docker-image-pull

Download a specific Docker image

$ docker [[pull|image pull]] [image]:[tag]

$ docker [[pull|image pull]] [[-q|--quiet]] [image]:[tag]

$ docker [[pull|image pull]] [[-a|--all-tags]] [image]

$ docker [[pull|image pull]] --platform [linux/amd64] [image]:[tag]

$ docker [[pull|image pull]] [[-h|--help]]

docker image pull [OPTIONS] NAME[:TAG|@DIGEST]

-a, --all-tags
    Download all tagged images in the repository

--disable-content-trust
    Skip image verification (default true)

--platform stringArray
    Set platform(s) for the image (e.g., linux/amd64)

--policy string
    Set pull policy: always|never|missing (default missing)

-q, --quiet
    Suppress verbose output

--registry-mirror stringArray
    Specify registry mirror(s) to use

The docker image pull command fetches a Docker image from a registry, such as Docker Hub, Quay.io, or a private repository, and loads it into the local Docker image store. It downloads the specified image layers, verifying their integrity and caching them for future use. By default, it pulls the latest tag if none is specified.

This command is essential for obtaining base images or application images before building or running containers. It supports pulling by name, tag, or digest for precise versioning. For authenticated registries, Docker uses stored credentials from docker login. Progress is shown via a progress bar, which can be suppressed with -q.

When pulling multi-platform images, Docker selects the best match for the host architecture, but --platform allows specifying alternatives like linux/arm64. Multi-stage pulls for all tags via -a are useful for complete repository mirroring but can be resource-intensive.

It respects pull policies in deployment contexts and integrates with content trust for signed images, enhancing security. Errors occur for non-existent images, network issues, or auth failures.

Requires Docker daemon running; authentication needed for private images; large images consume bandwidth/storage; digest pulls fail if registry alters metadata.

docker image pull alpine
Pulls latest Alpine Linux image.

docker image pull --all-tags nginx
Pulls all tags of NGINX image.

docker image pull --platform linux/arm64 alpine
Pulls ARM64 variant.

0: Success
1: Failure (e.g., image not found, network error)

Introduced in Docker 1.0 (2014), evolved with multi-arch support in Docker 1.10 (2016) and content trust in 1.8; actively maintained in modern Docker Engine.

docker(1), docker-image-ls(1), docker-image-rm(1), docker-image-push(1), docker-pull(1)