Docker CLI
A collection of simple Docker CLI commands to start and stop containers, execute commands, connect to networks and data volumes, and more.
run
To download the alpine image (Alpine Linux), start a container, and run a command.
docker container run alpine whoami
root
The container keyword can be omitted.
docker run alpine date +"%Y-%m-%d"
2023-11-15
When the command (i.e. whoami or date) finishes, the container stops but is not deleted.
docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
d1725a17b680 alpine "date +%Y-%m-%d" 4 seconds ago Exited (0) 4 seconds ago amazing_mirzakhani
d6a354b2b751 alpine "whoami" 14 seconds ago Exited (0) 14 seconds ago blissful_shannon
To remove the containers.
docker rm amazing_mirzakhani blissful_shannon
To automatically delete the container once the command has completed, use the --rm option.
docker run --rm alpine whoami
root
The container is no longer exists.
docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
To run several commands, use the -c option to sh.
docker run --rm alpine sh -c "date;pwd;ps;ls|wc -l"
Thu Nov 16 10:25:17 UTC 2023
/
PID USER TIME COMMAND
1 root 0:00 sh -c date;pwd;ps;ls|wc -l
8 root 0:00 ps
17
shell
To run a container with an interactive shell, use the --interactive and --tty options.
docker run --rm --interactive --tty alpine sh
/# uname
Linux
/# exit
Or use the -it shorthand version.
docker run --rm -it ubuntu /bin/bash
/# hostname
1a6e242e108b
/# exit
Remember, when we exit the shell, the container is stopped.
To detach without exiting, use ctrl p ctrl q
docker run --name ub --rm -it ubuntu /bin/bash
ctrl p ctrl q
The container is still running (with the name we specified in the --name option).
docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
1a6e242e108b ubuntu "/bin/bash" 26 seconds ago Up 25 seconds ub
To re-attach to the container.
docker attach ub
/# exit
exec
To execute a command in a running container, first start the container.
docker run --name ub --rm -d ubuntu sleep 1h
The -d option detaches the container process from the current terminal and runs it in the background.
To run a command in the container.
docker exec ub ps
PID TTY TIME CMD
1 ? 00:00:00 sleep
7 ? 00:00:00 ps
Or to start an interactive shell.
docker exec -it ub /bin/bash
/# ps -e
PID TTY TIME CMD
1 ? 00:00:00 sleep
13 pts/0 00:00:00 bash
21 pts/0 00:00:00 ps
We can remove the container after stopping it.
docker stop ub
docker rm ub
To forcibly remove it whilst it is running.
docker rm -f ub
working directory
-w sets the working directory inside the container. The default is the root directory (/).
docker run --rm -w /var/log ubuntu pwd
/var/log
environment variables
Use --env or -e to set an environment variable in the container.
docker run --rm --name alp -e MY_ENV=abc123 alpine sh -c 'echo $MY_ENV'
abc123
ports
To expose a container port to the host.
docker run -d --name nginx -p8080:80 nginxdemos/hello:plain-text
curl localhost:8080
Server address: 172.17.0.2:80
Server name: 2ac91f33111d
Date: 23/Nov/2023:11:18:07 +0000
URI: /
Request ID: 6efa5d86356d546c78c7f676f195e844
TCP port 80 in the container has been mapped to port 8080 on the host.
docker ps --format "table {{.Names}}\t{{.Ports}}"
NAMES PORTS
nginx 0.0.0.0:8080->80/tcp
To show the mapped ports.
docker port nginx
80/tcp -> 0.0.0.0:8080
Note that with this command, the port order is reversed from the port mapping in the run command and the PORTS column of the ps command. In this context -> can be read as ‘is exposed as’.
To publish all ports on the container to random ports on the host, use -P.
docker run -d --name nginx -P nginxdemos/hello:plain-text
files
From Manage data in Docker - “By default all files created inside a container are stored on a writable container layer.”
So files are retained when the container is stopped.
docker run --name ub -it ubuntu /bin/bash
/# echo "Hit!" > /tmp/file.txt
/# exit
docker stop ub
docker start ub
docker exec ub cat /tmp/file.txt
Hit!
storage
There are two options for containers to store files: volumes (preferred) and bind mounts.
Volumes are entirely managed by docker, bind mounts are mapped to a specific host path.
Both types are specified by --volume (or -v) or --mount.
Anonymous volume
Anonymous volumes are not explicitly mapped to the host. They are given random names but behave the same as named volumes.
docker run -v /app/dir --name ub -it ubuntu /bin/bash
or
docker run --mount target=/app/dir --name ub -it ubuntu /bin/bash
/# echo "Hit!" >/app/dir/file.txt
/# exit
docker restart ub
docker exec -it ub /bin/bash
/# more /app/dir/file.txt
Hit!
docker volume ls
DRIVER VOLUME NAME
local d78199120b8e38c293801e5c5dc9792e8807ec6c229818d6ec27ffd29a0e86db
The volume is not removed automatically, even when the container is destroyed. Use prune to get rid of unused volumes (see below).
An anonymous volume is equivalent to having a VOLUME in the image’s Dockerfile.
Named volume
To create a named volume.
docker volume create vol1
docker volume ls
DRIVER VOLUME NAME
local vol1
One or more containers can mount the same volume.
docker run -v vol1:/app/dir -it --name ub1 ubuntu /bin/bash
/# echo "Hit!" >/app/dir/file.txt
/# exit
docker run --mount source=vol1,target=/app/dir -it --name ub2 ubuntu /bin/bash
/# more /app/dir/file.txt
Hit!
To remove the volume (after removing the containers that were using it).
docker volume rm vol1
Error response from daemon: remove vol1: volume is in use - [b5dc607375a6542c9032e2ec4392cbe83254fc302e41fda476fa9b8cff93579b]
docker rm ub1 ub2
docker volume rm vol1
or
docker volume prune
docker volume ls
DRIVER VOLUME NAME
docker volume prune will remove volumes which are not referenced by any containers.
Bind mounts
To mount a directory or file from the host machine into the container.
docker run --rm -it -v /host/dir:/app/dir alpine sh
or
docker run --rm -it --mount type=bind,source=$(PWD)/Backup,target=/app/dir alpine sh
/# touch /app/dir/file.txt
/# exit
ls -la Backup
total 0
drwxr-xr-x 3 user123 staff 96 Nov 17 09:33 .
drwxr-xr-x 18 user123 staff 576 Nov 17 09:32 ..
-rw-r--r-- 1 user123 staff 0 Nov 17 09:33 file.txt
Prefer Volumes
Volumes are managed by Docker and are not directly tied to the host machine’s filesystem. This means that they are more portable and can be easily shared between containers. Volumes are also more durable than bind mounts and will not be lost if the container is deleted.
network
To create a network.
docker network create net1
docker network ls
NETWORK ID NAME DRIVER SCOPE
0d829c4d0daa bridge bridge local
318bc336cdce host host local
a433047218af net1 bridge local
746a5d48a8bb none null local
Connect containers to the network.
docker run -d --rm --name alp --net net1 alpine sleep 1h
docker run -it --rm --name ubu --net net1 ubuntu /bin/bash
/# apt-get update && apt-get install -y iputils-ping
/# ping alp
PING alp (172.17.0.2) 56(84) bytes of data.
64 bytes from alp (172.17.0.2): icmp_seq=1 ttl=255 time=0.078 ms
64 bytes from alp (172.17.0.2): icmp_seq=2 ttl=255 time=0.050 ms
64 bytes from alp (172.17.0.2): icmp_seq=3 ttl=255 time=0.052 ms
/# exit
docker stop alp
docker network rm net1
list
Use ls to list resources.
docker container ls
docker container ls -a
docker image ls
docker volume ls
docker network ls
docker container ls replaces docker ps, and is now the preferred way to list containers.
prune
Show all dangling images (that is, images not used by any containers).
docker images --filter "dangling=true"
To prune these images.
docker image prune
Prune unused volumes.
docker volume prune
Prune everything.
docker system prune