Docker Cheatsheet

DevOps 8 views Apr 2026

Docker Cheatsheet

Images

# Pull image
docker pull nginx:alpine
docker pull node:20-alpine

# List images
docker images
docker image ls

# Build image
docker build -t myapp:1.0 .
docker build -t myapp:latest -f Dockerfile.prod .

# Tag & push
docker tag myapp:latest myregistry/myapp:1.0
docker push myregistry/myapp:1.0

# Remove
docker rmi myapp:1.0
docker image prune        # remove dangling images
docker image prune -a     # remove all unused images

# Inspect
docker image inspect nginx:alpine
docker history nginx:alpine

Containers

# Run
docker run nginx                           # foreground
docker run -d nginx                        # detached
docker run -d -p 8080:80 nginx             # port mapping
docker run -d -p 8080:80 --name web nginx  # named
docker run -it ubuntu bash                 # interactive
docker run --rm ubuntu echo "hello"        # remove after exit
docker run -e ENV_VAR=value nginx          # env variable
docker run -v /host:/container nginx       # bind mount

# List
docker ps                 # running only
docker ps -a              # all (including stopped)

# Start / stop / restart / kill
docker start web
docker stop web
docker restart web
docker kill web            # SIGKILL

# Remove
docker rm web
docker rm -f web           # force remove running container
docker container prune     # remove all stopped containers

# Logs
docker logs web
docker logs -f web                  # follow (like tail -f)
docker logs --tail 100 web

# Exec into running container
docker exec -it web bash
docker exec web ls /app

# Copy files
docker cp web:/app/file.txt ./
docker cp ./file.txt web:/app/

# Stats & inspect
docker stats
docker inspect web
docker top web

Dockerfile

# Multi-stage build (ASP.NET Core)
FROM mcr.microsoft.com/dotnet/sdk:8.0 AS build
WORKDIR /src
COPY *.csproj .
RUN dotnet restore
COPY . .
RUN dotnet publish -c Release -o /app/publish

FROM mcr.microsoft.com/dotnet/aspnet:8.0 AS final
WORKDIR /app
COPY --from=build /app/publish .
EXPOSE 8080
ENTRYPOINT ["dotnet", "MyApp.dll"]

# Multi-stage build (Node.js)
FROM node:20-alpine AS deps
WORKDIR /app
COPY package*.json .
RUN npm ci --only=production

FROM node:20-alpine AS build
WORKDIR /app
COPY package*.json .
RUN npm ci
COPY . .
RUN npm run build

FROM node:20-alpine AS final
WORKDIR /app
COPY --from=deps /app/node_modules ./node_modules
COPY --from=build /app/dist ./dist
USER node
EXPOSE 3000
CMD ["node", "dist/index.js"]

Dockerfile Instructions

FROM ubuntu:22.04           # base image
WORKDIR /app                # set working dir (creates if missing)
COPY src/ ./src/            # copy (respects .dockerignore)
ADD archive.tar.gz /app/    # like COPY but auto-extracts tar
RUN apt-get update     && apt-get install -y curl     && rm -rf /var/lib/apt/lists/*   # merge layers!
ENV NODE_ENV=production     # baked-in env variable
ARG VERSION=1.0             # build-time variable only
EXPOSE 3000                 # documents port (does NOT publish)
VOLUME /data                # declare mount point
USER node                   # run as non-root
ENTRYPOINT ["node"]         # fixed executable
CMD ["index.js"]            # default args to ENTRYPOINT
HEALTHCHECK --interval=30s --timeout=3s   CMD curl -f http://localhost/health || exit 1
LABEL maintainer="dev@example.com"

Volumes & Networks

# Volumes
docker volume create mydata
docker volume ls
docker volume inspect mydata
docker volume rm mydata
docker volume prune

docker run -v mydata:/app/data nginx    # named volume
docker run -v F:/Code2nightNet8/Code2NightV4/code2night:/app nginx         # bind mount (dev)

# Networks
docker network create mynet
docker network create --driver bridge mynet
docker network ls
docker network inspect mynet
docker network rm mynet

docker run --network mynet --name app1 myapp
docker run --network mynet --name db postgres

docker network connect mynet container1
docker network disconnect mynet container1

Docker Compose

version: "3.9"

services:
  web:
    build: .
    ports:
      - "8080:8080"
    environment:
      - DB_HOST=db
      - NODE_ENV=production
    depends_on:
      db:
        condition: service_healthy
    volumes:
      - ./uploads:/app/uploads
    restart: unless-stopped
    networks:
      - app-net

  db:
    image: postgres:15-alpine
    environment:
      POSTGRES_DB: myapp
      POSTGRES_USER: admin
      POSTGRES_PASSWORD: secret
    volumes:
      - pgdata:/var/lib/postgresql/data
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U admin"]
      interval: 10s
      timeout: 5s
      retries: 5
    networks:
      - app-net

  redis:
    image: redis:7-alpine
    command: redis-server --appendonly yes
    volumes:
      - redisdata:/data
    networks:
      - app-net

volumes:
  pgdata:
  redisdata:

networks:
  app-net:

Compose Commands

docker compose up               # start (foreground)
docker compose up -d            # start (detached)
docker compose up --build       # rebuild before start
docker compose down             # stop + remove containers
docker compose down -v          # also remove volumes
docker compose ps               # list services
docker compose logs -f web      # follow service logs
docker compose exec web bash    # shell into service
docker compose run web npm test # one-off command
docker compose pull             # pull latest images
docker compose build            # build all services
docker compose restart web      # restart one service

Best Practices

# .dockerignore
node_modules
.git
.env
*.log
dist
coverage

# Key rules:
# 1. Multi-stage builds â€” keep final image small
# 2. Copy package.json before source (cache deps layer)
# 3. Always run as non-root USER
# 4. Pin image tags â€” never use :latest in production
# 5. One process per container
# 6. Use HEALTHCHECK in production
# 7. Merge RUN commands to reduce layers
# 8. Secrets via env vars or Docker secrets â€” never bake in image
# 9. Scan: docker scout cves myimage:tag

Found this helpful? Share it!

Tweet LinkedIn WhatsApp