Docker Quick Reference

Containers, images, compose, volumes, networking and Dockerfile patterns.

Installation

# Install Docker on Ubuntu/Debian
sudo apt update
sudo apt install ca-certificates curl gnupg
sudo install -m 0755 -d /etc/apt/keyrings
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg
sudo chmod a+r /etc/apt/keyrings/docker.gpg

echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] \
  https://download.docker.com/linux/ubuntu $(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \
  sudo tee /etc/apt/sources.list.d/docker.list > /dev/null

sudo apt update
sudo apt install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin

# Run Docker without sudo
sudo usermod -aG docker $USER
newgrp docker

# Verify installation
docker run hello-world

Container Lifecycle

Command	Description
`docker run image`	Create and start a container
`docker run -d image`	Run in detached (background) mode
`docker run -it image bash`	Interactive shell inside container
`docker run --name my-app -p 8080:80 image`	Named container with port mapping
`docker run --rm image`	Auto-remove container when stopped
`docker run -e KEY=val image`	Pass environment variable
`docker run --env-file .env image`	Load env vars from file
`docker ps`	List running containers
`docker ps -a`	List all containers (including stopped)
`docker stop container`	Graceful stop (SIGTERM → SIGKILL)
`docker start container`	Start a stopped container
`docker restart container`	Stop and start a container
`docker rm container`	Remove stopped container
`docker rm -f container`	Force remove running container
`docker exec -it container bash`	Shell into running container
`docker logs -f container`	Follow container logs
`docker inspect container`	Full container details as JSON
`docker stats`	Live CPU/memory/network usage

Images

Command	Description
`docker images`	List local images
`docker pull image:tag`	Download image from registry
`docker build -t name:tag .`	Build image from Dockerfile
`docker build --no-cache -t name .`	Build without layer cache
`docker tag image:v1 repo/image:v1`	Tag an image for pushing
`docker push repo/image:tag`	Push to registry
`docker rmi image`	Remove an image
`docker image prune`	Remove dangling images
`docker system prune -a`	Remove all unused data (images, containers, networks)
`docker history image`	Show image layer history

Docker Compose

Command	Description
`docker compose up -d`	Start all services in background
`docker compose down`	Stop and remove containers, networks
`docker compose down -v`	Also remove volumes
`docker compose ps`	List compose services
`docker compose logs -f svc`	Follow logs for a service
`docker compose build`	Build/rebuild services
`docker compose pull`	Pull latest images
`docker compose exec svc bash`	Shell into a service container
`docker compose restart svc`	Restart a specific service
`docker compose config`	Validate and display resolved config

Example compose.yaml

services:
  web:
    build: .
    ports:
      - "3000:3000"
    environment:
      - NODE_ENV=production
      - DATABASE_URL=postgres://db:5432/app
    depends_on:
      db:
        condition: service_healthy
    restart: unless-stopped

  db:
    image: postgres:16-alpine
    volumes:
      - pgdata:/var/lib/postgresql/data
    environment:
      POSTGRES_DB: app
      POSTGRES_USER: user
      POSTGRES_PASSWORD_FILE: /run/secrets/db_password
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U user -d app"]
      interval: 5s
      retries: 5

volumes:
  pgdata:

Volumes

Command	Description
`docker volume create mydata`	Create a named volume
`docker volume ls`	List all volumes
`docker volume inspect mydata`	Volume details
`docker volume rm mydata`	Remove a volume
`docker volume prune`	Remove unused volumes

Mount types

# Named volume (Docker-managed)
docker run -v mydata:/app/data image

# Bind mount (host path)
docker run -v $(pwd)/config:/app/config:ro image

# tmpfs mount (in-memory, no persistence)
docker run --tmpfs /app/tmp image

Networking

Command	Description
`docker network ls`	List networks
`docker network create mynet`	Create a bridge network
`docker network inspect mynet`	Network details
`docker network connect mynet container`	Attach container to network
`docker network disconnect mynet container`	Detach container from network
`docker network rm mynet`	Remove a network

# Containers on the same user-defined network can resolve each other by name
docker network create app-net
docker run -d --name api --network app-net my-api
docker run -d --name web --network app-net my-web
# "web" can reach "api" via http://api:3000

Dockerfile Reference

# Multi-stage build — keeps final image small
FROM node:20-alpine AS builder
WORKDIR /app
COPY package*.json ./
RUN npm ci --only=production
COPY . .
RUN npm run build

FROM node:20-alpine
WORKDIR /app
RUN addgroup -S appgroup && adduser -S appuser -G appgroup
COPY --from=builder /app/dist ./dist
COPY --from=builder /app/node_modules ./node_modules
COPY --from=builder /app/package.json ./
USER appuser
EXPOSE 3000
HEALTHCHECK --interval=30s --timeout=3s \
  CMD wget -qO- http://localhost:3000/health || exit 1
CMD ["node", "dist/index.js"]

Instruction	Purpose
`FROM`	Base image (use alpine variants for smaller size)
`WORKDIR`	Set working directory inside container
`COPY`	Copy files from build context
`RUN`	Execute command during build (each creates a layer)
`ENV`	Set environment variable
`ARG`	Build-time variable (not in final image)
`EXPOSE`	Document the port (doesn't actually publish)
`USER`	Switch to non-root user
`HEALTHCHECK`	Container health monitoring command
`CMD`	Default command when container starts
`ENTRYPOINT`	Fixed executable (CMD becomes arguments)

Useful Patterns

Copy files from container

docker cp container:/app/logs ./logs
docker cp ./config.json container:/app/config.json

Run one-off commands

# Database dump
docker exec db pg_dump -U user dbname > backup.sql

# Run migration
docker compose exec web npm run migrate

# Quick debug container in same network
docker run --rm -it --network app-net alpine sh

Resource limits

docker run -d --name api \
  --memory=512m \
  --cpus=1.5 \
  --restart=unless-stopped \
  my-api

Troubleshooting

Problem	Solution
Permission denied on socket	`sudo usermod -aG docker $USER` then log out/in
Port already in use	`ss -tulnp \| grep :PORT` to find and kill the process
Container exits immediately	`docker logs container` — check for missing env vars or config errors
Out of disk space	`docker system prune -a --volumes` to reclaim space
DNS not working in container	Check `/etc/docker/daemon.json` for custom DNS, or use `--dns 8.8.8.8`
Build cache stale	`docker build --no-cache -t name .`
Can't connect between containers	Ensure they're on the same user-defined network (not default bridge)

# Useful debug commands
docker inspect --format='{{.State.ExitCode}}' container
docker inspect --format='{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' container
docker system df                    # Show Docker disk usage
docker events --since 10m           # Recent Docker events

Docker Quick Reference

Installation

Container Lifecycle

Images

Docker Compose

Example compose.yaml

Volumes

Mount types

Networking

Dockerfile Reference

Useful Patterns

Copy files from container

Run one-off commands

Resource limits

Troubleshooting

Related