#docker #linux #kubernetes ![[boulard_docker-and-swarm-2022.pdf]] --- # πŸ“Œ **GENERAL COMMANDS** | Command | Description | | --------------------------------------------- | ----------------------------------------- | | `docker version` | Show client & server version | | `docker version --format '{{.Server.Version}}'` | Show only server version | | `docker version --format '{{json .}}'` | Full raw JSON | | `docker info -D` | Enable debug info for all docker commands | --- # πŸ“Œ **docker container** |Command|Description| |---|---| |docker container ls|List running containers| |docker container ls -a|List all containers| |docker container ls --size|Show container disk usage| |docker container ls -q|Show only container IDs| |docker container ls --format '{{printf "%-40s" .Names}} {{.Ports}}'|Pretty-print names & ports| |docker container start CONTAINER|Start container| |docker container stop CONTAINER|Stop container| |docker container pause CONTAINER|Pause processes| |docker container unpause CONTAINER|Resume processes| |docker container restart CONTAINER|Restart container| |docker container rm CONTAINER|Remove container| |docker container rm -f CONTAINER|Force remove (SIGKILL)| |docker container logs --tail 10 CONTAINER|Show last 10 log lines| |docker container logs --timestamps|Show logs with timestamps| |docker run IMAGE|Create + run container| |docker run --name CONTAINER nginx:1.22.0|Create container with name| |docker run -p 8080:80 IMAGE|Port mapping hostβ†’container| |docker run -d IMAGE|Run in background| |docker run --rm -it IMAGE CMD|Run interactively & auto-remove| |docker run --net NETWORK IMAGE|Attach to network| |docker run -d --name mysql -e MYSQL_ALLOW_EMPTY_PASSWORD=True -v mysql-db:/var/lib/mysql mysql|Create MySQL with named volume| |docker run -d --name nginx -p 80:80 -v $(pwd):/usr/share/nginx/html nginx|Bind mount source code| |docker run --mount type=volume,…|Use volume with explicit mount syntax| |docker run --mount type=bind,…|Bind mount host directory| |docker run --health-*|Add healthcheck to container| |docker container ps -a --filter volume=VOLUME|List containers using volume| |docker container ps --no-trunc|Disable output truncation| |docker container top|Show container processes| |docker container stats|Live CPU/memory usage| |docker container inspect|Detailed metadata| |docker container update -c 4 -m 8G|Change CPU/RAM limits| |docker container commit|Create image from container| |docker exec -it CONTAINER sh -c "test -d /dir"|Test if directory exists inside container| |docker container inspect --format '{{json .NetworkSettings}}'|Pretty-print network info| --- # πŸ“Œ **docker image** |Command|Description| |---|---| |docker image ls|List images| |docker image inspect -f '{{.Config.Cmd}}'|See default CMD on image| |docker pull nginx|Pull latest tag| |docker pull nginx:1.11.9|Pull specific tag| |docker image history IMAGE|Show image layers| |docker image tag SRC DST|Create new tag| |docker image push|Push image to registry| |docker build PATH|Build image from Dockerfile| |docker build -t IMAGE .|Build & tag| |docker build --target builder -t IMAGE:latest .|Multi-stage: stop at builder| --- # πŸ“Œ **docker volume** |Command|Description| |---|---| |docker volume ls|List volumes| |docker volume inspect|Volume details| |docker volume create --name VOLUME|Create named volume| |docker volume rm -f VOLUME|Force remove volume| |docker volume prune -f|Remove all unused volumes| |docker run --volumes-from|Copy data from volume| --- # πŸ“Œ **docker network** |Command|Description| |---|---| |docker network ls|List networks| |docker network create NET|Create network| |docker network inspect -v NET|Inspect network| |docker network connect NET CONTAINER|Attach container to network| |docker network rm NET|Remove network| |docker network prune|Remove unused networks| |docker network create --driver bridge NET|Bridge network (single host)| |docker network create --driver overlay NET|Overlay network (Swarm, multi-host)| |docker network create --opt encrypted NET|IPSEC encryption for overlay| |docker network create --attachable|Allows standalone containers to join overlay| --- # πŸ“Œ **docker compose** |Command|Description| |---|---| |docker compose up|Start services| |docker compose up -d|Detached| |docker compose up --build|Force rebuild| |docker compose up -p NAME|Custom project name| |docker compose down|Stop & remove services| |docker compose down --rmi local|Remove images| |docker compose start|Start stopped containers| |docker compose stop|Stop running services| |docker compose restart|Restart services| |docker compose logs|Show logs| |docker compose ps|List services| |docker compose top|Show processes| |docker compose build|Build images (no run)| |docker compose build -f FILE|Specify Dockerfile| |VAR=VAL docker-compose build|Environment vars for build| |VAR=VAL docker-compose up|Environment vars for runtime| |build --build-arg TOKEN|Pass build args| |docker compose -f base.yml -f test.yml up|Multiple compose files| --- # πŸ“Œ **docker service (Swarm)** |Command|Description| |---|---| |docker service create --name mydb --replicas 3 redis|Create replicated service| |docker service create --env VAR=value|Add env variables| |docker service create --secret source=ssh-key|Attach secrets| |docker service create --network NET|Attach to network| |docker service create -p 8081:80 nginx|Publish port| |docker service ls|List services| |docker service ps SERVICE|Show tasks| |docker service inspect SERVICE|Metadata| |docker service logs SERVICE|Logs| |docker service rm SERVICE|Remove service| |docker service update|Update configuration| |docker service update --replicas 10|Scale replicas| |docker service update --reserve-cpu 4|Reserve CPU| |docker service update --reserve-memory 16G|Reserve memory| |docker service update --mount-add|Add volume| |docker service update --mount-rm|Remove volume| |docker service update --secret-add|Add secret| |docker service update --secret-rm|Remove secret| |docker service update --rollback|Roll back to previous version| |docker service update --image IMAGE|Change image| |docker service update --publish-add|Change ports| |docker service scale SERVICE=5|Scale| |docker service update --force|Rebalance tasks| --- # πŸ“Œ **docker node (Swarm)** |Command|Description| |---|---| |docker node ls|List nodes| |docker node ps NODE|Show tasks on node| |docker node promote NODE|Promote to manager| |docker node demote NODE|Demote to worker| |docker node rm -f NODE|Force remove node| |docker node inspect NODE|Metadata| |docker node inspect --format '{{.Status.Addr}}'|Node IP| |docker node ls -f role=manager|Filter managers| |docker node update --label-add key=value|Add node label| --- # πŸ“Œ **docker stack (Swarm)** |Command|Description| |---|---| |docker stack deploy -c compose.yml STACK|Deploy stack| |docker stack deploy -c - STACK|Deploy from stdin| |docker stack ls|List stacks| |docker stack ps STACK|List tasks of stack| |docker stack rm STACK|Remove stack| |docker stack services STACK|List services in stack| --- # πŸ“Œ **docker secret (Swarm)** |Command|Description| |---|---| |docker secret create NAME file|Create secret| |echo X|docker secret create NAME -| |docker secret ls|List secrets| |docker secret inspect NAME|Inspect secret| |docker service create --secret NAME|Use secret in service| --- # πŸ“Œ **docker registry** |Command|Description| |---|---| |docker run registry:2|Run local registry| |docker run with TLS|Secured registry| |docker service create registry|Registry inside swarm| |docker login HOST|Login to registry| |docker tag IMAGE HOST/APP:VERSION|Tag for registry| |docker push HOST/IMAGE:TAG|Push to registry|