docker-exec

Enter an interactive shell session on an already-running container

$ docker exec [[-it|--interactive --tty]] [container_name] [/bin/bash]

$ docker exec [[-d|--detach]] [container_name] [command]

$ docker exec [[-it|--interactive --tty]] [[-w|--workdir]] [path/to/directory] [container_name] [command]

$ docker exec [[-i|--interactive]] [[-d|--detach]] [container_name] [command]

$ docker exec [[-it|--interactive --tty]] [[-e|--env]] [variable_name]=[value] [container_name] [/bin/bash]

$ docker exec [[-u|--user]] [user] [container_name] [command]

docker exec [OPTIONS] CONTAINER COMMAND [ARG...]

-d, --detach
    Run the command in detached mode (background).

-i, --interactive
    Keep STDIN open even if not attached. Often used with -t for interactive sessions.

-t, --tty
    Allocate a pseudo-TTY. Often used with -i to provide an interactive shell experience.

-u, --user
    Specify the username or UID (and optional group/GID) to run the command as (e.g., [:]).

-e, --env
    Set environment variables for the command (e.g., -e "VAR=value"). Can be used multiple times.

--env-file
    Read environment variables from a file in KEY=VALUE format.

--privileged
    Give extended privileges to the command inside the container (use with caution).

-w, --workdir
    Set the working directory inside the container for the command.

docker exec provides a powerful way to run new commands within an already running Docker container. Unlike docker run, which initiates a new container, docker exec operates on an existing, active container process. This capability is indispensable for debugging, inspecting, or performing administrative tasks directly within a container's isolated environment without the need to stop or restart it. It can execute commands interactively, such as spawning a shell (bash or sh), or in detached mode for background operations. Users commonly leverage docker exec to access a container's file system, install software, check application status, or modify configurations, making it a cornerstone tool for container lifecycle management and troubleshooting.

The target container must be in a running state for docker exec to function.
Commands executed with docker exec run as new processes within the container, separate from its primary PID 1 process.
Exercise caution when using --privileged or running commands as root (-u 0) due to potential security risks.
If the specified COMMAND does not exist within the container's environment, the docker exec call will fail.

The most common use case for docker exec is gaining an interactive shell inside a container, typically via docker exec -it bash (or sh). This allows users to navigate the filesystem, run diagnostics, and debug applications as if directly logged into the container's environment.

docker exec is also highly effective for running single, non-interactive commands. Examples include docker exec mycontainer ls -l /app to list files, or docker exec -d mycontainer sh -c "sleep 3600 && echo 'Task done'" for executing background tasks.

It's crucial to differentiate docker exec from docker run. While both execute commands, docker run creates and starts a new container for the command, whereas docker exec runs a command within an already existing and running container.

docker exec was introduced in Docker to address the critical need for interacting with running containers dynamically. Prior to its existence, debugging or making on-the-fly changes to a container often required stopping it, making modifications, and then restarting, or resorting to more cumbersome methods like docker commit. Its inclusion significantly streamlined development and operational workflows by enabling direct, non-disruptive access, quickly establishing it as an indispensable command for container management.

docker run(1), docker attach(1), docker logs(1), docker stop(1), docker ps(1)