Docker Cheat Sheet
IMAGES
Info
show images on host
docker images
get image ID by name
docker images --format="{{.ID}}" myImageName
inspect image
docker inspect image:version | jq .
Remove
remove image by name
docker rmi reponame:tag
remove dangling images (w no names or tags)
docker image prune
remove all images that dont have a child container running
docker image prune -a
remove ALL images
docker rmi $(docker images -qa)
Build
build an image from Dockerfile
docker build -t user/image-name
Dockerfile config:
FROM debian:wheezy #provide a base image
RUN apt-get update && apt-get install -y cowsay #run additional commands to build container
ENTRYPOINT /usr/bin/telnet
ADD /host_dir /target_dir #copy contents to container from the host
CMD "echo" "all done!" #cmd to execute once container is built
ENV PROXY_SERVER http://www.proxy.com #set env vars
EXPOSE 8250 #expose port from service inside container to outside
USER 125 #UID of user running the container
VOLUME ["/tmp"] #enable access from container to dir on the host machine
WORKDIR ~/dev #where CMD will execute from
COPY file.conf /etc/app/app.conf #copy from host to container
Network
docker network ls
docker network rm <name of network>
CONTAINERS
Info
show all containers and their status
docker ps -a
get just container IDs
docker ps -qa
show diffs made to container
docker diff containerName
see all operations done inside the container
docker logs containerName (or container ID)
get JSON info about a container
docker inspect <containerName or containerID>
Bash into a container
docker exec -ti <container Name> bash
bash into a container, filter by container Name
docker exec -ti $(docker ps -qf "name=worker") bash
Bash into a STOPPED container,
docker run -it --entrypoint /bin/bash <image_id>
Install a package inside a container
docker run -u root -ti <container ID> apt update
docker run -u root -ti <container ID> apt install vim
get JSON output of all containers
curl -s --unix-socket /var/run/docker.sock http:/containers/json
SSH into existing running container
docker attach $containerID
docker exec -ti $containerID bash
bind container network to the underlying host
docker run --network host -d --rm -e VAULT_DEV_ROOT_TOKEN_ID=abcd -p "8200:8200" artifactory.corp.local/docker.io/vault:0.9.5
will listen on 0.0.0.0:8200
show all dangling volumes
docker volume ls -qf dangling=true
Run / Stop
run a container, and login via terminal
docker run -it imageName
run a container w specific hostname and name
docker run -it --name myName --hostname myHostname imageName
run container as daemon, bind to a port, give container a name
docker run -d -p 5200:5200 --name myName imageName
Stop a running container
docker ps (get container ID)
docker stop $containerID (or by Name)
Stop all Running containers
docker ps -a --format="{{.ID}}" | xargs docker stop
Start container
docker start $containerID
exit the container if logged in via terminal
exit
run a container, make a container Volume be available to host, ie, can read Container's application logs directly from Docker host
docker run -p 5100:5100 --volume <path to volume on host>:<path to volume on container>
docker run -p 5100:5100 --volume /host/data/app1:/opt/container/app1
kill zombie containers that restart
docker ps -a --format="{{.ID}}" | xargs docker update --restart=no | xargs docker stop | xargs docker rmi $(docker images -qa) --force
Remove
remove container by name
docker rm <name>
remove all stopped containers
docker container prune
remove all containers
docker rm $(docker ps -aq)
prune Everything (remove dangling images, containers, networks)
docker system prune -f
remove dangling volumes
docker volume rm $(docker volume ls -qf dangling=true)
Docker Compose
run docker compose up as daemon,
docker-compose -f my-compose-file.yaml up -d
stop container,
docker-compose stop
remove stopped containers
docker-compose rm -f
remove a container specific to a service
docker-compose rm postgres
Docker Service
see all running services
docker service ls
inspect service
docker service inspect <service name>
remove service
docker service rm <service name>
see which Swarm nodes are running the service
docker service ps <service ID>
scale out a service to more instances
docker service scale <service name>=5 (or # of instances)
Swarm
start swarm on leader node
docker swarm init
leader node generates token
add node to swarm
docker swarm join \
> --token <TOKEN> \
> <IP>:2377
This node joined a swarm as a worker.
start a service from a docker-compose file
docker stack deploy -c docker-compose.yaml myService