Introduction
After working with Docker for a while, I have noted there could be hundreds of different Docker commands out there. But really, in my workflow, it's the same about 20-30 of these. Here's my personal cheat sheet of the most practical Docker commands I use regularly.
Container Management
Running Containers
The most basic Docker command is docker run. Following is how I use it in various situations:
docker run -d --name webserver nginx:latest
This command starts an Nginx container in detached mode (-d) with a given name. I use this when I need a quick web server for testing.
docker run -d -p 8080:80 nginx:latest
Maps port 8080 on your host to port 80 in the container. Useful when you need to use container services from your host machine.
docker run -d
-e POSTGRES_PASSWORD=mysecret
-e POSTGRES_DB=myapp
-v postgres_data:/var/lib/postgresql/data
postgres:13
I use this pattern for database containers where persistence and configuration matter a lot.
Container Lifecycle
docker ps
All running containers are shown here. I am using this above command very frequently to check up on container status, ports, and names.
docker logs -f container_name
The -f flag follows the log output. Indispensable in debugging problems within running containers.
docker exec -it container_name bash
Gives you a shell in the container. I'm using this constantly to debugging and for one-off commands.
Docker cheat sheet: Image Management
Working with Images
docker pull nginx:latest
Pulls an image from Docker Hub. Always specify a tag to avoid getting unexpected versions.
docker build -t myapp:1.0 .
Builds an image from a Dockerfile in the current directory. The -t flag tags the image with a name and version.
docker images
Lists all local images - I use this to check available images and their sizes.
Volume Management
Volumes are vital in establishing persistence in data:
docker volume create mydata
Create a Persistent Volume. I use these for database data and other stateful applications.
docker run -d
-v mydata:/data
nginx:latest
Mounts the volume 'mydata' to /data inside the container. This is required for persistence of data.
Network Management
Networking is the key to Container Communication:
docker network create mynetwork
Creates an isolated network for container communication. This is useful when I want to establish multi-container applications.
docker run -d --network mynetwork nginx:latest
Connects a container to a certain network. Useful for container-to-container communication.
Docker Compose
This makes Docker Compose very important to manage multi-container applications:
docker-compose up -d
Starts all the services as defined in docker-compose.yml. I use this daily to start my development environment.
docker-compose down
Stops and removes all containers, networks created by docker-compose up.
Cleanup Commands
These commands clean up the Docker environment:
docker system prune
Remove all stopped containers, unused networks, dangling images and build cache. I run this once a week because it saves me some disk space.
docker rm -v container_name
Remove a container and its associated volumes. Volumes will be deleted and volume data will be lost. Done
Troubleshooting
These are some very helpful debugging commands:
docker stats container_name
Display live resource usage statistics. Great for debugging performance of containers.
docker inspect container_name
Displays detailed configuration information about a container. This is useful to debug networking and volume issues.
Best Practices
Based on my experience, here are some key practices to follow:
- Always tag your images: Never use 'latest' in production
- Use named volumes: Simplifies data management
- Regular cleanup: Use system prune to keep disk space free
- Monitor logs: Regular log checking helps catch issues early
Security and Compliance
Security has become a crucial part of my Docker workflow, especially when working with enterprise clients. Here are some essential security-focused commands I use:
SBOM (Software Bill of Materials)
docker sbom example-image:latest
docker sbom example-image:latest --output sbom.txt
docker sbom example-image:latest --format spdx-json
I generate these SBOMs to maintain transparency in our software supply chain. It's particularly important when working with security-conscious clients.
Vulnerability Scanning
docker scan example-image:latest
docker scan example-image:latest --file Dockerfile
docker scan example-image:latest --severity high
I always run these scans before deploying any container to production. It's saved me from potential security issues multiple times.
Docker Hub Operations
These are the commands I use daily for Docker Hub interactions:
docker login
docker logout
docker search nginx
Advanced Features
Resource Monitoring
For performance troubleshooting, I rely on these monitoring commands:
docker stats
docker stats $(docker ps --format={{.Names}}) # Monitor all containers
Config Contexts
When working with multiple Docker environments:
docker context create my-remote --docker "host=ssh://user@remote-server"
docker context ls
docker context use my-remote
docker context rm old-context
Advanced Cleanup
Here's my detailed cleanup routine that I use to manage disk space:
docker system prune --volumes # Remove everything unused
docker image prune -a # Remove all unused images
docker volume prune # Remove all unused volumes
docker container prune # Remove all stopped containers
Quick Reference
Here's a comprehensive table of all the commands covered in this cheat sheet:
| Category | Command | Description |
|---|---|---|
| Container Management | docker run -d --name webserver nginx:latest |
Run container in detached mode |
docker run -d -p 8080:80 nginx:latest |
Run with port mapping | |
docker ps |
List running containers | |
docker logs -f container_name |
Follow container logs | |
docker exec -it container_name bash |
Access container shell | |
| Image Management | docker pull nginx:latest |
Pull image from registry |
docker build -t myapp:1.0 . |
Build image from Dockerfile | |
docker images |
List local images | |
| Volume Management | docker volume create mydata |
Create volume |
docker run -v mydata:/data nginx:latest |
Run with volume mount | |
| Network Management | docker network create mynetwork |
Create network |
docker run --network mynetwork nginx:latest |
Run with network | |
| Docker Compose | docker-compose up -d |
Start services |
docker-compose down |
Stop services | |
| Cleanup | docker system prune |
Remove unused resources |
docker rm -v container_name |
Remove container and volumes | |
docker system prune --volumes |
Remove all unused resources | |
docker image prune -a |
Remove all unused images | |
docker volume prune |
Remove all unused volumes | |
| Security | docker sbom example-image:latest |
Generate SBOM |
docker scan example-image:latest |
Scan for vulnerabilities | |
| Docker Hub | docker login |
Log into Docker Hub |
docker logout |
Log out from Docker Hub | |
docker search nginx |
Search images | |
| Advanced | docker stats container_name |
Monitor container resources |
docker context create my-remote |
Create new context | |
docker context ls |
List contexts | |
docker inspect container_name |
View container details |
Conclusion
These are the essentials for my day-to-day work with Docker. Of course, Docker has many more commands, but once mastered, these will cover about 90% of your needs to manage containers. Keep this cheat sheet handy; I still refer back to it fairly often when working in different environments.
Monitoring GitHub Actions Workflows
CICube is a GitHub Actions monitoring tool that provides you with detailed insights into your workflows to further optimize your CI/CD pipeline. With CICube, you will be able to track your workflow runs, understand where the bottlenecks are, and tease out the best from your build times. Go to cicube.io now and create a free account to better optimize your GitHub Actions workflows!
Top comments (0)