Docker Commands Cheat Sheet

Docker reference with containers, images, Compose, volumes, networking, and Dockerfile instructions. Copy-ready commands.

67 entries 6 sections

Images

Command	Description	Example
	Build image from Dockerfile	`docker build -t myapp:latest .`
	Download image from registry	`docker pull node:20-alpine`
	Push image to registry	`docker push myrepo/myapp:1.0`
	List all local images	`docker images --filter 'dangling=true'`
	Remove an image	`docker rmi myapp:latest`
	Tag an image	`docker tag myapp:latest myrepo/myapp:1.0`
	Remove unused images	`docker image prune -a`
	Show image layer history	`docker history myapp:latest`
	Show image details as JSON	`docker inspect node:20`

Containers

Command	Description	Example
	Create and start container	`docker run -d -p 3000:3000 myapp`
	Run container in background	`docker run -d --name web nginx`
	Map port host→container	`docker run -p 8080:80 nginx`
	Mount volume	`docker run -v ./data:/app/data myapp`
	Set environment variable	`docker run -e NODE_ENV=production myapp`
	Load env vars from file	`docker run --env-file .env myapp`
	Assign name to container	`docker run --name api myapp`
	Auto-remove on exit	`docker run --rm -it node:20 node`
	Interactive shell in container	`docker run -it ubuntu bash`
	Connect to network	`docker run --network mynet myapp`
	List running containers	`docker ps -a (include stopped)`
	Stop running container	`docker stop web`
	Start stopped container	`docker start web`
	Restart container	`docker restart api`
	Remove stopped container	`docker rm -f web`
	Run command in running container	`docker exec -it web bash`
	View container logs	`docker logs -f --tail 100 web`
	Copy files to/from container	`docker cp ./config.json web:/app/`
	Live resource usage stats	`docker stats web api db`
	Show running processes	`docker top web`
	Remove all stopped containers	`docker container prune -f`

Dockerfile

Command	Description	Example
	Base image for the build	`FROM node:20-alpine`
	Set working directory	`WORKDIR /app`
	Copy files into image	`COPY package*.json ./`
	Copy with URL/tar extraction support	`ADD https://example.com/file.tar.gz /tmp/`
	Execute command during build	`RUN npm ci --production`
	Default command when container starts	`CMD ["node", "server.js"]`
	Fixed command (CMD becomes args)	`ENTRYPOINT ["node"]`
	Set environment variable	`ENV NODE_ENV=production`
	Document which port app uses	`EXPOSE 3000`
	Build-time variable	`ARG NODE_VERSION=20`
	Create mount point	`VOLUME ["/data"]`
	Set user for subsequent commands	`USER node`
	Files to exclude from build context	`node_modules .git *.md`
	Multi-stage build for smaller images	`FROM node:20 AS builder RUN npm run build FROM nginx:alpine COPY --from=builder /app/dist /usr/share/nginx/html`

Compose

Command	Description	Example
	Start all services	`docker compose up -d`
	Stop and remove containers	`docker compose down -v (remove volumes)`
	Build/rebuild services	`docker compose build --no-cache`
	List compose services	`docker compose ps`
	View service logs	`docker compose logs -f api`
	Run command in service	`docker compose exec db psql -U postgres`
	Run one-off command	`docker compose run api npm test`
	Pull service images	`docker compose pull`
	Restart services	`docker compose restart api`
	Validate compose file	`docker compose config`

Volumes & Networks

Command	Description	Example
	Create named volume	`docker volume create db-data`
	List volumes	`docker volume ls`
	Remove volume	`docker volume rm db-data`
	Remove unused volumes	`docker volume prune -f`
	Create network	`docker network create mynet`
	List networks	`docker network ls`
	Connect container to network	`docker network connect mynet web`
	Show network details	`docker network inspect bridge`

System

Command	Description	Example
	Show disk usage	`docker system df -v`
	Remove all unused data	`docker system prune -a --volumes`
	Show system-wide information	`docker info`
	Show Docker version	`docker version`
	Log in to registry	`docker login -u username`

Frequently asked questions

What's the difference between an image and a container?

An image is a read-only template with your app, dependencies, and OS. A container is a running instance of an image. Think of it like a class (image) vs object (container). You can run multiple containers from one image.

What's the difference between CMD and ENTRYPOINT?

CMD sets the default command that can be overridden at runtime: docker run myapp bash replaces CMD. ENTRYPOINT sets a fixed command - runtime args are appended: ENTRYPOINT ["node"] with docker run myapp server.js runs 'node server.js'. Use ENTRYPOINT for the executable, CMD for default arguments.

How do I reduce Docker image size?

1) Use alpine base images (node:20-alpine). 2) Multi-stage builds (build in full image, copy to slim image). 3) Combine RUN commands to reduce layers. 4) Use .dockerignore. 5) Don't install dev dependencies in production. 6) Clean up package manager cache in the same RUN layer.

How do containers communicate with each other?

Containers on the same Docker network can reach each other by container name (or Compose service name) as hostname. Create a network with 'docker network create mynet' or use Compose (automatic). Container-to-container uses internal ports, not mapped host ports.

What's the difference between volumes and bind mounts?

Volumes are managed by Docker (docker volume create) - good for persistent data like databases. Bind mounts map a host directory into the container (-v ./src:/app/src) - good for development with hot reload. Volumes are more portable and performant.

How do I pass secrets to containers?

Never bake secrets into images (ENV in Dockerfile). Use --env-file .env at runtime, Docker secrets (Swarm), or your orchestrator's secret management. In Compose, use env_file: .env. For CI/CD, inject secrets as environment variables at deploy time.

Go from reference to real skills

Cheat sheets are great for quick lookups. Our in-depth courses take you from the fundamentals to professional-level mastery.

Browse all courses