Cheatsheet

Docker Commands Cheat Sheet – Container Management Reference

Essential Docker commands for containers, images, volumes, networks, and Docker Compose. Copy any command with one click.

Images

docker pull nginx:latestPull image from registry

docker build -t myapp:1.0 .Build image from Dockerfile in current dir

docker imagesList all local images

docker rmi <image>Remove an image

docker tag myapp:1.0 registry.io/myapp:1.0Tag image for a registry

docker push registry.io/myapp:1.0Push image to registry

docker inspect <image>Show detailed image metadata as JSON

Containers

docker run -p 8080:80 nginxRun container, map host:container ports

docker run -d --name web nginxRun detached with a name

docker psList running containers

docker ps -aList all containers including stopped

docker stop <container>Gracefully stop a container (SIGTERM)

docker rm <container>Remove a stopped container

docker exec -it <container> bashOpen interactive shell in running container

docker logs -f <container>Follow container logs

docker cp <container>:/path ./localCopy file from container to host

Networks

docker network lsList all networks

docker network create my-netCreate a bridge network

docker run --network my-net myappRun container on a specific network

docker network inspect my-netShow network details and connected containers

Volumes

docker volume lsList all volumes

docker volume create my-dataCreate a named volume

docker run -v my-data:/app/data myappMount named volume to container path

docker run -v $(pwd):/app myappBind mount current directory

Docker Compose

docker compose up -dStart all services in background

docker compose downStop and remove containers

docker compose down -vStop, remove containers and volumes

docker compose psList compose services and status

docker compose logs -f webFollow logs for a specific service

docker compose build --no-cacheRebuild images without cache

docker compose exec web bashOpen shell in running compose service

Cleanup

docker system pruneRemove stopped containers, unused networks, dangling images

docker system prune -aAlso remove unused images (not just dangling)

docker image pruneRemove dangling (untagged) images only

docker volume pruneRemove all unused volumes

docker container pruneRemove all stopped containers

Useful Flags

--rmAuto-remove container when it exits

-e KEY=valueSet environment variable

-p 3000:3000Map host port to container port

--name my-containerGive container a human-readable name

--restart unless-stoppedRestart automatically unless manually stopped

--env-file .envLoad env vars from a file

Docker vs Virtual Machines

Docker containers share the host OS kernel and start in milliseconds. Virtual machines run a full guest OS, use gigabytes of RAM, and take minutes to boot. Containers are lighter but share the kernel — VMs offer stronger isolation. For production security-critical workloads, consider tools like gVisor or Kata Containers for sandboxed containers.

Common Docker Gotchas

Data loss — container filesystems are ephemeral. Use volumes for any data you want to persist.
Root inside container — containers often run as root by default. Add a USER instruction in your Dockerfile to drop privileges.
Layer cache — copy package.json before your source code so npm install is cached and only reruns when dependencies change.
Port conflicts — if a port is in use on the host, the container won't start. Use -p 0:80 to let Docker pick a free port.
Image size — use multi-stage builds and slim base images (node:20-alpine instead of node:20) to keep images small.