The Ultimate Docker Commands Cheatsheet (Updated for 2024) 🐳

G: Welcome, fellow developers and DevOps enthusiasts! If you’re diving into the world of Docker, or simply need a quick refresher on essential commands, you’ve landed in the right place. Docker has revolutionized how we build, ship, and run applications, making them portable and consistent across environments. But mastering its command-line interface (CLI) is key to harnessing its full power.

This comprehensive cheatsheet is designed to be your go-to reference for the most frequently used Docker commands, complete with examples and tips for efficient use. We’ve ensured it reflects current best practices and the latest understanding of Docker’s ecosystem. Let’s containerize some knowledge! 🚀

Understanding the Core: Images vs. Containers 🖼️📦

Before we jump into commands, let’s quickly clarify the two fundamental concepts in Docker:

• Image (🖼️): Think of an image as a blueprint, a template, or a read-only snapshot of an application and its dependencies. It’s built from a Dockerfile and includes everything needed to run your software (code, runtime, libraries, environment variables, etc.). Images are immutable.
• Container (📦): A container is a runnable instance of an image. When you run an image, Docker creates a container from it. Containers are isolated, lightweight, and can be started, stopped, moved, or deleted. You can have multiple containers running from the same image.

I. Docker Setup & Information ⚙️

First things first: verify your Docker installation and get system-wide information.

• docker --version: Check the Docker client version.

  docker --version
  # Output: Docker version 24.0.7, build afdd53b

• docker info: Display system-wide information about the Docker installation. This includes details about containers, images, storage, and more.

  docker info
  # (Shows detailed info like server version, number of containers/images, storage driver, etc.)

• docker login: Log in to a Docker registry (e.g., Docker Hub). Essential for pulling private images or pushing your own.

  docker login
  # Output: Login with your Docker ID to push and pull images, e.g. docker login --username YOUR_USERNAME
  # Username: mydockeruser
  # Password:
  # Login Succeeded

• docker logout: Log out from a Docker registry.

  docker logout

II. Image Management 🖼️

Images are the building blocks. Here’s how to manage them.

• **`docker pull :`**: Download an image from Docker Hub (or a configured registry). If no tag is specified, `latest` is assumed. “`bash docker pull ubuntu:22.04 # Pulls a specific version of Ubuntu docker pull nginx # Pulls the latest Nginx image “`
• docker images / docker image ls: List all locally stored Docker images.

  docker images
  # REPOSITORY    TAG       IMAGE ID       CREATED         SIZE
  # ubuntu        22.04     d70e3009623f   3 weeks ago     77.9MB
  # nginx         latest    2b77a0b271d1   5 days ago      142MB

• **`docker rmi :`**: Remove one or more images. You can use the IMAGE ID or the full `REPOSITORY:TAG`. “`bash docker rmi ubuntu:22.04 # Remove by name and tag docker rmi d70e3009623f # Remove by Image ID docker rmi -f myapp:latest # Force remove an image, even if it’s used by a container “`
• **`docker build -t : .`**: Build a new Docker image from a `Dockerfile` in the current directory (`.`). The `-t` flag tags the image with a name and optional tag. “`bash # Assuming you have a Dockerfile in the current directory docker build -t my-web-app:1.0 . “`
• **`docker tag : :`**: Create a new tag for an existing image. Useful for preparing images for pushing to a specific registry. “`bash docker tag my-web-app:1.0 myregistry.com/my-web-app:prod “`
• **`docker push :`**: Push an image to a Docker registry. You need to be logged in and the image usually needs to be tagged with the registry URL. “`bash docker push myregistry.com/my-web-app:prod “`

III. Container Lifecycle 📦

This is where the magic happens – running, stopping, and managing your application instances.

• **`docker run [OPTIONS] [:] [COMMAND] [ARG…]`**: Create and start a new container from an image. This is one of the most powerful and frequently used commands, with many options: * **`-d`**: Run container in detached mode (in the background). “`bash docker run -d –name my-nginx-server -p 80:80 nginx “` * **`-p :`**: Publish (map) a container’s port(s) to the host. “`bash docker run -p 8080:80 my-web-app:1.0 # Map host’s 8080 to container’s 80 “` * **`–name `**: Assign a custom name to your container. Makes it easier to refer to later. “`bash docker run –name my-db-container -e MYSQL_ROOT_PASSWORD=secret mysql:8.0 “` * **`-it`**: Run container in interactive mode with a pseudo-TTY. Useful for shell access. “`bash docker run -it ubuntu:22.04 bash # Get a bash shell inside an Ubuntu container “` * **`–rm`**: Automatically remove the container when it exits. Great for one-off tasks. “`bash docker run –rm alpine:latest echo “Hello from a temporary container!” “` * **`-v :`**: Mount a host path or a named volume into the container. (More on volumes below). “`bash docker run -v /path/on/host:/app/data my-app # Mount host directory docker run -v my-data-volume:/app/data my-app # Mount named volume “` * **`-e =`**: Set environment variables inside the container. “`bash docker run -e MY_ENV_VAR=myvalue my-app “` * **`–network `**: Connect the container to a specific network. (More on networks below). “`bash docker run –name my-backend –network my-app-network my-backend-image “`
• docker ps: List running containers.

  docker ps
  # CONTAINER ID   IMAGE     COMMAND                  CREATED         STATUS         PORTS                  NAMES
  # a1b2c3d4e5f6   nginx     "nginx -g 'daemon of…"   2 minutes ago   Up 2 minutes   0.0.0.0:80->80/tcp     my-nginx-server

• docker ps -a: List all containers, including stopped ones.

  docker ps -a

• **`docker start `**: Start one or more stopped containers. “`bash docker start my-nginx-server “`
• **`docker stop `**: Gracefully stop one or more running containers. “`bash docker stop my-nginx-server “`
• **`docker restart `**: Restart one or more containers. “`bash docker restart my-nginx-server “`
• **`docker kill `**: Forcefully kill one or more running containers (sends SIGKILL). Use when `docker stop` doesn’t work. “`bash docker kill my-frozen-container “`
• **`docker rm `**: Remove one or more stopped containers. “`bash docker rm my-nginx-server docker rm -f my-running-container # Force remove a running container “`

IV. Container Interaction & Inspection 🤝

Once a container is running, you’ll often need to peek inside or interact with it.

• **`docker logs `**: Fetch the logs of a container. * **`-f`**: Follow log output (like `tail -f`). * **`–tail `**: Show only the last N lines. “`bash docker logs my-nginx-server docker logs -f my-nginx-server docker logs –tail 100 my-nginx-server “`
• **`docker exec -it `**: Execute a command inside a running container. The `-it` flags are commonly used to get an interactive shell. “`bash docker exec -it my-nginx-server bash # Get a bash shell inside the nginx container docker exec my-nginx-server ls -l /usr/share/nginx/html # List files in nginx’s web root “`
• **`docker inspect `**: Return low-level information about a Docker object (container, image, volume, network). Very useful for debugging. “`bash docker inspect my-nginx-server docker inspect nginx:latest “`
• **`docker top `**: Display the running processes of a container. “`bash docker top my-nginx-server “`
• docker stats: Display a live stream of container(s) resource usage statistics (CPU, memory, network I/O, disk I/O).

  docker stats

• **`docker cp `**: Copy files/folders between a container and the local filesystem. “`bash docker cp my-nginx-server:/etc/nginx/nginx.conf ./nginx.conf # Copy from container to host docker cp ./my-local-file.txt my-nginx-server:/app/data/ # Copy from host to container “`

V. Data Management (Volumes) 📁

Containers are ephemeral. For persistent data, you need Docker volumes.

• **`docker volume create `**: Create a named volume. Named volumes are the preferred way to persist data generated by and used by Docker containers. “`bash docker volume create my-app-data “`
• docker volume ls: List all Docker volumes.

  docker volume ls
  # DRIVER    VOLUME NAME
  # local     my-app-data

• **`docker volume inspect `**: Display detailed information about a volume. “`bash docker volume inspect my-app-data “`
• **`docker volume rm `**: Remove one or more volumes. You can’t remove a volume that’s currently in use by a container. “`bash docker volume rm my-app-data “`
• Mounting a volume (with docker run):
  • Named volume: docker run -v my-app-data:/var/lib/mysql mysql
  • Bind mount (host directory): docker run -v /path/to/host/data:/var/www/html nginx

VI. Network Management 🌐

Docker containers can communicate with each other using networks.

• **`docker network create `**: Create a user-defined bridge network. This is highly recommended for multi-container applications as it provides better isolation and DNS resolution between containers. “`bash docker network create my-app-network “`
• docker network ls: List all Docker networks.

  docker network ls
  # NETWORK ID   NAME              DRIVER    SCOPE
  # a1b2c3d4e5f6   bridge            bridge    local
  # 7890abcde123   host              host      local
  # defg1234hi56   my-app-network    bridge    local

• **`docker network inspect `**: Display detailed information about a network, including connected containers. “`bash docker network inspect my-app-network “`
• **`docker network connect `**: Connect an existing container to a network. “`bash docker network connect my-app-network my-backend-container “`
• **`docker network disconnect `**: Disconnect a container from a network. “`bash docker network disconnect my-app-network my-backend-container “`
• **`docker network rm `**: Remove one or more networks. “`bash docker network rm my-app-network “`
• Connecting containers to a network (with docker run):

  docker run -d --name my-db --network my-app-network postgres
  docker run -d --name my-app --network my-app-network -p 80:80 my-app-image

  Now my-app can reach my-db using its name my-db as a hostname.

VII. System Management & Cleanup 🔥🗑️

Docker can consume a lot of disk space over time with old images, stopped containers, and unused volumes. Cleaning up is essential!

• docker system df: Show Docker disk usage. A handy overview of how much space images, containers, and volumes are consuming.

  docker system df

• docker system prune: Remove all stopped containers, unused networks, dangling images, and build cache. This is your go-to command for freeing up disk space.
  • -a or --all: Remove all unused images (not just dangling ones).
  • -f or --force: Do not prompt for confirmation.

    docker system prune          # Clean up stopped containers, unused networks, dangling images, and build cache
    docker system prune -a       # Also remove all unused images (those not associated with a container)
    docker system prune -a -f    # Force the cleanup without confirmation

• docker container prune: Remove all stopped containers.
• docker image prune: Remove dangling images (images not tagged and not used by any container).
• docker image prune -a: Remove all unused images (dangling + those not used by any container).
• docker volume prune: Remove all unused local volumes.
• docker network prune: Remove all unused networks.

VIII. Docker Compose 🚀

While not a single command, Docker Compose is indispensable for managing multi-container Docker applications. It allows you to define and run your entire application stack using a YAML file.

Note: docker-compose (with a hyphen) is the legacy V1 standalone CLI. docker compose (without a hyphen) is the modern V2 CLI, integrated directly into the Docker CLI. Most modern installations use V2, so docker compose is preferred.

• docker compose up [OPTIONS]: Build, create, (re)create, start, and attach to containers for a service.
  • -d: Run in detached mode.
  • --build: Build images before starting containers.

    # Assuming you are in a directory with a docker-compose.yml file
    docker compose up -d           # Start all services in detached mode
    docker compose up --build      # Rebuild images and then start services

• docker compose down: Stop and remove containers, networks, and volumes created by up.

  docker compose down

• docker compose ps: List containers for the services defined in docker-compose.yml.

  docker compose ps

• docker compose logs [OPTIONS] [SERVICE...]: View output from containers.
  • -f: Follow log output.

    docker compose logs -f web_app db_service # Follow logs for specific services
    docker compose logs                      # Follow logs for all services

• docker compose build [OPTIONS] [SERVICE...]: Build or rebuild services.

  docker compose build web_app # Rebuild only the 'web_app' service image
  docker compose build         # Rebuild all service images

• docker compose exec [OPTIONS] SERVICE COMMAND [ARGS...]: Execute a command in a running service container.

  docker compose exec web_app bash # Get a shell into the web_app service container

IX. Dockerfile Basics (For Context) 🏗️

While Dockerfile contains instructions, not commands, it’s the recipe for your images. Knowing these basic instructions helps understand how images are built.

• **`FROM `**: Specifies the base image for your build. “`dockerfile FROM node:18-alpine “`
• WORKDIR /path/in/container: Sets the working directory for subsequent instructions.

  WORKDIR /app

• COPY <source> <destination>: Copies files or directories from the host to the image.

  COPY package*.json ./
  COPY . .

• RUN <command>: Executes commands during the image build process (e.g., installing dependencies).

  RUN npm install

• **`EXPOSE `**: Informs Docker that the container listens on the specified network ports at runtime. (Doesn’t publish the port). “`dockerfile EXPOSE 3000 “`
• CMD ["executable", "param1", "param2"]: Provides defaults for an executing container. Can be overridden when docker run specifies a command. There can only be one CMD instruction in a Dockerfile.

  CMD ["npm", "start"]

• ENTRYPOINT ["executable", "param1", "param2"]: Configures a container that will run as an executable. CMD arguments are appended to ENTRYPOINT arguments.

  ENTRYPOINT ["/usr/bin/supervisord"]
  CMD ["-c", "/etc/supervisord.conf"]

Docker Best Practices & Tips 💡

• Use Specific Tags: Always use specific image tags (e.g., node:18.12.0-alpine) instead of just latest to ensure reproducibility and stability.
• Clean Up Regularly: Use docker system prune frequently to keep your disk space in check.
• Use Named Volumes: For persistent data, named volumes (docker volume create) are generally preferred over bind mounts as they’re managed by Docker and more portable.
• Create Custom Networks: For multi-container applications, always create a custom bridge network (docker network create) to enable easy and secure communication between containers by their names.
• docker ignore: Similar to .gitignore, use a .dockerignore file to exclude unnecessary files (like node_modules, .git, local .env files) from your build context to speed up builds and reduce image size.
• Minimal Base Images: Opt for smaller base images (like Alpine versions) to reduce image size and attack surface.

Conclusion 🎉

This cheatsheet covers the vast majority of Docker commands you’ll use in your day-to-day development and deployment workflows. Docker’s power lies in its simplicity and versatility, and with these commands at your fingertips, you’re well on your way to mastering containerization.

Keep this page bookmarked, and don’t hesitate to experiment with the commands. The best way to learn Docker is by doing! Happy containerizing! 🐳✨