Skip to main content

Docker & Docker Compose Commands

3064 words·
Docker Docker-Compose Commands Systemd Service Unit Ansible-Playbook
Table of Contents

Install Docker
#

Installation Script
#

Note: This scripts install the Docker CE Community Edition, this is the version provided directly by Docker.

Ubuntu Script

Install Docker and Docker-Compose (apt)

#!/bin/bash

# Install Docker and Docker Compose on Ubuntu

sudo apt-get update

sudo apt-get install \
    ca-certificates \
    curl \
    gnupg \
    lsb-release -y

sudo mkdir -p /etc/apt/keyrings
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg

echo \
  "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu \
  $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null

sudo apt-get update

sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin -y
Debian Script

Install Docker and Docker-Compose (apt)

#!/bin/bash

# Install Docker and Docker Compose on Debian

sudo apt-get update
sudo apt-get install ca-certificates curl
sudo install -m 0755 -d /etc/apt/keyrings
sudo curl -fsSL https://download.docker.com/linux/debian/gpg -o /etc/apt/keyrings/docker.asc
sudo chmod a+r /etc/apt/keyrings/docker.asc

# Add the repository to Apt sources:
echo \
  "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/debian \
  $(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \
  sudo tee /etc/apt/sources.list.d/docker.list > /dev/null

sudo apt-get update

sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin -y
Raspberry Pi 5 64-bit (Debian ARM) Script

Install Docker and Docker-Compose (apt)

#!/bin/bash

# Add Docker's official GPG key:
sudo apt-get update
sudo apt-get install ca-certificates curl gnupg
sudo install -m 0755 -d /etc/apt/keyrings
curl -fsSL https://download.docker.com/linux/debian/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg
sudo chmod a+r /etc/apt/keyrings/docker.gpg

# Add the repository to Apt sources:
echo \
  "deb [arch="$(dpkg --print-architecture)" signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian \
  "$(. /etc/os-release && echo "$VERSION_CODENAME")" stable" | \
  sudo tee /etc/apt/sources.list.d/docker.list > /dev/null

sudo apt-get update

sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin -y
# REF:
https://docs.docker.com/engine/install/debian/#install-using-the-repository 
  • Create / run script
# Create file and insert script
vi docker_setup.sh

# Change file mode to executable
chmod +x docker_setup.sh

# Run installation script
./docker_setup.sh

# Check Docker Version
docker --version
  • Add user to Docker group

Some Linux distributions do not automatically create a Docker group. Create a Dockergroup if it does not yet exist, Docker will bind to this group.

# Create Docker group (Ubuntu does this by default)
sudo groupadd docker


# Add user to Docker group: RedHat, Ubuntu
sudo usermod -aG docker username

# Add user to Docker group: Debian
sudo adduser username docker

Ansible Playbook
#

  • Ubuntu Version
---
- name: Install Docker on Ubuntu
  hosts: all
  become: true
  tasks:
    - name: Update apt
      apt:
        update_cache: yes

    - name: Install dependencies
      apt:
        name: ca-certificates,curl,gnupg,lsb-release
        state: present

    - name: Create Docker keyring directory
      file:
        path: /etc/apt/keyrings
        state: directory

    - name: Add Docker GPG key
      shell: curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg

    - name: Add Docker repository to apt sources
      shell: echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null

    - name: Update apt again
      apt:
        update_cache: yes

    - name: Install Docker
      apt:
        name: docker-ce,docker-ce-cli,containerd.io,docker-buildx-plugin,docker-compose-plugin
        state: present

    - name: Add ubuntu user to docker group
      user:
        name: ubuntu
        groups: docker
        append: yes

Docker Compose Overview
#

Docker Compose Commands
#

Depending on the Docker Version start the command with either docker-compose for the old version, or docker compose for the new version.

# Check Docker Compose Version
docker compose version
  • Test yml syntax
# Check the yml syntax without starting the Container
docker compose config

# Check the yml syntax without starting the Container: Quiet (Dont list the yml file to shell)
docker compose config -q
  • Pull image
# Pull latest Image (Stop Container first)
docker compose pull
  • Create, start & stop containers
# Start Containers
docker compose up -d

# Start only a specific service / container from docker compose file
docker compose up -d servicename

# Start Containers: Custom filename
docker compose -f filename.yaml up -d


# Stop Containers
docker compose down

# Stop Containers: Custom filename
docker compose -f filename.yaml down


# Restart Containers
docker compose restart
  • Start & stop specific container / service from the Docker Compose stack
# Start, stop, restart, pause & unpause a Docker Container
docker compose start servicename
docker compose stop servicename
docker compose restart servicename
docker compose pause servicename
docker compose unpause servicename
  • Logs
# List Logs till Command execution
docker compose logs

# List Logs all logs (running) 
docker compose logs -f
  • List Docker Containers
# List (only) Containers from Docker Compose file
docker compose ps

# List processes running inside each Container
docker-compose top

Docker Project Name
#

Note: Docker Compose generates a default project name based on the name of the directory where the docker-compose.yml file is located. This project name is then used as a prefix for network names and container names.

# Create environment file
sudo vi .env

# .env
COMPOSE_PROJECT_NAME=name-of-the-stack

Depends On
#

Define the order in which services are started up.

version: "3.9"
services:
  web:
    build: .
    depends_on:
      - db # Wait for db Service
      - redis # Wait for Redis Service
  
  redis:
    image: redis

  db:
    image: postgres

Container Image Tag
#

Go to hub.docker.com to find the latest image tags. Use a colon to define the image tag after the image, for example:

version: '3'

services:
  app:
    container_name: upload_nextcloud:25.0.5-apache

Or just the define the image with the latest tag, to automatically pull the latest version of the image, for example:

version: '3'

services:
  app:
    container_name: upload_nextcloud:latest

Networking
#

Note: Docker Compose generates a default project name based on the name of the directory where the docker-compose.yml file is located. This project name is then used as a prefix for the internal Docker network names.

Overview
#

# Create new external Docker network
sudo docker network create external-network-1

# List Docker networks
sudo docker network ls
version: "2.4"
services:
  db:
    image: ...
    ...
    networks:
      - internal-network-1 # Define the internal Docker stack network

  docker-app:
    depends_on:
      - db
    image: ...
    ...
    networks:
      - internal-network-1 # Define the internel Docker stack network
      - external-network-1 # Define external reverse proxy network

networks:
  external-network-1: # Define external reverse proxy network
    external: true
  internal-network-1: # Define internal Docker stack network

Custom Subnet
#

# Create new external Docker network: With custom subnet
sudo docker network create --subnet=192.168.11.0/24 external-network-2
version: "2.4"
services:
  db:
    image: ...
    ...
    networks:
      - internal-network-1 # Define the internal Docker stack network

  docker-app:
    depends_on:
      - db
    image: ...
    ...
    networks:
    networks:
      internal-network-1: # Define the internel Docker stack network
      external-network-2: # Define external reverse proxy network
        ipv4_address: 192.168.11.11 # Define IP address


networks:
  external-network-2: # Define external reverse proxy network
    external: true
  internal-network-1: # Define internal Docker stack network

Ports
#

  • Example: Expose port to container network only

This means port “443” is exposed to other containers within the same Docker network but not mapped to the host’s port 443.

version: "3.9"
services:
  web:
    ports:
      - "443"
  • Example: Bind port to specific interface

Container port “443” is only exposed to the host interface with the IP “192.168.30.90”.

version: "3.9"
services:
  web:
    ports:
      - "192.168.30.90:443:443"

Environment File
#

Use environment variables defined in an external file

# Create environment file
sudo vi .env
version: "2"
services:
  docker-app:
    image:
    container_name:
    env_file: # Define external environment file
      - .env

DNS & Hosts
#

  • Define host entry in Docker Compose file
version: "2"
services:
  docker-app:
    image:
    container_name:
    extra_hosts:
      - "host1.jklug.local:192.168.30.31" # Define host entry
      - "host2.jklug.local:192.168.30.32"
  • Define DNS serer in Docker Compose file
version: "2"
services:
  docker-app:
    image:
    container_name:
    dns:
      - 1.1.1.1 # Define DNS server
      - 8.8.8.8

Dockerfile
#

Build and create container from cutom image define in Dockerfile

version: '3.9'
services:
  app:
    build:
      context: ./ # Path to Dockerfile
      dockerfile: Dockerfile
    image: image-name:tag # Define image name and tag
    container_name: container-name # Define container name
    restart: unless-stopped
    hostname: hostname # Define host name
    ports:
      - 8080:80

Docker Volumes
#

Standard Docker Volume
#

version: "3.9"
services:
  application:
    image: image:latest
    working_dir: /app
    volumes:
      - application_data:/app

volumes:
  application_data:

Docker Volume Defined Location
#

version: '3.9'
services:
  application:
    image: image:latest
    volumes:
      - application_data:/data

volumes:
  application_data:
    driver: local
    driver_opts:
      type: none
      device: /opt/app/application_data
      o: bind

Host Mapping
#

version: "3.9"
services:
  application:
    image: image:latest
    working_dir: /app
    volumes:
      - "./application_data:/app"

Note: Depending on the necessary permissions inside the container, it’s necessary to create the folder on the host with the required permissions before the container is started.


Working Directory & Commands
#

This is the directory where the container will start, and it’s where commands defined with CMD in the Dockerfile, or commands specified in the Docker Compose file under command or entrypoint, will be executed.

version: "3.9"
services:
  application:
    image: image:latest
    working_dir: /app
    volumes:
      - application_data:/app
    command: ["/bin/sh", "-c", "while :; do sleep 10; done"]


volumes:
  application_data:

Systemd Service Units
#

Create Service Unit vi /etc/systemd/system/docker-compose-example.service

[Unit]
Description=Docker Compose Service
Requires=docker.service #Requires Docker service
After=docker.service #Start after Docker service

[Service]
Type=oneshot #Service exits after the ExecStart command completes
WorkingDirectory=/home/ubuntu/docker-compose/
ExecStart=/usr/bin/docker compose -f /home/ubuntu/docker-compose/docker-compose.yml up -d
ExecStop=/usr/bin/docker compose -f /home/ubuntu/docker-compose/docker-compose.yml down
StandardOutput=syslog
SyslogIdentifier=docker-compose-example
RemainAfterExit=yes #Service considered active after its process exits

[Install]
WantedBy=multi-user.target #Service is started during system startup process

Reload the systemd daemon to load the new service unit:
systemctl daemon-reload

Enable service to start on boot:
systemctl enable docker-compose-example.service

Start the service & start the containers defined in Docker-Compose file:
systemctl start docker-compose-example.service


Docker Overview
#

Docker Version
#

# Check Docker Version
docker version

# Check Docker Compose Version
docker compose version

Docker Images
#

Dockerhub: https://hub.docker.com/

Note when no Image tag is defined, the “latest” tag is used.

# Login to Dockerhub
docker login

# Pull Image from Dockerhub
docker pull image-name

# List Docker Images
docker images ls

# Delete Docker Image
docker image rm Image-ID

# Create Image from Container
docker container commit container-name image-name:tag

# Create Image from Container: Set Author and Commit Message
docker container commit -a "Author Name" -m "Commit message" container-name image-name:tag

# List history (commands) from Image
docker history image-name:tag

Create & Run Container
#

# Create & start Container
docker run --name Container-name Image-name

# Create & start Container: Detached
docker run -d --name Container-name Image-name

# Create / start Container: Bind Port
docker run -d -p8080:80 --name Container-name Image-name


# Create / start Container: Line break
docker run -d \
-p 8080:80 \
--name Container-name \
--mount source=Volume-name,target=/vol \
--net Network-name \
--restart unless-stopped \
image # Define Container image


# Create / start Container: Restart Policy
docker run -d --restart always Image-name
--restart always
--restart unless-stopped
--restart no

# Update Restart Policy from running Container
docker update --restart unless-stopped ContainerID

# Keep Container runing in the background (Debug)
docker run -dt Container-name . sleep infinity


# Rename Container
docker rename container-name new-container-name

Start & Stop Container
#

# Start Container
docker start Container-ID

##Start several Containers at once
docker start Container-ID &&
docker start Container-ID

# Stop Container
docker stop Container-ID`

# Immediately stop Container
docker kill Container-ID

# Restart Container
docker restart Container-ID


# List running Containers
docker ps

# List running and stopped Containers
docker ps -a # or
docker ps --all

Delete Stopped Container
#

# List running & stopped Containers
docker ps -a

# Delete stopped Container
docker rm Container-ID

Docker PS - Format Output
#

This command is very useful in environments with lots of running containers, it provides a more manageable overview.

# List ID's, Names & Image Versions
docker ps --format '{{ .ID }}\t{{.Names}}\t{{ .Image }}'

# List ID's, Names & Ports
docker ps --format '{{ .ID }}\t{{.Names}}\t{{ .Ports }}'

# List ID's, Names & Uptime
docker ps --format '{{ .ID }}\t{{.Names}}\t{{.Status}}'

# List ID's, Names & Creation Time
docker ps --format '{{ .ID }}\t{{.Names}}\t{{.RunningFor}}'

# List ID's & Names
docker ps --format '{{ .ID }}\t{{.Names}}'

# List only ID's
docker ps --format '{{ .ID }}'


# Save Docker PS output into file
docker ps | sort > /path/to/file

Container Logs
#

# Follow logs of specific container
docker logs -f container_id_or_name

# Follow logs of docker compose stack
docker compose logs -f

List Container Environment Variables
#

# List environment variables set in the container
docker exec -it container-name env

Execute Internal Terminal
#

Depending on the base image used for a container, bash is not always available. Here are some alternatives:

# Open shell inside Container
docker exec -it Container-ID /bin/bash
docker exec -it Container-ID bash
docker exec -it Container-ID ash
docker exec -it Container-ID sh

# Open shell inside Container: Define user
docker exec -it -u www-data Container-ID bash

# Exit Internal Terminal
exit

Run Command inside Container

# List Container directory / print to host shell: Without interactive TTY
docker exec container-name ls /app

Copy files from / to Container
#

# Copy file from Container to host
docker cp ContainerID:/container/path /host/path

# Copy file from host to Container
docker cp /host/path/ ContainerID:/container/path

Container Changes
#

# List changes made inside a Container
docker diff container-name

A Added
C Changed
D Deleted

Import & Export Images
#

Export Container, Import Image from Container

# Export stopped Container to tar file
docker export Container-ID > container-name.tar

# Import Image from exported Container
docker import - container-name < container-name.tar

Export & Import Image

# Export Docker Image
docker save -o image-name.tar image-name:tag

# Import Docker Image
docker load -i image-name.tar # or
docker load < image-name.tar

Docker Inspect
#

List Container Details

# List Container Details
docker container inspect Container-Name

# Grep Container IP
docker inspect Container-ID | grep IPAddress

List Image Details

# List Image Details
docker inspect image-name:tag

# Grep Image Author
docker inspect image-name:tag | grep "Author"

Docker Network
#

When not otherwise defined all Containers start in the default bridge network. Containers can communicate with each other using Container names as their DNS addresses.

Docker Network Commands:

# List Networks
docker network ls

# Inspect Network: E.g bridge
docker network inspect bridge

# Create Docker Network
docker network create network-name

# Delete Docker Network
docker network rm network-name


# Connect Container to Network
docker network connect network-name Container-ID

# Disconnect Container to Network
docker network disconnect network-name Container-ID

Start Container in specific network:

# Start container in specific network: e.g nginx
docker run --net network-name --name container-name -d nginx 

# Start container in specific network, define custom IPv4 address:
docker run --net network-name --ip 192.168.60.11 --name container-name -d nginx 

Dockerfile
#

Dockerfile Commands

FROM # Define base Image for Container
FROM ubuntu # Example

WORKDIR # Define working directory for RUN, CMD, ENTRYPOINT, COPY & ADD instructions 
WORKDIR /app # Example

COPY # Copy files from host into Container WORKDIR
COPY . . # Example

PULL # Adds files from Docker repository

RUN # Execute shell
RUN apt-get update # Example

CMD # Run Command (can only be used once)
CMD ["echo", "Hi there"] # Example

EXPOSE # Expose Port
EXPOSE 80 # Example

Docker Build
#

Create & Start Image from Dockerfile

# Build Image from Dockerfile
docker build .

# Build Image from Dockerfile: Define image name
docker build -t image-name .

# Start Container from image
docker run --name container-name image-name
# The Container image looks as follows: List images
docker image ls

# Shell output
REPOSITORY   TAG       IMAGE ID       CREATED              SIZE
image-name   tag       34ac7f7fb9ce   About a minute ago   265MB
# The running Container looks as follows: List running containers
docker ps

# Shell output
CONTAINER ID   IMAGE            COMMAND                  CREATED         STATUS         PORTS                                             NAMES
1fb84ec5e41f   image-name:tag   "docker-entrypoint.s…"   9 seconds ago   Up 7 seconds   3000/tcp, 0.0.0.0:8080->80/tcp, :::8080->80/tcp   container-name

Open the Container terminal with docker exec -it container-name ash and check the hostname with hostname.


Container Registry
#

Authenticate
#

# Authenticate to the registry: DockerHub
docker login

# Authenticate to the registry: Define Server and port
docker login registry.example.com:5000
# Credential file
~/.docker/config.json

Image Name
#

In order to push a local image to the registry, the image name must be in the following format: My-Docker-ID/Imagename

# Tag an existing image with a new name or tag
docker image tag source-image My-Docker-ID/target-image

Push & Pull
#

# Push image to DockerHub
docker image push My-Docker-ID/Imagename

# Run image from DockerHub
docker container run My-Docker-ID/Imagename

Docker Volumes
#

# Create Docker Volume
docker volume create volume-name

# Delete Docker Volume
docker volume rm volume-name

# Delete all Docker Volumes that are not mounted
docker volume prune

# List Docker Volumes
docker volume ls

# Inspect Docker Volume
docker volume inspect volume-name

# Inspect Docker Volume: Shell Output
[
    {
        "CreatedAt": "2023-06-02T19:39:29Z",
        "Driver": "local",
        "Labels": null,
        "Mountpoint": "/var/lib/docker/volumes/volume-name/_data",
        "Name": "volume-name",
        "Options": null,
        "Scope": "local"
    }
]

Change Docker Directory
#

# Default Docker directory
/var/lib/docker/
# Stop Docker
sudo systemctl stop docker

# Open Docker configuration file
sudo vi /etc/docker/daemon.json

# Define data root
{
  "data-root": "/new/path/to/docker-data"
}

# Move data
sudo mv /var/lib/docker /new/path/to/docker-data

# Start Docker
sudo systemctl start docker
# Verify changes
docker info | grep "Docker Root Dir"

Trouble-shooting
#

When the Docker service itself want start it can be very helpful to output the following logs:

dockerd --debug Show Docker logs

It could also be helpful to check your /etc/docker/daemon.json configuration.


Clean Up
#

Docker Prune
#

# Remove dangling (not tagged) images
docker image prune

# Remove unused and dangling (not tagged) images
docker image prune --all

# Remove unused and dangling (not tagged) image: (Do not prompt for confirmation)
docker image prune --all --force
# Remove all stopped containers
docker container prune

# Remove unused networks
docker network prune

# Remove unused volumes
docker volume prune
# Remove all stopped containers, unused networks, and unused volumes 
docker system prune

# Remove all unused data (containers, networks, volumes, and images)
docker system prune -a

Delete All Resources
#

# Stop all Contrainers
docker kill $(docker ps -q)

# Delete all Containers
docker container rm -f $(docker container ls -aq)

# Delete all Volumes
docker volume rm -f $(docker volume ls -q)

# Delete all Images
docker image rm -f $(docker image ls -q)

# Delete all Dockernetworks
docker network prune -f

Stop & Delete at once:

docker kill $(docker ps -q)  &&
docker container rm -f $(docker container ls -aq) &&
docker volume rm -f $(docker volume ls -q) &&
docker network prune -f

Delete Docker
#

When the docker services want start and nothing else helps, sometimes the fastest way to solve the problem is to reinstall docker. To do so, first stop the docker service and uninstall all docker services.

Remove Docker Explanation
systemctl stop docker.service Stop Docker Service
sudo apt remove docker-ce docker.io docker Remove Docker

Also it could be necessary to delete the following Docker directories:
/var/lib/docker/
/run/docker.pid
/run/docker.sock

After everything is removed use the script provided at the top of this tutorial to reinstall Docker.


Links #

# Docker Compose Versions
https://docs.docker.com/compose/compose-file/compose-versioning/