Docker Cheat Sheet

Container lifecycle, volumes, networks, and compose shortcuts all in one place.

Container Lifecycle

Run a container in detached mode with a custom name:

docker run -d --name my_app -p 8080:80 nginx:alpine

Open an interactive shell inside a running container:

docker exec -it my_app /bin/sh

Stop, start, and restart containers:

docker stop my_app
docker start my_app
docker restart my_app

Remove a stopped container (use -f to force-remove a running one):

docker rm my_app
docker rm -f my_app

Tail logs in real time:

docker logs -f --tail 100 my_app

Inspect metadata or watch live resource usage:

# Full JSON metadata
docker inspect my_app

# Live CPU / memory / network stats
docker stats my_app

Images

Build an image from a Dockerfile and tag it:

docker build -t myapp:1.0 .
docker build -t myapp:1.0 -f Dockerfile.prod .

List local images and remove one:

docker images
docker rmi myapp:1.0

Pull a specific tag from a registry:

docker pull node:20-alpine

Re-tag an image for pushing to a private registry:

docker tag myapp:1.0 registry.example.com/myapp:1.0
docker push registry.example.com/myapp:1.0

Multi-stage build to keep the final image small:

# Dockerfile
FROM node:20-alpine AS builder
WORKDIR /app
COPY package*.json ./
RUN npm ci
COPY . .
RUN npm run build

FROM nginx:alpine
COPY --from=builder /app/dist /usr/share/nginx/html
EXPOSE 80

Volumes & Networks

Create, list, and remove named volumes:

docker volume create pgdata
docker volume ls
docker volume rm pgdata

Run a container with a named volume:

docker run -d --name db \
  -v pgdata:/var/lib/postgresql/data \
  postgres:16-alpine

Bind-mount a host directory (useful for development):

docker run -d --name devapp \
  -v "$(pwd)/src":/app/src \
  -p 3000:3000 \
  node:20-alpine npm run dev

Create a custom bridge network and attach containers:

docker network create app-net
docker run -d --name api --network app-net myapi:latest
docker run -d --name web --network app-net nginx:alpine

Connect an existing container to a network; list networks:

docker network connect app-net my_app
docker network ls

Bridge vs Host networking:

# Bridge (default) — container gets its own IP, port mapping needed
docker run -d -p 8080:80 nginx

# Host — container shares the host network stack (Linux only)
docker run -d --network host nginx

Docker Compose

Start all services in detached mode:

docker compose up -d

Stop and remove containers, networks, and anonymous volumes:

docker compose down
docker compose down -v   # also remove named volumes

Tail logs for a specific service and run a one-off command:

docker compose logs -f api
docker compose exec api sh
docker compose run --rm api npm test

Rebuild images before starting:

docker compose up -d --build

Use override files for environment-specific config:

# docker-compose.override.yml is loaded automatically
# For production, specify files explicitly:
docker compose -f docker-compose.yml -f docker-compose.prod.yml up -d

Profiles let you start optional services on demand:

# In docker-compose.yml, add profiles: [debug] to a service
# Then start it only when needed:
docker compose --profile debug up -d

Cleanup

Nuclear option — remove all unused images, containers, networks, and build cache:

docker system prune -a
docker system prune -a --volumes   # also prune volumes

Prune only unused volumes:

docker volume prune

Remove dangling images (untagged layers left after rebuilds):

docker image prune
docker images -f "dangling=true"   # list them first

Remove all stopped containers:

docker container prune

Check disk usage before and after cleanup:

docker system df
docker system df -v   # verbose breakdown