Do What I Mean


Table of Contents

Docs | QuickRef | Cheatsheet

Use docker help, man dockerfile of man docker-<command> (e.g. man docker-run).

1 Concepts:

  • Major components:
    • A server/daemon which
      • manages docker objects, such as images, containers, network and data volumes
      • has a REST API
      • and a CLI (which uses the REST API)
    • A client which is the primary way to interact with Docker.
    • A registry (e.g. Docker Hub) that stores images
  • App hierarchy:
    • Stack
    • Service: a container from a docker-compose file
    • Container:
      • When stopped: a runnable instance of an image
      • When started: a running image (i.e. image + state)
      • may be connected to a network and/or storage
      • can be stored as an image
    • Image:
      • A read-only template with instructions for creating a Docker container
      • an executable package
      • may be based on another image
  • Files:
    • A Dockerfile defines an image
    • A docker-compose.yml defines one or more containers (a.k.a. services) that work together
  • Tips:
    • You start a container (after it has been stopped) and run an image (which creates and starts a container).
    • ​Docker services can address each other through their container names as host name.

2 Docker way [src]

Docker has some restrictions and requirements, depending on the architecture of your system (applications that you pack into containers). You can ignore these requirements or find some workarounds, but in this case, you won't get all the benefits of using Docker. My strong advice is to follow these recommendations:

  • 1 application = 1 container.
  • Run the process in the foreground (don't use systemd, upstart or any other similar tools).
  • Keep data out of containers – use volumes.
  • Do not use SSH (if you need to step into container, you can use the docker exec command).
  • Avoid manual configurations (or actions) inside container.

3 Basic docker commands

command (docker …) effect
build -t friendlyhello . Create image using this directory's Dockerfile
run -p 4000:80 friendlyhello Run "friendlyname" mapping port 4000 to 80
run -d -p 4000:80 friendlyhello Same thing, but in detached mode
container ls List all running containers
container ls -a List all containers, even those not running
container stop <hash> Gracefully stop the specified container
container kill <hash> Force shutdown of the specified container
container rm <hash> Remove specified container from this machine
container rm $(docker container ls -a -q) Remove all containers
image ls -a List all images on this machine
image rm <image id> Remove specified image from this machine
image rm $(docker image ls -a -q) Remove all images from this machine
login Log in this CLI session using your Docker credentials
tag <image> username/repository:tag Tag <image> for upload to registry
push username/repository:tag Upload tagged image to registry
run username/repository:tag Run image from a registry


4 More advanced docker commands

command (docker …) effect
volume rm $(docker volume ls) Remove all named volumes
exec -i -t container_name /bin/bash Open a terminal
system prune WARNING: use with caution

5 docker-compose


command (docker-compose ...) effect
exec <container_name> bash run command bash
-f <file> up start from a custom file
down --volumes also remove volumes attached to the container
©2019 otech-nl