Contents
Docker Complete Reference
Sufi Aurangzeb Hossain
April 1, 2026
20 min read
DockerDevOps
Docker Master Reference: Complete Guide to Concepts and Commands
This comprehensive guide serves as the ultimate Docker reference, combining fundamental concepts with practical commands for developers at all levels. Whether you're just starting with containers or managing production deployments, this article provides everything you need for effective Docker usage.
Why Docker Matters
Docker revolutionizes how we build, ship, and run applications by providing consistent, portable environments through containerization. Unlike traditional virtual machines that require full operating systems, containers share the host system's kernel, making them incredibly efficient and fast.
Key Benefits:
- Consistency: Eliminates environment-specific issues with the 'it works on my machine' problem
- Portability: Run identical containers across development, testing, and production
- Efficiency: Lightweight compared to VMs with faster startup times
- Isolation: Applications run in isolated environments with their own dependencies
- Scalability: Easy to scale applications horizontally across multiple environments
- Ecosystem: Vast library of prebuilt images available on Docker Hub
Core Docker Concepts
Understanding these fundamental concepts is crucial for effective Docker usage:
- Image: Read-only template with application code and dependencies - the blueprint for containers
- Container: Runnable instance of an image - your application in execution
- Dockerfile: Text file with instructions for building Docker images
- Volume: Persistent data storage that survives container lifecycle
- Registry: Cloud repository for storing and distributing images (Docker Hub, AWS ECR, Google Container Registry)
- Docker Compose: Tool for defining and running multi-container applications
- Orchestration: Managing multiple containers across multiple hosts (Kubernetes, Docker Swarm)
Complete Docker Commands Reference
Image Management Commands
# Building images
docker build -t myapp:latest . # Build from current directory
docker build -f Dockerfile.dev -t myapp:dev . # Build with specific Dockerfile
docker build --no-cache -t myapp:clean . # Build without cache
# Image management
docker images # List all images
docker image ls # Alternative listing
docker rmi image_id # Remove specific image
docker image prune # Remove unused images
docker tag myapp:latest username/myapp:v1.0 # Tag image for registry
docker history image_name # Show image layers# Image inspection and analysis
docker inspect image_name # Detailed image information
docker scan image_name # Security vulnerability scan
docker diff container_id # Show changes in container filesystem
docker save myapp:latest > myapp.tar # Save image to tar archive
docker load < myapp.tar # Load image from tar archiveContainer Lifecycle Commands
# Running containers
docker run myapp:latest # Run container in foreground
docker run -d myapp:latest # Run in detached mode
docker run -it myapp:latest /bin/bash # Run with interactive terminal
docker run --name webapp myapp:latest # Run with specific name
# Port and network configuration
docker run -p 8080:80 myapp:latest # Map host port to container
docker run -p 80:80 -p 443:443 myapp:latest # Multiple port mappings
docker run --network mynetwork myapp:latest # Use specific network
docker run --hostname myapp myapp:latest # Set container hostname# Resource management and constraints
docker run -m 512m myapp:latest # Memory limit (512MB)
docker run --cpus=1.5 myapp:latest # CPU limit (1.5 cores)
docker run --memory-reservation=256m myapp:latest # Memory soft limit
docker run --restart=always myapp:latest # Auto-restart policy
docker run --rm myapp:latest # Auto-remove when stoppedContainer Management and Monitoring
# Container listing and inspection
docker ps # Show running containers
docker ps -a # Show all containers
docker ps -q # Show only container IDs
docker ps --filter "status=running" # Filter by status
docker ps --format "table {{.Names}}\t{{.Status}}" # Custom format
# Container control
docker stop container_id # Graceful stop
docker kill container_id # Force immediate stop
docker restart container_id # Restart container
docker pause container_id # Pause container
docker unpause container_id # Resume container
docker wait container_id # Wait for container to exit# Container interaction and debugging
docker exec -it container_id /bin/bash # Open interactive shell
docker exec container_id ls -la /app # Execute single command
docker logs container_id # View container logs
docker logs -f container_id # Follow logs in real-time
docker logs --tail 100 container_id # Show last 100 lines
docker logs --since 1h container_id # Show logs from last hour
# Resource monitoring
docker stats # Live container resource usage
docker stats --format "table {{.Container}}\t{{.CPUPerc}}\t{{.MemUsage}}"
docker top container_id # Show running processes
docker events # Show real-time Docker eventsVolume and Data Management
# Volume operations
docker volume ls # List volumes
docker volume create mydata # Create named volume
docker volume inspect mydata # Volume details
docker volume rm mydata # Remove volume
docker volume prune # Remove unused volumes
# Using volumes with containers
docker run -v mydata:/app/data myapp:latest # Mount named volume
docker run -v /host/path:/container/path myapp:latest # Bind mount
docker run --mount type=bind,source=/host/path,target=/container/path myapp:latestNetwork Management
# Network commands
docker network ls # List networks
docker network create mynetwork # Create custom network
docker network inspect mynetwork # Network details
docker network connect mynetwork container_id # Connect container to network
docker network disconnect mynetwork container_id # Disconnect container
docker network rm mynetwork # Remove networkRegistry and Image Distribution
# Working with registries
docker login # Login to Docker Hub
docker login registry.example.com # Login to private registry
docker logout # Logout from registry
# Image distribution
docker push username/myapp:latest # Push to registry
docker pull username/myapp:latest # Pull from registry
docker search nginx # Search Docker Hub
docker pull nginx:alpine # Pull specific tagDocker Compose Essentials
# Basic Compose commands
docker compose up # Start all services
docker compose up -d # Start in detached mode
docker compose down # Stop and remove containers
docker compose down -v # Remove volumes too
docker compose ps # Show service status
docker compose logs # View all service logs
docker compose logs -f # Follow logs
# Service management
docker compose exec service_name bash # Execute command in service
docker compose restart # Restart all services
docker compose stop # Stop services
docker compose start # Start stopped services
docker compose build # Build service images
docker compose pull # Pull service images# Sample docker-compose.yml for reference
version: '3.8'
services:
web:
build: .
ports:
- "3000:3000"
environment:
- NODE_ENV=development
- DATABASE_URL=postgresql://user:pass@db:5432/app
volumes:
- .:/app
- /app/node_modules
depends_on:
- db
networks:
- app-network
db:
image: postgres:15-alpine
environment:
POSTGRES_DB: app
POSTGRES_USER: user
POSTGRES_PASSWORD: pass
volumes:
- db_data:/var/lib/postgresql/data
ports:
- "5432:5432"
networks:
- app-network
redis:
image: redis:alpine
ports:
- "6379:6379"
networks:
- app-network
volumes:
db_data:
networks:
app-network:
driver: bridgeSystem Maintenance and Cleanup
# Cleanup commands
docker container prune # Remove stopped containers
docker image prune # Remove unused images
docker volume prune # Remove unused volumes
docker network prune # Remove unused networks
docker system prune # Remove all unused resources
docker system prune -a # Remove all unused images too
docker system df # Show disk usage
docker system info # System-wide informationSecurity Best Practices Commands
# Security-focused operations
docker run --user 1000:1000 myapp:latest # Run as non-root user
docker run --read-only myapp:latest # Read-only filesystem
docker run --security-opt=no-new-privileges:true myapp:latest
docker run --cap-drop=ALL --cap-add=NET_BIND_SERVICE myapp:latest
docker scan myapp:latest # Vulnerability scanning
# Resource limiting for security
docker run --memory=512m --memory-swap=1g myapp:latest
docker run --cpus=2 myapp:latest
docker run --pids-limit=100 myapp:latest # Process limitDevelopment Workflow Examples
# Development environment setup
docker run -d --name dev-db -p 5432:5432 -e POSTGRES_PASSWORD=pass postgres:alpine
docker run -d --name dev-redis -p 6379:6379 redis:alpine
# Development with hot reloading
docker run -p 3000:3000 -v $(pwd):/app -v /app/node_modules myapp:latest
# Multi-service development
docker compose -f docker-compose.dev.yml upProduction Deployment Patterns
# Production deployment examples
docker run -d --name production-app \
--restart=unless-stopped \
--memory=1g \
--cpus=2 \
-p 80:80 \
-e NODE_ENV=production \
myapp:latest
# Health check monitoring
docker run -d \
--health-cmd="curl -f http://localhost:3000/health || exit 1" \
--health-interval=30s \
--health-timeout=10s \
--health-retries=3 \
myapp:latestAdvanced Docker Features
# Multi-stage builds (build time)
docker build --target builder -t myapp:builder .
# Build with BuildKit features
DOCKER_BUILDKIT=1 docker build --ssh default -t myapp:ssh .
# Working with Docker contexts
docker context ls # List contexts
docker context use remote-context # Switch context
docker context create remote --docker="host=ssh://user@remote-host"Essential Development Patterns
Development Workflows:
- Local Development: Use bind mounts for live code reloading without rebuilding images
- Database Services: Run databases in containers without local installation
- Testing Environments: Create isolated testing environments with specific configurations
- CI/CD Integration: Build and test containers in automated pipelines
- Team Collaboration: Share Docker Compose files for consistent development environments
Production Strategies:
- Orchestration: Use Kubernetes, Docker Swarm, or cloud services for container management
- Monitoring: Implement logging, metrics, and health checks
- Security: Follow principle of least privilege, scan for vulnerabilities, use signed images
- Scaling: Design stateless applications with horizontal scaling capabilities
- Backup: Implement volume backup strategies for persistent data
Pro Tips and Best Practices
Image Optimization:
- Use multi-stage builds to separate build and runtime environments
- Choose minimal base images (Alpine, Distroless)
- Combine RUN commands to reduce layers
- Clean up package caches and temporary files
- Use .dockerignore to exclude unnecessary files
Container Management:
- Use descriptive names for containers and images
- Implement proper logging and monitoring
- Set resource limits to prevent resource exhaustion
- Use health checks for automatic recovery
- Follow the 12-factor app methodology
Security:
- Run containers as non-root users
- Regularly update base images and dependencies
- Scan images for vulnerabilities
- Use secrets management for sensitive data
- Limit container capabilities and network access
Common Use Cases and Solutions
# Debugging a running container
docker exec -it container_id sh # Access container shell
docker logs container_id --details # Detailed logs
docker cp container_id:/path/to/file ./ # Copy file from container
docker cp ./file container_id:/path/ # Copy file to container
# Backup and restore data
docker run --rm -v db_data:/source -v $(pwd):/backup alpine tar czf /backup/backup.tar.gz -C /source ./
docker run --rm -v db_data:/target -v $(pwd):/backup alpine tar xzf /backup/backup.tar.gz -C /targetConclusion: Mastering Docker
This comprehensive reference covers the essential Docker commands and concepts needed for modern application development and deployment. Docker's power lies in its ability to create consistent, portable environments that work seamlessly from development to production. By mastering these commands and following best practices, you can leverage Docker to build scalable, maintainable, and efficient containerized applications.
Remember that Docker is constantly evolving. Stay updated with new features and security practices, and always test your container configurations thoroughly before deploying to production. Happy containerizing!