Docker Essentials Cheatsheet

Quick Overview

Docker is an open-source platform that enables developers to build, ship, and run applications in isolated environments called containers. It simplifies the deployment process by packaging an application and its dependencies into a single unit, ensuring consistency across various computing environments. You’ll reach for Docker to streamline development workflows, create reproducible build environments, and deploy scalable microservices. This guide covers Docker Engine version 26.

One-Line Install (Linux convenience script):

# This script is for convenience/testing only. For production, follow official docs.
curl -fsSL https://get.docker.com | sh

Getting Started

Let’s get Docker up and running on your machine and run your first container.

Installation

Docker Desktop is the easiest way to get started on Windows and macOS, bundling Docker Engine, Docker CLI, Docker Compose, and a GUI. On Linux, you’ll typically install Docker Engine directly.

macOS: Download and install Docker Desktop for Mac from the official Docker website. Drag the Docker icon to your Applications folder and launch it.
Windows: Download and install Docker Desktop for Windows from the official Docker website. Ensure “Use WSL 2 instead of Hyper-V” is selected during installation for optimal performance, and restart your system if prompted.

Linux (Ubuntu/Debian example):

Update packages and install dependencies:

sudo apt update
sudo apt install ca-certificates curl gnupg

Add Docker’s official GPG key:

sudo install -m 0755 -d /etc/apt/keyrings
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg
sudo chmod a+r /etc/apt/keyrings/docker.gpg

Add the Docker repository to Apt sources:

echo \
  "deb [arch="$(dpkg --print-architecture)" signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu \
  "$(. /etc/os-release && echo "$VERSION_CODENAME")" stable" | \
  sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt update

Install Docker Engine and related packages:

sudo apt install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin

Post-installation for Linux (optional but recommended for non-root users): Add your user to the docker group to run commands without sudo. You’ll need to log out and back in for this to take effect.
```
sudo usermod -aG docker ${USER}
```

Hello World

Verify your installation by running a simple container:

# Pulls the "hello-world" image and runs it as a container
docker run hello-world

You should see a message confirming Docker is working correctly.

Core Concepts

Understanding these fundamental concepts is key to mastering Docker:

Concept	Description
Image	A read-only, executable package that includes everything needed to run an application: code, runtime, libraries, environment variables, and configuration files. Images are built from a `Dockerfile`.
Container	A runnable instance of an image. You can create, start, stop, move, or delete a container. Each container is isolated from other containers and the host system.
Dockerfile	A text file containing a sequence of instructions that Docker uses to build an image. It defines the application’s environment, dependencies, and how it should be run.
Registry	A service for storing and retrieving Docker images. Docker Hub is the default public registry. You can also run private registries.
Volume	A mechanism for persisting data generated by and used by Docker containers. Volumes allow data to outlive a container’s lifecycle and be shared between containers.
Network	Enables communication between Docker containers and between containers and the host. Docker provides different network drivers for various use cases.
Compose	A tool (`docker compose`) for defining and running multi-container Docker applications. It uses a YAML file (e.g., `docker-compose.yml`) to configure all services, networks, and volumes for an application, then spins them up with a single command.

Essential Commands / API / Syntax

The 80/20 of Docker commands you’ll use daily.

Images

Images are the blueprints for your containers.

Pull an image from a registry:

# Download the latest Nginx image from Docker Hub
docker pull nginx:latest

List local images:

# Show all images stored on your machine
docker images

Build an image from a Dockerfile:

# Build an image named 'myapp:1.0' from the Dockerfile in the current directory
docker build -t myapp:1.0 .

Remove an image:

# Delete image by ID or name. Use -f to force removal.
docker rmi myapp:1.0

Containers

Containers are running instances of images.

Run a container:
```
# Run a detached Nginx container, mapping host port 80 to container port 80
docker run -d -p 80:80 --name my-webserver nginx
```
- -d: Detached mode (run in the background).
- -p 80:80: Publish port (host_port:container_port).
- --name: Assign a custom name to the container.

List running containers:

# Show only currently running containers
docker ps
# Show all containers (running and stopped)
docker ps -a

Stop a running container:

# Stop container by name or ID
docker stop my-webserver

Start a stopped container:

# Start container by name or ID
docker start my-webserver

Remove a container:

# Delete a stopped container by name or ID. Use -f to force removal of a running container.
docker rm my-webserver

Execute a command inside a running container:
```
# Open a bash shell inside the 'my-webserver' container
docker exec -it my-webserver bash
```
- -i: Keep STDIN open even if not attached.
- -t: Allocate a pseudo-TTY.

View container logs:

# Follow logs of 'my-webserver' in real-time
docker logs -f my-webserver

Inspect container or image details:

# Get detailed information (JSON) about a container or image
docker inspect my-webserver

Volumes

Manage persistent data for your containers.

Create a named volume:

# Create a volume named 'my-data'
docker volume create my-data

List volumes:
```
docker volume ls
```

Mount a volume when running a container:

# Run a container, mounting 'my-data' volume to /app/data inside the container
docker run -d -p 80:80 --name my-app -v my-data:/app/data myapp:1.0

Remove a volume:

# Remove volume by name. Use -f to force removal if in use.
docker volume rm my-data

Networks

Connect containers to each other.

List networks:
```
docker network ls
```

Create a custom network:

# Create a bridge network named 'my-app-network'
docker network create my-app-network

Connect a container to a network:

# Run a container and connect it to 'my-app-network'
docker run -d --name db --network my-app-network postgres
# Connect an existing container to a network
docker network connect my-app-network another-container

Inspect a network:
```
docker network inspect my-app-network
```
Remove a network:
```
docker network rm my-app-network
```

Common Patterns

Real-world scenarios for using Docker effectively.

1. Building a Custom Web Application Image

This pattern demonstrates how to containerize a simple web application using a Dockerfile.

Dockerfile Example:

# Use a lightweight Node.js base image (version 20 for Alpine Linux)
FROM node:20-alpine

# Set the working directory inside the container
WORKDIR /app

# Copy package.json and package-lock.json to install dependencies
# We copy these first to leverage Docker's build cache
COPY package*.json ./

# Install application dependencies
RUN npm install

# Copy the rest of the application code
COPY . .

# Expose the port the application listens on
EXPOSE 3000

# Define the command to run the application when the container starts
CMD ["npm", "start"]

To build and run:

# Build the image, tagging it as 'my-node-app:latest'
docker build -t my-node-app:latest .

# Run the application, mapping host port 80 to container port 3000
# and name the container 'node-frontend'
docker run -d -p 80:3000 --name node-frontend my-node-app:latest

2. Orchestrating Multi-Container Applications with `docker compose`

For applications with multiple services (e.g., a web server, a database, a cache), docker compose simplifies management. As of Docker 26, docker compose is integrated directly into the Docker CLI (note the space, not a hyphen, for version 2 and later).

docker-compose.yml Example:

# Specify the Compose file format version (current best practice is to omit,
# as Compose v2/v5 rely on the Compose Specification)
# See: https://docs.docker.com/compose/compose-file/
services:
  web:
    build: . # Build from the Dockerfile in the current directory
    ports:
      - "80:80" # Map host port 80 to container port 80
    volumes:
      - ./app:/app # Mount local './app' directory into container's /app
    depends_on:
      - db # Ensure 'db' service starts before 'web'
    environment:
      DATABASE_HOST: db # Set an environment variable for the web service
      DATABASE_PORT: 5432
  db:
    image: postgres:15 # Use an official PostgreSQL image
    environment:
      POSTGRES_DB: mydatabase
      POSTGRES_USER: user
      POSTGRES_PASSWORD: password
    volumes:
      - db-data:/var/lib/postgresql/data # Persist database data in a named volume

volumes:
  db-data: # Define the named volume

To run the application:

# Start all services defined in docker-compose.yml in detached mode
docker compose up -d

# Stop and remove containers, networks, and volumes (if specified)
docker compose down

3. Cleaning Up Docker Resources

Over time, unused images, containers, and volumes can accumulate.

# Remove all stopped containers
docker container prune

# Remove all dangling (unused) images
docker image prune

# Remove all dangling (unused) volumes
docker volume prune

# Remove all unused networks
docker network prune

# Remove all unused Docker objects (containers, images, volumes, networks)
# Use with caution!
docker system prune -a

Gotchas & Tips

Things that often trip up developers when working with Docker.

Permissions on Linux: If you encounter “permission denied” errors when running docker commands, your user might not be in the docker group. Add your user to the group with sudo usermod -aG docker ${USER} and then log out and back in. Running Docker commands with sudo is a workaround but not ideal for regular use.
docker compose vs. docker-compose: For Docker Engine 26, always use docker compose (with a space). The older docker-compose (with a hyphen) is a legacy Python-based standalone tool, while docker compose is a native Go-based plugin integrated into the Docker CLI.
Caching in Dockerfiles: Order your Dockerfile instructions from least-likely-to-change to most-likely-to-change. For example, COPY package*.json and RUN npm install should come before COPY . .. This ensures Docker’s build cache is effectively used, speeding up subsequent builds.
Debugging Containers:
- Check container logs: docker logs <container_name_or_id> or docker logs -f <container_name_or_id>.
- Execute commands interactively: docker exec -it <container_name_or_id> bash (or sh).
- Inspect container details: docker inspect <container_name_or_id> for network, volume, and configuration details.
Container Startup Order: While depends_on in docker-compose.yml ensures services start in a specific order, it doesn’t guarantee the application inside the container is ready. For robust multi-service applications, implement health checks or wait-for-it scripts within your application code.
Port Conflicts: If docker run -p 80:80 fails, it likely means port 80 on your host is already in use. Choose an available host port (e.g., -p 8080:80).

Next Steps

Official Docker Documentation: The ultimate source for in-depth guides and advanced topics. https://docs.docker.com/
Docker Compose Specification: Dive deeper into the docker compose file format and capabilities. https://docs.docker.com/compose/compose-file/
Learn Kubernetes: Once you’re comfortable with single-host Docker, explore Kubernetes for orchestrating containers at scale across clusters.
Buildkit: Learn about Docker’s next-generation builder for improved performance and features.

Source: z2h.fyi/cheatsheets/docker-essentials — Zero to Hero cheatsheets for developers.