Programster's Blog

Tutorials focusing on Linux, programming, and open-source

Docker CLI Cheatsheet

Related Posts

Table of Contents

Container Management

Run A Container (docker-run)

Below is an example for launching a new container from an image. If the image doesn't exist locally, then Docker will try to pull the image from the registry.

sudo docker run \
  --name my-container-name \
  --port 80:80 \
  --port 443:443 \
  -v "/path/on/host:/path/in/container" \
  $REGISTRY/IMAGE-NAME:$TAG
  • Optionally add the --rm switch to have the container remove itself as soon as it stops running.
  • If a registry is not provided, the default registry is the docker-hub, for which one would have a vendor name. E.g. programster/dnsmasq
  • A $TAG is not required, and will default to latest.

List Containers

List Running Containers

docker ps

List All Containers (Running or otherwise)

docker ps -a

Specify Table Columns

For a version that removes the ID and Command columns so it is much more likely to fit in your terminal window:

docker ps -a --format="table {{.Names}}\t{{.Image}}\t{{.Ports}}\t{{.Status}}"

Enter A Running Container

docker exec -it $ID_OR_NAME /bin/bash

Sometimes the container won't have bash, so swap out for sh in such cases.

Execute Command In Running Container

This is actually the same as "entering the container", it's just that the command isn't /bin/bash, and in this case we don't need it to be interactive or allocate a TTY.

docker exec $ID_OR_NAME $MY_COMMAND

The cron service, and Jenkins do not run with a TTY, so if you ever run docker exec with -it , you will get this error message: "Error "The input device is not a TTY"

Remove stopped Containers

docker rm $(docker ps -a -q)

You may get the message

Error: failed to remove one or more containers

That just occurs when you have running containers (running containers get passed to the remove command but will fail to get removed.

Stop And Remove All Containers

docker stop `docker ps -aq`  
docker rm `docker ps -aq` 

Image Management

Build an Image docker build

Below is a really simple example that one may use to build an image from a Dockerfile in the same folder as where you are running the command from:

docker build .

Below is a more complicated/verbose example that one may use.

BUILD_CONTEXT_PATH="."

docker build \
  --no-cache \
  --file="$BUILD_CONTEXT_PATH/docker/Dockerfile-node-modules" \
  --tag="my-image-name" \
  --build-arg MY_VARIABLE=Susan \
  --build-arg MY_OTHER_VARIABLE=BoyleS \
  $BUILD_CONTEXT_PATH

Specifying No Cache

The --no-cache option tells the build to build everything without using any cache. Using this option can dramatically slow down your build, but is probably a good idea when using in your CI/CD pipeline, rather than local development.

Specifying The Dockerfile Path

The --file is usually not necessary, as would usually just have the build file called Dockerfile, but I wanted to show how to be able to perform a build from a different location for the build context.

If one uses a relative path, Docker will consider this path relative to the build context and not relative to where you are calling the build command from. Thus, it may be simpler to always to just use a $BUILD_CONTEXT_PATH variable to prevent mistakes.

Tagging

With regards to the --tag option. One could additionally specify the registry by specifying registry.mydomain.com/my-image-name, or specify a tag, not just the image name like so: my-image-name:ce-latest, or all three like so: registry.mydomain.com/my-image-name:ce-latest. If wanting to push to the Dockerhub registry, then your username would go where the registry name would go. E.g. programster/my-image-name:ce-latest.

Build Args

Please refer to [my other post on build arguments](https://blog.programster. org/docker-build-argumentsS).

List Images

One can use any of the following commands to list all Docker images that you have locally:

docker image list
docker image ls
docker images --all

Get Information About Specific Image

docker images ${IMAGE_NAME}

Tab completion works, so after typing docker images, one can press tab-tab to get a list of all the docker images, and if you partially complete the name of an image, only results that start with what you have already typed will appear.

Docker - Get Latest Built Image ID

docker images -q | sed -n 2p  

Remove "Dangling" Images

docker image prune

Alternatively...

docker rmi $(docker images --quiet --filter "dangling=true")  

shorthand:

docker rmi $(docker images -q --f "dangling=true")

This could be unsafe if you run it whilst docker images are being pulled.

Delete / Remove All Images

docker prune images --all

Alternatively...

docker rmi $(docker images -q)  

Alternatively....

IMAGES=`docker images | tail -n +2 | tr -s ' ' | cut -d ' ' -f3`
echo "${IMAGES}" | xargs -I %s docker rmi %s

You won't be able to remove images that running containers are using.

Logs

View Container Logs / Output

You can view the logs by running:

docker logs $CONTAINER_ID_OR_NAME

Watch / Follow Logs

The example above will only output the logs it has so far. If you want to see the logs and watch/tail them for updates, then do the following:

docker logs --follow $CONTAINER_ID_OR_NAME

Specify Log Configuration

The following will result in Docker logging to a JSON file, with a max size of 10 MiB, and only keeping up to 3 of them. Thus your logs will never exceed 30 MiB.

docker run \
  --log-driver json-file \
  --log-opt max-size=10m \
  --log-opt max-file=3 \
  docker-image-name

Build Arguments

Please refer here.

Misc

Copy Files

One may need to copy files from a container to the host, such as the logs. For this use the docker cp command like so:

docker cp $CONTAINER_ID:/path/to/files/in/container /path/on/host

This also works in reverse, when one wishes to copy files into a container:

docker cp /path/on/host $CONTAINER_ID:/path/to/files/in/container

Push To Registry

If you just built a container that doesn't contain a registry name, you can push it to your own docker registry by tagging it first and then pushing it.

E.g. to push an image you just created called "bob" to your registry at "registry.mydomain.com:5000" you would use:

docker tag bob registry.mydomain.com:5000/bob
docker push registry.mydomain.com:5000/bob

You may need to use docker login registry.mydomain.com:5000 first for authentication.

Get the Storage Driver Being Used

Different distributions will use different storage drivers. For example, CentOS and Amazon linux will use the devicemapper driver, whereas Ubuntu will use aufs. To find out which storage driver you are using, run:

docker info | grep "Storage Driver"

Go here to get a list of the storage drivers you can use.

References

Last updated: 21st August 2022
First published: 16th August 2018