Docker - Httqm's Docs

Remove one or more images

You can specify the image to delete with :

It's also possible to provide docker rmi with a list of images to delete :

docker rmi $([command that returns the list of images to delete])

Delete an image by ID

docker image ls

REPOSITORY		TAG		IMAGE ID		CREATED			SIZE
debian			bookworm	0ce03c8a15ec		8 hours ago		117MB
alpine			3.16		8471affe5de5		7 months ago		5.55MB

docker rmi 0ce03c8a15ec

Untagged: debian:bookworm
Untagged: debian@sha256:133a1f2aa9e55d1c93d0ae1aaa7b94fb141265d0ee3ea677175cdb96f5f990e5
Deleted: sha256:0ce03c8a15ec97f121b394857119e3e7652bba5a66845cbfa449d87a5251914e
Deleted: sha256:7cea17427f83f6c4706c74f94fb6d7925b06ea9a0701234f1a9d43f6af11432a

Delete untagged images

docker rmi $(docker images -f "dangling=true" -q)

Remove one or more containers

When trying to delete an image :

docker rmi 0ce03c8a15ec

Error response from daemon: conflict: unable to delete 0ce03c8a15ec (must be forced) - image is being used by stopped container 2cb71c235c6a

Get information about that stopped container still holding the image I want to delete :

docker ps -a

CONTAINER ID	IMAGE		COMMAND		CREATED			STATUS				PORTS		NAMES
2cb71c235c6a	0ce03c8a15ec	"bash"		8 minutes ago		Exited (130) About a minute ago			test

Remove that container :
docker rm 2cb71c235c6a
```
2cb71c235c6a
```
Check :
docker ps -a
```
(gone)
```
Now I can delete the image.

List + filter images

Flag	Usage
-f --filter "key=value"	filter output based on condition(s) provided untagged (i.e. <none>:<none>) by image name
-q --quiet	return image IDs only

List the most recently created images

docker images

List untagged images (source)

When a new version on an existing image is built, the repo:tag moves to the new image. The previous version of the image is left untagged (aka "dangling") with <none>:<none>.

docker images --filter "dangling=true"

List images by name

Let's consider we have :

docker images

REPOSITORY			TAG			IMAGE ID		CREATED			SIZE
foobar			2.14.13			8d184a936572		17 hours ago		283MB
foobar			2.14.12			e116aecf034c		17 hours ago		283MB
foobar			2.15.0			ee657cd3af27		17 hours ago		283MB
foobar			2.16.2			5a9fb562f34b		25 hours ago		284MB
debian				bookworm-slim		971072c49252		13 days ago		74.8MB
debian				bookworm		0ce03c8a15ec		2 months ago		117MB
vmware/powerclicore		latest			9359cebc65e4		8 months ago		2.15GB
alpine				3.16			8471affe5de5		10 months ago		5.55MB
rockylinux			9.1			ce99dcf19c24		13 months ago		176MB
alpine				3.15			c4fc93816858		17 months ago		5.59MB
vmware/powerclicore		12.7			d2d244ad5d73		18 months ago		932MB
nginx				1.19.9-alpine		bfad9487e175		2 years ago		22.6MB

We can list all the foobar images with :

docker images -f "reference=foobar"

REPOSITORY			TAG			IMAGE ID		CREATED			SIZE
foobar			2.14.13			8d184a936572		17 hours ago		283MB
foobar			2.14.12			e116aecf034c		17 hours ago		283MB
foobar			2.15.0			ee657cd3af27		17 hours ago		283MB
foobar			2.16.2			5a9fb562f34b		25 hours ago		284MB

Do something —described by the part— with images

docker image ls

list images

docker image history

show the history of an image, reporting which steps made it grow

docker image history myimage:latest

IMAGE			CREATED			CREATED BY					SIZE
c5ffa610ab8d		About a minute ago	|1 /bin/sh -c 					614MB		this was caused by the last RUN of my Dockerfile
155a3bf504ad		2 minutes ago		|1 /bin/sh -c 					52.9MB
2b54b499613b		2 minutes ago		/bin/sh -c #(nop)  LABEL comment=blah		0B
e9716a3e46f8		2 minutes ago		/bin/sh -c #(nop)  ARG 			0B
0ce03c8a15ec		3 days ago		/bin/sh -c #(nop)  CMD ["bash"]			0B
<missing>		3 days ago		/bin/sh -c #(nop) ADD file:39d17d2d62…		117MB

List containers

Flag	Usage
-a --all	show all containers (default shows just running)
-q --quiet	only display container IDs

Create a tag TARGET_IMAGE that refers to SOURCE_IMAGE :

docker tag SOURCE_IMAGE[:TAG] TARGET_IMAGE[:TAG]
docker tag httpd fedora/httpd:version1.0

If I get it correctly :

an image is named at build time with docker build -t myimage:1.0
docker tag adds one more tag / name / alias / ? to the "source image"

Fetch the logs of a container

docker top containerId

display the running processes of a container

docker build [options] contextPath

build an image from a Dockerfile
contextPath specifies the build context, i.e. a set of files the build process can refer to :
- the Dockerfile (of course )
- any other file you may COPY during the build

Flag	Usage
-f path/to/myDockerfile --file=path/to/myDockerfile	build image from path/to/myDockerfile defaults to contextPath/Dockerfile
--rm	Remove intermediate containers after a successful build
-t repo:tag --tag repo:tag	Name and tag the resulting image in the repo:tag format

Run a command in a new container

docker container run is equivalent to docker run (source) :

both exist for historical reasons :
- only docker run existed initially
- docker container run was added later to have more intuitive commands like docker command subcommand since the number of commands was increasing
use docker container run, which is the modern way of running a container

Flag	corresponding Dockerfile directive	Usage
-d --detach		start container in detached mode the container will exit when the root process used to run the container exits In foreground mode (opposite of detached mode evoked above), docker run can start the process in the container and attach the console to the process's standard input, output, and standard error. It can even pretend to be a TTY (this is what most command line executables expect) and pass along signals. All of that is configurable with -i, -t
--entrypoint=someCommand		Overwrite the default entrypoint set by the image with someCommand
-i --interactive		interactive mode : keep STDIN open even if not attached
--name myContainer		assign a name to the container
-P --publish-all		Publish all EXPOSEd ports to the host interfaces. Docker binds each EXPOSEd port to a random port on the host.
-p=portSpecification		Publish a container's port/range of ports to the host. This allows mapping ports : `hostPort:containerPort` Many syntaxes available, please
--rm (1, 2)		when the container exits, remove : the container filesystem(s) the anonymous volume(s)
-t		Allocate a pseudo-tty
--user userSpecification	USER	username or UID, with userSpecification : `name\|uid[:group\|gid]`
-v volumeSpecification --volume=volumeSpecification	VOLUME	bind mount a volume using volumeSpecification : `X:Y:Z` X can either be : a host directory, specified as an absolute path an arbitrary volume name omitted (aka anonymous volume). In such case, it will be created automatically with a path + name like : /var/lib/docker/volumes/848acf58ffb933b/ Y is : the path to the volume inside the container (aka mount point) specified as an absolute path Z : is for permissions : `rw`, `ro`, can be omitted. No idea what it defaults to It is possible to declare a volume in a Dockerfile with the VOLUME directive, with the limitation of not being able to specify a host directory. This is because an image has no control on its environment and can not guarantee that the host directory actually exists. If you want to control both ends of a volume specification, you have no choice but use the -v / --volume flag.
-w dir --workdir dir	WORKDIR	use dir as working directory inside the container

Return low-level information on Docker objects

Flag	Usage
-f formatString --format=formatString	Format the output using the given Go template (details : 1, 2) By default, data is returned as a JSON array. formatString is not just a list of output format flags (as seen with other tools) but rather a mix of : the list of queried fields and a function (if any) to combine them to build the result like in the pseudo-code : `join(', ', (field1, field2, field3))`

Let's discover docker inspect :

Learn everything about the containerId container :
docker inspect containerId

Extract specific values, considering this "inspection" result :

[
	{
		"Id": "sha256:4000f524b3ffb2282cd02892b8f89ec886bda2f71d87096f14378a6043ef4fab",
		
		"DockerVersion": "18.03.1-ce",
		"Config": {
			
			"Hostname": "",
			"Env": [
				"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"

docker inspect containerId -f '{{.DockerVersion}}'
```
18.03.1-ce
```

docker inspect containerId -f {{.Config.Env}}

[PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin]

Values only or keys + values :

docker inspect -f '{{.State}}' containerId

{running true false false false false 5654 0  2020-09-09T09:49:07.578164883Z 0001-01-01T00:00:00Z <nil>}

docker inspect -f '{{json .State}}' containerId

{"Status":"running", "Running":true, "Paused":false, "Restarting":false, "OOMKilled":false, "Dead":false, "Pid":5654, "ExitCode":0, "Error":"", "StartedAt":"2020-09-09T09:49:07.578164883Z", "FinishedAt":"0001-01-01T00:00:00Z"}

Output formatting hacks :

jq :

Some experienced users prefer jq as an alternative to --format.

Python :

And if jq is not available, Python comes to the rescue :

raw result (JSON array) :

docker inspect -f '{{.State}}' containerId

{running true false false false false 5654 0  2020-09-09T09:49:07.578164883Z 0001-01-01T00:00:00Z <nil>}

keys + values as a JSON string :

docker inspect -f '{{json .State}}' containerId

{"Status":"running", "Running":true, "Paused":false, "Restarting":false, "OOMKilled":false, "Dead":false, "Pid":5654, "ExitCode":0, "Error":"", "StartedAt":"2020-09-09T09:49:07.578164883Z", "FinishedAt":"0001-01-01T00:00:00Z"}

pretty print of data (with keys sorted alphabetically) :

docker inspect -f '{{json .State}}' containerId | python -m json.tool

{
	"Dead": false,
	"Error": "",
	"ExitCode": 0,
	"FinishedAt": "0001-01-01T00:00:00Z",
	"OOMKilled": false,
	"Paused": false,
	"Pid": 5654,
	"Restarting": false,
	"Running": true,
	"StartedAt": "2020-09-09T09:49:07.578164883Z",
	"Status": "running"
}

Run a command in a running container

Flag	Usage
-i --interactive	Keep STDIN open even if not attached
-t --tty	Allocate a pseudo-TTY
-u --user	specify a username or UID

Run a command in a container as a specific user :

docker exec -u bob -it 9f78e57b54d9 whoami
```
bob
```
Open a shell as bob (details) :
docker exec -u bob -it 9f78e57b54d9 sh

docker rmi

Usage

Example

Delete an image by ID

Delete untagged images

docker rm

Usage

docker images

Usage

Flags

Example

List the most recently created images

List untagged images (source)

List images by name

docker image

Usage

docker ps

Usage

Flags

docker tag

Usage

docker logs

Usage

docker top

Usage

docker build

Usage

Flags

docker container run

Usage

Flags

docker inspect

Usage

Flags

Example

Let's discover docker inspect :

Output formatting hacks :

jq :

Python :

docker exec

Usage

Flags

Example

Run a command in a container as a specific user :