Docker Cheat Sheet: Command Reference by Use Case

Tags:

Docker

April 26, 2026

When working with Docker in production, it's common to look up command options and syntax every time. This article organizes frequently used Docker commands by use case so you can quickly find what you're looking for.

docker

Description

docs.docker.com

Images

Pull an image from a registry like Docker Hub. If you omit the tag, latest is used.

docker pull nginx:latest

Build an image from a Dockerfile. Use -t to specify the image name and tag. Add --no-cache for a clean build without using the cache.

docker build -t my-app:latest .
docker build --no-cache -t my-app:latest .

If your Dockerfile uses ARG, you can pass values at build time with --build-arg.

docker build --build-arg NODE_ENV=production -t my-app:latest .

List locally stored images. Add -a to include intermediate images.

docker images
docker images -a

Tag an image. Assigning multiple tags to the same image makes version management easier.

docker tag my-app:latest my-app:1.0.0

Before pushing to a registry like Docker Hub or GitHub Container Registry, log in first. For private registries, specify the registry URL.

docker login
docker login <registry-url>

After logging in, push the image to the registry. For Docker Hub, the image name must follow the <username>/<image>:<tag> format.

docker tag my-app:latest <username>/my-app:latest

docker push <username>/my-app:latest

Delete a local image. Specify a tag to remove only that version. Add -f to force-delete an image that's in use by a running container.

docker rmi my-app:latest
docker rmi -f my-app:latest

Running Containers

Use docker run to create and start a container from an image. Use -d for background execution and --name to assign a name.

docker run -d --name my-container nginx

Use the -p option to map ports in <host-port>:<container-port> format.

docker run -d -p 8080:80 --name my-nginx nginx

Adding --rm and -it starts the container interactively in the foreground. The --rm flag automatically removes the container when it exits — useful for manually inspecting what's happening inside.

docker run --rm -it my-app:latest bash

Start a stopped container. Use this when you want to resume an existing container without creating a new one with docker run.

docker start <container-name-or-id>

Restart a running container. Useful when you want to apply updated configuration.

docker restart <container-name-or-id>

Environment Variables

Use the -e option to pass environment variables at container startup. This is useful for injecting configuration that changes per environment — such as database credentials or API keys — without embedding them in the image, letting you reuse the same image across development, staging, and production.

docker run -e DB_HOST=localhost -e DB_PORT=5432 my-app

Use --env-file to pass multiple environment variables from a .env file at once. This keeps things manageable when you have many variables.

docker run --env-file .env my-app

To check which environment variables are set inside a container, combine docker exec with the env command.

docker exec <container-name-or-id> env

Volumes

When a container is deleted, its internal data is lost. Use volumes to persist data. Create a volume with docker volume create, then mount it with the -v option.

docker volume create my-volume

docker run -v my-volume:/app/data my-app

Use a bind mount to mount a host directory directly into the container. This is useful during development when you want file changes on the host to reflect inside the container in real time.

docker run -v $(pwd)/src:/app/src my-app

List all volumes.

docker volume ls

Inspect volume details such as the mount path. Useful for checking which path a container is mounting.

docker volume inspect <volume-name>

Remove unused volumes. Volumes persist even after containers are deleted, so clean them up regularly.

docker volume prune

Networking

Create a custom network to isolate communication between containers. Containers connected to the same network can resolve each other by container name.

docker network create my-network

Start a container connected to a network.

docker run -d --name my-app --network my-network my-app:latest

You can also connect or disconnect a running container from a network.

docker network connect my-network <container-name-or-id>

docker network disconnect my-network <container-name-or-id>

List all networks. By default, three networks exist — bridge, host, and none — and any custom networks you've created appear alongside them.

docker network ls

Inspect network details including connected containers and configuration. Useful for verifying that name resolution between containers is working as expected.

docker network inspect <network-name>

Remove an unused network. Use docker network prune to remove all unused networks at once.

docker network rm my-network

docker network prune

Container Status

List containers. Add -a to include stopped containers.

docker ps
docker ps -a

Inspect detailed information about a specific container (IP address, mounts, environment variables, etc.). Useful for checking whether configuration is applied as expected.

docker inspect <container-name-or-id>

Monitor container resource usage (CPU and memory) in real time.

docker stats

Check overall Docker disk usage (images, containers, volumes, and cache). Useful for understanding available space before cleaning up.

docker system df

View container logs. Use -f for real-time tailing and --tail to limit the number of lines shown.

docker logs <container-name-or-id>
docker logs -f <container-name-or-id>
docker logs --tail 100 <container-name-or-id>

Container Operations

Enter a running container. For containers without bash (such as Alpine Linux-based ones), use sh instead.

docker exec -it <container-name-or-id> bash
docker exec -it <container-name-or-id> sh

To run a command without entering the container, pass it directly. Useful for quickly checking file existence or processes on the spot.

docker exec <container-name-or-id> ls /etc

Copy a file from the host to a container. Useful for pushing configuration files.

docker cp <host-path> <container-name-or-id>:<container-path>

Copy a file from a container to the host. Useful for retrieving log files or configuration files.

docker cp <container-name-or-id>:<container-path> <host-path>

Troubleshooting

Track container events (start, stop, crash, etc.) in real time. Useful for detecting crash loops and identifying when issues occur. Use --filter to focus on a specific container.

docker events
docker events --filter container=my-app

Check whether ports are exposed as expected. Lists all ports the container is listening on.

docker port <container-name-or-id>

Use docker history to inspect the layer structure of an image. You can see which command added how much size.

docker history my-app:latest

Stopping and Removing

Stop a running container. Docker sends SIGTERM first, then SIGKILL if the container doesn't respond within the timeout.

docker stop <container-name-or-id>

Remove a stopped container. Add -f to force-remove a running container.

docker rm <container-name-or-id>
docker rm -f <container-name-or-id>

Use prune to bulk-remove stopped containers and unused images.

docker container prune
docker image prune

Remove all stopped containers, unused images, unused networks, and build cache. Add --volumes to also remove volumes.

docker system prune
docker system prune --volumes

Quick Reference

Here's a summary of frequently used commands and their first arguments. Use this as a reference when you forget the syntax.

Command	Description
`docker pull [image]`	Pull an image from a registry
`docker build [path]`	Build an image from a Dockerfile
`docker tag [src]`	Tag an image
`docker push [image]`	Push an image to a registry
`docker rmi [image]`	Remove an image
`docker run [image]`	Create and start a container
`docker exec [container]`	Run a command in a running container
`docker cp [src]`	Copy files between host and container
`docker logs [container]`	View container logs
`docker inspect [container]`	Show detailed container information
`docker stop [container]`	Stop a container
`docker rm [container]`	Remove a container
`docker network connect [network]`	Connect a container to a network
`docker volume inspect [volume]`	Show detailed volume information

Summary

The basic flow to get a container running: pull image → start container → check status
Inject environment variables at runtime and avoid embedding configuration in the image
Use volumes or bind mounts when you need to persist data
When something goes wrong, check the logs first, then enter the container to investigate
Get into the habit of checking disk usage regularly and cleaning up unused resources

Images​

Running Containers​

Environment Variables​

Volumes​

Networking​

Container Status​

Container Operations​

Troubleshooting​

Stopping and Removing​

Quick Reference​

Summary​