Docker - Index of commands

mail

docker tag

Usage

Create a tag TARGET_IMAGE that refers to SOURCE_IMAGE :
mail

docker logs

Usage

Fetch the logs of a container
mail

docker top

Usage

docker top containerId
display the running processes of a container
mail

docker build

Usage

Build an image from a Dockerfile

Flags

Flag Usage
--rm Remove intermediate containers after a successful build
-t --tag Name and optionally tag in the name:tag format
mail

docker container run

Usage

Run a command in a new container
docker container run is equivalent to docker run (source) :
  • both exist for historical reasons :
    • only docker run existed initially
    • docker container run was added later to have more intuitive commands like docker command subcommand since the number of commands was increasing
  • use docker container run, which is the modern way of running a container

Flags

Flag Usage
--name myContainer assign a name to the container
-P Publish all EXPOSEd ports to the host interfaces. Docker binds each EXPOSEd port to a random port on the host.
-p=portSpecification Publish a container's port/range of ports to the host. This allows mapping ports : hostPort:containerPort
Many syntaxes available, please
--rm (1, 2) when the container exits, remove :
-v volumeSpecification
--volume=volumeSpecification		 bind mount a volume using volumeSpecification : X:Y:Z
  • X can either be :
    • a host directory, specified as an absolute path
    • an arbitrary volume name
    • omitted (aka anonymous volume). In such case, it will be created automatically with a path + name like : /var/lib/docker/volumes/848acf58ffb933b/
  • Y is :
    • the path to the volume inside the container (aka mount point)
    • specified as an absolute path
  • Z :
    • is for permissions : rw, ro,
    • can be omitted. No idea what it defaults to
It is possible to declare a volume in a Dockerfile with the VOLUME directive, with the limitation of not being able to specify a host directory.
  • This is because an image has no control on its environment and can not guarantee that the host directory actually exists.
  • If you want to control both ends of a volume specification, you have no choice but use the -v / --volume flag.
-w dir --workdir dir use dir as working directory inside the container
mail

docker inspect

Usage

Return low-level information on Docker objects

Flags

Flag Usage
-f formatString
--format=formatString		 Format the output using the given Go template (details : 1, 2)
  • By default, data is returned as a JSON array.
  • formatString is not just a list of output format flags (as seen with other tools) but rather a mix of :
    • the list of queried fields
    • and a function (if any) to combine them to build the result
    like in the pseudo-code : join(', ', (field1, field2, field3))

Example

Let's discover docker inspect :

  • Learn everything about the containerId container :
    docker inspect containerId
  • Extract specific values :
    docker inspect -f '{{.LogPath}}' containerId
    /var/lib/docker/containers/containerId_full/containerId_full-json.log
    docker inspect -f '{{.HostConfig.Binds}}' containerId
    [/opt/docker/myApp/myApp.json:/etc/myApp.json:rw]
  • Values only or keys + values :
    docker inspect -f '{{.State}}' containerId
    {running true false false false false 5654 0  2020-09-09T09:49:07.578164883Z 0001-01-01T00:00:00Z <nil>}
    docker inspect -f '{{json .State}}' containerId
    {"Status":"running", "Running":true, "Paused":false, "Restarting":false, "OOMKilled":false, "Dead":false, "Pid":5654, "ExitCode":0, "Error":"", "StartedAt":"2020-09-09T09:49:07.578164883Z", "FinishedAt":"0001-01-01T00:00:00Z"}

Output formatting hacks :

jq :

Some experienced users prefer jq as an alternative to --format.

Python :

And if jq is not available, Python comes to the rescue :
  • raw result (JSON array) :
    docker inspect -f '{{.State}}' containerId
    {running true false false false false 5654 0  2020-09-09T09:49:07.578164883Z 0001-01-01T00:00:00Z <nil>}
  • keys + values as a JSON string :
    docker inspect -f '{{json .State}}' containerId
    {"Status":"running", "Running":true, "Paused":false, "Restarting":false, "OOMKilled":false, "Dead":false, "Pid":5654, "ExitCode":0, "Error":"", "StartedAt":"2020-09-09T09:49:07.578164883Z", "FinishedAt":"0001-01-01T00:00:00Z"}
  • pretty print of data (with keys sorted alphabetically) :
    docker inspect -f '{{json .State}}' containerId | python -m json.tool
    {
    "Dead": false,
    "Error": "",
    "ExitCode": 0,
    "FinishedAt": "0001-01-01T00:00:00Z",
    "OOMKilled": false,
    "Paused": false,
    "Pid": 5654,
    "Restarting": false,
    "Running": true,
    "StartedAt": "2020-09-09T09:49:07.578164883Z",
    "Status": "running"
}
mail

docker exec

Usage

Run a command in a running container

Flags

Flag Usage
-i --interactive Keep STDIN open even if not attached
-t --tty Allocate a pseudo-TTY
-u --user specify a username or UID

Example

Run a command in a container as a specific user :

  • docker exec -u bob -it 9f78e57b54d9 whoami
    bob
  • Open a shell as bob (details) :
    docker exec -u bob -it 9f78e57b54d9 sh