docker run
command. In this section, you'll be learning about container manipulation in a lot more detail. Container manipulation is one of the most common task you'll be performing every single day so having a proper understanding of the various commands is crucial.docker run
to create and start a container using the hello-world
image. The generic syntax for this command is as follows:docker
daemon. Prior to version 1.13
, Docker had only the previously mentioned command syntax. Later on, the command-line was restructured to have the following syntax:object-type
indicates the type of Docker object you'll be manipulating. This can be a container
, image
, network
or volume
object.command
indicates the task to be carried out by the daemon i.e. run
command.options
can be any valid parameter that can override the default behavior of the command i.e. the --publish
option for port mapping.run
command can be written as follows:image name
can be of any image from an online registry or your local system. As an example, you can try to run a container using the fhsinchy/hello-dock image. This image contains a simple Vue.js application that runs on port 80 inside the container. To run a container using this image, execute following command on your terminal:--publish 8080:80
portion which will be explained in the next sub-section.--publish
or -p
option is as follows:--publish 8080:80
in the previous sub-section, it meant any request sent to port 8080 of your host system will be forwarded to port 80 inside the container.http://127.0.0.1:8080
address.ctrl + c
key combination while the terminal window is in focus or closing off the terminal window completely.run
command is the --detach
or -d
option. In the example above, in order for the container to keep running, you had to keep the terminal window open. Closing the terminal window also stopped the running container.--detach
option to the run
command as follows:--publish
option before the --detach
option, it'll work just the same. One thing that you have to keep in mind in case of the run
command is that the image name must come last. If you put anything after the image name then that'll be passed as an argument to the container entry-point (explained in the Executing Commands Inside a Container sub-section) and may result in unexpected situations.container ls
command can be used to list out containers that are currently running. To do so execute following command:gifted_sammet
is running. It was created 5 seconds ago
and the status is the status is Up 5 seconds,
which indicates that the container is running fine since it's creation.CONTAINER ID
is 9f21cb777058
which is the first 12 characters of the full container ID. The full container ID is 9f21cb77705810797c4b847dbd330d9c732ffddba14fb435470567a7a3f46cdc
which is 64 characters long. This full container ID was printed as the output of the docker container run
command in the previous section.PORTS
column, port 8080 from your local network is pointing towards port 80 inside the container. The name gifted_sammet
is generated by Docker and can be something completely different in your computer.container ls
command only lists the containers that are currently running on your system. In order to list out the containers that has run in the past you can use the --all
or -a
option.reverent_torvalds
was created earlier and has exited with the status code 0, which indicates that no error was produced during the runtime of the container.CONTAINER ID
- a random 64 characters long string.NAME
- combination of two random words, joined with an underscore.--name
option. To run another container using the fhsinchy/hello-dock
image with the name hello-dock-container
you can execute the following command:gifted_sammet
container (the container created in the previous sub-section), that's why you'll have to use a different port number i.e. 8888. Now to verify, run the container ls
command:hello-dock-container
has been started.container rename
command. Syntax for the command is as follows:gifted_sammet
container to hello-dock-container-2
execute following command:container ls
command. The rename
command works for containers both in running state and stopped state.ctrl + c
key combination. Containers running in the background, however, can not be stopped in the same way.container stop
command. Generic syntax for the command is as follows:container identifier
can either be the id or the name of the container. I hope that you remember the container you started in the previous section. It's still running in the background. Get the identifier for that container using docker container ls
, I'll be using hello-dock-container
container for this demo. Now execute following command to stop the container:stop
command shuts down a container gracefully by sending a SIGTERM
signal. If the container doesn't stop within a certain period, a SIGKILL
signal is sent which shuts down the container immediately.SIGKILL
signal instead of a SIGTERM
signal, you may use the container kill
command instead. The container kill
command follows the same syntax as the stop
command.container start
command can be used to start any stopped or killed container. The syntax of the command is as follows:container ls --all
command. Then look for the containers with Exited
status.hello-dock-container
container, you may execute the following command:container ls
command. The container start
command starts any container in detached mode by default and retains any port configurations made previously. So if you visit http://127.0.0.1:8080
now, you should be able to access the hello-dock
application just like before.container restart
command. The container restart
command follows the exact syntax as the container start
command.container restart
command attempts to stop the target container and then starts it back whereas the start command just starts a already stopped container.container restart
command.container run
command which is in reality a combination of two separate commands. These commands are as follows:container create
command creates a container from a given image.container start
command starts a container that has been already created.container ls --all
command, a container with the name of hello-dock
has been created using the fhsinchy/hello-dock
image. The STATUS
of the container is Created
at the moment and given it's not running, it won't be listed without the use of the --all
option. Once the container has been created, it can be started using the container start
command.STATUS
has changed from Created
to Up 29 seconds
which indicates that the container is now in running state. The port configuration has also showed up in the PORTS
column which was previously empty.container run
command for majority of the scenarios, there will be some situations later on in the article that requires the usage of this container create
command.container rm
command. The generic syntax is as follows:container ls --all
command and look for containers with Exited
status.6cf52771dde1
and 128ec8ceab71
is not running. To remove the 6cf52771dde1
you can execute the following command:container ls
command. You can also remove multiple containers at once by passing their identifiers one after another separated by spaces.container prune
command.--force
or -f
option to skip this confirmation step. Once done, the container prune
command will show the amount of reclaimed space.container ls --all
command to make sure that the dangling containers have been removed:hello-dock-container
and hello-dock-container-2
in the list. I would suggest stopping and removing both containers before going to the next section.--rm
option for the container run
and container start
commands which indicates that you want the containers removed as soon as they're stopped. To start another hello-dock
container with the --rm
option, execute the following command:container ls
command to verify that the container is running:container ls --all
command:--rm
option for most of the containers. I'll explicitly mention where it's not needed.sh
or bash
and in case of the programming languages or run-times, it is usually their default language shell.-it
option to be passed in the container run
command.ubuntu
image by executing docker container run ubuntu
you'll see nothing happens. But if you execute the same command with -it
option, you should land directly on bash inside the Ubuntu container.cat /etc/os-release
command, I am indeed interacting with the bash running inside the Ubuntu container.-it
option sets the stage for you to interact with any interactive program inside a container. This option is actually two separate options mashed together.-i
or --interactive
option connects you to the input stream of the container, so that you can send inputs to bash.-t
or --tty
option makes sure that you get some good formatting and a native terminal like experience by allocating a pseudo-tty.-it
option whenever you want to run a container in interactive mode. Another example can be running the node
image as follows:-it
you can instead be more verbose by writing --interactive --tty
separately.uname -a
command inside an Alpine Linux container. Scenarios like this where all you want is to execute a certain command inside a certain container is pretty common.base64
program which is something available in almost any Linux or Unix based operating system but not on Windows. In this situation you can quickly spin up a container using images like busybox and let it do the job.base64
is as follows:container run
command, whatever you pass after the image name gets passed to the default entry-point of the image. An entrypoint is like a gateway to the image. Most of the images except the executable images (explained in the Working With Executable Images sub-section), uses shell or sh
as the default entry-point. So any valid shell command can be passed to them as arguments.touch
command to do so. Now, I have a directory on my computer with following files:pdf
files from this directory, you can execute the following command:rmbyext
program did.rmbyext
script and is configured to run the script on a directory /zone
inside the container.rmbyext
program running inside the container doesn't have any access to your local file system. So, if somehow you can map the local directory containing the pdf
files to the /zone
directory inside the container, the files should be accessible to the container.-v $(pwd):/zone
part in the command, -v
or --volume
option is used for creating a bind mount for a container. This option can take three fields separated by colons (:
). The generic syntax for the option is as follows:/home/fhsinchy/the-zone
and given my terminal is opened inside the directory, $(pwd)
will be replaced with /home/fhsinchy/the-zone
which contains the previously mentioned .pdf
and .txt
files. You can learn more about command substitution if you want to.--volume
or -v
option is valid for the container run
as well as the container create
commands. Volumes will be explored in greater detail in the upcoming sections so don't worry if you didn't understand it very well here.sh
, in this case the rmbyext
program and as you've learned in the previous sub-section, anything you write after the image name in a container run
command gets passed to the entry-point of the image.docker container run --rm -v $(pwd):/zone fhsinchy/rmbyext pdf
command translates to rmbyext pdf
inside the container. Executable images are not that common in the wild but can be very useful in certain cases, hence learning about them is important.