Docker Commands Cheat Sheet: From Basics to Production
Every Docker command you need — from building images and running containers to networking, volumes, Docker Compose, and production debugging. A practical reference for daily use.
DevToolsHub Team22 min read1,343 words
Docker Basics
Docker packages applications into containers — lightweight, portable units that include everything needed to run: code, runtime, libraries, and system tools. Containers are isolated from each other and the host system.
Key Concepts
- Image — A read-only template with instructions for creating a container. Think of it as a class.
- Container — A running instance of an image. Think of it as an object.
- Dockerfile — A text file with instructions to build an image.
- Registry — A storage for images (Docker Hub, GitHub Container Registry, AWS ECR).
- Volume — Persistent storage that survives container restarts.
- Network — Communication channel between containers.
Images
Building Images
# Build from Dockerfile in current directory
docker build -t myapp:latest .
# Build with a specific Dockerfile
docker build -f Dockerfile.prod -t myapp:prod .
# Build with build arguments
docker build --build-arg NODE_ENV=production -t myapp:prod .
# Build without cache (clean build)
docker build --no-cache -t myapp:latest .
# Build for a specific platform
docker build --platform linux/amd64 -t myapp:latest .
# Multi-platform build
docker buildx build --platform linux/amd64,linux/arm64 -t myapp:latest .
Managing Images
# List all images
docker images
docker image ls
# Pull an image from registry
docker pull node:20-alpine
docker pull postgres:16
# Tag an image
docker tag myapp:latest myregistry.com/myapp:v1.0
# Push to registry
docker push myregistry.com/myapp:v1.0
# Remove an image
docker rmi myapp:latest
# Remove all unused images
docker image prune
# Remove ALL images (careful!)
docker image prune -a
# Inspect image details
docker image inspect node:20-alpine
# View image history (layers)
docker image history node:20-alpine
# Save image to tar file
docker save -o myapp.tar myapp:latest
# Load image from tar file
docker load -i myapp.tar
Containers
Running Containers
# Run a container
docker run nginx
# Run in detached mode (background)
docker run -d nginx
# Run with a name
docker run -d --name my-nginx nginx
# Run with port mapping (host:container)
docker run -d -p 8080:80 nginx
# Run with environment variables
docker run -d -e POSTGRES_PASSWORD=secret postgres:16
# Run with env file
docker run -d --env-file .env myapp
# Run with volume mount
docker run -d -v /host/path:/container/path nginx
docker run -d -v mydata:/var/lib/postgresql/data postgres:16
# Run with bind mount (development)
docker run -d -v $(pwd):/app -w /app node:20 npm start
# Run with memory limit
docker run -d --memory=512m --cpus=1.0 myapp
# Run and remove when stopped
docker run --rm -it node:20 node -e "console.log('hello')"
# Run interactively with a shell
docker run -it ubuntu:22.04 bash
docker run -it node:20-alpine sh
# Run with restart policy
docker run -d --restart=unless-stopped myapp
Managing Containers
# List running containers
docker ps
# List all containers (including stopped)
docker ps -a
# Stop a container
docker stop my-nginx
# Stop with timeout (seconds)
docker stop -t 30 my-nginx
# Start a stopped container
docker start my-nginx
# Restart a container
docker restart my-nginx
# Remove a container
docker rm my-nginx
# Force remove a running container
docker rm -f my-nginx
# Remove all stopped containers
docker container prune
# Pause/unpause a container
docker pause my-nginx
docker unpause my-nginx
Debugging Containers
# View container logs
docker logs my-nginx
# Follow logs in real-time
docker logs -f my-nginx
# Show last 100 lines
docker logs --tail 100 my-nginx
# Show logs with timestamps
docker logs -t my-nginx
# Execute a command in a running container
docker exec -it my-nginx bash
docker exec -it my-nginx sh
# Execute a one-off command
docker exec my-nginx cat /etc/nginx/nginx.conf
# View container resource usage
docker stats
docker stats my-nginx
# Inspect container details
docker inspect my-nginx
# View container processes
docker top my-nginx
# Copy files to/from container
docker cp my-nginx:/etc/nginx/nginx.conf ./nginx.conf
docker cp ./config.json my-nginx:/app/config.json
# View container filesystem changes
docker diff my-nginx
Volumes
# Create a named volume
docker volume create mydata
# List volumes
docker volume ls
# Inspect a volume
docker volume inspect mydata
# Remove a volume
docker volume rm mydata
# Remove all unused volumes
docker volume prune
# Use a named volume
docker run -d -v mydata:/data myapp
# Use a bind mount (host directory)
docker run -d -v /host/path:/container/path myapp
# Read-only mount
docker run -d -v /host/path:/container/path:ro myapp
Networking
# List networks
docker network ls
# Create a network
docker network create mynetwork
# Run container on a network
docker run -d --network mynetwork --name api myapp
# Connect a running container to a network
docker network connect mynetwork my-container
# Disconnect from a network
docker network disconnect mynetwork my-container
# Inspect a network
docker network inspect mynetwork
# Remove a network
docker network rm mynetwork
# Containers on the same network can reach each other by name
# api container can reach db container at hostname "db"
docker run -d --network mynetwork --name db postgres:16
docker run -d --network mynetwork --name api -e DB_HOST=db myapp
Docker Compose
Docker Compose defines multi-container applications in a YAML file.
docker-compose.yml Example
version: "3.8"
services:
app:
build: .
ports:
- "3000:3000"
environment:
- DATABASE_URL=postgres://user:pass@db:5432/mydb
- REDIS_URL=redis://cache:6379
depends_on:
- db
- cache
volumes:
- .:/app
- /app/node_modules
restart: unless-stopped
db:
image: postgres:16-alpine
environment:
POSTGRES_USER: user
POSTGRES_PASSWORD: pass
POSTGRES_DB: mydb
volumes:
- pgdata:/var/lib/postgresql/data
ports:
- "5432:5432"
cache:
image: redis:7-alpine
ports:
- "6379:6379"
volumes:
pgdata:
Compose Commands
# Start all services
docker compose up
# Start in detached mode
docker compose up -d
# Start specific service
docker compose up -d db
# Build and start
docker compose up -d --build
# Stop all services
docker compose down
# Stop and remove volumes
docker compose down -v
# View logs
docker compose logs
docker compose logs -f app
# List running services
docker compose ps
# Execute command in a service
docker compose exec app bash
# Run a one-off command
docker compose run --rm app npm test
# Scale a service
docker compose up -d --scale worker=3
# Restart a service
docker compose restart app
# Pull latest images
docker compose pull
# View service configuration
docker compose config
Dockerfile Best Practices
# Use specific version tags, not "latest"
FROM node:20-alpine
# Set working directory
WORKDIR /app
# Copy dependency files first (better caching)
COPY package.json package-lock.json ./
# Install dependencies
RUN npm ci --only=production
# Copy application code
COPY . .
# Build the application
RUN npm run build
# Use non-root user
RUN addgroup -g 1001 -S nodejs && \
adduser -S nextjs -u 1001
USER nextjs
# Expose port (documentation only)
EXPOSE 3000
# Health check
HEALTHCHECK --interval=30s --timeout=3s \
CMD wget --no-verbose --tries=1 --spider http://localhost:3000/health || exit 1
# Start the application
CMD ["node", "server.js"]
Multi-stage Build
# Stage 1: Build
FROM node:20-alpine AS builder
WORKDIR /app
COPY package*.json ./
RUN npm ci
COPY . .
RUN npm run build
# Stage 2: Production
FROM node:20-alpine AS runner
WORKDIR /app
COPY --from=builder /app/dist ./dist
COPY --from=builder /app/node_modules ./node_modules
COPY --from=builder /app/package.json ./
USER node
EXPOSE 3000
CMD ["node", "dist/server.js"]
System Cleanup
# Remove all stopped containers, unused networks, dangling images, and build cache
docker system prune
# Also remove unused volumes
docker system prune --volumes
# Also remove ALL unused images (not just dangling)
docker system prune -a
# View disk usage
docker system df
# View detailed disk usage
docker system df -v
Quick Reference
| Command | Purpose |
|---|---|
docker run -d -p 8080:80 nginx | Run container in background with port mapping |
docker ps | List running containers |
docker logs -f <name> | Follow container logs |
docker exec -it <name> sh | Shell into a container |
docker compose up -d | Start all services |
docker compose down | Stop all services |
docker build -t app . | Build an image |
docker system prune -a | Clean up everything |
dockerdocker commandsdocker cheat sheetdocker composedockerfilecontainersdevops