Docker Cheat Sheet

A practical, copy-paste friendly Docker guide for DevOps engineers, backend developers, and system administrators.

Docker Cheat Sheet

A practical, copy-paste friendly Docker guide for DevOps engineers, backend developers, and system administrators.

Part 1 — Docker Basics (For Everyone)

Container Lifecycle Management
Image Operations
Volumes & Persistence
Docker Networking
Cleaning Up (Pruning)

Part 2 — Docker Compose (Orchestration Simplified)

Core Compose Commands
The docker-compose.yml Structure

Part 3 — Advanced Options & Debugging

Resource Limits (-m, --cpus)
Executing Commands (-it, exec)
Logging & Monitoring

Part 1 — Docker Basics (For Everyone)

Container Lifecycle

docker run -d --name my_app nginx

Run a container in the background (detached).

docker ps

List running containers. Add -a to see stopped ones.

docker stop &amp;amp;lt;container_id&amp;amp;gt;

Gracefully stop a container.

docker rm -f &amp;amp;lt;container_id&amp;amp;gt;

Force remove a container.

Image Operations

docker pull python:3.11-slim

Download an image from Docker Hub.

docker images

List all locally stored images.

docker build -t my-custom-app:v1 .

Build an image from a Dockerfile in the current directory.

Volumes & Persistence

docker run -v /host/path:/container/path nginx

Mount a local directory to a container (Bind Mount).

docker volume create data_vol

Create a managed Docker volume.

Cleaning Up (The Disk Space Saver)

docker system prune

Remove all unused containers, networks, and dangling images.

docker image prune -a

Remove all unused images (not just dangling ones).

Part 2 — Docker Compose (Orchestration)

Core Commands

docker-compose up -d

Build, create, and start all services in the background.

docker-compose down

Stop and remove containers, networks, and images defined in the file.

docker-compose logs -f &amp;amp;lt;service_name&amp;amp;gt;

Follow real-time logs for a specific service.

Example `docker-compose.yml`

services:
  db:
    image: postgres:18
    environment:
      POSTGRES_PASSWORD: password
    volumes:
      - db_data:/pg_data/data
  
  web:
    build: .
    ports:
      - &amp;amp;quot;8080:80&amp;amp;quot;
    depends_on:
      - db
volumes:
  db_data:

Part 3 — Docker Options Explained (Beginner → Advanced)

Connection & Execution

-it → Interactive + TTY

docker exec -it my_db bash

Opens an interactive shell inside a running container.

-p → Port Mapping

docker run -p 8080:80 nginx

Maps Host Port 8080 to Container Port 80.

-e → Environment Variables

docker run -e MYSQL_ROOT_PASSWORD=secret mysql

Passes runtime variables to the application.

Resource Limits

--memory=&amp;amp;quot;512m&amp;amp;quot;

Limits the container’s RAM usage to 512MB.

--cpus=&amp;amp;quot;1.5&amp;amp;quot;

Limits the container to use at most 1.5 CPUs.

Networking

--network host

Removes network isolation between the container and the host (Best for performance).

--restart always

Automatically restarts the container if it crashes or the host reboots.

Security & Best Practices

Don’t run as root: Use USER node or similar in Dockerfiles.
Use .dockerignore: Keep images small by excluding node_modules or .git.
Multi-stage builds: Reduce production image size significantly.
Scan for vulnerabilities: Use docker scan <image_name>.

Golden Rule: Docker is meant to be ephemeral. If you find yourself manually editing files inside a container, you’re doing it wrong. Fix the Dockerfile, rebuild, and redeploy.