Credits to Bret Fisher, Udemy, Docker, and Google for making this cheat sheet happen.
What is it?
App binaries and dependencies as well as metadata about the image with instruction on how to run it. Images can have versions, for each version there might be multiple tags (can refer to the same version but be named differently).
Dockerfile - a recipe for a docker image. Docker caches the image by layers, rather than saving each image individually. Commands that modify the filesystem create a layer. Each layer is uniquely identified and only stored once on a host, it saves storage space on the host and transfer time on push/pull. The order of the lines in a Dockerfile matter.
The base image is usually a minimum distribution (to save time to build). (
FROM) - required.
Change docker working directory (
Set environment file (
ENV) - Optional, if it is a path then it would be pointing to the location on docker, not on the host.
Copy files from host to docker (
COPY - more for a single file or a directory, in addition
ADD can be used for a remote URL or extract tar file from source).
Install packages (
&& to chain them together such that they will be kept in the same layer)
Export ports (
EXPOSE. Inline command it is the
-p to use the exposed port when running a container)
Build docker file (
CMD) - required, but sometimes it is inside of the base image already.
If one made changes to a Dockerfile and rebuild the image, the cached layer will be not be rebuilt. To achieve that, the order of the lines is very important, if the order is shuffled, the Dockerfile will have to be rebuilt (let the variation happen at the bottom of the Dockerfile rather than at the beginning of the Dockerfile would save building time).
docker build -f some_dockerfile -t tag_name
Docker image tag serves as a pointer of a specific image commit, if two images have the same image ID, it means they are identical, even though they have different tags.
Tag an image (the local image has to be tagged with username/repo_name before it gets pushed to docker hub).
docker image tag source_image:tag target_image:tag
To push an image, one needs to login to the docker hub
docker logout (To increase security after one finishes)
See detailed elements of a docker image
Docker image inspect image_name
See the history of a docker image (view layers of a docker image)
Docker image history image_name
What happens in ‘docker container run'
1. Look for docker image locally
2. then looks for the image in remote repo (e.g docker hub)
3. Download the latest version of the image If not 1-3, then one needs to build the image
4. Creates a new container based on the image
5. Gives it a virtual IP on a private network inside docker engine
6. Opens up specified host port and forwards it to display port in container
7. Starts container-based using CMD in image Dockerfile
A docker container is a single readable/writable layer on top of a docker image. Containers are unchangeable and disposable, this means if we want to change a container we should redeploy.
Docker container run -—publish host_port:container_port —-detach image_name —-name container_name —-rm (delete on quitting)
container_port can be same for multiple containers but the
host_port should be different, else you get a bind error.
Docker container logs container_name
Docker container ls -a (without -a will see the currently running containers)
Docker container rm container_IDs
Docker start previous_container_name
Docker container stats
Docker container run -it image_name bash
Exit will get out from this container - Run additional command in existing container (instead of starting a new container)
Docker container exec -it container_name
Docker container prune
Normally, data doesn’t persist when container stops.
Two ways to address this limitation:
1. Volumes: make a special location outside of container
docker volume create, create a new volume location, and assign it to the certain directory in the container. The volume will outlive the container and will need to be deleted manually. Use
docker inspect image to see the volume location.
2. Bind mounts: link container path to host path. It maps a host file or directory to a container file or directory. Must be used with the
Docker container run command instead of specifying it in a Dockerfile
docker container run -v host_path:container_path (host_path can be
Docker compose yaml file: A yaml file that contains the meta data on how to build a docker file, can replace the docker run command. Note that different variables in docker compose yaml file might have different input formats (e.g list, key-value pairs).
Docker compose cli: more ideal for testing in local env rather than production-grade work