Docker Cheatsheet
Quick reference for the most commonly used Docker commands.
Container Lifecycle
# Run container
docker run nginx
docker run -d nginx # Detached
docker run -it ubuntu bash # Interactive
docker run --name web nginx # Named
docker run --rm nginx # Auto-remove
# Start / Stop / Restart
docker start <id>
docker stop <id>
docker restart <id>
docker kill <id> # Force stop
# Remove container
docker rm <id>
docker rm -f <id> # Force remove running
docker container prune # Remove all stoppedInspect & Debug
# List containers
docker ps # Running
docker ps -a # All
# Logs
docker logs <id>
docker logs -f <id> # Follow
docker logs --tail 100 <id> # Last 100 lines
# Execute commands
docker exec -it <id> bash
docker exec <id> ls /app
# Inspect
docker inspect <id>
docker stats # Live resource usage
docker top <id> # Running processesImages
# List images
docker images
docker image ls
# Pull / Push
docker pull nginx:alpine
docker push myrepo/myapp:v1
# Build
docker build -t myapp:latest .
docker build -t myapp:v1 -f Dockerfile.prod .
# Tag
docker tag myapp:latest myrepo/myapp:v1
# Remove images
docker rmi <image>
docker image prune # Dangling images
docker image prune -a # All unusedNetworking
# Run with port mapping
docker run -p 8080:80 nginx # host:container
docker run -p 127.0.0.1:8080:80 nginx
# Network management
docker network ls
docker network create mynet
docker network inspect mynet
# Connect / disconnect
docker network connect mynet <id>
docker network disconnect mynet <id>
# Run in network
docker run --network mynet nginx
# DNS — containers find each other by name
docker run --network mynet --name web nginx
docker run --network mynet --name app myappVolumes
# Named volumes
docker volume create mydata
docker volume ls
docker volume inspect mydata
docker volume rm mydata
docker volume prune
# Run with volume
docker run -v mydata:/app/data nginx
docker run -v mydata:/app/data:ro nginx # Read-only
# Bind mount (host directory)
docker run -v /host/path:/container/path nginx
docker run -v $(pwd):/app nginx
# tmpfs (in-memory)
docker run --tmpfs /tmp nginxRun Options
# Environment variables
docker run -e NODE_ENV=production nginx
docker run --env-file .env nginx
# Resource limits
docker run --memory 512m nginx
docker run --cpus 0.5 nginx
# Restart policy
docker run --restart unless-stopped nginx
docker run --restart on-failure:3 nginx
# User
docker run --user 1000:1000 nginx
# Read-only filesystem
docker run --read-only nginx
# Hostname
docker run --hostname mycontainer nginxDocker Compose
# Start services
docker compose up -d # Detached
docker compose up --build # Rebuild images
docker compose up -d --scale web=3 # Scale
# Stop services
docker compose down # Stop and remove
docker compose down -v # Also remove volumes
docker compose stop # Stop only
# Status
docker compose ps
docker compose logs
docker compose logs -f web # Follow specific service
docker compose top
# Run one-off commands
docker compose exec web bash
docker compose run --rm web pytest
docker compose run --rm web python manage.py migratedocker-compose.yml — Full Example
version: "3.9"
services:
web:
build:
context: .
dockerfile: Dockerfile
target: production
image: myapp:latest
container_name: myapp-web
ports:
- "8080:8080"
environment:
- NODE_ENV=production
- DATABASE_URL=postgresql://user:pass@db:5432/myapp
env_file:
- .env
depends_on:
db:
condition: service_healthy
redis:
condition: service_started
volumes:
- uploads:/app/uploads
networks:
- frontend
- backend
restart: unless-stopped
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:8080/health"]
interval: 30s
timeout: 10s
retries: 3
start_period: 10s
deploy:
resources:
limits:
memory: 512m
cpus: "0.5"
db:
image: postgres:16-alpine
environment:
POSTGRES_DB: myapp
POSTGRES_USER: user
POSTGRES_PASSWORD: pass
volumes:
- postgres_data:/var/lib/postgresql/data
networks:
- backend
healthcheck:
test: ["CMD-SHELL", "pg_isready -U user -d myapp"]
interval: 10s
timeout: 5s
retries: 5
redis:
image: redis:7-alpine
volumes:
- redis_data:/data
networks:
- backend
command: redis-server --appendonly yes
nginx:
image: nginx:alpine
ports:
- "80:80"
- "443:443"
volumes:
- ./nginx/nginx.conf:/etc/nginx/nginx.conf:ro
- ./nginx/certs:/etc/nginx/certs:ro
depends_on: [web]
networks:
- frontend
volumes:
postgres_data:
redis_data:
uploads:
networks:
frontend:
backend:
internal: true # No external accessDockerfile Reference
Common Instructions
FROM ubuntu:22.04
LABEL maintainer="[email protected]"
# Environment
ENV APP_HOME=/app
ENV PORT=8080
ARG BUILD_DATE
# Working directory
WORKDIR /app
# Copy files
COPY . .
COPY src/ ./src/
ADD archive.tar.gz /app/ # Extracts automatically
# Run commands (creates layer)
RUN apt-get update \
&& apt-get install -y curl \
&& rm -rf /var/lib/apt/lists/*
# User
RUN useradd -r appuser
USER appuser
# Expose port (documentation)
EXPOSE 8080
# Health check
HEALTHCHECK --interval=30s CMD curl -f http://localhost:8080/health
# Entry point
ENTRYPOINT ["python"]
CMD ["-m", "uvicorn", "main:app"]Multi-stage Build
# Build stage
FROM node:20-alpine AS builder
WORKDIR /build
COPY package*.json ./
RUN npm ci
COPY . .
RUN npm run build
# Production stage
FROM node:20-alpine AS production
WORKDIR /app
# Non-root user
RUN addgroup -S app && adduser -S app -G app
# Copy only build output
COPY --from=builder --chown=app:app /build/dist ./dist
COPY --from=builder --chown=app:app /build/node_modules ./node_modules
USER app
EXPOSE 3000
CMD ["node", "dist/server.js"]Cleanup & Maintenance
# System-wide cleanup
docker system df # Show disk usage
docker system prune # Remove all unused resources
docker system prune -a # Also remove unused images
docker system prune -a --volumes # Also remove volumes (CAREFUL!)
# Specific cleanup
docker container prune # Stopped containers
docker image prune -a # Unused images
docker volume prune # Unused volumes
docker network prune # Unused networks
# Export / Import images (for air-gapped environments)
docker save myapp:v1 | gzip > myapp-v1.tar.gz
docker load < myapp-v1.tar.gz
# Copy files to/from container
docker cp mycontainer:/app/log.txt ./log.txt
docker cp ./config.json mycontainer:/app/config.json
💡 Tips:
Use
.dockerignore to exclude files from build context (similar to .gitignore).
Add node_modules/, .git/, *.log, .env to keep images small and builds fast.