docker_commands

Posted on 21 February 2019, updated on 30 January 2023.

Are you really confident in the way you use Docker? Docker is now used in pairs with tons of different technologies, and you might need to learn it fast or either to bring your memories back. Here is a reminder list and explained fundamentals commands from docker and docker-compose.

Some context

A container is close to a VM. While a VM is entirely a new machine (from a software view) build on a physical machine, a container doesn’t have all the components a machine usually has. To be more precise, it doesn’t have a whole OS, but only what it needs to run its applications. It is built from an image, which corresponds to its configuration.

You might have heard of Docker-compose. The difference between Docker and Docker-compose is simple: docker commands are focused on only one container (or image) at once while docker-compose manages several containers docker.

Monitoring commands

These few commands are in my mind the first you need to know when using Docker.

docker ps (-a)

docker ps displays every docker instance currently running in your environment. If you add the -a option, then you even have the stopped ones.

docker images (-a)

The docker images show you the images you have built, and the -a show you the intermediate images.

docker network ls
&docker-compose ps

The docker network ls list the networks and docker-compose ps displays all the containers once started with it (currently running or not).

Manage commands

You now need images and containers to test the few previous commands.

docker-compose up (-d) (--build)
docker-compose stop

The docker-compose is easiest because you only need 2 commands: up and stop. stop is explicit and stops (not removes) your containers, but up require more explanations: it will build your images if they aren't already and will start your dockers.

If you want to re-build your images, use the option --build (you can also use the command docker-compose build to only build the images). The option -d, which means "detach" make the containers run in the background.

docker build (-t <NAME>) <PATH>/<URL>

With Docker, you need a separate command to build your image where you can specify the name of your image and you have to specify the PATH or URL to your context (this can be a git repository).

docker run (-d) (-p <hostPort>:<containerPort>) (--name <NAME>) <IMGNAME>/<IMGID>

run create the container using the image you tell it. You can specify lots of parameters, I recommend you add a name to your container and you may need to specify some ports to expose. As for docker-compose, the -d make the container run in the background.

docker start <ID>/<NAME>
docker stop <ID>/<NAME>

The start and stop shouldn’t be hard to understand, but you have to note that you can only start containers already stopped, this means already built with run.

docker exec -it <NAME>/<ID> <“sh”>/<”/bin/bash”>

This command allows you to connect to the shell of your container. I prefer using "/bin/bash" but your container may not have bash installed and only "sh" which is more common. If you put some special configuration to your container, you may need to use extra arguments to connect to it. This command can do much more than this, I recommend reading the doc for further information.

Remove commands

These commands remove your containers and images, you will likely need them to save disk space.

docker rm <ID>/<NAME>
docker-compose rm

The docker rm removes only one container when docker-compose rm removing every container started with a docker-compose command.

docker rmi <ID>/<NAME>>

docker rmi delete the image you give as a parameter and recursively all the images intermediate used to build it.

Logs commands

The commands below are useful when you need to debug some of your containers (or more often the applications you deploy in it).

docker logs <ID>/<NAME> (-f --tail <NBLINE>)

This command prints the logs of the container you specify. If you use the option -f --tail <NBLINE> you can follow the live flux of your logs (<NBLINE> is the number of lines you want to display. Keep in mind to choose a number of lines you can handle and not be overwhelmed by your logs).

docker-compose logs (<ID>/<NAME>)

The option (<ID>/<NAME>) with the docker-compose logs let you see the logs from only one container instead of every log. The point here is if you don’t use the -d option when using docker run or docker-compose up you will see your logs directly (but you will need to stop the container to quit the view). It can still be useful to debug launching apps.

Registry commands

This list of docker commands is useful once you want to manage the version of your images and make them available for others.

docker pull <NAME>[:<TAG>]

This command pulls on your computer the image you specified. If you don’t specify the tag, you will pull the latest image: it can create issues if the latest version has breaking changes between two pulls. You can also specify a digest if you want to fix a specific version (a tag can be overwritten, but a digest cannot).

docker tag <SOURCE_IMAGE>[:<TAG>] TARGET_IMAGE[:<TAG>]

This command set a hostname:tag to an image you specified. If you don’t specify a tag, latest will be used. The hostname is needed before pushing your image to a container registry. The tag is used to set a version to your image.

docker push <NAME>[:<TAG>]

With this one you push your image to the registry. If there is already a similar tag, you will override it and the previous image in the registry will be untagged and you will need the digest to pull it again.

docker login [-u <USERNAME> -p <PASSWORD] <REGISTRY>

Before pulling or pushing an image to a registry you may have to authenticate. The docker login command authenticates you to the registry you specify (for example docker hub). Username and password can be used inline, but you can also provide a password through STDIN as follows (with the password in an environment variable):

echo $PASSWORD | docker login -u <USERNAME> --password-stdin <REGISTRY>

Some registries need to be authenticated with a specific command as AWS ECR or GCP Container Registry. Follow their documentation if you need to use them.