docker
Manage and run containerized applications
TLDR
List all Docker containers (running and stopped)
Start a container from an image, with a custom name
Start or stop an existing container
Pull an image from a Docker registry
Display the list of already downloaded images
Open an interactive tty with Bourne shell (sh) inside a running container
Remove stopped containers
Fetch and follow the logs of a container
SYNOPSIS
docker [OPTIONS] COMMAND [ARG...]
This synopsis shows the general syntax for invoking Docker commands. OPTIONS are global flags that apply to the docker client itself. COMMAND specifies the specific action to be performed (e.g., run, build, pull, ps). ARG... represents arguments specific to the chosen COMMAND.
PARAMETERS
--help
Displays help information for the docker command or a specific subcommand.
--version
Shows the Docker version information (client and daemon).
--config DIR
Specifies the location of the client configuration files. Defaults to ~/.docker.
-H, --host SOCKET
Connects to a Docker daemon listening on a specified socket. Can be a TCP, Unix, or FD socket.
--log-level LEVEL
Sets the logging level for the Docker client. Valid levels include debug, info, warn, error, fatal.
DESCRIPTION
The docker command is the primary command-line interface (CLI) tool used to interact with the Docker daemon. Docker itself is an open-source platform that automates the deployment, scaling, and management of applications using containerization.
It allows users to perform various operations, including building, pulling, running, inspecting, and managing Docker images and containers. Docker containers package an application with all its dependencies (libraries, configuration files, etc.) into a standardized unit, ensuring that the application runs consistently across different computing environments – from a developer's laptop to a testing server, and finally to production systems.
Key benefits of using Docker and the docker command include enhanced application portability, strong isolation between applications, efficient resource utilization, and significantly faster application deployment and scaling.
CAVEATS
Using the docker command typically requires root privileges or membership in the docker Unix group. While convenient, being in the docker group grants privileges equivalent to root access on the host system, which can pose a security risk if not managed carefully. Additionally, misconfigured containers or exposing the Docker daemon socket can lead to significant security vulnerabilities. Users must be mindful of resource consumption as containers, though lightweight, share the host's kernel and resources.
COMMON COMMAND STRUCTURE
The docker command operates using subcommands, each performing a specific set of actions. For example, docker run starts a new container, docker build creates an image from a Dockerfile, docker pull downloads an image from a registry, and docker ps lists running containers. This modular approach makes the command highly versatile.
DOCKER DAEMON VS. CLIENT
It's important to distinguish between the docker CLI client and the Docker daemon (dockerd). The CLI client is what you interact with in your terminal. It sends commands to the Docker daemon, which is a persistent background process responsible for managing containers, images, volumes, and networks. The daemon runs on the host machine and performs the actual work.
HISTORY
Docker was initially developed by Solomon Hykes as an internal project at dotCloud, a Platform-as-a-Service (PaaS) company. It was open-sourced in March 2013 and rapidly gained popularity, fundamentally changing how applications are developed, deployed, and scaled. Initially leveraging Linux containers (LXC), Docker later developed its own runtime, libcontainer (now runc), which became the industry standard. Its widespread adoption led to the formation of the Open Container Initiative (OCI) to standardize container image formats and runtimes, ensuring interoperability across different container platforms.
SEE ALSO
docker-compose(1), podman(1), kubectl(1), systemctl(1)