
    1

    docker stats <container_name|container_id>

Inspecting Containers:

  • Inspect a container’s details.
    1

    docker inspect <container_name|container_id>
  • Show file changes in a container’s filesystem.
    1

    docker diff <container_name|container_id>

Networking

  • Listing Networks:
    • List Docker networks.
      1

      docker network ls
  • Creating Networks:
    • Create a Docker network.
      1

      docker network create <network_name>
    • Create a bridge network.
      1

      docker network create --driver bridge <network_name>
    • Create an overlay network (for Swarm).
      1

      docker network create --driver overlay <network_name>
  • Connecting Containers to Networks:
    • Connect a container to a network.
      1

      docker network connect <network_name> <container_name|container_id>
    • Disconnect a container from a network.
      1

      docker network disconnect <network_name> <container_name|container_id>
  • Inspecting Networks:
    • Inspect a Docker network.
      1

      docker network inspect <network_name>
  • Removing Networks:
    • Remove a Docker network.
      1

      docker network rm <network_name>

Volume Management

  • Listing Volumes:
    • List Docker volumes.
      1

      docker volume ls
  • Creating Volumes:
    • Create a Docker volume.
      1

      docker volume create <volume_name>
  • Inspecting Volumes:
    • Inspect a Docker volume.
      1

      docker volume inspect <volume_name>
  • Removing Volumes:
    • Remove a Docker volume.
      1

      docker volume rm <volume_name>
    • Remove unused volumes.
      1

      docker volume prune

Security

  • User Namespaces:
    • Run a container as a specific user.
      1

      docker run --user <user>:<group> <image_name>:<tag>
  • Capabilities:
    • Add or drop Linux capabilities.
      1

      docker run --cap-add <capability> --cap-drop <capability> <image_name>:<tag>
  • Security Profiles:
    • Apply an AppArmor profile.
      1

      docker run --security-opt apparmor=<profile> <image_name>:<tag>
    • Apply a seccomp profile.
      1

      docker run --security-opt seccomp=<profile.json> <image_name>:<tag>
  • Secrets Management:
    • Create a Docker secret.
      1

      docker secret create <secret_name> <secret_file>
    • Mount a secret into a container.
      1

      docker run --secret <secret_name> <image_name>:<tag>

Troubleshooting

  • Container Logs:
    • View container logs.
      1

      docker logs <container_name|container_id>
    • Follow container logs.
      1

      docker logs -f <container_name|container_id>
  • Inspecting Containers:
    • Inspect container details.
      1

      docker inspect <container_name|container_id>
    • Show file changes.
      1

      docker diff <container_name|container_id>
  • Network Issues:
    • Inspect network details.
      1

      docker network inspect <network_name>
    • Ping a host from inside a container.
      1

      docker exec -it <container_name|container_id> ping <host>
    • Check network connections.
      1

      docker exec -it <container_name|container_id> netstat -tulnp
  • Resource Issues:
    • Monitor resource usage.
      1

      docker stats <container_name|container_id>
    • Adjust resource limits.
      1

      docker update --memory=<limit> --cpus=<limit> <container_name|container_id>

    Ressources

cheatSheet
This post is licensed under CC BY 4.0 by the author.