March 9, 2021 DevOps 3 minutes, 8 seconds

See Full CLI reference for a comprehensive documentation

Command Result
docker version Get version info about docker
docker info Get overview of different docker info
docker ps List running containers
docker ps -a List all existing containers
docker system df Get storage usage of Docker
docker system top Get running process of a container
docker stats List live stream of container usage

Command Result
docker volume ls List all docker volumes
docker volume inspect VOLUME-ID List detailed volume information

Command Result
docker image ls List local images
docker rmi IMAGE-ID Remove specified image
docker image prune Remove unused images
docker image prune -a Remove all images

Command Result
docker exec -it CONTAINER-ID [bash|sh] Log into the container
docker exec CONTAINER-ID command Executes command in the container

Command Result
docker stop $(docker ps) Stops all running containers
docker rm $(docker ps -q) Removes all containers
docker rm $(docker image ls -q) Deletes all images

Alternative for Docker API 1.25 and greater:

Command Result
docker system prune Removes unused data
docker system prune -a Removes unused data but not just dangling images

After starting a service via docker-compose Docker will shut it down if there is no process running. To prevent that you can call a "dummy" endless command - in this case by overriding the entrypoint with a simple ping.

entrypoint: ping localhost

sudo nsenter -t $(docker inspect -f '{{.State.Pid}}' <CONTAINER_NAME_OR_ID>) -n <CMD>

For instance to run netstat and show connections of the container.

The btrfs storage driver of Docker is kind of different. A normal df -hkl /var/lib/docker will not show correct numers. Instead use the tools of btrfs:

btrfs fi df /varLib/docker

vim /etc/systemd/system/ (adjust for other startup mechanism)


docker build --build-arg -t TAG .

docker exec CONTAINER sh -c "cat /tmp/test"

version: "3.0"
    image: alpine
      - /tmp/:/tmp/
    tty: true

Starting the service with docker-compose up -dkeeps the container running

registry.port/ is optional when pushing to duckerhub

docker login
docker build . -t foobar
docker tag foobar registry:port/name/foobar
docker push foobar registry:port/name/foobar

# with TLS enabled Daemon
# make sure that ~/.docker/ of the current user contains the ca.pem or the {cert,key}.pem in case of client auth

Set the timestamp of your configuration in the Dockerfile file to zero

RUN         touch -d @0 /config.yml

In your entrypoint check the timestamp. When the timestamp is zero the container is started for the first time

if [ "$(stat --format %Y /config.yml)" -eq 0 ]; then
# initial start of the container


Description=Start Container

ExecStart=/usr/bin/docker start -a CONTAINER
ExecStop=/usr/bin/docker stop -t 5 CONTAINER


Start und enable service at boot time

systemctl start NAME
systemctl enable NAME

docker commit CONTAINERID test
docker run -it --entrypoint=/bin/bash test

Pay attention to double slash

-v //var/run/docker.sock:/var/run/docker.sock