Docker Cheatsheet

As a penetration tester, it is very difficult to remember various commands from different tools. This blog contains the frequently used docker and docker-compose CLI commands along with their short description.

Docker CLI

docker infoDisplay system wide information related to docker installation (e.g. docker registry)
docker imagesCheck the list of docker images available locally
docker run container_name:tag
Run a docker container.
e.g. docker run busybox:1.24
docker run container_name:tag command Start the docker container and run the command inside it.
e.g. docker run busybox:1.24 echo "hello world"
docker run -it container_name:tagStart the docker container in interactive (-i) mode with TTY (-t).
docker exec -it container_id shGet the TTY shell inside the container
docker run -d container_name:tagRun the container in detached mode (-d) i.e. background
docker run --rm container_name:tagRemove the containers from the file system on exit
docker run --name container_name busybox:1.24Run the container and assign it a name
docker run -e ENV_VAR container_name:tagStart a container and pass an environment variable
docker run --user 1001:1001 container_name:tagStart a container with non-root user
docker run -p host_port:container_port container_name:tagExpose the container port
docker run -itd --pids-limit 6 container_nameEnforce cgroup settings on the container. For e.g. create a container which can have maximum of 6 pids
docker psCheck the list of docker containers running in background
docker ps -aGet the list of all containers including the stopped ones
docker ps -aq -f status=exitedList all exited containers
docker ps -aq --no-trunc -f status=exited | xargs docker rmRemove the stopped containers
docker stop $(docker ps -aq)Stop all the running containers
docker rm container_nameRemove the container from the file system
docker rm $(docker ps -aq)Remove all the running containers from file system
docker rmi image-idRemove an image from the file system
docker rmi $(docker images)Remove all the images from the file system
docker system prune Delete the unused dangling resources (eg. images, containers, volumes)
docker rename old_name new_nameRename the container
docker inspect container_idGet detailed information about the container
docker inspect container_id | grep MergedDirLocate the path of container's filesystem on the host. The path will be similar to /var/lib/docker/overlay2//merged
docker logs container_idGet logs of running container
docker history container_name:tagList of the layers of images which makes the container
docker stop -t 20 container_idWait for 20 sec before killing the container
docker volume create volume_nameCreate a docker volume
docker volume lsList all the existing volumes
docker volume inspect volume_nameFind the mount point of the volume on host
docker run -v /var/host:/var/docker Mount the host volume "/var/host" to the directory "/var/docker" of the container
docker build -t tag_name .Build the docker image using Dockerfile (in the current directory, denoted by .) and assign it a tag name
docker build -t repository_name/container_name . --no-cache=trueBuilding docker image using commit. Don't use cache while building new image.
docker commit container_id repository:tagCommit the changes to docker registry. Default docker registry is dockerhub
docker statsCheck the status of the container. (this will show pid). This will increase if more number of processes are created inside container
docker save image_name > image.tarSave or export the image in tar format
docker -H tcp:// psSpecify the host (-H) and mode (tcp) to access the docker daemon and run the command.
Host can also be configured via environment variable
export DOCKER_HOST="tcp://"

Docker Compose CLI

docker-compose up -duse the docker-compose.yml to automate the build and start of container
docker-compose start -d use the docker-compose.yml to automate the build and start of container
docker-compose ps check the status of the container managed by docker-compose
docker-compose logsoutput the logs for compose managed containers
docker-compose logs -fFollow the logs
docker-compose logs get the log of the particular container
docker-compose stopstop all running containers without removing them
docker-compose rmremove all the containers
docker-compose buildrebuild the images created from dockerfile

I hope this article was informative. If I missed any frequently used important docker command, please let me know in the comments section, I will add them here. Share this if you found it useful. Please subscribe to the mailing list (on the right sidebar) to get updated with my latest post. Feel free to post your comments and feedback.

Happy Learning 🙂

The author is a security enthusiast with interest in web application security, cloud-native application development and Kubernetes.

One Thought on “Docker commands cheatsheet”

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.