Docker: Basic Commands and Container Management - Complete Guide

Mastering Docker commands is essential for effective container management in modern DevOps workflows. This comprehensive guide covers essential Docker commands, container lifecycle management, practical examples, and best practices for managing containerized applications in production environments.

Table of Contents

• Introduction
• Prerequisites
• Docker Architecture Overview
• Essential Docker Commands
• Container Lifecycle Management
• Working with Docker Images
• Container Inspection and Debugging
• Resource Management
• Networking Basics
• Volume Management Basics
• Production Best Practices
• Troubleshooting
• Conclusion

Introduction

Docker containers provide lightweight, portable environments for running applications. Understanding Docker's command-line interface (CLI) is fundamental for developers and system administrators working with containerized applications. This guide provides a comprehensive reference for Docker commands, from basic operations to advanced container management techniques.

What You'll Learn

• Essential Docker CLI commands and syntax
• Container lifecycle management (create, start, stop, remove)
• Image management and registry operations
• Container inspection and debugging techniques
• Resource limitation and monitoring
• Best practices for production environments

Prerequisites

Before proceeding, ensure you have:

• Docker Engine installed (see Docker Installation guide)
• Basic Linux command-line knowledge
• User account with Docker permissions (member of docker group)
• Terminal access to your Linux system

Verify Docker installation:

docker --version
docker info

Docker Architecture Overview

Understanding Docker's architecture helps you use commands effectively:

Key Components

• Docker Daemon: Background service managing containers
• Docker Client: CLI tool for sending commands to daemon
• Docker Images: Read-only templates for creating containers
• Docker Containers: Running instances of images
• Docker Registry: Repository for storing and distributing images

Basic Workflow

Image (pulled from registry) → Container (running instance) → Modified Container → New Image (committed)

Essential Docker Commands

Getting Help

# Display Docker version
docker --version

# Show detailed version information
docker version

# Display system-wide information
docker info

# Get help for Docker commands
docker --help

# Get help for specific command
docker run --help
docker ps --help

Working with Containers

Running Containers

# Run container from image
docker run nginx

# Run container in detached mode (background)
docker run -d nginx

# Run container with custom name
docker run --name my-nginx nginx

# Run interactive container with terminal
docker run -it ubuntu bash

# Run container with port mapping
docker run -d -p 8080:80 nginx

# Run container with multiple ports
docker run -d -p 8080:80 -p 8443:443 nginx

# Run container with environment variables
docker run -d -e MYSQL_ROOT_PASSWORD=secret mysql

# Run container with volume mount
docker run -d -v /host/path:/container/path nginx

# Run container and remove after exit
docker run --rm ubuntu echo "Hello Docker"

Listing Containers

# List running containers
docker ps

# List all containers (including stopped)
docker ps -a

# List container IDs only
docker ps -q

# List containers with custom format
docker ps --format "table {{.ID}}\t{{.Names}}\t{{.Status}}"

# List containers with size
docker ps -s

# Filter containers
docker ps --filter "status=running"
docker ps --filter "name=nginx"

Managing Container State

# Start stopped container
docker start container_name

# Stop running container (sends SIGTERM)
docker stop container_name

# Stop container with timeout
docker stop -t 30 container_name

# Force stop container (sends SIGKILL)
docker kill container_name

# Restart container
docker restart container_name

# Pause container processes
docker pause container_name

# Unpause container
docker unpause container_name

Removing Containers

# Remove stopped container
docker rm container_name

# Force remove running container
docker rm -f container_name

# Remove multiple containers
docker rm container1 container2 container3

# Remove all stopped containers
docker container prune

# Remove all stopped containers (older syntax)
docker rm $(docker ps -aq -f status=exited)

Container Lifecycle Management

Complete Lifecycle Example

# 1. Pull image
docker pull nginx:latest

# 2. Create container without starting
docker create --name web-server -p 8080:80 nginx

# 3. Start the container
docker start web-server

# 4. View running containers
docker ps

# 5. Stop the container
docker stop web-server

# 6. Start it again
docker start web-server

# 7. Restart the container
docker restart web-server

# 8. Stop and remove
docker stop web-server
docker rm web-server

Creating Containers with Advanced Options

# Create container with resource limits
docker create \
  --name app-server \
  --memory="512m" \
  --cpus="1.5" \
  -p 3000:3000 \
  -e NODE_ENV=production \
  -v app-data:/app/data \
  --restart unless-stopped \
  node:16-alpine \
  node server.js

# Start the created container
docker start app-server

Container Restart Policies

# No automatic restart (default)
docker run --restart no nginx

# Always restart
docker run --restart always nginx

# Restart on failure
docker run --restart on-failure nginx

# Restart on failure with max attempts
docker run --restart on-failure:5 nginx

# Restart unless stopped manually
docker run --restart unless-stopped nginx

Update restart policy on existing container:

docker update --restart unless-stopped container_name

Working with Docker Images

Listing Images

# List all images
docker images

# List image IDs only
docker images -q

# Show image digests
docker images --digests

# Filter images
docker images --filter "dangling=true"
docker images --filter "reference=nginx:*"

Pulling Images

# Pull latest version
docker pull ubuntu

# Pull specific version
docker pull ubuntu:20.04

# Pull from specific registry
docker pull ghcr.io/username/image:tag

# Pull all tags of an image
docker pull --all-tags ubuntu

Removing Images

# Remove image
docker rmi nginx

# Remove image by ID
docker rmi abc123def456

# Force remove image
docker rmi -f nginx

# Remove all unused images
docker image prune

# Remove all images
docker rmi $(docker images -q)

# Remove dangling images
docker image prune -a

Tagging Images

# Tag image with new name
docker tag nginx:latest my-nginx:v1.0

# Tag for registry
docker tag my-app:latest registry.example.com/my-app:latest

Searching Images

# Search Docker Hub
docker search nginx

# Limit search results
docker search --limit 5 nginx

# Filter by stars
docker search --filter stars=100 nginx

Container Inspection and Debugging

Viewing Container Logs

# View container logs
docker logs container_name

# Follow logs in real-time
docker logs -f container_name

# Show last N lines
docker logs --tail 100 container_name

# Show logs with timestamps
docker logs -t container_name

# Show logs since specific time
docker logs --since 2024-01-01T00:00:00 container_name
docker logs --since 1h container_name

Inspecting Containers

# Show container details
docker inspect container_name

# Format output with Go template
docker inspect --format '{{.State.Status}}' container_name

# Get container IP address
docker inspect --format '{{.NetworkSettings.IPAddress}}' container_name

# Get container ports
docker inspect --format '{{.NetworkSettings.Ports}}' container_name

# Show multiple containers
docker inspect container1 container2

Executing Commands in Containers

# Execute command in running container
docker exec container_name ls -la

# Interactive shell access
docker exec -it container_name bash
docker exec -it container_name sh

# Execute as specific user
docker exec -u root container_name whoami

# Set working directory
docker exec -w /app container_name pwd

Accessing Container Shell

# Start bash in running container
docker exec -it my-container bash

# Start sh if bash not available
docker exec -it my-container sh

# Attach to container's main process
docker attach container_name

Copying Files

# Copy from container to host
docker cp container_name:/path/to/file.txt /host/path/

# Copy from host to container
docker cp /host/path/file.txt container_name:/path/to/

# Copy directory
docker cp container_name:/app/logs/ ./logs/

Monitoring Containers

# Display container resource usage
docker stats

# Stats for specific container
docker stats container_name

# Stats without streaming (one-time)
docker stats --no-stream

# Show all containers including stopped
docker stats --all

View Container Processes

# Show running processes in container
docker top container_name

# Show processes with custom format
docker top container_name aux

Port Mapping Information

# Show port mappings
docker port container_name

# Show specific port mapping
docker port container_name 80

Resource Management

CPU Limits

# Limit to 1 CPU
docker run -d --cpus="1.0" nginx

# Limit to 1.5 CPUs
docker run -d --cpus="1.5" nginx

# CPU shares (relative weight)
docker run -d --cpu-shares=512 nginx

# Pin to specific CPUs
docker run -d --cpuset-cpus="0,1" nginx

Memory Limits

# Set memory limit
docker run -d --memory="512m" nginx

# Set memory with swap limit
docker run -d --memory="512m" --memory-swap="1g" nginx

# Disable swap
docker run -d --memory="512m" --memory-swap="512m" nginx

# Set memory reservation
docker run -d --memory-reservation="256m" nginx

Storage Limits

# Set storage limit
docker run -d --storage-opt size=10G nginx

Update Container Resources

# Update running container memory
docker update --memory="1g" container_name

# Update CPU limits
docker update --cpus="2" container_name

# Update multiple containers
docker update --memory="512m" container1 container2

Networking Basics

Listing Networks

# List all networks
docker network ls

# Inspect network
docker network inspect bridge

Creating Networks

# Create bridge network
docker network create my-network

# Create network with subnet
docker network create --subnet=172.18.0.0/16 my-network

Connecting Containers to Networks

# Run container on specific network
docker run -d --network my-network --name web nginx

# Connect running container to network
docker network connect my-network container_name

# Disconnect from network
docker network disconnect my-network container_name

Container DNS

# Containers on same network can communicate by name
docker network create app-net
docker run -d --network app-net --name db mysql
docker run -d --network app-net --name web nginx

# From web container:
docker exec web ping db

Volume Management Basics

Creating Volumes

# Create named volume
docker volume create my-data

# List volumes
docker volume ls

# Inspect volume
docker volume inspect my-data

Using Volumes with Containers

# Mount named volume
docker run -d -v my-data:/app/data nginx

# Mount host directory (bind mount)
docker run -d -v /host/path:/container/path nginx

# Read-only volume
docker run -d -v my-data:/app/data:ro nginx

# Mount with volume driver options
docker run -d -v my-data:/app/data:nocopy nginx

Removing Volumes

# Remove specific volume
docker volume rm my-data

# Remove unused volumes
docker volume prune

Production Best Practices

Container Naming Convention

# Use meaningful names
docker run -d --name prod-web-01 nginx
docker run -d --name prod-db-primary mysql

# Include environment and function
docker run -d --name staging-api-gateway nginx

Health Checks

# Run with health check
docker run -d \
  --name web \
  --health-cmd="curl -f http://localhost/ || exit 1" \
  --health-interval=30s \
  --health-timeout=3s \
  --health-retries=3 \
  nginx

# Check health status
docker inspect --format='{{.State.Health.Status}}' web

Logging Best Practices

# Use json-file with limits
docker run -d \
  --log-driver json-file \
  --log-opt max-size=10m \
  --log-opt max-file=3 \
  nginx

# Use syslog
docker run -d \
  --log-driver syslog \
  --log-opt syslog-address=tcp://192.168.1.100:514 \
  nginx

Security Practices

# Run as non-root user
docker run -d --user 1000:1000 nginx

# Read-only root filesystem
docker run -d --read-only --tmpfs /tmp nginx

# Drop capabilities
docker run -d --cap-drop ALL --cap-add NET_BIND_SERVICE nginx

# Set security options
docker run -d --security-opt="no-new-privileges:true" nginx

Resource Limits in Production

# Production container with limits
docker run -d \
  --name prod-app \
  --memory="2g" \
  --memory-reservation="1g" \
  --cpus="2" \
  --restart unless-stopped \
  --log-opt max-size=10m \
  --log-opt max-file=5 \
  -p 80:8080 \
  my-app:latest

Container Cleanup

# Remove stopped containers
docker container prune

# Remove unused images
docker image prune -a

# Remove unused volumes
docker volume prune

# Remove unused networks
docker network prune

# Remove everything unused
docker system prune -a --volumes

Label Containers for Organization

# Run with labels
docker run -d \
  --label environment=production \
  --label team=backend \
  --label version=1.0 \
  nginx

# Filter by label
docker ps --filter "label=environment=production"

Troubleshooting

Container Won't Start

# Check logs for errors
docker logs container_name

# Inspect container configuration
docker inspect container_name

# Check if port is already in use
sudo netstat -tulpn | grep :8080
sudo lsof -i :8080

# Try running in foreground to see errors
docker run nginx

Container Exits Immediately

# Check exit code
docker inspect --format='{{.State.ExitCode}}' container_name

# View logs
docker logs container_name

# Common exit codes:
# 0 - Successful exit
# 1 - Application error
# 137 - Container received SIGKILL (OOM or forced kill)
# 139 - Segmentation fault
# 143 - Container received SIGTERM

High Resource Usage

# Monitor resources
docker stats

# Check container processes
docker top container_name

# Inspect resource limits
docker inspect --format='{{.HostConfig.Memory}}' container_name

Network Connectivity Issues

# Check container network
docker inspect --format='{{.NetworkSettings.Networks}}' container_name

# Get container IP
docker inspect --format='{{.NetworkSettings.IPAddress}}' container_name

# Test from another container
docker run --rm busybox ping container_name

# Check port mappings
docker port container_name

Permission Issues

# Check container user
docker exec container_name whoami

# Check file permissions in container
docker exec container_name ls -la /path

# Run command as root
docker exec -u root container_name chown -R appuser:appuser /app

Debugging Stopped Container

# Create container without starting
docker create --name debug nginx

# Start in debug mode
docker start -ai debug

# Or commit and inspect
docker commit container_name debug-image
docker run -it debug-image bash

Conclusion

Mastering Docker commands is essential for efficient container management. This guide covered fundamental operations from basic container lifecycle management to advanced production practices.

Key Takeaways

• Container Lifecycle: Understanding create, start, stop, restart, and remove operations
• Image Management: Pulling, listing, tagging, and removing images efficiently
• Debugging Skills: Using logs, exec, inspect, and stats for troubleshooting
• Resource Control: Setting CPU, memory, and storage limits for stability
• Best Practices: Implementing security, logging, and naming conventions
• Production Ready: Using health checks, restart policies, and proper cleanup

Quick Reference Card

# Essential Commands
docker run -d --name app nginx          # Run container
docker ps -a                             # List all containers
docker logs -f app                       # Follow logs
docker exec -it app bash                 # Access shell
docker stop app                          # Stop container
docker rm app                            # Remove container
docker images                            # List images
docker rmi image_name                    # Remove image
docker system prune -a                   # Clean up everything

# Container Management
docker start/stop/restart container      # State management
docker pause/unpause container           # Pause processes
docker update --memory 1g container      # Update resources
docker inspect container                 # Detailed info

# Debugging
docker logs --tail 100 -f container      # Recent logs
docker stats container                   # Resource usage
docker top container                     # Running processes
docker exec -it container sh             # Interactive shell

Next Steps

1. Learn Dockerfiles: Create custom container images
2. Explore Docker Compose: Manage multi-container applications
3. Study Networking: Deep dive into Docker network modes
4. Master Volumes: Implement persistent data strategies
5. Security Hardening: Apply advanced security practices
6. Orchestration: Move to Kubernetes for production orchestration
7. CI/CD Integration: Automate container builds and deployments

Additional Resources

• Docker CLI reference: https://docs.docker.com/engine/reference/commandline/cli/
• Docker run reference: https://docs.docker.com/engine/reference/run/
• Docker best practices: https://docs.docker.com/develop/dev-best-practices/

With these Docker commands and best practices, you're well-equipped to manage containers effectively in development and production environments. Practice these commands regularly to build muscle memory and confidence in container operations.